Allow editing values with significant binary column (bug #3572781)

diff --git a/adminer/download.inc.php b/adminer/download.inc.php
index 5a86efe58ecb1647c4fa5f93be2c5db71be99ea4..f41bbdc6a711a61972ad8a5df492fc66a3c245d9 100644 (file)
--- a/adminer/download.inc.php
+++ b/adminer/download.inc.php
@@ -1,6 +1,7 @@
 <?php
 $TABLE = $_GET["download"];
+$fields = fields($TABLE);
 header("Content-Type: application/octet-stream");
 header("Content-Disposition: attachment; filename=" . friendly_url("$TABLE-" . implode("_", $_GET["where"])) . "." . friendly_url($_GET["field"]));
-echo $connection->result("SELECT" . limit(idf_escape($_GET["field"]) . " FROM " . table($TABLE), " WHERE " . where($_GET), 1));
+echo $connection->result("SELECT" . limit(idf_escape($_GET["field"]) . " FROM " . table($TABLE), " WHERE " . where($_GET, $fields), 1));
 exit; // don't output footer

diff --git a/adminer/drivers/mysql.inc.php b/adminer/drivers/mysql.inc.php
index 45090fe2c4a7401f943842daf358a1eddf0e0a29..fc834094cdaf9eeea447785f7f653c13d78b8bf3 100644 (file)
--- a/adminer/drivers/mysql.inc.php
+++ b/adminer/drivers/mysql.inc.php
@@ -968,7 +968,7 @@ if (!defined("DRIVER")) {
        */
        function unconvert_field($field, $return) {
                if (ereg("binary", $field["type"])) {
-                       $return = "unhex($return)";
+                       $return = "UNHEX($return)";
                }
                if (ereg("geometry|point|linestring|polygon", $field["type"])) {
                        $return = "GeomFromText($return)";

diff --git a/adminer/edit.inc.php b/adminer/edit.inc.php
index 98c3e97d461e6436ab8b71abdeaa0f9b4730e745..3365191312558b4079f1b9706558a488788974cb 100644 (file)
--- a/adminer/edit.inc.php
+++ b/adminer/edit.inc.php
@@ -1,8 +1,8 @@
 <?php
 $TABLE = $_GET["edit"];
-$where = (isset($_GET["select"]) ? (count($_POST["check"]) == 1 ? where_check($_POST["check"][0]) : "") : where($_GET));
-$update = (isset($_GET["select"]) ? $_POST["edit"] : $where);
 $fields = fields($TABLE);
+$where = (isset($_GET["select"]) ? (count($_POST["check"]) == 1 ? where_check($_POST["check"][0], $fields) : "") : where($_GET, $fields));
+$update = (isset($_GET["select"]) ? $_POST["edit"] : $where);
 foreach ($fields as $name => $field) {
        if (!isset($field["privileges"][$update ? "update" : "insert"]) || $adminer->fieldName($field) == "") {
                unset($fields[$name]);

diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index 01b2fa43f360906afca899ad1bc5730ef94e3a36..6bafa5084071dda4859c20ed0aa31c9659c53942 100644 (file)
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -329,14 +329,15 @@ function unique_array($row, $indexes) {
 
 /** Create SQL condition from parsed query string
 * @param array parsed query string
+* @param array
 * @return string
 */
-function where($where) {
+function where($where, $fields = array()) {
        global $jush;
        $return = array();
        foreach ((array) $where["where"] as $key => $val) {
                $return[] = idf_escape(bracket_escape($key, 1)) // 1 - back
-                       . (($jush == "sql" && ereg('\\.', $val)) || $jush == "mssql" ? " LIKE " . exact_value(addcslashes($val, "%_\\")) : " = " . exact_value($val)) // LIKE because of floats, but slow with ints, in MS SQL because of text
+                       . (($jush == "sql" && ereg('\\.', $val)) || $jush == "mssql" ? " LIKE " . exact_value(addcslashes($val, "%_\\")) : " = " . unconvert_field($fields[$key], exact_value($val))) // LIKE because of floats, but slow with ints, in MS SQL because of text
                ; //! enum and set
        }
        foreach ((array) $where["null"] as $key) {
@@ -347,12 +348,13 @@ function where($where) {
 
 /** Create SQL condition from query string
 * @param string
+* @param array
 * @return string
 */
-function where_check($val) {
+function where_check($val, $fields = array()) {
        parse_str($val, $check);
        remove_slashes(array(&$check));
-       return where($check);
+       return where($check, $fields);
 }
 
 /** Create query string where condition from value

diff --git a/adminer/select.inc.php b/adminer/select.inc.php
index 9e7d26babe2c1c6c516c4492195214dcfd8e2ae2..861a410191ef34a639da9319645a73240a7afcac 100644 (file)
--- a/adminer/select.inc.php
+++ b/adminer/select.inc.php
@@ -46,7 +46,7 @@ if ($_GET["val"] && is_ajax()) {
        header("Content-Type: text/plain; charset=utf-8");
        foreach ($_GET["val"] as $unique_idf => $row) {
                $as = convert_field($fields[key($row)]);
-               echo $connection->result("SELECT" . limit(($as ? $as : idf_escape(key($row))) . " FROM " . table($TABLE), " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""), 1));
+               echo $connection->result("SELECT" . limit(($as ? $as : idf_escape(key($row))) . " FROM " . table($TABLE), " WHERE " . where_check($unique_idf, $fields) . ($where ? " AND " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""), 1));
        }
        exit;
 }
@@ -80,7 +80,7 @@ if ($_POST && !$error) {
                        $union = array();
                        foreach ($_POST["check"] as $val) {
                                // where is not unique so OR can't be used
-                               $union[] = "(SELECT" . limit($from, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val) . $group_by, 1) . ")";
+                               $union[] = "(SELECT" . limit($from, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val, $fields) . $group_by, 1) . ")";
                        }
                        $query = implode(" UNION ALL ", $union);
                }
@@ -122,7 +122,7 @@ if ($_POST && !$error) {
                                } else {
                                        foreach ((array) $_POST["check"] as $val) {
                                                // where is not unique so OR can't be used
-                                               $result = queries($command . limit1($query, "\nWHERE " . where_check($val)));
+                                               $result = queries($command . limit1($query, "\nWHERE " . where_check($val, $fields)));
                                                if (!$result) {
                                                        break;
                                                }
@@ -152,7 +152,7 @@ if ($_POST && !$error) {
                                                $set[] = idf_escape($key) . " = " . (ereg('char|text', $fields[$key]["type"]) || $val != "" ? $adminer->processInput($fields[$key], $val) : "NULL");
                                        }
                                        $query = table($TABLE) . " SET " . implode(", ", $set);
-                                       $where2 = " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : "");
+                                       $where2 = " WHERE " . where_check($unique_idf, $fields) . ($where ? " AND " . implode(" AND ", $where) : "");
                                        $result = queries("UPDATE" . ($is_group ? " $query$where2" : limit1($query, $where2))); // can change row on a different page without unique key
                                        if (!$result) {
                                                break;