diff --git a/adminer/drivers/mssql.inc.php b/adminer/drivers/mssql.inc.php index 41b094e0..e779adda 100644 --- a/adminer/drivers/mssql.inc.php +++ b/adminer/drivers/mssql.inc.php @@ -603,7 +603,7 @@ WHERE sys1.xtype = 'TR' AND sys2.name = " . q($table) $structured_types[$key] = array_keys($val); } $unsigned = array(); - $operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "LIKE %%", "IN", "IS NULL", "NOT LIKE", "NOT IN", "IS NOT NULL"); + $operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "LIKE %%", "IN", "IS NULL", "NOT LIKE", "NOT IN", "IS NOT NULL", ""); $functions = array("len", "lower", "round", "upper"); $grouping = array("avg", "count", "count distinct", "max", "min", "sum"); $edit_functions = array( diff --git a/adminer/drivers/mysql.inc.php b/adminer/drivers/mysql.inc.php index 24967642..6b258491 100644 --- a/adminer/drivers/mysql.inc.php +++ b/adminer/drivers/mysql.inc.php @@ -887,7 +887,7 @@ if (!defined("DRIVER")) { $structured_types[$key] = array_keys($val); } $unsigned = array("unsigned", "zerofill", "unsigned zerofill"); ///< @var array number variants - $operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "LIKE %%", "REGEXP", "IN", "IS NULL", "NOT LIKE", "NOT REGEXP", "NOT IN", "IS NOT NULL"); ///< @var array operators used in select + $operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "LIKE %%", "REGEXP", "IN", "IS NULL", "NOT LIKE", "NOT REGEXP", "NOT IN", "IS NOT NULL", ""); ///< @var array operators used in select $functions = array("char_length", "date", "from_unixtime", "hex", "lower", "round", "sec_to_time", "time_to_sec", "upper"); ///< @var array functions used in select $grouping = array("avg", "count", "count distinct", "group_concat", "max", "min", "sum"); ///< @var array grouping functions used in select $edit_functions = array( ///< @var array of array("$type|$type2" => "$function/$function2") functions used in editing, [0] - edit and insert, [1] - edit only diff --git a/adminer/drivers/oracle.inc.php b/adminer/drivers/oracle.inc.php index 05d3bebe..75bc9613 100644 --- a/adminer/drivers/oracle.inc.php +++ b/adminer/drivers/oracle.inc.php @@ -350,7 +350,7 @@ UNION SELECT view_name, 'view' FROM user_views" . ($name != "" ? " WHERE view_na $structured_types[$key] = array_keys($val); } $unsigned = array(); - $operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "LIKE %%", "IN", "IS NULL", "NOT LIKE", "NOT REGEXP", "NOT IN", "IS NOT NULL"); + $operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "LIKE %%", "IN", "IS NULL", "NOT LIKE", "NOT REGEXP", "NOT IN", "IS NOT NULL", ""); $functions = array("length", "lower", "round", "upper"); $grouping = array("avg", "count", "count distinct", "max", "min", "sum"); $edit_functions = array( diff --git a/adminer/drivers/pgsql.inc.php b/adminer/drivers/pgsql.inc.php index 6f3211b4..30a25218 100644 --- a/adminer/drivers/pgsql.inc.php +++ b/adminer/drivers/pgsql.inc.php @@ -533,7 +533,7 @@ AND typelem = 0" $structured_types[$key] = array_keys($val); } $unsigned = array(); - $operators = array("=", "<", ">", "<=", ">=", "!=", "~", "!~", "LIKE", "LIKE %%", "IN", "IS NULL", "NOT LIKE", "NOT IN", "IS NOT NULL"); + $operators = array("=", "<", ">", "<=", ">=", "!=", "~", "!~", "LIKE", "LIKE %%", "IN", "IS NULL", "NOT LIKE", "NOT IN", "IS NOT NULL", ""); $functions = array("char_length", "lower", "round", "to_hex", "to_timestamp", "upper"); $grouping = array("avg", "count", "count distinct", "max", "min", "sum"); $edit_functions = array( diff --git a/adminer/drivers/sqlite.inc.php b/adminer/drivers/sqlite.inc.php index d0759882..25a69a14 100644 --- a/adminer/drivers/sqlite.inc.php +++ b/adminer/drivers/sqlite.inc.php @@ -554,7 +554,7 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) { $types = array("integer" => 0, "real" => 0, "numeric" => 0, "text" => 0, "blob" => 0); $structured_types = array_keys($types); $unsigned = array(); - $operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "LIKE %%", "IN", "IS NULL", "NOT LIKE", "NOT IN", "IS NOT NULL"); // REGEXP can be user defined function + $operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "LIKE %%", "IN", "IS NULL", "NOT LIKE", "NOT IN", "IS NOT NULL", ""); // REGEXP can be user defined function $functions = array("hex", "length", "lower", "round", "unixepoch", "upper"); $grouping = array("avg", "count", "count distinct", "group_concat", "max", "min", "sum"); $edit_functions = array( diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php index ae9a1364..77081eb2 100644 --- a/adminer/include/adminer.inc.php +++ b/adminer/include/adminer.inc.php @@ -229,7 +229,7 @@ document.getElementById('username').focus(); } } echo "
"; - echo html_select("where[$i][op]", $this->operators); + echo html_select("where[$i][op]", $this->operators, "="); echo "
\n"; echo "\n"; } @@ -333,6 +333,8 @@ document.getElementById('username').focus(); if (ereg('IN$', $val["op"])) { $in = process_length($val["val"]); $cond .= " (" . ($in != "" ? $in : "NULL") . ")"; + } elseif (!$val["op"]) { + $cond .= $val["val"]; // SQL injection } elseif ($val["op"] == "LIKE %%") { $cond = " LIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%"); } elseif (!ereg('NULL$', $val["op"])) { diff --git a/changes.txt b/changes.txt index a29ec7e4..835f5794 100644 --- a/changes.txt +++ b/changes.txt @@ -1,6 +1,7 @@ Adminer 3.2.0-dev: Get long texts and slow information by AJAX All links and some forms by AJAX in browsers with support for history.pushState +Ability to search by expression in select Permanent link in schema Display total time in show only errors mode in SQL command History: edit all