From 2703eb960a61cc6b0d676816d33d82f45ba99be8 Mon Sep 17 00:00:00 2001 From: Jakub Vrana Date: Tue, 11 Dec 2012 21:25:56 -0800 Subject: [PATCH] Allow editing values with significant binary column (bug #3572781) --- adminer/download.inc.php | 3 ++- adminer/drivers/mysql.inc.php | 2 +- adminer/edit.inc.php | 4 ++-- adminer/include/functions.inc.php | 10 ++++++---- adminer/select.inc.php | 8 ++++---- 5 files changed, 15 insertions(+), 12 deletions(-) diff --git a/adminer/download.inc.php b/adminer/download.inc.php index 5a86efe5..f41bbdc6 100644 --- a/adminer/download.inc.php +++ b/adminer/download.inc.php @@ -1,6 +1,7 @@ result("SELECT" . limit(idf_escape($_GET["field"]) . " FROM " . table($TABLE), " WHERE " . where($_GET), 1)); +echo $connection->result("SELECT" . limit(idf_escape($_GET["field"]) . " FROM " . table($TABLE), " WHERE " . where($_GET, $fields), 1)); exit; // don't output footer diff --git a/adminer/drivers/mysql.inc.php b/adminer/drivers/mysql.inc.php index 45090fe2..fc834094 100644 --- a/adminer/drivers/mysql.inc.php +++ b/adminer/drivers/mysql.inc.php @@ -968,7 +968,7 @@ if (!defined("DRIVER")) { */ function unconvert_field($field, $return) { if (ereg("binary", $field["type"])) { - $return = "unhex($return)"; + $return = "UNHEX($return)"; } if (ereg("geometry|point|linestring|polygon", $field["type"])) { $return = "GeomFromText($return)"; diff --git a/adminer/edit.inc.php b/adminer/edit.inc.php index 98c3e97d..33651913 100644 --- a/adminer/edit.inc.php +++ b/adminer/edit.inc.php @@ -1,8 +1,8 @@ $field) { if (!isset($field["privileges"][$update ? "update" : "insert"]) || $adminer->fieldName($field) == "") { unset($fields[$name]); diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php index 01b2fa43..6bafa508 100644 --- a/adminer/include/functions.inc.php +++ b/adminer/include/functions.inc.php @@ -329,14 +329,15 @@ function unique_array($row, $indexes) { /** Create SQL condition from parsed query string * @param array parsed query string +* @param array * @return string */ -function where($where) { +function where($where, $fields = array()) { global $jush; $return = array(); foreach ((array) $where["where"] as $key => $val) { $return[] = idf_escape(bracket_escape($key, 1)) // 1 - back - . (($jush == "sql" && ereg('\\.', $val)) || $jush == "mssql" ? " LIKE " . exact_value(addcslashes($val, "%_\\")) : " = " . exact_value($val)) // LIKE because of floats, but slow with ints, in MS SQL because of text + . (($jush == "sql" && ereg('\\.', $val)) || $jush == "mssql" ? " LIKE " . exact_value(addcslashes($val, "%_\\")) : " = " . unconvert_field($fields[$key], exact_value($val))) // LIKE because of floats, but slow with ints, in MS SQL because of text ; //! enum and set } foreach ((array) $where["null"] as $key) { @@ -347,12 +348,13 @@ function where($where) { /** Create SQL condition from query string * @param string +* @param array * @return string */ -function where_check($val) { +function where_check($val, $fields = array()) { parse_str($val, $check); remove_slashes(array(&$check)); - return where($check); + return where($check, $fields); } /** Create query string where condition from value diff --git a/adminer/select.inc.php b/adminer/select.inc.php index 9e7d26ba..861a4101 100644 --- a/adminer/select.inc.php +++ b/adminer/select.inc.php @@ -46,7 +46,7 @@ if ($_GET["val"] && is_ajax()) { header("Content-Type: text/plain; charset=utf-8"); foreach ($_GET["val"] as $unique_idf => $row) { $as = convert_field($fields[key($row)]); - echo $connection->result("SELECT" . limit(($as ? $as : idf_escape(key($row))) . " FROM " . table($TABLE), " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""), 1)); + echo $connection->result("SELECT" . limit(($as ? $as : idf_escape(key($row))) . " FROM " . table($TABLE), " WHERE " . where_check($unique_idf, $fields) . ($where ? " AND " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""), 1)); } exit; } @@ -80,7 +80,7 @@ if ($_POST && !$error) { $union = array(); foreach ($_POST["check"] as $val) { // where is not unique so OR can't be used - $union[] = "(SELECT" . limit($from, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val) . $group_by, 1) . ")"; + $union[] = "(SELECT" . limit($from, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val, $fields) . $group_by, 1) . ")"; } $query = implode(" UNION ALL ", $union); } @@ -122,7 +122,7 @@ if ($_POST && !$error) { } else { foreach ((array) $_POST["check"] as $val) { // where is not unique so OR can't be used - $result = queries($command . limit1($query, "\nWHERE " . where_check($val))); + $result = queries($command . limit1($query, "\nWHERE " . where_check($val, $fields))); if (!$result) { break; } @@ -152,7 +152,7 @@ if ($_POST && !$error) { $set[] = idf_escape($key) . " = " . (ereg('char|text', $fields[$key]["type"]) || $val != "" ? $adminer->processInput($fields[$key], $val) : "NULL"); } $query = table($TABLE) . " SET " . implode(", ", $set); - $where2 = " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : ""); + $where2 = " WHERE " . where_check($unique_idf, $fields) . ($where ? " AND " . implode(" AND ", $where) : ""); $result = queries("UPDATE" . ($is_group ? " $query$where2" : limit1($query, $where2))); // can change row on a different page without unique key if (!$result) { break;