Escape LIKE
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@157 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
parent
166f9b0b63
commit
5003ad5075
|
@ -73,7 +73,7 @@ if ($_POST) {
|
|||
$row["fields"][$row["auto_increment"] - 1]["auto_increment"] = true;
|
||||
}
|
||||
} elseif (strlen($_GET["create"])) {
|
||||
$result = $mysql->query("SHOW TABLE STATUS LIKE '" . $mysql->escape_string($_GET["create"]) . "'");
|
||||
$result = table_status($_GET["create"]);
|
||||
$row = $result->fetch_assoc();
|
||||
$row["name"] = $_GET["create"];
|
||||
$row["fields"] = array_values(fields($_GET["create"]));
|
||||
|
|
|
@ -40,6 +40,11 @@ function get_vals($query) {
|
|||
return $return;
|
||||
}
|
||||
|
||||
function table_status($table) {
|
||||
global $mysql;
|
||||
return $mysql->query("SHOW TABLE STATUS LIKE '" . $mysql->escape_string(addcslashes($table, "%_")) . "'");
|
||||
}
|
||||
|
||||
function fields($table) {
|
||||
global $mysql;
|
||||
$return = array();
|
||||
|
|
|
@ -51,7 +51,7 @@ if (!$result) {
|
|||
}
|
||||
|
||||
if ($mysql->server_info >= 5) {
|
||||
$result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string($_GET["table"]) . "'");
|
||||
$result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string(addcslashes($_GET["table"], "%_")) . "'");
|
||||
if ($result->num_rows) {
|
||||
echo "<h3>" . lang('Triggers') . "</h3>\n";
|
||||
echo "<table border='0' cellspacing='0' cellpadding='2'>\n";
|
||||
|
|
Loading…
Reference in a new issue