Linkify URLs in SQL results

diff --git a/adminer/include/editing.inc.php b/adminer/include/editing.inc.php
index 517cb539a4b105963438aa255bc6b82fdb78c4a5..3cc2734eb04ab06708501d08629e91eacb8e6a20 100644 (file)
--- a/adminer/include/editing.inc.php
+++ b/adminer/include/editing.inc.php
@@ -61,6 +61,20 @@ function select($result, $connection2 = null, $orgtables = array(), $limit = 0)
                }
                echo "<tr" . odd() . ">";
                foreach ($row as $key => $val) {
+                       $link = "";
+                       if (isset($links[$key]) && !$columns[$links[$key]]) {
+                               if ($orgtables && $jush == "sql") { // MySQL EXPLAIN
+                                       $table = $row[array_search("table=", $links)];
+                                       $link = ME . $links[$key] . urlencode($orgtables[$table] != "" ? $orgtables[$table] : $table);
+                               } else {
+                                       $link = ME . "edit=" . urlencode($links[$key]);
+                                       foreach ($indexes[$links[$key]] as $col => $j) {
+                                               $link .= "&where" . urlencode("[" . bracket_escape($col) . "]") . "=" . urlencode($row[$j]);
+                                       }
+                               }
+                       } elseif (is_url($val)) {
+                               $link = $val;
+                       }
                        if ($val === null) {
                                $val = "<i>NULL</i>";
                        } elseif ($blobs[$key] && !is_utf8($val)) {
@@ -71,17 +85,8 @@ function select($result, $connection2 = null, $orgtables = array(), $limit = 0)
                                        $val = "<code>$val</code>";
                                }
                        }
-                       if (isset($links[$key]) && !$columns[$links[$key]]) {
-                               if ($orgtables && $jush == "sql") { // MySQL EXPLAIN
-                                       $table = $row[array_search("table=", $links)];
-                                       $link = $links[$key] . urlencode($orgtables[$table] != "" ? $orgtables[$table] : $table);
-                               } else {
-                                       $link = "edit=" . urlencode($links[$key]);
-                                       foreach ($indexes[$links[$key]] as $col => $j) {
-                                               $link .= "&where" . urlencode("[" . bracket_escape($col) . "]") . "=" . urlencode($row[$j]);
-                                       }
-                               }
-                               $val = "<a href='" . h(ME . $link) . "'>$val</a>";
+                       if ($link) {
+                               $val = "<a href='" . h($link) . "'" . (is_url($link) ? target_blank() : '') . ">$val</a>";
                        }
                        echo "<td>$val";
                }

diff --git a/changes.txt b/changes.txt
index e14a02f876fdb54ebff5fa2c84ffce00f0b58507..7d672eff3fa2f7ba1cd66eac90f789eac763f56c 100644 (file)
--- a/changes.txt
+++ b/changes.txt
@@ -3,6 +3,7 @@ Fix XSS in browsers which don't encode URL parameters (bug #775, regression from
 Elasticsearch, ClickHouse: Do not print response if HTTP code is not 200
 Don't syntax highlight during IME composition (bug #747)
 Quote values with leading and trailing zeroes in CSV export (bug #777)
+Link URLs in SQL command (PR #411)
 MySQL: Do not export names in quotes with sql_mode='ANSI_QUOTES' (bug #749)
 MySQL: Avoid error in PHP 8 when connecting to socket (PR #409)
 MySQL: Don't quote default value of text fields (bug #779)