bug #2826128 [display] Inverting sort order when expression contains a function name

2009-10-24 12:07:35 +00:00
parent 1a401ee65d
commit b4169d1747
2 changed files with 10 additions and 6 deletions
--- a/1
+++ b/1
@@ -58,6 +58,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
 - bug #2879909 [interface] Removed double htmlspecialchars when editing enum column
 - bug #2868328 [relations] Adding foreign key when table name contains a dot
 - bug #2883381 [doc] Side effects of MemoryLimit setting
+- bug #2826128 [display] Inverting sort order when expression contains a function name

 3.2.2.1 (2009-10-12)
 - [security] XSS and SQL injection, thanks to Herman van Rink
--- a/libraries/display_tbl.lib.php
+++ b/libraries/display_tbl.lib.php
@@ -786,13 +786,16 @@ function PMA_displayTableHeaders(&$is_display, &$fields_meta, $fields_cnt = 0, $
            if (empty($sort_expression)) {
                $is_in_sort = false;
            } else {
-                // field name may be preceded by a space, or any number
+                // Field name may be preceded by a space, or any number
                // of characters followed by a dot (tablename.fieldname)
-                // so do a direct comparison
-                // for the sort expression (avoids problems with queries
-                // like "SELECT id, count(id)..." and clicking to sort
-                // on id or on count(id))
-                if (strpos($sort_expression_nodirection, $sort_tbl) === false) {
+                // so do a direct comparison for the sort expression;
+                // this avoids problems with queries like 
+                // "SELECT id, count(id)..." and clicking to sort
+                // on id or on count(id).
+                // Another query to test this:
+                // SELECT p.*, FROM_UNIXTIME(p.temps) FROM mytable AS p
+                // (and try clicking on each column's header twice)
+                if (strpos($sort_expression_nodirection, $sort_tbl) === false && strpos($sort_expression_nodirection, '(') === false) {
                    $sort_expression_nodirection = $sort_tbl . $sort_expression_nodirection;
                }
                $is_in_sort = (str_replace('`', '', $sort_tbl) . $name_to_use_in_sort == str_replace('`', '', $sort_expression_nodirection) ? true : false);