Check collation

vrana · Oct 17, 2010 · 44ae8c8 · 44ae8c8
1 parent 53d7f03
commit 44ae8c8
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/adminer/database.inc.php b/adminer/database.inc.php
@@ -28,7 +28,7 @@
 		if (!$_POST["collation"]) {
 			redirect(substr(ME, 0, -1));
 		}
-		query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE $_POST[collation]", substr(ME, 0, -1), lang('Database has been altered.')); //! SQL injection - quotes are not allowed in MS SQL 2005
+		query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . (eregi('^[a-z0-9_]+$', $_POST["collation"]) ? " COLLATE $_POST[collation]" : ""), substr(ME, 0, -1), lang('Database has been altered.')); //! SQL injection - quotes are not allowed in MS SQL 2005
 	}
 }
 

diff --git a/adminer/drivers/mssql.inc.php b/adminer/drivers/mssql.inc.php
@@ -383,15 +383,15 @@ function exact_value($val) {
 	}
 
 	function create_database($db, $collation) {
-		return queries("CREATE DATABASE " . idf_escape($db) . ($collation ? " COLLATE $collation" : ""));
+		return queries("CREATE DATABASE " . idf_escape($db) . (eregi('^[a-z0-9_]+$', $collation) ? " COLLATE $collation" : ""));
 	}
 
 	function drop_databases($databases) {
 		return queries("DROP DATABASE " . implode(", ", array_map('idf_escape', $databases)));
 	}
 
 	function rename_database($name, $collation) {
-		if ($collation) {
+		if (eregi('^[a-z0-9_]+$', $collation)) {
 			queries("ALTER DATABASE " . idf_escape(DB) . " COLLATE $collation");
 		}
 		queries("ALTER DATABASE " . idf_escape(DB) . " MODIFY NAME = " . idf_escape($name));