[adminer-svn] SF.net SVN: adminer:[982] trunk
Database management in a single PHP file
Brought to you by:
jakubvrana
From: <jak...@us...> - 2009-08-19 17:10:18
|
Revision: 982 http://adminer.svn.sourceforge.net/adminer/?rev=982&view=rev Author: jakubvrana Date: 2009-08-19 17:10:06 +0000 (Wed, 19 Aug 2009) Log Message: ----------- Fix long SQL query crash (bug #2839231) Remove regular expression double repetition Modified Paths: -------------- trunk/adminer/database.inc.php trunk/adminer/include/adminer.inc.php trunk/adminer/include/editing.inc.php trunk/adminer/include/functions.inc.php trunk/adminer/include/mysql.inc.php trunk/adminer/index.php trunk/adminer/select.inc.php trunk/adminer/sql.inc.php trunk/changes.txt Modified: trunk/adminer/database.inc.php =================================================================== --- trunk/adminer/database.inc.php 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/adminer/database.inc.php 2009-08-19 17:10:06 UTC (rev 982) @@ -51,7 +51,7 @@ // propose database name with limited privileges $result = $dbh->query("SHOW GRANTS"); while ($row = $result->fetch_row()) { - if (preg_match('~ ON (`(([^\\\\`]+|``|\\\\.)*)%`\\.\\*)?~', $row[0], $match) && $match[1]) { + if (preg_match('~ ON (`(([^\\\\`]|``|\\\\.)*)%`\\.\\*)?~', $row[0], $match) && $match[1]) { $name = stripcslashes(idf_unescape($match[2])); break; } Modified: trunk/adminer/include/adminer.inc.php =================================================================== --- trunk/adminer/include/adminer.inc.php 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/adminer/include/adminer.inc.php 2009-08-19 17:10:06 UTC (rev 982) @@ -301,7 +301,7 @@ function selectOrderProcess($fields, $indexes) { $return = array(); foreach ((array) $_GET["order"] as $key => $val) { - if (isset($fields[$val]) || preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $val)) { + if (isset($fields[$val]) || preg_match('~^[A-Z0-9_]+\\(`(?:[^`]|``)+`\\)$~', $val)) { $return[] = idf_escape($val) . (isset($_GET["desc"][$key]) ? " DESC" : ""); } } Modified: trunk/adminer/include/editing.inc.php =================================================================== --- trunk/adminer/include/editing.inc.php 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/adminer/include/editing.inc.php 2009-08-19 17:10:06 UTC (rev 982) @@ -146,7 +146,7 @@ global $dbh, $enum_length, $inout; $aliases = array("bit" => "tinyint", "bool" => "tinyint", "boolean" => "tinyint", "integer" => "int", "double precision" => "float", "real" => "float", "dec" => "decimal", "numeric" => "decimal", "fixed" => "decimal", "national char" => "char", "national varchar" => "varchar"); $type_pattern = "([a-z]+)(?:\\s*\\(((?:[^'\")]*|$enum_length)+)\\))?\\s*(zerofill\\s*)?(unsigned(?:\\s+zerofill)?)?(?:\\s*(?:CHARSET|CHARACTER\\s+SET)\\s*['\"]?([^'\"\\s]+)['\"]?)?"; - $pattern = "\\s*(" . ($type == "FUNCTION" ? "" : implode("|", $inout)) . ")?\\s*(?:`((?:[^`]+|``)*)`\\s*|\\b(\\S+)\\s+)$type_pattern"; + $pattern = "\\s*(" . ($type == "FUNCTION" ? "" : implode("|", $inout)) . ")?\\s*(?:`((?:[^`]|``)*)`\\s*|\\b(\\S+)\\s+)$type_pattern"; $create = $dbh->result($dbh->query("SHOW CREATE $type " . idf_escape($name)), 2); preg_match("~\\(((?:$pattern\\s*,?)*)\\)" . ($type == "FUNCTION" ? "\\s*RETURNS\\s+$type_pattern" : "") . "\\s*(.*)~is", $create, $match); $fields = array(); Modified: trunk/adminer/include/functions.inc.php =================================================================== --- trunk/adminer/include/functions.inc.php 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/adminer/include/functions.inc.php 2009-08-19 17:10:06 UTC (rev 982) @@ -67,7 +67,7 @@ } $return = array(); foreach ($row as $key => $val) { - if (!preg_match('~^(COUNT\\((\\*|(DISTINCT )?`(?:[^`]+|``)+`)\\)|(AVG|GROUP_CONCAT|MAX|MIN|SUM)\\(`(?:[^`]+|``)+`\\))$~', $key)) { //! columns looking like functions + if (!preg_match('~^(COUNT\\((\\*|(DISTINCT )?`(?:[^`]|``)+`)\\)|(AVG|GROUP_CONCAT|MAX|MIN|SUM)\\(`(?:[^`]|``)+`\\))$~', $key)) { //! columns looking like functions $return[] = (isset($val) ? urlencode("where[" . bracket_escape($key) . "]") . "=" . urlencode($val) : "null%5B%5D=" . urlencode($key)); } } @@ -79,11 +79,11 @@ $return = array(); foreach ((array) $where["where"] as $key => $val) { $key = bracket_escape($key, "back"); - $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY " . $dbh->quote($val); //! enum and set, columns looking like functions + $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY " . $dbh->quote($val); //! enum and set, columns looking like functions } foreach ((array) $where["null"] as $key) { $key = bracket_escape($key, "back"); - $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " IS NULL"; + $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " IS NULL"; } return implode(" AND ", $return); } @@ -293,7 +293,7 @@ if (!isset($_GET["default"])) { echo "<input type='radio' name='fields[$name]' value='0'" . ($value === 0 ? ' checked' : '') . '>'; } - preg_match_all("~'((?:[^']+|'')*)'~", $field["length"], $matches); + preg_match_all("~'((?:[^']|'')*)'~", $field["length"], $matches); foreach ($matches[1] as $i => $val) { $val = stripcslashes(str_replace("''", "'", $val)); $checked = (is_int($value) ? $value == $i+1 : $value === $val); @@ -308,7 +308,7 @@ if (strlen($input)) { echo $input; } elseif ($field["type"] == "set") { //! 64 bits - preg_match_all("~'((?:[^']+|'')*)'~", $field["length"], $matches); + preg_match_all("~'((?:[^']|'')*)'~", $field["length"], $matches); foreach ($matches[1] as $i => $val) { $val = stripcslashes(str_replace("''", "'", $val)); $checked = (is_int($value) ? ($value >> $i) & 1 : in_array($val, explode(",", $value), true)); Modified: trunk/adminer/include/mysql.inc.php =================================================================== --- trunk/adminer/include/mysql.inc.php 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/adminer/include/mysql.inc.php 2009-08-19 17:10:06 UTC (rev 982) @@ -234,7 +234,7 @@ function foreign_keys($table) { global $dbh, $on_actions; - static $pattern = '(?:[^`]+|``)+'; + static $pattern = '(?:[^`]|``)+'; $return = array(); $result = $dbh->query("SHOW CREATE TABLE " . idf_escape($table)); if ($result) { @@ -259,7 +259,7 @@ function view($name) { global $dbh; - return array("select" => preg_replace('~^(?:[^`]+|`[^`]*`)* AS ~U', '', $dbh->result($dbh->query("SHOW CREATE VIEW " . idf_escape($name)), 1))); + return array("select" => preg_replace('~^(?:[^`]|`[^`]*`)* AS ~U', '', $dbh->result($dbh->query("SHOW CREATE VIEW " . idf_escape($name)), 1))); } function collations() { Modified: trunk/adminer/index.php =================================================================== --- trunk/adminer/index.php 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/adminer/index.php 2009-08-19 17:10:06 UTC (rev 982) @@ -8,7 +8,7 @@ include "./include/bootstrap.inc.php"; -$enum_length = '\'(?:\'\'|[^\'\\\\]+|\\\\.)*\'|"(?:""|[^"\\\\]+|\\\\.)*"'; +$enum_length = '\'(?:\'\'|[^\'\\\\]|\\\\.)*\'|"(?:""|[^"\\\\]|\\\\.)*"'; $inout = array("IN", "OUT", "INOUT"); if (isset($_GET["download"])) { Modified: trunk/adminer/select.inc.php =================================================================== --- trunk/adminer/select.inc.php 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/adminer/select.inc.php 2009-08-19 17:10:06 UTC (rev 982) @@ -85,7 +85,7 @@ $file = preg_replace("~^\xEF\xBB\xBF~", '', $file); //! character set $cols = ""; $rows = array(); //! packet size - preg_match_all('~("[^"]*"|[^"\\n]+)+~', $file, $matches); + preg_match_all('~("[^"]*"|[^"\\n])+~', $file, $matches); foreach ($matches[0] as $key => $val) { $row = array(); preg_match_all('~(("[^"]*")+|[^,]*),~', "$val,", $matches2); Modified: trunk/adminer/sql.inc.php =================================================================== --- trunk/adminer/sql.inc.php 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/adminer/sql.inc.php 2009-08-19 17:10:06 UTC (rev 982) @@ -19,7 +19,7 @@ $delimiter = ";"; $offset = 0; $empty = true; - $space = "(\\s+|/\\*.*\\*/|(#|-- )[^\n]*\n|--\n)"; + $space = "(\\s|/\\*.*\\*/|(#|-- )[^\n]*\n|--\n)"; $dbh2 = (strlen($_GET["db"]) ? connect() : null); // connection for exploring indexes (to not replace FOUND_ROWS()) //! PDO - silent error if (is_object($dbh2)) { $dbh2->select_db($_GET["db"]); @@ -31,7 +31,7 @@ } elseif (preg_match('(' . preg_quote($delimiter) . '|[\'`"]|/\\*|-- |#|$)', $query, $match, PREG_OFFSET_CAPTURE, $offset)) { if ($match[0][0] && $match[0][0] != $delimiter) { // is not end of a query - find closing part - $pattern = ($match[0][0] == "-- " || $match[0][0] == "#" ? '~.*~' : ($match[0][0] == "/*" ? '~.*\\*/~sU' : '~\\G([^\\\\' . $match[0][0] . ']+|\\\\.)*(' . $match[0][0] . '|$)~s')); + $pattern = ($match[0][0] == "-- " || $match[0][0] == "#" ? '~.*~' : ($match[0][0] == "/*" ? '~.*\\*/~sU' : '~\\G([^\\\\' . $match[0][0] . ']|\\\\.)*(' . $match[0][0] . '|$)~s')); //! respect sql_mode NO_BACKSLASH_ESCAPES preg_match($pattern, $query, $match, PREG_OFFSET_CAPTURE, $match[0][1] + 1); $offset = $match[0][1] + strlen($match[0][0]); } else { Modified: trunk/changes.txt =================================================================== --- trunk/changes.txt 2009-08-19 15:50:58 UTC (rev 981) +++ trunk/changes.txt 2009-08-19 17:10:06 UTC (rev 982) @@ -1,5 +1,7 @@ Adminer 2.0.1: +Display column comments in table overview Fix Editor date format +Fix long SQL query crash (bug #2839231) Adminer 2.0.0 (released 2009-08-06): Editor: User friendly data editor This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |