diff --git a/lib.inc.php3 b/lib.inc.php3
index 3784d60d1..ad2078013 100755
--- a/lib.inc.php3
+++ b/lib.inc.php3
@@ -525,9 +525,6 @@ window.parent.frames['nav'].location.replace('./left.php3?lang=' . "\n";
}
echo ' ' . $query_base;
- if (isset($GLOBALS['sql_order'])) {
- echo ' ' . $GLOBALS['sql_order'];
- }
// If a 'LIMIT' clause has been programatically added to the query
// displays it
$is_append_limit = (isset($GLOBALS['pos'])
@@ -622,7 +619,6 @@ window.parent.frames['nav'].location.replace('./left.php3?lang=
@@ -659,7 +653,6 @@ window.parent.frames['nav'].location.replace('./left.php3?lang=" />
-
@@ -673,7 +666,6 @@ window.parent.frames['nav'].location.replace('./left.php3?lang=" />
-
@@ -695,7 +687,6 @@ window.parent.frames['nav'].location.replace('./left.php3?lang=" />
-
@@ -717,7 +708,6 @@ window.parent.frames['nav'].location.replace('./left.php3?lang=" />
-
@@ -732,7 +722,6 @@ window.parent.frames['nav'].location.replace('./left.php3?lang=" />
-
@@ -764,14 +753,13 @@ window.parent.frames['nav'].location.replace('./left.php3?lang= 1 && !$is_simple) {
+ // Defines the url used to append/modify a sorting order
+ // 1. Checks if an hard coded 'order by' clause exists
+ if (eregi('(.*)( ORDER BY (.*))', $sql_query, $regs1)) {
+ if (eregi('((.*)( ASC| DESC)( |$))(.*)', $regs1[2], $regs2)) {
+ $unsorted_sql_query = trim($regs1[1] . ' ' . $regs2[5]);
+ $sql_order = trim($regs2[1]);
+ }
+ else if (eregi('((.*)) (LIMIT (.*)|PROCEDURE (.*)|FOR UPDATE|LOCK IN SHARE MODE)', $regs1[2], $regs3)) {
+ $unsorted_sql_query = trim($regs1[1] . ' ' . $regs3[3]);
+ $sql_order = trim($regs3[1]) . ' ASC';
+ } else {
+ $unsorted_sql_query = trim($regs1[1]);
+ $sql_order = trim($regs1[2]) . ' ASC';
+ }
+ } else {
+ $unsorted_sql_query = $sql_query;
+ }
+ // 2. Checks if the current column is used to sort the result
if (empty($sql_order)) {
+ $is_in_sort = FALSE;
+ } else {
+ $is_in_sort = eregi(' (`?)' . str_replace('\\', '\\\\', $field->name) . '(`?)[ ,$]', $sql_order);
+ }
+ // 3. Do define the sorting url
+ if (!$is_in_sort) {
$sort_order = ' ORDER BY ' . backquote($field->name) . ' ' . $GLOBALS['cfgOrder'];
}
- else if (substr($sql_order, -3) == 'ASC') {
+ else if (substr($sql_order, -3) == 'ASC' && $is_in_sort) {
$sort_order = ' ORDER BY ' . backquote($field->name) . ' DESC';
}
- else if (substr($sql_order, -4) == 'DESC') {
+ else if (substr($sql_order, -4) == 'DESC' && $is_in_sort) {
$sort_order = ' ORDER BY ' . backquote($field->name) . ' ASC';
}
+ if (eregi('(.*)( LIMIT (.*)| PROCEDURE (.*)| FOR UPDATE| LOCK IN SHARE MODE)', $unsorted_sql_query, $regs3)) {
+ $sorted_sql_query = $regs3[1] . $sort_order . $regs3[2];
+ } else {
+ $sorted_sql_query = $unsorted_sql_query . $sort_order;
+ }
$url_query = 'lang=' . $lang
. '&server=' . urlencode($server)
. '&db=' . urlencode($db)
. '&table=' . urlencode($table)
. '&pos=' . $pos
- . '&sql_query=' . urlencode($sql_query)
- . '&sql_order=' . urlencode($sort_order);
+ . '&sql_query=' . urlencode($sorted_sql_query);
?>
|
diff --git a/sql.php3 b/sql.php3
index c24f3dfc3..16bc3034c 100755
--- a/sql.php3
+++ b/sql.php3
@@ -28,9 +28,6 @@ if (isset($store_bkm)) {
// queries or in the navigation bar for browsing among records
if (isset($btnDrop) || isset($navig)) {
$sql_query = urldecode($sql_query);
- if (isset($sql_order)) {
- $sql_order = urldecode($sql_order);
- }
}
@@ -94,16 +91,10 @@ if ($do_confirm) {
* Executes the query and displays results
*/
else {
- if (get_magic_quotes_gpc()) {
- $sql_query = isset($sql_query) ? stripslashes($sql_query) : '';
- $sql_order = isset($sql_order) ? stripslashes($sql_order) : '';
- } else {
- if (!isset($sql_query)) {
- $sql_query = '';
- }
- if (!isset($sql_order)) {
- $sql_order = '';
- }
+ if (!isset($sql_query)) {
+ $sql_query = '';
+ } else if (get_magic_quotes_gpc()) {
+ $sql_query = stripslashes($sql_query);
}
//defines some variables
@@ -114,13 +105,14 @@ else {
if (isset($sessionMaxRows)) {
$cfgMaxRows = $sessionMaxRows;
}
- $sql_limit_to_append = (isset($pos)
- && $is_select
- && !eregi(' LIMIT[ 0-9,]+$', $sql_query)
- && eregi(' FROM ', $sql_query))
+ $sql_limit_to_append = (isset($pos) && $is_select && !eregi(' LIMIT[ 0-9,]+$', $sql_query))
? " LIMIT $pos, $cfgMaxRows"
: '';
- $full_sql_query = $sql_query . $sql_order . $sql_limit_to_append;
+ if (eregi('(.*)( PROCEDURE (.*)| FOR UPDATE| LOCK IN SHARE MODE)', $sql_query, $regs)) {
+ $full_sql_query = $regs[1] . $sql_limit_to_append . $regs[2];
+ } else {
+ $full_sql_query = $sql_query . $sql_limit_to_append;
+ }
// Executes the query
mysql_select_db($db);
@@ -133,8 +125,9 @@ else {
mysql_die($error, $full_sql_query);
}
- // Gets the number of rows returned
- $num_rows = mysql_num_rows($result);
+ // Gets the number of rows returned ('@' is required because mysql_num_rows
+ // ran on queries that are not 'SELECT' statements returns an error
+ $num_rows = @mysql_num_rows($result);
// Counts the total number of rows for the same 'SELECT' query without the
// 'LIMIT' clause that may have been programatically added
@@ -207,7 +200,7 @@ else {
. '&db=' . urlencode($db)
. '&table=' . urlencode($table)
. '&pos=' . $pos
- . '&sql_query=' . urlencode($full_sql_query)
+ . '&sql_query=' . urlencode($sql_query)
. '&goto=' . urlencode($goto);
echo "\n\n";
echo '' . "\n";
@@ -217,7 +210,8 @@ else {
} // end insert row
// Bookmark Support
- if ($cfgBookmark['db'] && $cfgBookmark['table'] && empty($id_bookmark)) {
+ if ($cfgBookmark['db'] && $cfgBookmark['table'] && empty($id_bookmark)
+ && !empty($sql_query)) {
echo "\n";
echo '' . "\n";
echo '
|