From a5464b4daff0059cdf8c9e5f4d54a80e2dd2a5b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= Date: Fri, 11 Feb 2011 14:18:07 +0100 Subject: [PATCH] Avoid using all users query as default when browsing. --- libraries/bookmark.lib.php | 19 ++++++++++++++----- sql.php | 2 +- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/libraries/bookmark.lib.php b/libraries/bookmark.lib.php index 73a9665b9..760ded3a4 100644 --- a/libraries/bookmark.lib.php +++ b/libraries/bookmark.lib.php @@ -95,12 +95,13 @@ function PMA_Bookmark_getList($db) * @param mixed the id of the bookmark to get * @param string which field to look up the $id * @param boolean TRUE: get all bookmarks regardless of the owning user + * @param boolean whether to ignore bookmarks with no user * * @return string the sql query * * @access public */ -function PMA_Bookmark_get($db, $id, $id_field = 'id', $action_bookmark_all = FALSE) +function PMA_Bookmark_get($db, $id, $id_field = 'id', $action_bookmark_all = FALSE, $exact_user_match = FALSE) { global $controllink; @@ -111,10 +112,18 @@ function PMA_Bookmark_get($db, $id, $id_field = 'id', $action_bookmark_all = FAL } $query = 'SELECT query FROM ' . PMA_backquote($cfgBookmark['db']) . '.' . PMA_backquote($cfgBookmark['table']) - . ' WHERE dbase = \'' . PMA_sqlAddslashes($db) . '\'' - . ($action_bookmark_all? '' : ' AND (user = \'' . PMA_sqlAddslashes($cfgBookmark['user']) . '\'' - . ' OR user = \'\')') - . ' AND ' . PMA_backquote($id_field) . ' = ' . $id; + . ' WHERE dbase = \'' . PMA_sqlAddslashes($db) . '\''; + + if (!$action_bookmark_all) { + $query .= ' AND (user = \'' . PMA_sqlAddslashes($cfgBookmark['user']) . '\''; + if (!$exact_user_match) { + $query .= ' OR user = \'\''; + } + $query .= ')'; + } + + $query .= ' AND ' . PMA_backquote($id_field) . ' = ' . $id; + return PMA_DBI_fetch_value($query, 0, 0, $controllink); } // end of the 'PMA_Bookmark_get()' function diff --git a/sql.php b/sql.php index b7281842d..184274348 100644 --- a/sql.php +++ b/sql.php @@ -54,7 +54,7 @@ if (isset($fields['dbase'])) { if (empty($sql_query) && strlen($table) && strlen($db)) { require_once './libraries/bookmark.lib.php'; $book_sql_query = PMA_Bookmark_get($db, '\'' . PMA_sqlAddslashes($table) . '\'', - 'label'); + 'label', FALSE, TRUE); if (! empty($book_sql_query)) { $sql_query = $book_sql_query;