Separate $where in limit function

adminer/create.inc.php

@@ -119,7 +119,7 @@
 	}
 	if (support("partitioning")) {
 		$from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . $connection->quote(DB) . " AND TABLE_NAME = " . $connection->quote($TABLE);
-		$result = $connection->query("SELECT" . limit("PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION", 1));
+		$result = $connection->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION LIMIT 1");
 		list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row();
 		$row["partition_names"] = array();
 		$row["partition_values"] = array();

adminer/download.inc.php

@@ -2,5 +2,5 @@
 $TABLE = $_GET["download"];
 header("Content-Type: application/octet-stream");
 header("Content-Disposition: attachment; filename=" . friendly_url("$TABLE-" . implode("_", $_GET["where"])) . "." . friendly_url($_GET["field"]));
-echo $connection->result("SELECT" . limit(idf_escape($_GET["field"]) . " FROM " . table($TABLE) . " WHERE " . where($_GET), 1));
+echo $connection->result("SELECT" . limit(idf_escape($_GET["field"]) . " FROM " . table($TABLE), " WHERE " . where($_GET), 1));
 exit; // don't output footer

adminer/drivers/mssql.inc.php

@@ -44,7 +44,6 @@ function select_db($database) {
 				return $this->query("USE $database");
 			}
 
-
 			function query($query, $unbuffered = false) {
 				$result = sqlsrv_query($this->_link, $query); //! , array(), ($unbuffered ? array() : array("Scrollable" => "keyset"))
 				if (!$result) {
@@ -255,12 +254,12 @@ function get_databases() {
 		return get_vals("EXEC sp_databases");
 	}
 
-	function limit($query, $limit, $offset = 0, $separator = " ") {
-		return (isset($limit) ? " TOP (" . ($limit + $offset) . ")" : "") . " $query"; // seek later
+	function limit($query, $where, $limit, $offset = 0, $separator = " ") {
+		return (isset($limit) ? " TOP (" . ($limit + $offset) . ")" : "") . " $query$where"; // seek later
 	}
 
-	function limit1($query) {
-		return limit($query, 1);
+	function limit1($query, $where) {
+		return limit($query, $where, 1);
 	}
 
 	function db_collation($db, $collations) {

adminer/drivers/mysql.inc.php

@@ -266,21 +266,22 @@ function get_databases($flush = true) {
 
 	/** Formulate SQL query with limit
 	* @param string everything after SELECT
+	* @param string including WHERE
 	* @param int
 	* @param int
 	* @param string
 	* @return string
 	*/
-	function limit($query, $limit, $offset = 0, $separator = " ") {
-		return " $query" . (isset($limit) ? $separator . "LIMIT $limit" . ($offset ? " OFFSET $offset" : "") : "");
+	function limit($query, $where, $limit, $offset = 0, $separator = " ") {
+		return " $query$where" . (isset($limit) ? $separator . "LIMIT $limit" . ($offset ? " OFFSET $offset" : "") : "");
 	}
 
 	/** Formulate SQL modification query with limit 1
 	* @param string everything after UPDATE or DELETE
 	* @return string
 	*/
-	function limit1($query) {
-		return limit($query, 1);
+	function limit1($query, $where) {
+		return limit($query, $where, 1);
 	}
 
 	/** Get database collation

adminer/drivers/pgsql.inc.php

@@ -45,11 +45,11 @@ function select_db($database) {
 				if ($database == DB) {
 					return $this->_database;
 				}
-				$link = @pg_connect($this->_connection . " dbname='" . addcslashes($database, "'\\") . "'", PGSQL_CONNECT_FORCE_NEW);
-				if ($link) {
-					$this->_link = $link;
+				$return = @pg_connect($this->_connection . " dbname='" . addcslashes($database, "'\\") . "'", PGSQL_CONNECT_FORCE_NEW);
+				if ($return) {
+					$this->_link = $return;
 				}
-				return $link;
+				return $return;
 			}
 
 			function close() {
@@ -108,15 +108,15 @@ function fetch_row() {
 
 			function fetch_field() {
 				$column = $this->_offset++;
-				$row = new stdClass;
+				$return = new stdClass;
 				if (function_exists('pg_field_table')) {
-					$row->orgtable = pg_field_table($this->_result, $column);
+					$return->orgtable = pg_field_table($this->_result, $column);
 				}
-				$row->name = pg_field_name($this->_result, $column);
-				$row->orgname = $row->name;
-				$row->type = pg_field_type($this->_result, $column);
-				$row->charsetnr = ($row->type == "bytea" ? 63 : 0); // 63 - binary
-				return $row;
+				$return->name = pg_field_name($this->_result, $column);
+				$return->orgname = $return->name;
+				$return->type = pg_field_type($this->_result, $column);
+				$return->charsetnr = ($return->type == "bytea" ? 63 : 0); // 63 - binary
+				return $return;
 			}
 
 			function __destruct() {
@@ -167,12 +167,12 @@ function get_databases() {
 		return get_vals("SELECT datname FROM pg_database");
 	}
 
-	function limit($query, $limit, $offset = 0, $separator = " ") {
-		return " $query" . (isset($limit) ? $separator . "LIMIT $limit" . ($offset ? " OFFSET $offset" : "") : "");
+	function limit($query, $where, $limit, $offset = 0, $separator = " ") {
+		return " $query$where" . (isset($limit) ? $separator . "LIMIT $limit" . ($offset ? " OFFSET $offset" : "") : "");
 	}
 
-	function limit1($query) {
-		return " $query";
+	function limit1($query, $where) {
+		return " $query$where";
 	}
 
 	function db_collation($db, $collations) {

adminer/drivers/sqlite.inc.php

@@ -215,13 +215,13 @@ function get_databases() {
 		return array();
 	}
 
-	function limit($query, $limit, $offset = 0, $separator = " ") {
-		return " $query" . (isset($limit) ? $separator . "LIMIT $limit" . ($offset ? " OFFSET $offset" : "") : "");
+	function limit($query, $where, $limit, $offset = 0, $separator = " ") {
+		return " $query$where" . (isset($limit) ? $separator . "LIMIT $limit" . ($offset ? " OFFSET $offset" : "") : "");
 	}
 
-	function limit1($query) {
+	function limit1($query, $where) {
 		global $connection;
-		return ($connection->result("SELECT sqlite_compileoption_used('ENABLE_UPDATE_DELETE_LIMIT')") ? limit($query, 1) : " $query");
+		return ($connection->result("SELECT sqlite_compileoption_used('ENABLE_UPDATE_DELETE_LIMIT')") ? limit($query, $where, 1) : " $query$where");
 	}
 
 	function db_collation($db, $collations) {

adminer/edit.inc.php

@@ -16,7 +16,7 @@
 		$location = ME . "select=" . urlencode($TABLE);
 	}
 	if (isset($_POST["delete"])) {
-		query_redirect("DELETE" . limit1("FROM " . table($TABLE) . "\nWHERE $where"), $location, lang('Item has been deleted.'));
+		query_redirect("DELETE" . limit1("FROM " . table($TABLE), $where), $location, lang('Item has been deleted.'));
 	} else {
 		$set = array();
 		foreach ($fields as $name => $field) {
@@ -29,7 +29,7 @@
 			if (!$set) {
 				redirect($location);
 			}
-			query_redirect("UPDATE" . limit1(table($TABLE) . " SET" . implode(",", $set) . "\nWHERE $where"), $location, lang('Item has been updated.'));
+			query_redirect("UPDATE" . limit1(table($TABLE) . " SET" . implode(",", $set), "\nWHERE $where"), $location, lang('Item has been updated.'));
 		} else {
 			$result = insert_into($TABLE, $set);
 			$last_id = ($result ? last_id() : 0);
@@ -58,7 +58,7 @@
 	}
 	$row = array();
 	if ($select) {
-		$result = $connection->query("SELECT" . limit(implode(", ", $select) . " FROM " . table($TABLE) . " WHERE $where", (isset($_GET["select"]) ? 2 : 1)));
+		$result = $connection->query("SELECT" . limit(implode(", ", $select) . " FROM " . table($TABLE), " WHERE $where", (isset($_GET["select"]) ? 2 : 1)));
 		$row = $result->fetch_assoc();
 		if (isset($_GET["select"]) && $result->fetch_assoc()) {
 			$row = null;

adminer/include/functions.inc.php

@@ -609,7 +609,7 @@ function search_tables() {
 	foreach (table_status() as $table => $table_status) {
 		$name = $adminer->tableName($table_status);
 		if (isset($table_status["Engine"]) && $name != "" && (!$_POST["tables"] || in_array($table, $_POST["tables"]))) {
-			$result = $connection->query("SELECT" . limit("1 FROM " . table($table) . " WHERE " . implode(" AND ", $adminer->selectSearchProcess(fields($table), array())), 1));
+			$result = $connection->query("SELECT" . limit("1 FROM " . table($table), " WHERE " . implode(" AND ", $adminer->selectSearchProcess(fields($table), array())), 1));
 			if ($result->num_rows) {
 				if (!$found) {
 					echo "<ul>\n";

adminer/select.inc.php

@@ -23,7 +23,7 @@
 $where = $adminer->selectSearchProcess($fields, $indexes);
 $order = $adminer->selectOrderProcess($fields, $indexes);
 $limit = $adminer->selectLimitProcess();
-$from = ($select ? implode(", ", $select) : "*") . "\nFROM " . table($TABLE) . ($where ? "\nWHERE " . implode(" AND ", $where) : "");
+$from = ($select ? implode(", ", $select) : "*") . "\nFROM " . table($TABLE);
 $group_by = ($group && count($group) < count($select) ? "\nGROUP BY " . implode(", ", $group) : "") . ($order ? "\nORDER BY " . implode(", ", $order) : "");
 
 if ($_POST && !$error) {
@@ -49,12 +49,16 @@
 			dump_csv($row);
 		}
 		if (!is_array($_POST["check"]) || $primary === array()) {
-			dump_data($TABLE, "INSERT", "SELECT $from" . (is_array($_POST["check"]) ? ($where ? " AND " : " WHERE ") . "($where_check)" : "") . $group_by);
+			$where2 = $where;
+			if (is_array($_POST["check"])) {
+				$where2[] = "($where_check)";
+			}
+			dump_data($TABLE, "INSERT", "SELECT $from" . ($where2 ? "\nWHERE " . implode(" AND ", $where2) : "") . $group_by);
 		} else {
 			$union = array();
 			foreach ($_POST["check"] as $val) {
 				// where is not unique so OR can't be used
-				$union[] = "(SELECT" . limit("$from " . ($where ? "AND " : "WHERE ") . where_check($val) . $group_by, 1) . ")";
+				$union[] = "(SELECT" . limit($from, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val) . $group_by, 1) . ")";
 			}
 			dump_data($TABLE, "INSERT", implode(" UNION ALL ", $union));
 		}
@@ -95,7 +99,7 @@
 				} else {
 					foreach ((array) $_POST["check"] as $val) {
 						// where is not unique so OR can't be used
-						$result = queries($command . limit1($query . "\nWHERE " . where_check($val)));
+						$result = queries($command . limit1($query, "\nWHERE " . where_check($val)));
 						if (!$result) {
 							break;
 						}
@@ -117,7 +121,7 @@
 						$key = bracket_escape($key, 1); // 1 - back
 						$set[] = idf_escape($key) . " = " . $adminer->processInput($fields[$key], $val);
 					}
-					$result = queries("UPDATE" . limit1(table($TABLE) . " SET " . implode(", ", $set) . " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : ""))); // can change row on a different page without unique key
+					$result = queries("UPDATE" . limit1(table($TABLE) . " SET " . implode(", ", $set), " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : ""))); // can change row on a different page without unique key
 					if (!$result) {
 						break;
 					}
@@ -202,7 +206,7 @@
 		$page = floor(($found_rows - 1) / $limit);
 	}
 
-	$query = "SELECT" . limit((intval($limit) && $group && count($group) < count($select) && $jush == "sql" ? "SQL_CALC_FOUND_ROWS " : "") . $from . $group_by, ($limit != "" ? intval($limit) : null), ($page ? $limit * $page : 0), "\n");
+	$query = "SELECT" . limit((intval($limit) && $group && count($group) < count($select) && $jush == "sql" ? "SQL_CALC_FOUND_ROWS " : "") . $from, ($where ? "\nWHERE " . implode(" AND ", $where) : "") . $group_by, ($limit != "" ? intval($limit) : null), ($page ? $limit * $page : 0), "\n");
 	echo $adminer->selectQuery($query);
 
 	$result = $connection->query($query);

todo.txt

@@ -40,6 +40,7 @@ Dollar terminated string in SQL command
 bool in Editor
 
 MS SQL:
+Non UTF-8 character sets
 Rename by sp_rename
 Detection of table collation
 PDO driver with seek