nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed bug #449430 (Quote/Select bug on 2.2.0rc4)

Browse Source
This commit is contained in:
Loïc Chapeaux
2001-08-09 13:49:38 +00:00
parent a1abf80b88
commit ef15f78f9c
2 changed files with 16 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sql.php3
View File

@@ -7,10 +7,6 @@
*/ */
require('./grab_globals.inc.php3'); require('./grab_globals.inc.php3');
require('./lib.inc.php3'); require('./lib.inc.php3');
//loic1: buggy fix
//if (get_magic_quotes_gpc()) {
// $sql_query = stripslashes($sql_query);
//}
/** /**

32
tbl_select.php3
View File

@@ -65,8 +65,8 @@ if (!isset($param) || $param[0] == '') {
<th><?php echo $strValue; ?></th> <th><?php echo $strValue; ?></th>
</tr> </tr>
<?php <?php
echo "\n";
for ($i = 0; $i < $fields_count; $i++) { for ($i = 0; $i < $fields_count; $i++) {
echo "\n";
$bgcolor = ($i % 2) ? $cfgBgcolorOne : $cfgBgcolorTwo; $bgcolor = ($i % 2) ? $cfgBgcolorOne : $cfgBgcolorTwo;
$fieldsize = (($fields_len[$i] > 40) ? 40 : $fields_len[$i]); $fieldsize = (($fields_len[$i] > 40) ? 40 : $fields_len[$i]);
?> ?>
@@ -138,29 +138,29 @@ else {
$sql_query .= ' WHERE 1'; $sql_query .= ' WHERE 1';
for ($i = 0; $i < count($fields); $i++) { for ($i = 0; $i < count($fields); $i++) {
if (!empty($fields) && $fields[$i] != '') { if (!empty($fields) && $fields[$i] != '') {
$quot = '';
if ($types[$i] == 'string' || $types[$i] == 'blob') { if ($types[$i] == 'string' || $types[$i] == 'blob') {
$quot = '"'; $quot = '\'';
$cmp = 'LIKE'; $cmp = 'LIKE';
if (!get_magic_quotes_gpc()) { if (get_magic_quotes_gpc()) {
$fields[$i] = str_replace('"', '\\"', $fields[$i]); $fields[$i] = stripslashes($fields[$i]);
} }
$fields[$i] = sql_addslashes($fields[$i], TRUE);
} }
else if ($types[$i] == 'date' || $types[$i] == 'time') { else if ($types[$i] == 'date' || $types[$i] == 'time') {
$quot = '"'; $quot = '\'';
$cmp = '='; $cmp = '=';
} }
else if (strstr($fields[$i], '%')) {
$quot = '\'';
$cmp = 'LIKE';
}
else if (substr($fields[$i], 0, 1) == '<' || substr($fields[$i], 0, 1) == '>') {
$quot = '';
$cmp = '';
}
else { else {
if (strstr($fields[$i], '%')) { $quot = '';
$cmp = 'LIKE'; $cmp = '=';
$quot = '"';
} else {
$cmp = '=';
$quot = '';
}
if (substr($fields[$i], 0, 1) == '<' || substr($fields[$i], 0, 1) == '>') {
$cmp = '';
}
} // end if } // end if
$sql_query .= ' AND ' . backquote(urldecode($names[$i])) . " $cmp $quot$fields[$i]$quot"; $sql_query .= ' AND ' . backquote(urldecode($names[$i])) . " $cmp $quot$fields[$i]$quot";
} // end if } // end if