diff --git a/adminer/drivers/elastic.inc.php b/adminer/drivers/elastic.inc.php
index c570c14e..cb94e4f3 100644
--- a/adminer/drivers/elastic.inc.php
+++ b/adminer/drivers/elastic.inc.php
@@ -380,7 +380,12 @@ if (isset($_GET["elastic"])) {
"field" => $name,
"full_type" => $field["type"],
"type" => $field["type"],
- "privileges" => array("insert" => 1, "select" => 1, "update" => 1),
+ "privileges" => array(
+ "insert" => 1,
+ "select" => 1,
+ "update" => 1,
+ "where" => !isset($field["index"]) || $field["index"] ?: null,
+ ),
);
if ($field["properties"]) { // only leaf fields can be edited
unset($return[$name]["privileges"]["insert"]);
diff --git a/adminer/drivers/mongo.inc.php b/adminer/drivers/mongo.inc.php
index 63649f04..71fa0a5f 100644
--- a/adminer/drivers/mongo.inc.php
+++ b/adminer/drivers/mongo.inc.php
@@ -463,6 +463,7 @@ if (isset($_GET["mongo"])) {
"insert" => 1,
"select" => 1,
"update" => 1,
+ "where" => 1,
),
);
}
diff --git a/adminer/drivers/mssql.inc.php b/adminer/drivers/mssql.inc.php
index c8ed37c9..212f8de3 100644
--- a/adminer/drivers/mssql.inc.php
+++ b/adminer/drivers/mssql.inc.php
@@ -387,7 +387,7 @@ WHERE o.schema_id = SCHEMA_ID(" . q(get_schema()) . ") AND o.type IN ('S', 'U',
"null" => $row["is_nullable"],
"auto_increment" => $row["is_identity"],
"collation" => $row["collation_name"],
- "privileges" => array("insert" => 1, "select" => 1, "update" => 1),
+ "privileges" => array("insert" => 1, "select" => 1, "update" => 1, "where" => 1),
"primary" => $row["is_identity"], //! or indexes.is_primary_key
"comment" => $comments[$row["name"]],
);
diff --git a/adminer/drivers/mysql.inc.php b/adminer/drivers/mysql.inc.php
index 1ba8d651..7f61d6ec 100644
--- a/adminer/drivers/mysql.inc.php
+++ b/adminer/drivers/mysql.inc.php
@@ -551,7 +551,7 @@ if (!defined("DRIVER")) {
"auto_increment" => ($row["Extra"] == "auto_increment"),
"on_update" => (preg_match('~^on update (.+)~i', $row["Extra"], $match) ? $match[1] : ""), //! available since MySQL 5.1.23
"collation" => $row["Collation"],
- "privileges" => array_flip(preg_split('~, *~', $row["Privileges"])),
+ "privileges" => array_flip(preg_split('~, *~', $row["Privileges"])) + ["where" => 1],
"comment" => $row["Comment"],
"primary" => ($row["Key"] == "PRI"),
// https://mariadb.com/kb/en/library/show-columns/, https://github.com/vrana/adminer/pull/359#pullrequestreview-276677186
diff --git a/adminer/drivers/oracle.inc.php b/adminer/drivers/oracle.inc.php
index 1c5b1598..b05e5e43 100644
--- a/adminer/drivers/oracle.inc.php
+++ b/adminer/drivers/oracle.inc.php
@@ -297,7 +297,7 @@ ORDER BY 1"
"null" => ($row["NULLABLE"] == "Y"),
//! "auto_increment" => false,
//! "collation" => $row["CHARACTER_SET_NAME"],
- "privileges" => array("insert" => 1, "select" => 1, "update" => 1),
+ "privileges" => array("insert" => 1, "select" => 1, "update" => 1, "where" => 1),
//! "comment" => $row["Comment"],
//! "primary" => ($row["Key"] == "PRI"),
);
diff --git a/adminer/drivers/sqlite.inc.php b/adminer/drivers/sqlite.inc.php
index e85fd31c..fcfd56af 100644
--- a/adminer/drivers/sqlite.inc.php
+++ b/adminer/drivers/sqlite.inc.php
@@ -321,7 +321,7 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
"full_type" => $type,
"default" => (preg_match("~'(.*)'~", $default, $match) ? str_replace("''", "'", $match[1]) : ($default == "NULL" ? null : $default)),
"null" => !$row["notnull"],
- "privileges" => array("select" => 1, "insert" => 1, "update" => 1),
+ "privileges" => array("select" => 1, "insert" => 1, "update" => 1, "where" => 1),
"primary" => $row["pk"],
);
if ($row["pk"]) {
diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php
index 632e2928..b114b5b9 100644
--- a/adminer/include/adminer.inc.php
+++ b/adminer/include/adminer.inc.php
@@ -561,7 +561,8 @@ class Adminer {
// find anywhere
$cols = array();
foreach ($fields as $name => $field) {
- if ((preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
+ if (isset($field["privileges"]["where"])
+ && (preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
) {
diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index 44b0a50a..749c709f 100644
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -1077,7 +1077,7 @@ function fields_from_edit() {
$name = bracket_escape($key, 1); // 1 - back
$return[$name] = array(
"field" => $name,
- "privileges" => array("insert" => 1, "update" => 1),
+ "privileges" => array("insert" => 1, "update" => 1, "where" => 1),
"null" => 1,
"auto_increment" => ($key == $driver->primary),
);
diff --git a/adminer/select.inc.php b/adminer/select.inc.php
index d213ae96..d977fce5 100644
--- a/adminer/select.inc.php
+++ b/adminer/select.inc.php
@@ -9,6 +9,7 @@ parse_str($_COOKIE["adminer_import"], $adminer_import);
$rights = array(); // privilege => 0
$columns = array(); // selectable columns
+$search_columns = array(); // searchable columns
$text_length = null;
foreach ($fields as $key => $field) {
$name = $adminer->fieldName($field);
@@ -18,6 +19,9 @@ foreach ($fields as $key => $field) {
$text_length = $adminer->selectLengthProcess();
}
}
+ if (isset($field["privileges"]["where"]) && $name != "") {
+ $search_columns[$key] = html_entity_decode(strip_tags($name), ENT_QUOTES);
+ }
$rights += $field["privileges"];
}
@@ -245,7 +249,7 @@ if (!$columns && support("table")) {
echo '';
echo "\n";
$adminer->selectColumnsPrint($select, $columns);
- $adminer->selectSearchPrint($where, $columns, $indexes);
+ $adminer->selectSearchPrint($where, $search_columns, $indexes);
$adminer->selectOrderPrint($order, $columns, $indexes);
$adminer->selectLimitPrint($limit);
$adminer->selectLengthPrint($text_length);
@@ -336,7 +340,7 @@ if (!$columns && support("table")) {
echo apply_sql_function($val["fun"], $name) . ""; //! columns looking like functions
echo "";
echo " ↓";
- if (!$val["fun"]) {
+ if (!$val["fun"] && isset($field["privileges"]["where"])) {
echo ' =';
echo script("qsl('a').onclick = partial(selectSearch, '" . js_escape($key) . "');");
}
diff --git a/plugins/drivers/clickhouse.php b/plugins/drivers/clickhouse.php
index ff9eb688..2b513197 100644
--- a/plugins/drivers/clickhouse.php
+++ b/plugins/drivers/clickhouse.php
@@ -344,7 +344,7 @@ if (isset($_GET["clickhouse"])) {
"default" => trim($row['default_expression']),
"null" => $nullable,
"auto_increment" => '0',
- "privileges" => array("insert" => 1, "select" => 1, "update" => 0),
+ "privileges" => array("insert" => 1, "select" => 1, "update" => 0, "where" => 1),
);
}
diff --git a/plugins/drivers/firebird.php b/plugins/drivers/firebird.php
index fc46f3a7..04b9729c 100644
--- a/plugins/drivers/firebird.php
+++ b/plugins/drivers/firebird.php
@@ -250,7 +250,7 @@ ORDER BY r.RDB$FIELD_POSITION';
"null" => (trim($row["FIELD_NOT_NULL_CONSTRAINT"]) == "YES"),
"auto_increment" => '0',
"collation" => trim($row["FIELD_COLLATION"]),
- "privileges" => array("insert" => 1, "select" => 1, "update" => 1),
+ "privileges" => array("insert" => 1, "select" => 1, "update" => 1, "where" => 1),
"comment" => trim($row["FIELD_DESCRIPTION"]),
);
}