function where($where) {
$return = array();
foreach ((array) $where["where"] as $key => $val) {
- $return[] = idf_escape($key) . (ereg('\\.', $val) ? " LIKE " . exact_value(addcslashes($val, "%_")) : " = " . exact_value($val)); // LIKE because of floats, but slow with ints //! enum and set
+ $return[] = idf_escape(bracket_escape($key, 1)) // 1 - back
+ . (ereg('\\.', $val) ? " LIKE " . exact_value(addcslashes($val, "%_")) : " = " . exact_value($val)) // LIKE because of floats, but slow with ints
+ ; //! enum and set
}
foreach ((array) $where["null"] as $key) {
$return[] = idf_escape($key) . " IS NULL";
foreach ($_POST["val"] as $unique_idf => $row) {
$set = array();
foreach ($row as $key => $val) {
- $key = bracket_escape($key, 1);
- $set[] = idf_escape($key) . " = " . $connection->quote($adminer->editVal($val, $fields[$key])); // 1 - back
+ $key = bracket_escape($key, 1); // 1 - back
+ $set[] = idf_escape($key) . " = " . $connection->quote($adminer->editVal($val, $fields[$key]));
}
$result = queries("UPDATE" . limit1(idf_escape($TABLE) . " SET " . implode(", ", $set) . " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : ""))); // can change row on a different page without unique key
if (!$result) {
projects / adminer.git / commitdiff