Merge branch 'editor-search-fix'

adminer/drivers/mysql.inc.php

@@ -316,8 +316,8 @@ if (!defined("DRIVER")) {
 			}
 		}
 
-		function convertSearch($idf, $val, $field) {
-			return (preg_match('~char|text|enum|set~', $field["type"]) && !preg_match("~^utf8~", $field["collation"]) && preg_match('~[\x80-\xFF]~', $val['val'])
+		function convertSearch($idf, array $where, array $field) {
+			return (preg_match('~char|text|enum|set~', $field["type"]) && !preg_match("~^utf8~", $field["collation"]) && preg_match('~[\x80-\xFF]~', $where['val'])
 				? "CONVERT($idf USING " . charset($this->_conn) . ")"
 				: $idf
 			);

adminer/drivers/pgsql.inc.php

@@ -212,9 +212,9 @@ if (isset($_GET["pgsql"])) {
 			return $query;
 		}
 
-		function convertSearch($idf, $val, $field) {
+		function convertSearch($idf, array $where, array $field) {
 			$textTypes = "char|text";
-			if (strpos($val["op"], "LIKE") === false) {
+			if (strpos($where["op"], "LIKE") === false) {
 				$textTypes .= "|date|time(stamp)?|boolean|uuid|inet|cidr|macaddr|" . number_type();
 			}
 

adminer/include/adminer.inc.php

@@ -39,7 +39,7 @@ class Adminer {
 	function bruteForceKey() {
 		return $_SERVER["REMOTE_ADDR"];
 	}
-	
+
 	/** Get server name displayed in breadcrumbs
 	* @param string
 	* @return string HTML code or null
@@ -128,7 +128,7 @@ class Adminer {
 		echo "<p><input type='submit' value='" . lang('Login') . "'>\n";
 		echo checkbox("auth[permanent]", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
 	}
-	
+
 	/** Get login form field
 	* @param string
 	* @param string HTML
@@ -488,7 +488,7 @@ class Adminer {
 		echo "</script>\n";
 		echo "</div></fieldset>\n";
 	}
-	
+
 	/** Print command box in select
 	* @return bool whether to print default commands
 	*/
@@ -537,50 +537,60 @@ class Adminer {
 	* @return array expressions to join by AND
 	*/
 	function selectSearchProcess($fields, $indexes) {
-		global $connection, $driver;
-		$return = array();
+		global $driver;
+
+		$return = [];
+
 		foreach ($indexes as $i => $index) {
 			if ($index["type"] == "FULLTEXT" && $_GET["fulltext"][$i] != "") {
 				$return[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST (" . q($_GET["fulltext"][$i]) . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
 			}
 		}
-		foreach ((array) $_GET["where"] as $key => $val) {
-			if ("$val[col]$val[val]" != "" && in_array($val["op"], $this->operators)) {
+
+		foreach ((array) $_GET["where"] as $where) {
+			$col = $where["col"];
+			$op = $where["op"];
+			$val = $where["val"];
+
+			if ("$col$val" != "" && in_array($op, $this->operators)) {
 				$prefix = "";
-				$cond = " $val[op]";
-				if (preg_match('~IN$~', $val["op"])) {
-					$in = process_length($val["val"]);
+				$cond = " $op";
+
+				if (preg_match('~IN$~', $op)) {
+					$in = process_length($val);
 					$cond .= " " . ($in != "" ? $in : "(NULL)");
-				} elseif ($val["op"] == "SQL") {
-					$cond = " $val[val]"; // SQL injection
-				} elseif ($val["op"] == "LIKE %%") {
-					$cond = " LIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%");
-				} elseif ($val["op"] == "ILIKE %%") {
-					$cond = " ILIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%");
-				} elseif ($val["op"] == "FIND_IN_SET") {
-					$prefix = "$val[op](" . q($val["val"]) . ", ";
+				} elseif ($op == "SQL") {
+					$cond = " $val"; // SQL injection
+				} elseif ($op == "LIKE %%") {
+					$cond = " LIKE " . $this->processInput($fields[$col], "%$val%");
+				} elseif ($op == "ILIKE %%") {
+					$cond = " ILIKE " . $this->processInput($fields[$col], "%$val%");
+				} elseif ($op == "FIND_IN_SET") {
+					$prefix = "$op(" . q($val) . ", ";
 					$cond = ")";
-				} elseif (!preg_match('~NULL$~', $val["op"])) {
-					$cond .= " " . $this->processInput($fields[$val["col"]], $val["val"]);
+				} elseif (!preg_match('~NULL$~', $op)) {
+					$cond .= " " . $this->processInput($fields[$col], $val);
 				}
-				if ($val["col"] != "") {
-					$return[] = $prefix . $driver->convertSearch(idf_escape($val["col"]), $val, $fields[$val["col"]]) . $cond;
+
+				if ($col != "") {
+					$return[] = $prefix . $driver->convertSearch(idf_escape($col), $where, $fields[$col]) . $cond;
 				} else {
 					// find anywhere
 					$cols = array();
 					foreach ($fields as $name => $field) {
 						if (isset($field["privileges"]["where"])
-                            && (preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
-							&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
-							&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
+                            && (preg_match('~^[-\d.' . (preg_match('~IN$~', $op) ? ',' : '') . ']+$~', $val) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
+							&& (!preg_match("~[\x80-\xFF]~", $val) || preg_match('~char|text|enum|set~', $field["type"]))
+							&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val))
 						) {
-							$cols[] = $prefix . $driver->convertSearch(idf_escape($name), $val, $field) . $cond;
+							$cols[] = $prefix . $driver->convertSearch(idf_escape($name), $where, $field) . $cond;
 						}
 					}
 					$return[] = ($cols ? "(" . implode(" OR ", $cols) . ")" : "1 = 0");
 				}
 			}
 		}
+
 		return $return;
 	}
 

adminer/include/driver.inc.php

@@ -13,14 +13,14 @@ function add_driver($id, $name) {
 
 /*abstract*/ class Min_SQL {
 	var $_conn;
-	
+
 	/** Create object for performing database operations
 	* @param Min_DB
 	*/
 	function __construct($connection) {
 		$this->_conn = $connection;
 	}
-	
+
 	/** Select data from table
 	* @param string
 	* @param array result of $adminer->selectColumnsProcess()[0]
@@ -52,7 +52,7 @@ function add_driver($id, $name) {
 		}
 		return $return;
 	}
-	
+
 	/** Delete data from table
 	* @param string
 	* @param string " WHERE ..."
@@ -63,7 +63,7 @@ function add_driver($id, $name) {
 		$query = "FROM " . table($table);
 		return queries("DELETE" . ($limit ? limit1($table, $query, $queryWhere) : " $query$queryWhere"));
 	}
-	
+
 	/** Update data in table
 	* @param string
 	* @param array escaped columns in keys, quoted data in values
@@ -80,7 +80,7 @@ function add_driver($id, $name) {
 		$query = table($table) . " SET$separator" . implode(",$separator", $values);
 		return queries("UPDATE" . ($limit ? limit1($table, $query, $queryWhere, $separator) : " $query$queryWhere"));
 	}
-	
+
 	/** Insert data into table
 	* @param string
 	* @param array escaped columns in keys, quoted data in values
@@ -92,7 +92,7 @@ function add_driver($id, $name) {
 			: " DEFAULT VALUES"
 		));
 	}
-	
+
 	/** Insert or update data in table
 	* @param string
 	* @param array
@@ -102,28 +102,28 @@ function add_driver($id, $name) {
 	/*abstract*/ function insertUpdate($table, $rows, $primary) {
 		return false;
 	}
-	
+
 	/** Begin transaction
 	* @return bool
 	*/
 	function begin() {
 		return queries("BEGIN");
 	}
-	
+
 	/** Commit transaction
 	* @return bool
 	*/
 	function commit() {
 		return queries("COMMIT");
 	}
-	
+
 	/** Rollback transaction
 	* @return bool
 	*/
 	function rollback() {
 		return queries("ROLLBACK");
 	}
-	
+
 	/** Return query with a timeout
 	* @param string
 	* @param int seconds
@@ -131,14 +131,14 @@ function add_driver($id, $name) {
 	*/
 	function slowQuery($query, $timeout) {
 	}
-	
+
 	/** Convert column to be searchable
 	* @param string escaped column name
 	* @param array array("op" => , "val" => )
 	* @param array
 	* @return string
 	*/
-	function convertSearch($idf, $val, $field) {
+	function convertSearch($idf, array $where, array $field) {
 		return $idf;
 	}
 
@@ -169,19 +169,19 @@ function add_driver($id, $name) {
 	function quoteBinary($s) {
 		return q($s);
 	}
-	
+
 	/** Get warnings about the last command
 	* @return string HTML
 	*/
 	function warnings() {
 		return '';
 	}
-	
+
 	/** Get help link for table
 	* @param string
 	* @return string relative URL or null
 	*/
 	function tableHelp($name) {
 	}
-	
+
 }

editor/include/adminer.inc.php

@@ -23,7 +23,7 @@ class Adminer {
 	function bruteForceKey() {
 		return $_SERVER["REMOTE_ADDR"];
 	}
-	
+
 	function serverName($server) {
 	}
 
@@ -342,35 +342,44 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
 
 	function selectSearchProcess($fields, $indexes) {
 		global $driver;
-		$return = array();
+
+		$return = [];
+
 		foreach ((array) $_GET["where"] as $key => $where) {
 			$col = $where["col"];
 			$op = $where["op"];
 			$val = $where["val"];
+
 			if (($key < 0 ? "" : $col) . $val != "") {
 				$conds = array();
+
 				foreach (($col != "" ? array($col => $fields[$col]) : $fields) as $name => $field) {
 					if ($col != "" || is_numeric($val) || !preg_match(number_type(), $field["type"])) {
 						$name = idf_escape($name);
+
 						if ($col != "" && $field["type"] == "enum") {
 							$conds[] = (in_array(0, $val) ? "$name IS NULL OR " : "") . "$name IN (" . implode(", ", array_map('intval', $val)) . ")";
 						} else {
 							$text_type = preg_match('~char|text|enum|set~', $field["type"]);
 							$value = $this->processInput($field, (!$op && $text_type && preg_match('~^[^%]+$~', $val) ? "%$val%" : $val));
-							$conds[] = $driver->convertSearch($name, $val, $field) . ($value == "NULL" ? " IS" . ($op == ">=" ? " NOT" : "") . " $value"
+
+							$conds[] = $driver->convertSearch($name, $where, $field) . ($value == "NULL" ? " IS" . ($op == ">=" ? " NOT" : "") . " $value"
 								: (in_array($op, $this->operators) || $op == "=" ? " $op $value"
 								: ($text_type ? " LIKE $value"
 								: " IN (" . str_replace(",", "', '", $value) . ")"
 							)));
+
 							if ($key < 0 && $val == "0") {
 								$conds[] = "$name IS NULL";
 							}
 						}
 					}
 				}
+
 				$return[] = ($conds ? "(" . implode(" OR ", $conds) . ")" : "1 = 0");
 			}
 		}
+
 		return $return;
 	}