diff --git a/adminer/create.inc.php b/adminer/create.inc.php index abd9efc8..49ae7f92 100644 --- a/adminer/create.inc.php +++ b/adminer/create.inc.php @@ -98,14 +98,6 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"] page_header((strlen($TABLE) ? lang('Alter table') : lang('Create table')), $error, array("table" => $TABLE), $TABLE); -$engines = array(); -$result = $connection->query("SHOW ENGINES"); -while ($row = $result->fetch_assoc()) { - if (ereg("YES|DEFAULT", $row["Support"])) { - $engines[] = $row["Engine"]; - } -} - $row = array( "Engine" => $_COOKIE["adminer_engine"], "fields" => array(array("field" => "")), @@ -148,6 +140,8 @@ $suhosin = floor(extension_loaded("suhosin") ? (min(ini_get("suhosin.request.max if ($suhosin && count($row["fields"]) > $suhosin) { echo "

" . h(lang('Maximum number of allowed fields exceeded. Please increase %s and %s.', 'suhosin.post.max_vars', 'suhosin.request.max_vars')) . "\n"; } + +$engines = engines(); // case of engine may differ foreach ($engines as $engine) { if (!strcasecmp($engine, $row["Engine"])) { @@ -160,7 +154,7 @@ foreach ($engines as $engine) {

: "> - "(" . lang('engine') . ")") + $engines, $row["Engine"]); ?> + "(" . lang('engine') . ")") + $engines, $row["Engine"]) : ""); ?> "(" . lang('collation') . ")") + $collations, $row["Collation"]); ?>

diff --git a/adminer/edit.inc.php b/adminer/edit.inc.php index 6aa40876..a231e183 100644 --- a/adminer/edit.inc.php +++ b/adminer/edit.inc.php @@ -22,8 +22,10 @@ if ($_POST && !$error && !isset($_GET["select"])) { $set = array(); foreach ($fields as $name => $field) { $val = process_input($field); - if ($val !== false || !$update) { - $set[] = "\n" . idf_escape($name) . " = " . ($val !== false ? $val : "''"); + if (!$update) { + $set[idf_escape($name)] = ($val !== false ? $val : "''"); + } elseif ($val !== false) { + $set[] = "\n" . idf_escape($name) . " = $val"; } } if (!$set) { @@ -32,7 +34,7 @@ if ($_POST && !$error && !isset($_GET["select"])) { if ($update) { query_redirect("UPDATE " . idf_escape($TABLE) . " SET" . implode(",", $set) . "\nWHERE $where\nLIMIT 1", $location, lang('Item has been updated.')); } else { - query_redirect("INSERT INTO " . idf_escape($TABLE) . " SET" . implode(",", $set), $location, lang('Item has been inserted.')); + query_redirect("INSERT INTO " . idf_escape($TABLE) . " (" . implode(", ", array_keys($set)) . ")\nVALUES (" . implode(", ", $set) . ")", $location, lang('Item has been inserted.')); } } diff --git a/adminer/foreign.inc.php b/adminer/foreign.inc.php index f3c54538..f59a6552 100644 --- a/adminer/foreign.inc.php +++ b/adminer/foreign.inc.php @@ -37,8 +37,8 @@ if ($_POST) { $row["source"][] = ""; } -$source = get_vals("SHOW COLUMNS FROM " . idf_escape($TABLE)); //! no text and blob -$target = ($TABLE === $row["table"] ? $source : get_vals("SHOW COLUMNS FROM " . idf_escape($row["table"]))); +$source = array_keys(fields($TABLE)); //! no text and blob +$target = ($TABLE === $row["table"] ? $source : array_keys(fields($row["table"]))); ?> diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php index bea74651..2c618e67 100644 --- a/adminer/include/adminer.inc.php +++ b/adminer/include/adminer.inc.php @@ -491,7 +491,7 @@ class Adminer {
select_db(DB)) { - $tables = get_vals("SHOW TABLES"); + $tables = tables_list(); if (!$tables) { echo "

" . lang('No tables.') . "\n"; } else { diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php index e53d798b..dade0665 100644 --- a/adminer/include/functions.inc.php +++ b/adminer/include/functions.inc.php @@ -24,6 +24,15 @@ function idf_unescape($idf) { return str_replace("``", "`", $idf); } +/** Escape string to use inside '' +* @param string +* @return string +*/ +function escape_string($val) { + global $connection; + return substr($connection->quote($val), 1, -1); +} + /** Escape or unescape string to use inside form [] * @param string * @param bool @@ -155,11 +164,10 @@ function unique_idf($row, $indexes) { * @return string */ function where($where) { - global $connection; $return = array(); foreach ((array) $where["where"] as $key => $val) { $key = bracket_escape($key, "back"); - $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY " . $connection->quote($val); //! enum and set, columns looking like functions + $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = " . exact_value($val); //! enum and set, columns looking like functions } foreach ((array) $where["null"] as $key) { $key = bracket_escape($key, "back"); diff --git a/adminer/include/mysql.inc.php b/adminer/include/mysql.inc.php index eaf98512..8ddafded 100644 --- a/adminer/include/mysql.inc.php +++ b/adminer/include/mysql.inc.php @@ -177,6 +177,25 @@ function get_databases($flush = true) { return $return; } +function engines() { + global $connection; + $return = array(); + $result = $connection->query("SHOW ENGINES"); + while ($row = $result->fetch_assoc()) { + if (ereg("YES|DEFAULT", $row["Support"])) { + $return[] = $row["Engine"]; + } + } + return $return; +} + +/** Get tables list +* @return array +*/ +function tables_list() { + return get_vals("SHOW TABLES"); +} + /** Get table status * @param string * @return array @@ -315,15 +334,6 @@ function collations() { return $return; } -/** Escape string to use inside '' -* @param string -* @return string -*/ -function escape_string($val) { - global $connection; - return substr($connection->quote($val), 1, -1); -} - /** Find out if database is information_schema * @param string * @return bool @@ -333,6 +343,15 @@ function information_schema($db) { return ($connection->server_info >= 5 && $db == "information_schema"); } +/** Return expression for binary comparison +* @param string +* @return string +*/ +function exact_value($val) { + global $connection; + return "BINARY " . $connection->quote($val); +} + // value means maximum unsigned length $types = array(); $structured_types = array(); diff --git a/adminer/table.inc.php b/adminer/table.inc.php index fd26dac4..034085d5 100644 --- a/adminer/table.inc.php +++ b/adminer/table.inc.php @@ -1,22 +1,22 @@ query("SHOW FULL COLUMNS FROM " . idf_escape($TABLE)); -if (!$result) { +$fields = fields($TABLE); +if (!$fields) { $error = h($connection->error); } -$table_status = ($result ? table_status($TABLE) : array()); +$table_status = ($fields ? table_status($TABLE) : array()); $is_view = !isset($table_status["Rows"]); -page_header(($result && $is_view ? lang('View') : lang('Table')) . ": " . h($TABLE), $error); +page_header(($fields && $is_view ? lang('View') : lang('Table')) . ": " . h($TABLE), $error); $adminer->selectLinks($table_status, $is_view ? null : ""); -if ($result) { +if ($fields) { echo "\n"; echo "\n"; - while ($row = $result->fetch_assoc()) { - echo "
" . lang('Column') . "" . lang('Type') . "" . lang('Comment') . "
" . h($row["Field"]); - echo "" . h($row["Type"]) . ($row["Null"] == "YES" ? " NULL" : "") . ($row["Extra"] == "auto_increment" ? " " . lang('Auto Increment') . "" : ""); - echo "" . nbsp($row["Comment"]); + foreach ($fields as $field) { + echo "
" . h($field["field"]); + echo "" . h($field["full_type"]) . ($field["null"] ? " NULL" : "") . ($field["auto_increment"] ? " " . lang('Auto Increment') . "" : ""); + echo "" . nbsp($field["comment"]); echo "\n"; } echo "
\n"; diff --git a/editor/include/adminer.inc.php b/editor/include/adminer.inc.php index bb8d9ec7..915e5d44 100644 --- a/editor/include/adminer.inc.php +++ b/editor/include/adminer.inc.php @@ -116,7 +116,7 @@ ORDER BY ORDINAL_POSITION"); // find all used ids $ids = array(); foreach ($rows as $row) { - $ids[$row[$key]] = "BINARY " . $connection->quote($row[$key]); + $ids[$row[$key]] = exact_value($row[$key]); } // uses constant number of queries to get the descriptions, join would be complex, multiple queries would be slow $descriptions = array();