<?php
-$where = (isset($_GET["select"]) ? (count($_POST["check"]) == 1 ? where_check($_POST["check"][0]) : "") : where($_GET));
-$update = ($where && !$_POST["clone"]);
+$where = (isset($_GET["select"]) ? "" : where($_GET));
+$update = ($where || $_POST["edit"]);
$fields = fields($_GET["edit"]);
foreach ($fields as $name => $field) {
if ((isset($_GET["default"]) ? $field["auto_increment"] || ereg('text|blob', $field["type"]) : !isset($field["privileges"][$update ? "update" : "insert"])) || !strlen($adminer->fieldName($field))) {
$table_name = $adminer->tableName(table_status($_GET["edit"]));
page_header(
- (isset($_GET["default"]) ? lang('Default values') : ($_GET["where"] || (isset($_GET["select"]) && !$_POST["clone"]) ? lang('Edit') : lang('Insert'))),
+ (isset($_GET["default"]) ? lang('Default values') : ($update ? lang('Edit') : lang('Insert'))),
$error,
array((isset($_GET["default"]) ? "table" : "select") => array($_GET["edit"], $table_name)),
$table_name
echo "<p>\n";
while ($row = $result->fetch_row()) {
echo '<a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($row[0]) . '">' . lang('select') . '</a> ';
- echo '<a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($row[0]) . '">' . $this->tableName(array("Name" => $row[0])) . "</a><br>\n"; //! Adminer::table_name may work with full table status
+ echo '<a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($row[0]) . '">' . $this->tableName(array("Name" => $row[0])) . "</a><br>\n"; //! Adminer::tableName may work with full table status
}
}
$result->free();
}
$return = array();
foreach ($row as $key => $val) {
- $return[] = (isset($val) ? urlencode("where[" . bracket_escape($key) . "]") . "=" . urlencode($val) : "null%5B%5D=" . urlencode($key));
+ if (!preg_match('~^(COUNT\\((\\*|(DISTINCT )?`(?:[^`]+|``)+`)\\)|(AVG|GROUP_CONCAT|MAX|MIN|SUM)\\(`(?:[^`]+|``)+`\\))$~', $key)) { //! columns looking like functions
+ $return[] = (isset($val) ? urlencode("where[" . bracket_escape($key) . "]") . "=" . urlencode($val) : "null%5B%5D=" . urlencode($key));
+ }
}
return $return;
}
} else {
foreach ((array) $_POST["check"] as $val) {
// where is not unique so OR can't be used
- $result = queries($command . "\nWHERE " . where_check($val) . "\nLIMIT 1");
+ $result = queries($command . "\nWHERE " . where_check($val) . (count($group) < count($select) ? "" : "\nLIMIT 1"));
if (!$result) {
break;
}
if (strlen($name)) {
$order++;
$names[$key] = $name;
- echo '<th><a href="' . htmlspecialchars(remove_from_uri('(order|desc)[^=]*') . '&order%5B0%5D=' . urlencode($key) . ($_GET["order"] == array($key) && !$_GET["desc"][0] ? '&desc%5B0%5D=1' : '')) . '">' . apply_sql_function($val["fun"], $name) . "</a>"; //! order by function can collide with column name like min(`id`)
+ echo '<th><a href="' . htmlspecialchars(remove_from_uri('(order|desc)[^=]*') . '&order%5B0%5D=' . urlencode($key) . ($_GET["order"] == array($key) && !$_GET["desc"][0] ? '&desc%5B0%5D=1' : '')) . '">' . apply_sql_function($val["fun"], $name) . "</a>"; //! columns looking like functions
}
next($select);
}
echo ($backward_keys ? "<th>" . lang('Relations') : "") . "</thead>\n";
foreach ($descriptions as $n => $row) {
- $unique_idf = implode('&', unique_idf($rows[$n], $indexes)); //! don't use aggregation functions
+ $unique_idf = implode('&', unique_idf($rows[$n], $indexes));
echo '<tr' . odd() . '><td><input type="checkbox" name="check[]" value="' . $unique_idf . '" onclick="this.form[\'all\'].checked = false; form_uncheck(\'all-page\');">' . (count($select) != count($group) || information_schema($_GET["db"]) ? '' : ' <a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET['select']) . '&' . $unique_idf . '">' . lang('edit') . '</a>');
foreach ($row as $key => $val) {
if (isset($names[$key])) {
Table relations (Editor)
Send e-mails (Editor)
Display images in blob (Editor)
-Separate types to groups in table creation
+Localize date (Editor)
+Treat tinyint(1) as bool (Editor)
+Divide types to groups in table creation
Link e-mails in select
Show type in field name title (thanks to Jakub Sochor)
Preselect now() for timestamp columns (thanks to paranoiq)
Download external files (version checker and JUSH) from trusted HTTPS if Adminer runs in HTTPS (mixed-content warning)
? Ability to select external style - list downloaded by JavaScript
? Column and table names auto-completition in SQL textarea
-? Save token also to cookie - for session expiration and login in other window
? Save uploaded files after error to session variable instead of hidden field
-? Aliasing of built-in functions can save 7 KB, substitution of $_GET and friends can save 2 KB, remove of base64_decode() + using chars 127-255 in minification can save 1 KB, JS packer can save 1 KB
+? Aliasing of built-in functions can save 7 KB, function minification can save 7 KB, substitution of $_GET and friends can save 2 KB, remove of base64_decode() + using chars 127-255 in minification can save 1 KB, JS packer can save 1 KB
? AJAX editing - select page has all data to display edit form
Editor:
projects / adminer.git / commitdiff