mirror of
https://github.com/vrana/adminer.git
synced 2025-08-07 15:16:44 +02:00
Change escape_string to quote
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@747 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana
@@ -32,9 +32,9 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
|
||||
$fields[] = "\n" . (!strlen($_GET["create"]) ? " " : (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD "))
|
||||
. idf_escape($field["field"]) . process_type($field)
|
||||
. ($field["null"] ? " NULL" : " NOT NULL") // NULL for timestamp
|
||||
. (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT '" . $dbh->escape_string($orig_fields[$field["orig"]]["default"]) . "'" : "") //! timestamp
|
||||
. (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT " . $dbh->quote($orig_fields[$field["orig"]]["default"]) : "") //! timestamp
|
||||
. ($key == $_POST["auto_increment_col"] ? " AUTO_INCREMENT$auto_increment_index" : "")
|
||||
. " COMMENT '" . $dbh->escape_string($field["comment"]) . "'"
|
||||
. " COMMENT " . $dbh->quote($field["comment"])
|
||||
. (strlen($_GET["create"]) ? " $after" : "")
|
||||
;
|
||||
$after = "AFTER " . idf_escape($field["field"]);
|
||||
@@ -42,10 +42,10 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
|
||||
$fields[] = "\nDROP " . idf_escape($field["orig"]);
|
||||
}
|
||||
}
|
||||
$status = ($_POST["Engine"] ? "ENGINE='" . $dbh->escape_string($_POST["Engine"]) . "'" : "")
|
||||
. ($_POST["Collation"] ? " COLLATE '" . $dbh->escape_string($_POST["Collation"]) . "'" : "")
|
||||
$status = ($_POST["Engine"] ? "ENGINE=" . $dbh->quote($_POST["Engine"]) : "")
|
||||
. ($_POST["Collation"] ? " COLLATE " . $dbh->quote($_POST["Collation"]) : "")
|
||||
. (strlen($_POST["Auto_increment"]) ? " AUTO_INCREMENT=" . intval($_POST["Auto_increment"]) : "")
|
||||
. " COMMENT='" . $dbh->escape_string($_POST["Comment"]) . "'"
|
||||
. " COMMENT=" . $dbh->quote($_POST["Comment"])
|
||||
;
|
||||
if (in_array($_POST["partition_by"], $partition_by)) {
|
||||
$partitions = array();
|
||||
@@ -92,7 +92,7 @@ if ($_POST) {
|
||||
$row["name"] = $_GET["create"];
|
||||
$row["fields"] = array_values($orig_fields);
|
||||
if ($dbh->server_info >= 5.1) {
|
||||
$from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "' AND TABLE_NAME = '" . $dbh->escape_string($_GET["create"]) . "'";
|
||||
$from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . $dbh->quote($_GET["db"]) . " AND TABLE_NAME = " . $dbh->quote($_GET["create"]);
|
||||
$result = $dbh->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1");
|
||||
list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row();
|
||||
$result->free();
|
||||
|
||||
@@ -10,7 +10,7 @@ if ($_POST && !$error && !isset($_POST["add_x"])) { // add is an image and PHP c
|
||||
$failed = false;
|
||||
foreach ($dbs as $db) {
|
||||
if (count($dbs) == 1 || strlen($db)) { // ignore empty lines but always try to create single database
|
||||
if (!queries("CREATE DATABASE " . idf_escape($db) . ($_POST["collation"] ? " COLLATE '" . $dbh->escape_string($_POST["collation"]) . "'" : ""))) {
|
||||
if (!queries("CREATE DATABASE " . idf_escape($db) . ($_POST["collation"] ? " COLLATE " . $dbh->quote($_POST["collation"]) : ""))) {
|
||||
$failed = true;
|
||||
}
|
||||
$last = $db;
|
||||
@@ -34,7 +34,7 @@ if ($_POST && !$error && !isset($_POST["add_x"])) { // add is an image and PHP c
|
||||
if (!$_POST["collation"]) {
|
||||
redirect(substr($SELF, 0, -1));
|
||||
}
|
||||
query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE '" . $dbh->escape_string($_POST["collation"]) . "'", substr($SELF, 0, -1), lang('Database has been altered.'));
|
||||
query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE " . $dbh->quote($_POST["collation"]), substr($SELF, 0, -1), lang('Database has been altered.'));
|
||||
}
|
||||
}
|
||||
page_header(strlen($_GET["db"]) ? lang('Alter database') : lang('Create database'), $error, array(), $_GET["db"]);
|
||||
|
||||
@@ -80,7 +80,7 @@ $result->free();
|
||||
if ($dbh->server_info >= 5) {
|
||||
echo '<p><a href="' . htmlspecialchars($SELF) . 'createv=">' . lang('Create view') . "</a></p>\n";
|
||||
echo "<h3>" . lang('Routines') . "</h3>\n";
|
||||
$result = $dbh->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "'");
|
||||
$result = $dbh->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = " . $dbh->quote($_GET["db"]));
|
||||
if ($result->num_rows) {
|
||||
echo "<table cellspacing='0'>\n";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
|
||||
@@ -12,7 +12,7 @@ function tar_file($filename, $contents) {
|
||||
function dump_triggers($table, $style) {
|
||||
global $dbh;
|
||||
if ($_POST["format"] != "csv" && $style && $dbh->server_info >= 5) {
|
||||
$result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($table, "%_")) . "'");
|
||||
$result = $dbh->query("SHOW TRIGGERS LIKE " . $dbh->quote(addcslashes($table, "%_")));
|
||||
if ($result->num_rows) {
|
||||
echo "\nDELIMITER ;;\n";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
@@ -30,7 +30,7 @@ if ($_POST) {
|
||||
if ($_POST["format"] != "csv") {
|
||||
echo "SET NAMES utf8;\n";
|
||||
echo "SET foreign_key_checks = 0;\n";
|
||||
echo "SET time_zone = '" . $dbh->escape_string($dbh->result($dbh->query("SELECT @@time_zone"))) . "';\n";
|
||||
echo "SET time_zone = " . $dbh->quote($dbh->result($dbh->query("SELECT @@time_zone"))) . ";\n";
|
||||
echo "\n";
|
||||
}
|
||||
|
||||
@@ -50,7 +50,7 @@ if ($_POST) {
|
||||
$out = "";
|
||||
if ($dbh->server_info >= 5) {
|
||||
foreach (array("FUNCTION", "PROCEDURE") as $routine) {
|
||||
$result = $dbh->query("SHOW $routine STATUS WHERE Db = '" . $dbh->escape_string($db) . "'");
|
||||
$result = $dbh->query("SHOW $routine STATUS WHERE Db = " . $dbh->quote($db));
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$out .= ($style != 'DROP+CREATE' ? "DROP $routine IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "")
|
||||
. $dbh->result($dbh->query("SHOW CREATE $routine " . idf_escape($row["Name"])), 2) . ";;\n\n";
|
||||
@@ -121,11 +121,11 @@ CREATE PROCEDURE adminer_drop () BEGIN
|
||||
CASE _table_name<?php
|
||||
$result = $dbh->query($query);
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$comment = $dbh->escape_string($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
|
||||
$comment = $dbh->quote($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
|
||||
echo "
|
||||
WHEN '" . $dbh->escape_string($row["TABLE_NAME"]) . "' THEN
|
||||
" . (isset($row["ENGINE"]) ? "IF _engine != '$row[ENGINE]' OR _table_collation != '$row[TABLE_COLLATION]' OR _table_comment != '$comment' THEN
|
||||
ALTER TABLE " . idf_escape($row["TABLE_NAME"]) . " ENGINE=$row[ENGINE] COLLATE=$row[TABLE_COLLATION] COMMENT='$comment';
|
||||
WHEN " . $dbh->quote($row["TABLE_NAME"]) . " THEN
|
||||
" . (isset($row["ENGINE"]) ? "IF _engine != '$row[ENGINE]' OR _table_collation != '$row[TABLE_COLLATION]' OR _table_comment != $comment THEN
|
||||
ALTER TABLE " . idf_escape($row["TABLE_NAME"]) . " ENGINE=$row[ENGINE] COLLATE=$row[TABLE_COLLATION] COMMENT=$comment;
|
||||
END IF" : "BEGIN END") . ";";
|
||||
}
|
||||
$result->free();
|
||||
|
||||
@@ -7,18 +7,18 @@ if ($_POST && !$error) {
|
||||
query_redirect("DROP EVENT " . idf_escape($_GET["event"]), substr($SELF, 0, -1), lang('Event has been dropped.'));
|
||||
} elseif (in_array($_POST["INTERVAL_FIELD"], $intervals) && in_array($_POST["STATUS"], $statuses)) {
|
||||
$schedule = "\nON SCHEDULE " . ($_POST["INTERVAL_VALUE"]
|
||||
? "EVERY '" . $dbh->escape_string($_POST["INTERVAL_VALUE"]) . "' $_POST[INTERVAL_FIELD]"
|
||||
. ($_POST["STARTS"] ? " STARTS '" . $dbh->escape_string($_POST["STARTS"]) . "'" : "")
|
||||
. ($_POST["ENDS"] ? " ENDS '" . $dbh->escape_string($_POST["ENDS"]) . "'" : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
|
||||
: "AT '" . $dbh->escape_string($_POST["STARTS"]) . "'"
|
||||
? "EVERY " . $dbh->quote($_POST["INTERVAL_VALUE"]) . " $_POST[INTERVAL_FIELD]"
|
||||
. ($_POST["STARTS"] ? " STARTS " . $dbh->quote($_POST["STARTS"]) : "")
|
||||
. ($_POST["ENDS"] ? " ENDS " . $dbh->quote($_POST["ENDS"]) : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
|
||||
: "AT " . $dbh->quote($_POST["STARTS"])
|
||||
) . " ON COMPLETION" . ($_POST["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE"
|
||||
;
|
||||
query_redirect((strlen($_GET["event"])
|
||||
? "ALTER EVENT " . idf_escape($_GET["event"]) . $schedule
|
||||
. ($_GET["event"] != $_POST["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
|
||||
: "CREATE EVENT " . idf_escape($_POST["EVENT_NAME"]) . $schedule
|
||||
) . "\n$_POST[STATUS] COMMENT '" . $dbh->escape_string($_POST["EVENT_COMMENT"])
|
||||
. "' DO\n$_POST[EVENT_DEFINITION]"
|
||||
) . "\n$_POST[STATUS] COMMENT " . $dbh->quote($_POST["EVENT_COMMENT"])
|
||||
. " DO\n$_POST[EVENT_DEFINITION]"
|
||||
, substr($SELF, 0, -1), (strlen($_GET["event"]) ? lang('Event has been altered.') : lang('Event has been created.')));
|
||||
}
|
||||
}
|
||||
@@ -28,7 +28,7 @@ $row = array();
|
||||
if ($_POST) {
|
||||
$row = $_POST;
|
||||
} elseif (strlen($_GET["event"])) {
|
||||
$result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "' AND EVENT_NAME = '" . $dbh->escape_string($_GET["event"]) . "'");
|
||||
$result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . $dbh->quote($_GET["db"]) . " AND EVENT_NAME = " . $dbh->quote($_GET["event"]));
|
||||
$row = $result->fetch_assoc();
|
||||
$row["STATUS"] = $statuses[$row["STATUS"]];
|
||||
$result->free();
|
||||
|
||||
@@ -73,29 +73,29 @@ function process_input($name, $field) {
|
||||
} elseif ($field["type"] == "enum" || $field["auto_increment"] ? !strlen($value) : $function == "NULL") {
|
||||
return "NULL";
|
||||
} elseif ($field["type"] == "enum") {
|
||||
return (isset($_GET["default"]) ? "'" . $dbh->escape_string($value) . "'" : intval($value));
|
||||
return (isset($_GET["default"]) ? $dbh->quote($value) : intval($value));
|
||||
} elseif ($field["type"] == "set") {
|
||||
return (isset($_GET["default"]) ? "'" . implode(",", array_map(array($dbh, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value));
|
||||
return (isset($_GET["default"]) ? "'" . implode(",", array_map('escape_string', (array) $value)) . "'" : array_sum((array) $value));
|
||||
} elseif (preg_match('~binary|blob~', $field["type"])) {
|
||||
$file = get_file($idf);
|
||||
if (!is_string($file)) {
|
||||
return false; //! report errors
|
||||
}
|
||||
return "_binary'" . (is_string($file) ? $dbh->escape_string($file) : "") . "'";
|
||||
return "_binary" . (is_string($file) ? $dbh->quote($file) : "");
|
||||
} elseif ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
|
||||
return $value;
|
||||
} elseif (preg_match('~^(now|uuid)$~', $function)) {
|
||||
return "$function()";
|
||||
} elseif (preg_match('~^[+-]$~', $function)) {
|
||||
return idf_escape($name) . " $function '" . $dbh->escape_string($value) . "'";
|
||||
return idf_escape($name) . " $function " . $dbh->quote($value);
|
||||
} elseif (preg_match('~^[+-] interval$~', $function)) {
|
||||
return idf_escape($name) . " $function " . (preg_match("~^([0-9]+|'[0-9.: -]') [A-Z_]+$~i", $value) ? $value : "'" . $dbh->escape_string($value) . "'");
|
||||
return idf_escape($name) . " $function " . (preg_match("~^([0-9]+|'[0-9.: -]') [A-Z_]+$~i", $value) ? $value : $dbh->quote($value));
|
||||
} elseif (preg_match('~^(addtime|subtime)$~', $function)) {
|
||||
return "$function(" . idf_escape($name) . ", '" . $dbh->escape_string($value) . "')";
|
||||
return "$function(" . idf_escape($name) . ", " . $dbh->quote($value) . ")";
|
||||
} elseif (preg_match('~^(md5|sha1|password)$~', $function)) {
|
||||
return "$function('" . $dbh->escape_string($value) . "')";
|
||||
return "$function(" . $dbh->quote($value) . ")";
|
||||
} else {
|
||||
return "'" . $dbh->escape_string($value) . "'";
|
||||
return $dbh->quote($value);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -116,7 +116,7 @@ function process_type($field, $collate = "COLLATE") {
|
||||
return " $field[type]"
|
||||
. ($field["length"] && !preg_match('~^date|time$~', $field["type"]) ? "(" . process_length($field["length"]) . ")" : "")
|
||||
. (preg_match('~int|float|double|decimal~', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " $field[unsigned]" : "")
|
||||
. (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate '" . $dbh->escape_string($field["collation"]) . "'" : "")
|
||||
. (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate " . $dbh->quote($field["collation"]) : "")
|
||||
;
|
||||
}
|
||||
|
||||
|
||||
@@ -27,7 +27,7 @@ function dump_table($table, $style, $is_view = false) {
|
||||
}
|
||||
if ($style == "CREATE+ALTER" && !$is_view) {
|
||||
// create procedure which iterates over original columns and adds new and removes old
|
||||
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = '" . $dbh->escape_string($table) . "' ORDER BY ORDINAL_POSITION";
|
||||
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . $dbh->quote($table) . " ORDER BY ORDINAL_POSITION";
|
||||
?>
|
||||
DELIMITER ;;
|
||||
CREATE PROCEDURE adminer_alter () BEGIN
|
||||
@@ -38,27 +38,27 @@ CREATE PROCEDURE adminer_alter () BEGIN
|
||||
DECLARE _column_comment varchar(255);
|
||||
DECLARE done, set_after bool DEFAULT 0;
|
||||
DECLARE add_columns text DEFAULT '<?php
|
||||
$fields = array();
|
||||
$result = $dbh->query($query);
|
||||
$after = "";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$row["default"] = (isset($row["COLUMN_DEFAULT"]) ? "'" . $dbh->escape_string($row["COLUMN_DEFAULT"]) . "'" : "NULL");
|
||||
$row["after"] = $dbh->escape_string($after); //! rgt AFTER lft, lft AFTER id doesn't work
|
||||
$row["alter"] = $dbh->escape_string(idf_escape($row["COLUMN_NAME"])
|
||||
. " $row[COLUMN_TYPE]"
|
||||
. ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
|
||||
. (isset($row["COLUMN_DEFAULT"]) ? " DEFAULT $row[default]" : "")
|
||||
. ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
|
||||
. ($row["EXTRA"] ? " $row[EXTRA]" : "")
|
||||
. ($row["COLUMN_COMMENT"] ? " COMMENT '" . $dbh->escape_string($row["COLUMN_COMMENT"]) . "'" : "")
|
||||
. ($after ? " AFTER " . idf_escape($after) : " FIRST")
|
||||
);
|
||||
echo ", ADD $row[alter]";
|
||||
$fields[] = $row;
|
||||
$after = $row["COLUMN_NAME"];
|
||||
}
|
||||
$result->free();
|
||||
?>';
|
||||
$fields = array();
|
||||
$result = $dbh->query($query);
|
||||
$after = "";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$row["default"] = (isset($row["COLUMN_DEFAULT"]) ? $dbh->quote($row["COLUMN_DEFAULT"]) : "NULL");
|
||||
$row["after"] = $dbh->quote($after); //! rgt AFTER lft, lft AFTER id doesn't work
|
||||
$row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"])
|
||||
. " $row[COLUMN_TYPE]"
|
||||
. ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
|
||||
. (isset($row["COLUMN_DEFAULT"]) ? " DEFAULT $row[default]" : "")
|
||||
. ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
|
||||
. ($row["EXTRA"] ? " $row[EXTRA]" : "")
|
||||
. ($row["COLUMN_COMMENT"] ? " COMMENT " . $dbh->quote($row["COLUMN_COMMENT"]) : "")
|
||||
. ($after ? " AFTER " . idf_escape($after) : " FIRST")
|
||||
);
|
||||
echo ", ADD $row[alter]";
|
||||
$fields[] = $row;
|
||||
$after = $row["COLUMN_NAME"];
|
||||
}
|
||||
$result->free();
|
||||
?>';
|
||||
DECLARE columns CURSOR FOR <?php echo $query; ?>;
|
||||
DECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;
|
||||
SET @alter_table = '';
|
||||
@@ -68,15 +68,15 @@ $result->free();
|
||||
IF NOT done THEN
|
||||
SET set_after = 1;
|
||||
CASE _column_name<?php
|
||||
foreach ($fields as $row) {
|
||||
echo "
|
||||
WHEN '" . $dbh->escape_string($row["COLUMN_NAME"]) . "' THEN
|
||||
foreach ($fields as $row) {
|
||||
echo "
|
||||
WHEN " . $dbh->quote($row["COLUMN_NAME"]) . " THEN
|
||||
SET add_columns = REPLACE(add_columns, ', ADD $row[alter]', '');
|
||||
IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != '$row[COLUMN_TYPE]' OR _extra != '$row[EXTRA]' OR _column_comment != '" . $dbh->escape_string($row["COLUMN_COMMENT"]) . "' OR after != '$row[after]' THEN
|
||||
IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != '$row[COLUMN_TYPE]' OR _extra != '$row[EXTRA]' OR _column_comment != " . $dbh->quote($row["COLUMN_COMMENT"]) . " OR after != $row[after] THEN
|
||||
SET @alter_table = CONCAT(@alter_table, ', MODIFY $row[alter]');
|
||||
END IF;"; //! don't replace in comment
|
||||
}
|
||||
?>
|
||||
}
|
||||
?>
|
||||
|
||||
ELSE
|
||||
SET @alter_table = CONCAT(@alter_table, ', DROP ', _column_name);
|
||||
@@ -121,12 +121,12 @@ function dump_data($table, $style, $select = "") {
|
||||
$insert = "INSERT INTO " . idf_escape($table) . " (" . implode(", ", array_map('idf_escape', array_keys($row))) . ") VALUES";
|
||||
$row2 = array();
|
||||
foreach ($row as $key => $val) {
|
||||
$row2[$key] = (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
|
||||
$row2[$key] = (isset($val) ? $dbh->quote($val) : "NULL");
|
||||
}
|
||||
if ($style == "INSERT+UPDATE") {
|
||||
$set = array();
|
||||
foreach ($row as $key => $val) {
|
||||
$set[] = idf_escape($key) . " = " . (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
|
||||
$set[] = idf_escape($key) . " = " . (isset($val) ? $dbh->quote($val) : "NULL");
|
||||
}
|
||||
echo "$insert (" . implode(", ", $row2) . ") ON DUPLICATE KEY UPDATE " . implode(", ", $set) . ";\n";
|
||||
} else {
|
||||
|
||||
@@ -67,7 +67,7 @@ function where($where) {
|
||||
$return = array();
|
||||
foreach ((array) $where["where"] as $key => $val) {
|
||||
$key = bracket_escape($key, "back");
|
||||
$return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY '" . $dbh->escape_string($val) . "'"; //! enum and set, columns looking like functions
|
||||
$return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY " . $dbh->quote($val); //! enum and set, columns looking like functions
|
||||
}
|
||||
foreach ((array) $where["null"] as $key) {
|
||||
$key = bracket_escape($key, "back");
|
||||
|
||||
@@ -28,6 +28,10 @@ if (extension_loaded("mysqli")) {
|
||||
return $row[$field];
|
||||
}
|
||||
|
||||
function quote($string) {
|
||||
return "'" . parent::escape_string($string) . "'";
|
||||
}
|
||||
|
||||
// minification compatibility start
|
||||
function select_db($database) {
|
||||
return parent::select_db($database);
|
||||
@@ -51,10 +55,6 @@ if (extension_loaded("mysqli")) {
|
||||
function next_result() {
|
||||
return parent::next_result();
|
||||
}
|
||||
|
||||
function escape_string($string) {
|
||||
return parent::escape_string($string);
|
||||
}
|
||||
}
|
||||
|
||||
class Min_Result {
|
||||
@@ -103,6 +103,10 @@ if (extension_loaded("mysqli")) {
|
||||
return (bool) $this->_link;
|
||||
}
|
||||
|
||||
function quote($string) {
|
||||
return "'" . mysql_real_escape_string($string, $this->_link) . "'";
|
||||
}
|
||||
|
||||
function select_db($database) {
|
||||
return mysql_select_db($database, $this->_link);
|
||||
}
|
||||
@@ -138,10 +142,6 @@ if (extension_loaded("mysqli")) {
|
||||
}
|
||||
return mysql_result($result->_result, 0, $field);
|
||||
}
|
||||
|
||||
function escape_string($string) {
|
||||
return mysql_real_escape_string($string, $this->_link);
|
||||
}
|
||||
}
|
||||
|
||||
class Min_Result {
|
||||
@@ -224,7 +224,7 @@ function get_databases() {
|
||||
|
||||
function table_status($table) {
|
||||
global $dbh;
|
||||
$result = $dbh->query("SHOW TABLE STATUS LIKE '" . $dbh->escape_string(addcslashes($table, "%_")) . "'");
|
||||
$result = $dbh->query("SHOW TABLE STATUS LIKE " . $dbh->quote(addcslashes($table, "%_")));
|
||||
$return = $result->fetch_assoc(); // ()-> is not supported in PHP 4
|
||||
$result->free();
|
||||
return $return;
|
||||
@@ -320,6 +320,11 @@ function collations() {
|
||||
return $return;
|
||||
}
|
||||
|
||||
function escape_string($val) {
|
||||
global $dbh;
|
||||
return substr($dbh->quote($val), 1, -1);
|
||||
}
|
||||
|
||||
function table_comment(&$row) {
|
||||
if ($row["Engine"] == "InnoDB") {
|
||||
// ignore internal comment, unnecessary since MySQL 5.1.21
|
||||
|
||||
@@ -55,8 +55,8 @@ if (extension_loaded('pdo')) {
|
||||
return $row[$field];
|
||||
}
|
||||
|
||||
function escape_string($string) {
|
||||
return substr($this->quote($string), 1, -1);
|
||||
function quote($string) {
|
||||
return parent::quote($string);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -34,16 +34,16 @@ foreach ((array) $_GET["columns"] as $key => $val) {
|
||||
$where = array(); // where expressions - will be joined by AND
|
||||
foreach ($indexes as $i => $index) {
|
||||
if ($index["type"] == "FULLTEXT" && strlen($_GET["fulltext"][$i])) {
|
||||
$where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . $dbh->escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
|
||||
$where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST (" . $dbh->quote($_GET["fulltext"][$i]) . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
|
||||
}
|
||||
}
|
||||
foreach ((array) $_GET["where"] as $val) {
|
||||
if (strlen("$val[col]$val[val]") && in_array($val["op"], $operators)) {
|
||||
if ($val["op"] == "AGAINST") {
|
||||
$where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST ('" . $dbh->escape_string($val["val"]) . "' IN BOOLEAN MODE)";
|
||||
$where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST (" . $dbh->quote($val["val"]) . " IN BOOLEAN MODE)";
|
||||
} else {
|
||||
$in = process_length($val["val"]);
|
||||
$cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " (" . (strlen($in) ? $in : "NULL") . ")" : " '" . $dbh->escape_string($val["val"]) . "'")); //! this searches in numeric values too
|
||||
$cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " (" . (strlen($in) ? $in : "NULL") . ")" : " " . $dbh->quote($val["val"]))); //! this searches in numeric values too
|
||||
if (strlen($val["col"])) {
|
||||
$where[] = idf_escape($val["col"]) . $cond;
|
||||
} else {
|
||||
@@ -133,7 +133,7 @@ if ($_POST && !$error) {
|
||||
$cols = " (" . implode(", ", array_map('idf_escape', $matches2[1])) . ")";
|
||||
} else {
|
||||
foreach ($matches2[1] as $col) {
|
||||
$row[] = (!strlen($col) ? "NULL" : "'" . $dbh->escape_string(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))) . "'");
|
||||
$row[] = (!strlen($col) ? "NULL" : $dbh->quote(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))));
|
||||
}
|
||||
$rows[] = "\n(" . implode(", ", $row) . ")";
|
||||
}
|
||||
|
||||
@@ -63,7 +63,7 @@ if ($result) {
|
||||
|
||||
if ($dbh->server_info >= 5) {
|
||||
echo "<h3>" . lang('Triggers') . "</h3>\n";
|
||||
$result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($_GET["table"], "%_")) . "'");
|
||||
$result = $dbh->query("SHOW TRIGGERS LIKE " . $dbh->quote(addcslashes($_GET["table"], "%_")));
|
||||
if ($result->num_rows) {
|
||||
echo "<table cellspacing='0'>\n";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
|
||||
@@ -19,7 +19,7 @@ $row = array("Trigger" => "$_GET[trigger]_bi");
|
||||
if ($_POST) {
|
||||
$row = $_POST;
|
||||
} elseif (strlen($_GET["name"])) {
|
||||
$result = $dbh->query("SHOW TRIGGERS WHERE `Trigger` = '" . $dbh->escape_string($_GET["name"]) . "'");
|
||||
$result = $dbh->query("SHOW TRIGGERS WHERE `Trigger` = " . $dbh->quote($_GET["name"]));
|
||||
$row = $result->fetch_assoc();
|
||||
$result->free();
|
||||
}
|
||||
|
||||
@@ -35,7 +35,7 @@ if ($_POST) {
|
||||
}
|
||||
$grants = array();
|
||||
$old_pass = "";
|
||||
if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR '" . $dbh->escape_string($_GET["user"]) . "'@'" . $dbh->escape_string($_GET["host"]) . "'"))) { //! Use information_schema for MySQL 5 - column names in column privileges are not escaped
|
||||
if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR " . $dbh->quote($_GET["user"]) . "@" . $dbh->quote($_GET["host"])))) { //! Use information_schema for MySQL 5 - column names in column privileges are not escaped
|
||||
while ($row = $result->fetch_row()) {
|
||||
if (preg_match('~GRANT (.*) ON (.*) TO ~', $row[0], $match) && preg_match_all('~ *([^(,]*[^ ,(])( *\\([^)]+\\))?~', $match[1], $matches, PREG_SET_ORDER)) { //! escape the part between ON and TO
|
||||
foreach ($matches as $val) {
|
||||
@@ -53,16 +53,16 @@ if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR '" . $dbh->e
|
||||
}
|
||||
|
||||
if ($_POST && !$error) {
|
||||
$old_user = (isset($_GET["host"]) ? $dbh->escape_string($_GET["user"]) . "'@'" . $dbh->escape_string($_GET["host"]) : "");
|
||||
$new_user = $dbh->escape_string($_POST["user"]) . "'@'" . $dbh->escape_string($_POST["host"]);
|
||||
$pass = $dbh->escape_string($_POST["pass"]);
|
||||
$old_user = (isset($_GET["host"]) ? $dbh->quote($_GET["user"]) . "@" . $dbh->quote($_GET["host"]) : "''");
|
||||
$new_user = $dbh->quote($_POST["user"]) . "@" . $dbh->quote($_POST["host"]);
|
||||
$pass = $dbh->quote($_POST["pass"]);
|
||||
if ($_POST["drop"]) {
|
||||
query_redirect("DROP USER '$old_user'", $SELF . "privileges=", lang('User has been dropped.'));
|
||||
query_redirect("DROP USER $old_user", $SELF . "privileges=", lang('User has been dropped.'));
|
||||
} else {
|
||||
if ($old_user == $new_user) {
|
||||
queries("SET PASSWORD FOR '$new_user' = " . ($_POST["hashed"] ? "'$pass'" : "PASSWORD('$pass')"));
|
||||
queries("SET PASSWORD FOR $new_user = " . ($_POST["hashed"] ? $pass : "PASSWORD($pass)"));
|
||||
} else {
|
||||
$error = !queries(($dbh->server_info < 5 ? "GRANT USAGE ON *.* TO" : "CREATE USER") . " '$new_user' IDENTIFIED BY" . ($_POST["hashed"] ? " PASSWORD" : "") . " '$pass'");
|
||||
$error = !queries(($dbh->server_info < 5 ? "GRANT USAGE ON *.* TO" : "CREATE USER") . " $new_user IDENTIFIED BY" . ($_POST["hashed"] ? " PASSWORD" : "") . " $pass");
|
||||
}
|
||||
if (!$error) {
|
||||
$revoke = array();
|
||||
@@ -81,8 +81,8 @@ if ($_POST && !$error) {
|
||||
unset($grants[$object]);
|
||||
}
|
||||
if (preg_match('~^(.+)\\s*(\\(.*\\))?$~U', $object, $match) && (
|
||||
($grant && !queries("GRANT " . grant($grant, $match[2]) . " ON $match[1] TO '$new_user'")) //! SQL injection
|
||||
|| ($revoke && !queries("REVOKE " . grant($revoke, $match[2]) . " ON $match[1] FROM '$new_user'"))
|
||||
($grant && !queries("GRANT " . grant($grant, $match[2]) . " ON $match[1] TO $new_user")) //! SQL injection
|
||||
|| ($revoke && !queries("REVOKE " . grant($revoke, $match[2]) . " ON $match[1] FROM $new_user"))
|
||||
)) {
|
||||
$error = true;
|
||||
break;
|
||||
@@ -91,18 +91,18 @@ if ($_POST && !$error) {
|
||||
}
|
||||
if (!$error && isset($_GET["host"])) {
|
||||
if ($old_user != $new_user) {
|
||||
queries("DROP USER '$old_user'");
|
||||
queries("DROP USER $old_user");
|
||||
} elseif (!isset($_GET["grant"])) {
|
||||
foreach ($grants as $object => $revoke) {
|
||||
if (preg_match('~^(.+)(\\(.*\\))?$~U', $object, $match)) {
|
||||
queries("REVOKE " . grant(array_keys($revoke), $match[2]) . " ON $match[1] FROM '$new_user'");
|
||||
queries("REVOKE " . grant(array_keys($revoke), $match[2]) . " ON $match[1] FROM $new_user");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
query_redirect(queries(), $SELF . "privileges=", (isset($_GET["host"]) ? lang('User has been altered.') : lang('User has been created.')), !$error, false, $error);
|
||||
if ($old_user != $new_user) {
|
||||
$dbh->query("DROP USER '$new_user'");
|
||||
$dbh->query("DROP USER $new_user");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user