diff --git a/functions.inc.php b/functions.inc.php index 28d867df..885921eb 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -277,6 +277,21 @@ function select($result) { $result->free(); } +function shorten_utf8($string, $length) { + for ($i=0; $i < strlen($string); $i++) { + if (ord($string[$i]) >= 192) { + while (ord($string[$i+1]) >= 128 && ord($string[$i+1]) < 192) { + $i++; + } + } + $length--; + if ($length == 0) { + return nl2br(htmlspecialchars(substr($string, 0, $i+1))) . "..."; + } + } + return nl2br(htmlspecialchars($string)); +} + if (get_magic_quotes_gpc()) { $process = array(&$_GET, &$_POST); while (list($key, $val) = each($process)) { diff --git a/select.inc.php b/select.inc.php index 8866aada..c38194af 100644 --- a/select.inc.php +++ b/select.inc.php @@ -3,9 +3,13 @@ page_header(lang('Select') . ": " . htmlspecialchars($_GET["select"])); $fields = fields($_GET["select"]); $rights = array(); $columns = array(); +unset($text_length); foreach ($fields as $key => $field) { if (isset($field["privileges"]["select"])) { $columns[] = $key; + if (preg_match('~text|blob~', $field["type"])) { + $text_length = (isset($_GET["text_length"]) ? $_GET["text_length"] : "100"); + } } $rights += $field["privileges"]; } @@ -107,16 +111,6 @@ function add_row(field) { echo '
'; echo "\n"; - $select = array(); - unset($text_length); - foreach ($columns as $column) { - if (preg_match('~text|blob~', $fields[$column]["type"])) { - $text_length = (isset($_GET["text_length"]) ? $_GET["text_length"] : "100"); - $select[] = (intval($text_length) ? "CONCAT(LEFT(" . idf_escape($column) . ", " . intval($text_length) . "), IF(CHAR_LENGTH(" . idf_escape($column) . ") > " . intval($text_length) . ", '...', '')) AS " : "") . idf_escape($column); - } else { - $select[] = idf_escape($column); - } - } if (isset($text_length)) { echo "
" . lang('Text length') . "\n"; echo '
'; @@ -127,7 +121,7 @@ function add_row(field) { echo "\n"; echo "
 
\n"; - $result = $mysql->query("SELECT SQL_CALC_FOUND_ROWS " . implode(", ", $select) . " FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : "") . (strlen($limit) ? " LIMIT " . intval($limit) . " OFFSET " . ($limit * $_GET["page"]) : "")); + $result = $mysql->query("SELECT SQL_CALC_FOUND_ROWS * FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : "") . (strlen($limit) ? " LIMIT " . intval($limit) . " OFFSET " . ($limit * $_GET["page"]) : "")); if (!$result->num_rows) { echo "

" . lang('No rows.') . "

\n"; } else { @@ -153,13 +147,19 @@ function add_row(field) { } elseif (preg_match('~blob|binary~', $fields[$key]["type"]) && preg_match('~[\\x80-\\xFF]~', $val)) { $val = '' . lang('%d byte(s)', strlen($val)) . ''; } else { - $val = (strlen(trim($val)) ? nl2br(htmlspecialchars($val)) : " "); - if ($fields[$key]["type"] == "char") { - $val = "$val"; + if (!strlen(trim($val))) { + $val = " "; + } elseif (intval($text_length) > 0 && preg_match('~blob|text~', $fields[$key]["type"]) && strlen($val) > intval($text_length)) { + $val = (preg_match('~blob~', $fields[$key]["type"]) ? nl2br(htmlspecialchars(substr($val, 0, intval($text_length)))) . "..." : shorten_utf8($val, intval($text_length))); + } else { + $val = nl2br(htmlspecialchars($val)); + if ($fields[$key]["type"] == "char") { + $val = "$val"; + } } foreach ((array) $foreign_keys[$key] as $foreign_key) { if (count($foreign_keys[$key]) == 1 || count($foreign_key["source"]) == 1) { - $val = '">' . "$val"; + $val = "\">$val"; foreach ($foreign_key["source"] as $i => $source) { $val = "&where%5B$i%5D%5Bcol%5D=" . urlencode($foreign_key["target"][$i]) . "&where%5B$i%5D%5Bop%5D=%3D&where%5B$i%5D%5Bval%5D=" . urlencode($row[$source]) . $val; }