nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed bug #449430 (Quote/Select bug on 2.2.0rc4)

Browse Source
This commit is contained in:
Loïc Chapeaux
2001-08-09 13:49:38 +00:00
parent a1abf80b88
commit ef15f78f9c
2 changed files with 16 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sql.php3
View File

@@ -7,10 +7,6 @@
*/
require('./grab_globals.inc.php3');
require('./lib.inc.php3');
//loic1: buggy fix
//if (get_magic_quotes_gpc()) {
// $sql_query = stripslashes($sql_query);
//}
/**

32
tbl_select.php3
View File

@@ -65,8 +65,8 @@ if (!isset($param) || $param[0] == '') {
<th><?php echo $strValue; ?></th>
</tr>
<?php
echo "\n";
for ($i = 0; $i < $fields_count; $i++) {
echo "\n";
$bgcolor = ($i % 2) ? $cfgBgcolorOne : $cfgBgcolorTwo;
$fieldsize = (($fields_len[$i] > 40) ? 40 : $fields_len[$i]);
?>
@@ -138,29 +138,29 @@ else {
$sql_query .= ' WHERE 1';
for ($i = 0; $i < count($fields); $i++) {
if (!empty($fields) && $fields[$i] != '') {
$quot = '';
if ($types[$i] == 'string' || $types[$i] == 'blob') {
$quot = '"';
$quot = '\'';
$cmp = 'LIKE';
if (!get_magic_quotes_gpc()) {
$fields[$i] = str_replace('"', '\\"', $fields[$i]);
if (get_magic_quotes_gpc()) {
$fields[$i] = stripslashes($fields[$i]);
}
$fields[$i] = sql_addslashes($fields[$i], TRUE);
}
else if ($types[$i] == 'date' || $types[$i] == 'time') {
$quot = '"';
$quot = '\'';
$cmp = '=';
}
else if (strstr($fields[$i], '%')) {
$quot = '\'';
$cmp = 'LIKE';
}
else if (substr($fields[$i], 0, 1) == '<' || substr($fields[$i], 0, 1) == '>') {
$quot = '';
$cmp = '';
}
else {
if (strstr($fields[$i], '%')) {
$cmp = 'LIKE';
$quot = '"';
} else {
$cmp = '=';
$quot = '';
}
if (substr($fields[$i], 0, 1) == '<' || substr($fields[$i], 0, 1) == '>') {
$cmp = '';
}
$quot = '';
$cmp = '=';
} // end if
$sql_query .= ' AND ' . backquote(urldecode($names[$i])) . " $cmp $quot$fields[$i]$quot";
} // end if