Fix search anywhere (fix #1004, regression from 5.1.1)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 24d5ccc014ec2de0fd6df58369e3a076b4157286..d9ad0f8c34017661b203edf1092d97dcb837c432 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,5 @@
 ## Adminer dev
+- Fix search anywhere (bug #1004, regression from 5.1.1)
 
 ## Adminer 5.2.0 (released 2025-04-08)
 - Autocomplete SQL commands

diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php
index ff85683071cf6b38583834a6fca1c37b606961f0..6bc8714eff974e44afb71dffe619ca36ad3aca76 100644 (file)
--- a/adminer/include/adminer.inc.php
+++ b/adminer/include/adminer.inc.php
@@ -538,41 +538,39 @@ class Adminer {
                        }
                }
                foreach ((array) $_GET["where"] as $key => $val) {
-                       if ("$val[col]$val[val]" != "" && in_array($val["op"], adminer()->operators())) {
-                               $prefix = "";
-                               $cond = " $val[op]";
-                               if (preg_match('~IN$~', $val["op"])) {
-                                       $in = process_length($val["val"]);
-                                       $cond .= " " . ($in != "" ? $in : "(NULL)");
-                               } elseif ($val["op"] == "SQL") {
-                                       $cond = " $val[val]"; // SQL injection
-                               } elseif ($val["op"] == "LIKE %%") {
-                                       $cond = " LIKE " . adminer()->processInput(idx($fields, $val["col"], array()), "%$val[val]%"); // this is used by search anywhere which doesn't set $val["col"]
-                               } elseif ($val["op"] == "ILIKE %%") {
-                                       $cond = " ILIKE " . adminer()->processInput($fields[$val["col"]], "%$val[val]%");
-                               } elseif ($val["op"] == "FIND_IN_SET") {
-                                       $prefix = "$val[op](" . q($val["val"]) . ", ";
-                                       $cond = ")";
-                               } elseif (!preg_match('~NULL$~', $val["op"])) {
-                                       $cond .= " " . adminer()->processInput($fields[$val["col"]], $val["val"]);
-                               }
-                               if ($val["col"] != "") {
-                                       $return[] = $prefix . driver()->convertSearch(idf_escape($val["col"]), $val, $fields[$val["col"]]) . $cond;
-                               } else {
-                                       // find anywhere
-                                       $cols = array();
-                                       foreach ($fields as $name => $field) {
-                                               if (
-                                                       isset($field["privileges"]["where"])
-                                                       && (preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
-                                                       && (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
-                                                       && (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
-                                               ) {
-                                                       $cols[] = $prefix . driver()->convertSearch(idf_escape($name), $val, $field) . $cond;
-                                               }
+                       $col = $val["col"];
+                       if ("$col$val[val]" != "" && in_array($val["op"], adminer()->operators())) {
+                               $conds = array();
+                               foreach (($col != "" ? array($col => $fields[$col]) : $fields) as $name => $field) {
+                                       $prefix = "";
+                                       $cond = " $val[op]";
+                                       if (preg_match('~IN$~', $val["op"])) {
+                                               $in = process_length($val["val"]);
+                                               $cond .= " " . ($in != "" ? $in : "(NULL)");
+                                       } elseif ($val["op"] == "SQL") {
+                                               $cond = " $val[val]"; // SQL injection
+                                       } elseif (preg_match('~^(I?LIKE) %%$~', $val["op"], $match)) {
+                                               $cond = " $match[1] " . adminer()->processInput($field, "%$val[val]%");
+                                       } elseif ($val["op"] == "FIND_IN_SET") {
+                                               $prefix = "$val[op](" . q($val["val"]) . ", ";
+                                               $cond = ")";
+                                       } elseif (!preg_match('~NULL$~', $val["op"])) {
+                                               $cond .= " " . adminer()->processInput($field, $val["val"]);
+                                       }
+                                       if ($col != "" || ( // find anywhere
+                                               isset($field["privileges"]["where"])
+                                               && (preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
+                                               && (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
+                                               && (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
+                                       )) {
+                                               $conds[] = $prefix . driver()->convertSearch(idf_escape($name), $val, $field) . $cond;
                                        }
-                                       $return[] = ($cols ? "(" . implode(" OR ", $cols) . ")" : "1 = 0");
                                }
+                               $return[] =
+                                       (count($conds) == 1 ? $conds[0] :
+                                       ($conds ? "(" . implode(" OR ", $conds) . ")" :
+                                       "1 = 0"
+                               ));
                        }
                }
                return $return;