//! link } } } $table_name = $adminer->tableName(table_status($TABLE)); page_header($update ? lang('Edit') : lang('Insert'), $error, array("select" => array($TABLE, $table_name)), $table_name); $adminer->selectLinks($table_status, ''); // @todo are params OK? $row = null; if ($_POST["save"]) { $row = (array) $_POST["fields"]; } elseif ($where) { $select = array(); foreach ($fields as $name => $field) { if (isset($field["privileges"]["select"])) { $as = convert_field($field); if ($_POST["clone"] && $field["auto_increment"]) { $as = "''"; } if ($jush == "sql" && ereg("enum|set", $field["type"])) { $as = "1*" . idf_escape($name); } $select[] = ($as ? "{$as} AS " : "") . idf_escape($name); } } $row = array(); if ($select) { $rows = get_rows("SELECT" . limit(implode(", ", $select) . " FROM " . table($TABLE), " WHERE {$where}", isset($_GET["select"]) ? 2 : 1)); $row = isset($_GET["select"]) && count($rows) != 1 ? null : reset($rows); } }
protected function get_post_fields($fields) { $data = array(); foreach ($fields as $field => $datatype) { $xss_clean = true; if ($datatype === 'raw') { $xss_clean = false; } if ($this->post($field, $xss_clean) !== FALSE) { $data[$field] = convert_field($this->post($field, $xss_clean), $datatype); } } return $data; }
$limit = $adminer->selectLimitProcess(); $from = $select ? implode(", ", $select) : "*" . ($oid ? ", {$oid}" : ""); if ($jush == "sql") { foreach ($columns as $key => $val) { $as = convert_field($fields[$key]); if ($as) { $from .= ", {$as} AS " . idf_escape($key); } } } $from .= "\nFROM " . table($TABLE); $group_by = ($group && $is_group ? "\nGROUP BY " . implode(", ", $group) : "") . ($order ? "\nORDER BY " . implode(", ", $order) : ""); if ($_GET["val"] && is_ajax()) { header("Content-Type: text/plain; charset=utf-8"); foreach ($_GET["val"] as $unique_idf => $row) { $as = convert_field($fields[key($row)]); echo $connection->result("SELECT" . limit(($as ? $as : idf_escape(key($row))) . " FROM " . table($TABLE), " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""), 1)); } exit; } if ($_POST && !$error) { $where_check = "(" . implode(") OR (", array_map('where_check', (array) $_POST["check"])) . ")"; $primary = $unselected = null; foreach ($indexes as $index) { if ($index["type"] == "PRIMARY") { $primary = array_flip($index["columns"]); $unselected = $select ? $primary : array(); break; } } foreach ((array) $unselected as $key => $val) {
/** Get select clause for convertible fields * @param array * @param array * @param array * @return string */ function convert_fields($columns, $fields, $select = array()) { $return = ""; foreach ($columns as $key => $val) { if ($select && !in_array(idf_escape($key), $select)) { continue; } $as = convert_field($fields[$key]); if ($as) { $return .= ", {$as} AS " . idf_escape($key); } } return $return; }