beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Use variable instead of literal value

Browse source
This commit is contained in:
Jakub Vrana 2013-05-23 18:31:48 -07:00
parent 15e698d302
commit 2c381345b4
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
editor/script.inc.php
View file

@ -3,11 +3,12 @@ if ($_GET["script"] == "kill") {
$connection->query("KILL " . (+$_POST["kill"]));
} elseif (list($table, $id, $name) = $adminer->_foreignColumn(column_foreign_keys($_GET["source"]), $_GET["field"])) {
$result = $connection->query("SELECT $id, $name FROM " . table($table) . " WHERE " . (ereg('^[0-9]+$', $_GET["value"]) ? "$id = $_GET[value] OR " : "") . "$name LIKE " . q("$_GET[value]%") . " ORDER BY 2 LIMIT 11");
for ($i=0; $i < 10 && ($row = $result->fetch_row()); $i++) {
$limit = 11;
$result = $connection->query("SELECT $id, $name FROM " . table($table) . " WHERE " . (ereg('^[0-9]+$', $_GET["value"]) ? "$id = $_GET[value] OR " : "") . "$name LIKE " . q("$_GET[value]%") . " ORDER BY 2 LIMIT $limit");
for ($i=1; ($row = $result->fetch_row()) && $i < $limit; $i++) {
echo "<a href='" . h(ME . "edit=" . urlencode($table) . "&where" . urlencode("[" . bracket_escape(idf_unescape($id)) . "]") . "=" . urlencode($row[0])) . "'>" . h($row[1]) . "</a><br>\n";
}
if ($i == 10) {
if ($row) {
echo "...\n";
}
}