Fix search anywhere (fix #1004, regression from 5.1.1)

CHANGELOG.md

@@ -1,4 +1,5 @@
 ## Adminer dev
+- Fix search anywhere (bug #1004, regression from 5.1.1)
 
 ## Adminer 5.2.0 (released 2025-04-08)
 - Autocomplete SQL commands

adminer/include/adminer.inc.php

@@ -538,41 +538,39 @@ class Adminer {
 			}
 		}
 		foreach ((array) $_GET["where"] as $key => $val) {
-			if ("$val[col]$val[val]" != "" && in_array($val["op"], adminer()->operators())) {
+			$col = $val["col"];
-				$prefix = "";
+			if ("$col$val[val]" != "" && in_array($val["op"], adminer()->operators())) {
-				$cond = " $val[op]";
+				$conds = array();
-				if (preg_match('~IN$~', $val["op"])) {
+				foreach (($col != "" ? array($col => $fields[$col]) : $fields) as $name => $field) {
-					$in = process_length($val["val"]);
+					$prefix = "";
-					$cond .= " " . ($in != "" ? $in : "(NULL)");
+					$cond = " $val[op]";
-				} elseif ($val["op"] == "SQL") {
+					if (preg_match('~IN$~', $val["op"])) {
-					$cond = " $val[val]"; // SQL injection
+						$in = process_length($val["val"]);
-				} elseif ($val["op"] == "LIKE %%") {
+						$cond .= " " . ($in != "" ? $in : "(NULL)");
-					$cond = " LIKE " . adminer()->processInput(idx($fields, $val["col"], array()), "%$val[val]%"); // this is used by search anywhere which doesn't set $val["col"]
+					} elseif ($val["op"] == "SQL") {
-				} elseif ($val["op"] == "ILIKE %%") {
+						$cond = " $val[val]"; // SQL injection
-					$cond = " ILIKE " . adminer()->processInput($fields[$val["col"]], "%$val[val]%");
+					} elseif (preg_match('~^(I?LIKE) %%$~', $val["op"], $match)) {
-				} elseif ($val["op"] == "FIND_IN_SET") {
+						$cond = " $match[1] " . adminer()->processInput($field, "%$val[val]%");
-					$prefix = "$val[op](" . q($val["val"]) . ", ";
+					} elseif ($val["op"] == "FIND_IN_SET") {
-					$cond = ")";
+						$prefix = "$val[op](" . q($val["val"]) . ", ";
-				} elseif (!preg_match('~NULL$~', $val["op"])) {
+						$cond = ")";
-					$cond .= " " . adminer()->processInput($fields[$val["col"]], $val["val"]);
+					} elseif (!preg_match('~NULL$~', $val["op"])) {
-				}
+						$cond .= " " . adminer()->processInput($field, $val["val"]);
-				if ($val["col"] != "") {
+					}
-					$return[] = $prefix . driver()->convertSearch(idf_escape($val["col"]), $val, $fields[$val["col"]]) . $cond;
+					if ($col != "" || ( // find anywhere
-				} else {
+						isset($field["privileges"]["where"])
-					// find anywhere
+						&& (preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
-					$cols = array();
+						&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
-					foreach ($fields as $name => $field) {
+						&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
-						if (
+					)) {
-							isset($field["privileges"]["where"])
+						$conds[] = $prefix . driver()->convertSearch(idf_escape($name), $val, $field) . $cond;
-							&& (preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
-							&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
-							&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
-						) {
-							$cols[] = $prefix . driver()->convertSearch(idf_escape($name), $val, $field) . $cond;
-						}
 					}
-					$return[] = ($cols ? "(" . implode(" OR ", $cols) . ")" : "1 = 0");
 				}
+				$return[] =
+					(count($conds) == 1 ? $conds[0] :
+					($conds ? "(" . implode(" OR ", $conds) . ")" :
+					"1 = 0"
+				));
 			}
 		}
 		return $return;