From 5a1df0684dea16381b00b53c42b0034fd459700c Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Fri, 20 Feb 2009 09:37:49 +0000
Subject: [PATCH] patch #2602633 [core] support column name having square
 brackets

---
 ChangeLog                            |  4 ++-
 libraries/tbl_replace_fields.inc.php |  5 +--
 tbl_change.php                       |  9 ++++--
 tbl_relation.php                     | 46 +++++++++++++++++++---------
 tbl_replace.php                      | 14 ++++++---
 5 files changed, 54 insertions(+), 24 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index ad37c4164..7d9dcee9c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -25,8 +25,10 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
   thanks to Herman van Rink and Virsacer
 + patch #2505255 [privileges] Cleanup, thanks to Virsacer - virsacer
 - bug #2414056 [auth] AllowNoPasswordRoot error message is too vague 
-+ patch #2596230 [XHTML] View table headers/footers completely,
+- patch #2596230 [XHTML] View table headers/footers completely,
   thanks to Virsacer - virsacer
+- patch #2602633 [core] support column name having square brackets, 
+  thanks to Herman van Rink - helmo
 
 3.1.3.0 (not yet released)
 + [lang] Turkish update, thanks to Burak Yavuz
diff --git a/libraries/tbl_replace_fields.inc.php b/libraries/tbl_replace_fields.inc.php
index 6ebea9cb8..9456d9996 100644
--- a/libraries/tbl_replace_fields.inc.php
+++ b/libraries/tbl_replace_fields.inc.php
@@ -68,7 +68,8 @@ if (false !== $possibly_uploaded_val) {
         $type = '';
     }
 
-    $f = 'field_' . md5($key);
+    // $key is and md5() of the fieldname
+    $f = 'field_' . $key;
 
     if (0 === strlen($val)) {
         // default
@@ -96,7 +97,7 @@ if (false !== $possibly_uploaded_val) {
                 // mode, insert empty field because no values were submitted. If protected
                 // blobs where set, insert original fields content.
                 if (! empty($prot_row[$key])) {
-                    $val = '0x' . bin2hex($prot_row[$key]);
+                    $val = '0x' . bin2hex($prot_row[$me_fields_name[$key]]);
                 } else {
                     $val = '';
                 }
diff --git a/tbl_change.php b/tbl_change.php
index b81056f22..a551e5a95 100644
--- a/tbl_change.php
+++ b/tbl_change.php
@@ -395,7 +395,9 @@ foreach ($rows as $row_id => $vrow) {
         $unnullify_trigger = $chg_evt_handler . "=\"return unNullify('"
             . PMA_escapeJsString($field['Field_html']) . "', '"
             . PMA_escapeJsString($jsvkey) . "')\"";
-        $field_name_appendix =  $vkey . '[' . $field['Field_html'] . ']';
+
+        // Use an MD5 as an array index to avoid having special characters in the name atttibute (see bug #1746964 )
+        $field_name_appendix =  $vkey . '[' . $field['Field_md5'] . ']';
         $field_name_appendix_md5 = $field['Field_md5'] . $vkey . '[]';
 
 
@@ -409,7 +411,10 @@ foreach ($rows as $row_id => $vrow) {
         }
         ?>
         <tr class="<?php echo $odd_row ? 'odd' : 'even'; ?>">
-            <td <?php echo ($cfg['LongtextDoubleTextarea'] && strstr($field['True_Type'], 'longtext') ? 'rowspan="2"' : ''); ?> align="center"><?php echo $field['Field_title']; ?></td>
+            <td <?php echo ($cfg['LongtextDoubleTextarea'] && strstr($field['True_Type'], 'longtext') ? 'rowspan="2"' : ''); ?> align="center">
+                <?php echo $field['Field_title']; ?>
+                <input type="hidden" name="fields_name<?php echo $field_name_appendix; ?>" value="<?php echo $field['Field_html']; ?>"/>
+            </td>
             <td align="center"<?php echo $field['wrap']; ?>>
                 <?php echo $field['pma_type']; ?>
             </td>
diff --git a/tbl_relation.php b/tbl_relation.php
index 31844dde4..94f361f18 100644
--- a/tbl_relation.php
+++ b/tbl_relation.php
@@ -138,10 +138,19 @@ if (isset($destination) && $cfgRelation['relwork']) {
 // I use $sql_query to be able to display directly the query via
 // PMA_showMessage()
 
+$me_fields_name =
+    isset($_REQUEST['fields_name'])
+    ? $_REQUEST['fields_name']
+    : null;
+
 if (isset($_REQUEST['destination_foreign'])) {
     $display_query = '';
     $seen_error = false;
-    foreach ($_REQUEST['destination_foreign'] as $master_field => $foreign_string) {
+    foreach ($_REQUEST['destination_foreign'] as $master_field_md5 => $foreign_string) {
+
+        // Map the fieldname's md5 back to it's real name
+        $master_field = $me_fields_name[$master_field_md5];
+
         if (! empty($foreign_string)) {
             $foreign_string = trim($foreign_string, '`');
             list($foreign_db, $foreign_table, $foreign_field) =
@@ -163,19 +172,19 @@ if (isset($_REQUEST['destination_foreign'])) {
                             . PMA_backquote($foreign_table) . '('
                             . PMA_backquote($foreign_field) . ')';
 
-                if (! empty($_REQUEST['on_delete'][$master_field])) {
-                    $sql_query .= ' ON DELETE ' . $options_array[$_REQUEST['on_delete'][$master_field]];
+                if (! empty($_REQUEST['on_delete'][$master_field_md5])) {
+                    $sql_query .= ' ON DELETE ' . $options_array[$_REQUEST['on_delete'][$master_field_md5]];
                 }
                 if (! empty($_REQUEST['on_update'][$master_field])) {
-                    $sql_query .= ' ON UPDATE ' . $options_array[$_REQUEST['on_update'][$master_field]];
+                    $sql_query .= ' ON UPDATE ' . $options_array[$_REQUEST['on_update'][$master_field_md5]];
                 }
                 $sql_query .= ';';
                 $display_query .= $sql_query . "\n";
                 // end repeated code
 
             } elseif (($existrel_foreign[$master_field]['foreign_db'] . '.' .$existrel_foreign[$master_field]['foreign_table'] . '.' . $existrel_foreign[$master_field]['foreign_field'] != $foreign_string)
-              || ($_REQUEST['on_delete'][$master_field] != (!empty($existrel_foreign[$master_field]['on_delete']) ? $existrel_foreign[$master_field]['on_delete'] : ''))
-              || ($_REQUEST['on_update'][$master_field] != (!empty($existrel_foreign[$master_field]['on_update']) ? $existrel_foreign[$master_field]['on_update'] : ''))
+              || ($_REQUEST['on_delete'][$master_field_md5] != (!empty($existrel_foreign[$master_field]['on_delete']) ? $existrel_foreign[$master_field]['on_delete'] : ''))
+              || ($_REQUEST['on_update'][$master_field_md5] != (!empty($existrel_foreign[$master_field]['on_update']) ? $existrel_foreign[$master_field]['on_update'] : ''))
                    ) {
                 // another foreign key is already defined for this field
                 // or
@@ -199,13 +208,13 @@ if (isset($_REQUEST['destination_foreign'])) {
                             . PMA_backquote($foreign_table) . '('
                             . PMA_backquote($foreign_field) . ')';
 
-                if (! empty($_REQUEST['on_delete'][$master_field])) {
+                if (! empty($_REQUEST['on_delete'][$master_field_md5])) {
                     $sql_query   .= ' ON DELETE '
-                        . $options_array[$_REQUEST['on_delete'][$master_field]];
+                        . $options_array[$_REQUEST['on_delete'][$master_field_md5]];
                 }
-                if (! empty($_REQUEST['on_update'][$master_field])) {
+                if (! empty($_REQUEST['on_update'][$master_field_md5])) {
                     $sql_query   .= ' ON UPDATE '
-                        . $options_array[$_REQUEST['on_update'][$master_field]];
+                        . $options_array[$_REQUEST['on_update'][$master_field_md5]];
                 }
                 $sql_query .= ';';
                 $display_query .= $sql_query . "\n";
@@ -373,14 +382,19 @@ if ($col_rs && PMA_DBI_num_rows($col_rs) > 0) {
     $odd_row = true;
     for ($i = 0; $i < $saved_row_cnt; $i++) {
         $myfield = $save_row[$i]['Field'];
+        // Use an md5 as array index to avoid having special characters in the name atttibure (see bug #1746964 )
+        $myfield_md5 = md5($myfield);
+        $myfield_html = htmlspecialchars($myfield);
         ?>
     <tr class="<?php echo $odd_row ? 'odd' : 'even'; $odd_row = ! $odd_row; ?>">
         <td align="center">
-            <strong><?php echo $save_row[$i]['Field']; ?></strong></td>
+            <strong><?php echo $myfield_html; ?></strong>
+            <input type="hidden" name="fields_name[<?php echo $myfield_md5; ?>]" value="<?php echo $myfield_html; ?>"/>
+        </td>
         <?php
         if ($cfgRelation['relwork']) {
             ?>
-        <td><select name="destination[<?php echo htmlspecialchars($save_row[$i]['Field']); ?>]">
+        <td><select name="destination[<?php echo $myfield_md5; ?>]">
             <?php
             // PMA internal relations
             if (isset($existrel[$myfield])) {
@@ -421,7 +435,7 @@ if ($col_rs && PMA_DBI_num_rows($col_rs) > 0) {
             if (!empty($save_row[$i]['Key'])) {
                 ?>
             <span class="formelement">
-            <select name="destination_foreign[<?php echo htmlspecialchars($save_row[$i]['Field']); ?>]">
+            <select name="destination_foreign[<?php echo $myfield_md5; ?>]">
                 <?php
                 if (isset($existrel_foreign[$myfield])) {
                     $foreign_field    = $existrel_foreign[$myfield]['foreign_db'] . '.'
@@ -457,7 +471,7 @@ if ($col_rs && PMA_DBI_num_rows($col_rs) > 0) {
             <span class="formelement">
                 <?php
                 PMA_generate_dropdown('ON DELETE',
-                    'on_delete[' . $save_row[$i]['Field'] . ']',
+                    'on_delete[' . $myfield_md5 . ']',
                     $options_array,
                     isset($existrel_foreign[$myfield]['on_delete']) ? $existrel_foreign[$myfield]['on_delete']: '');
 
@@ -465,7 +479,7 @@ if ($col_rs && PMA_DBI_num_rows($col_rs) > 0) {
                     .'<span class="formelement">' . "\n";
 
                 PMA_generate_dropdown('ON UPDATE',
-                    'on_update[' . $save_row[$i]['Field'] . ']',
+                    'on_update[' . $myfield_md5 . ']',
                     $options_array,
                     isset($existrel_foreign[$myfield]['on_update']) ? $existrel_foreign[$myfield]['on_update']: '');
                 echo '</span>' . "\n";
@@ -479,6 +493,8 @@ if ($col_rs && PMA_DBI_num_rows($col_rs) > 0) {
         <?php
     } // end for
 
+    unset( $myfield, $myfield_md5, $myfield_html);
+
     echo '    </table>' . "\n";
     echo '</fieldset>' . "\n";
 
diff --git a/tbl_replace.php b/tbl_replace.php
index c3cc0b872..67a5604f3 100644
--- a/tbl_replace.php
+++ b/tbl_replace.php
@@ -176,6 +176,10 @@ foreach ($loop_array as $rowcount => $primary_key) {
         isset($_REQUEST['fields']['multi_edit'][$rowcount])
         ? $_REQUEST['fields']['multi_edit'][$rowcount]
         : array();
+    $me_fields_name =
+        isset($_REQUEST['fields_name']['multi_edit'][$rowcount])
+        ? $_REQUEST['fields_name']['multi_edit'][$rowcount]
+        : null;
     $me_fields_prev =
         isset($_REQUEST['fields_prev']['multi_edit'][$rowcount])
         ? $_REQUEST['fields_prev']['multi_edit'][$rowcount]
@@ -205,6 +209,8 @@ foreach ($loop_array as $rowcount => $primary_key) {
 
     foreach ($me_fields as $key => $val) {
 
+        // Note: $key is an md5 of the fieldname. The actual fieldname is available in $me_fields_name[$key]
+
         require './libraries/tbl_replace_fields.inc.php';
 
         // rajk - for blobstreaming
@@ -253,7 +259,7 @@ foreach ($loop_array as $rowcount => $primary_key) {
                 $query_values[] = $cur_value;
                 // first inserted row so prepare the list of fields
                 if (empty($value_sets)) {
-                    $query_fields[] = PMA_backquote($key);
+                    $query_fields[] = PMA_backquote($me_fields_name[$key]);
                 }
             }
 
@@ -262,7 +268,7 @@ foreach ($loop_array as $rowcount => $primary_key) {
          && !isset($me_fields_null[$key])) {
             // field had the null checkbox before the update
             // field no longer has the null checkbox
-            $query_values[] = PMA_backquote($key) . ' = ' . $cur_value;
+            $query_values[] = PMA_backquote($me_fields_name[$key]) . ' = ' . $cur_value;
         } elseif (empty($me_funcs[$key])
          && isset($me_fields_prev[$key])
          && ("'" . PMA_sqlAddslashes($me_fields_prev[$key]) . "'" == $val)) {
@@ -274,7 +280,7 @@ foreach ($loop_array as $rowcount => $primary_key) {
             //  field still has the null checkbox)
             if (!(! empty($me_fields_null_prev[$key])
              && isset($me_fields_null[$key]))) {
-                $query_values[] = PMA_backquote($key) . ' = ' . $cur_value;
+                 $query_values[] = PMA_backquote($me_fields_name[$key]) . ' = ' . $cur_value;
             }
         }
     } // end foreach ($me_fields as $key => $val)
@@ -290,7 +296,7 @@ foreach ($loop_array as $rowcount => $primary_key) {
         }
     }
 } // end foreach ($loop_array as $primary_key)
-unset($me_fields_prev, $me_funcs, $me_fields_type, $me_fields_null, $me_fields_null_prev,
+unset($me_fields_name, $me_fields_prev, $me_funcs, $me_fields_type, $me_fields_null, $me_fields_null_prev,
     $me_auto_increment, $cur_value, $key, $val, $loop_array, $primary_key, $using_key,
     $func_no_param);