Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/phpmyadmin/phpmyadmin.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMaurĂ­cio Meneghini Fauth <mauricio@fauth.dev>2022-08-11 05:04:53 +0300
committerGitHub <noreply@github.com>2022-08-11 05:04:53 +0300
commitd2377526429a07cbf19c328e98e98c209130c2b8 (patch)
tree2854b1dca66c53163e13912c39ff73c888525afb
parent35f421a69bceafd4c1cf4d596cb42d3524f80e31 (diff)
parent1e70bba8836d6df2e85acd83ab8650f47c5fbfba (diff)
Merge pull request #17679 from kamil-tekiela/Fix-bug-that-doesn't-allow-insertion-of-set-values
Fix bug not allowing insertion of set values
Diffstat
-rw-r--r--libraries/classes/Controllers/Table/ReplaceController.php9
-rw-r--r--libraries/classes/InsertEdit.php9
-rw-r--r--psalm-baseline.xml18
-rw-r--r--test/classes/InsertEditTest.php10
4 files changed, 13 insertions, 33 deletions
diff --git a/libraries/classes/Controllers/Table/ReplaceController.php b/libraries/classes/Controllers/Table/ReplaceController.php
index 8e4022bb5f..448e2f24dc 100644
--- a/libraries/classes/Controllers/Table/ReplaceController.php
+++ b/libraries/classes/Controllers/Table/ReplaceController.php
@@ -30,6 +30,7 @@ use function class_exists;
use function count;
use function implode;
use function in_array;
+use function is_array;
use function is_file;
use function is_numeric;
use function method_exists;
@@ -180,10 +181,15 @@ final class ReplaceController extends AbstractController
// when inserting multiple entries
$insert_fail = false;
foreach ($multi_edit_columns_name as $key => $column_name) {
- $current_value = $multi_edit_columns[$key];
// Note: $key is an md5 of the fieldname. The actual fieldname is
// available in $multi_edit_columns_name[$key]
+ $current_value = $multi_edit_columns[$key];
+ if (is_array($current_value)) {
+ // Some column types accept comma-separated values e.g. set
+ $current_value = implode(',', $current_value);
+ }
+
$file_to_insert = new File();
$file_to_insert->checkTblChangeForm((string) $key, (string) $rownumber);
@@ -244,7 +250,6 @@ final class ReplaceController extends AbstractController
$multi_edit_columns_type,
$current_value,
$multi_edit_auto_increment,
- $rownumber,
$multi_edit_columns_name,
$multi_edit_columns_null,
$multi_edit_columns_null_prev,
diff --git a/libraries/classes/InsertEdit.php b/libraries/classes/InsertEdit.php
index 5e14d53400..97b46419f2 100644
--- a/libraries/classes/InsertEdit.php
+++ b/libraries/classes/InsertEdit.php
@@ -1691,7 +1691,6 @@ class InsertEdit
* @param array|null $multiEditColumnsType array of multi edit column types
* @param string $currentValue current column value in the form
* @param array|null $multiEditAutoIncrement multi edit auto increment
- * @param int $rownumber index of where clause array
* @param array $multiEditColumnsName multi edit column names array
* @param array $multiEditColumnsNull multi edit columns null array
* @param array $multiEditColumnsNullPrev multi edit columns previous null
@@ -1708,7 +1707,6 @@ class InsertEdit
?array $multiEditColumnsType,
string $currentValue,
?array $multiEditAutoIncrement,
- $rownumber,
$multiEditColumnsName,
$multiEditColumnsNull,
$multiEditColumnsNullPrev,
@@ -1732,12 +1730,7 @@ class InsertEdit
$currentValue = 'NULL';
}
} elseif ($type === 'set') {
- $currentValue = "''";
- if (! empty($_POST['fields']['multi_edit'][$rownumber][$key])) {
- $currentValue = implode(',', $_POST['fields']['multi_edit'][$rownumber][$key]);
- $currentValue = "'"
- . $this->dbi->escapeString($currentValue) . "'";
- }
+ $currentValue = "'" . $this->dbi->escapeString($currentValue) . "'";
} elseif ($type === 'protected') {
// Fetch the current values of a row to use in case we have a protected field
if (
diff --git a/psalm-baseline.xml b/psalm-baseline.xml
index b071d0db63..a3e526e3b7 100644
--- a/psalm-baseline.xml
+++ b/psalm-baseline.xml
@@ -3658,16 +3658,13 @@
<InvalidArgument occurrences="1">
<code>$insertErrors</code>
</InvalidArgument>
- <MixedArgument occurrences="31">
+ <MixedArgument occurrences="28">
<code>$_POST['db']</code>
<code>$_POST['rel_fields_list']</code>
<code>$_POST['table']</code>
<code>$_POST['transform_fields_list']</code>
<code>$column_name</code>
<code>$column_name</code>
- <code>$current_value</code>
- <code>$current_value</code>
- <code>$current_value</code>
<code>$errorMessages</code>
<code>$extra_data</code>
<code>$lastMessages</code>
@@ -3692,11 +3689,11 @@
<code>$where_clause</code>
</MixedArgument>
<MixedArgumentTypeCoercion occurrences="5">
+ <code>$current_value</code>
<code>$key</code>
<code>$key</code>
<code>$queryValues</code>
<code>$queryValues</code>
- <code>$rownumber</code>
</MixedArgumentTypeCoercion>
<MixedArrayAccess occurrences="4">
<code>$_POST['fields_name']['multi_edit']</code>
@@ -3713,7 +3710,7 @@
<MixedArrayOffset occurrences="1">
<code>$mimeMap[$column_name]</code>
</MixedArrayOffset>
- <MixedAssignment occurrences="32">
+ <MixedAssignment occurrences="31">
<code>$GLOBALS['active_page']</code>
<code>$GLOBALS['cfg']['InsertRows']</code>
<code>$GLOBALS['disp_message']</code>
@@ -3729,7 +3726,6 @@
<code>$column_name</code>
<code>$column_name</code>
<code>$curr_rel_field</code>
- <code>$current_value</code>
<code>$extra_data['row_count']</code>
<code>$insertRows</code>
<code>$multi_edit_auto_increment</code>
@@ -3755,12 +3751,9 @@
<code>$where_clause</code>
<code>$where_clause</code>
</MixedOperand>
- <PossiblyNullArgument occurrences="11">
+ <PossiblyNullArgument occurrences="8">
<code>$GLOBALS['urlParams']</code>
<code>$GLOBALS['urlParams']</code>
- <code>$current_value</code>
- <code>$current_value</code>
- <code>$current_value</code>
<code>$multi_edit_columns_null</code>
<code>$multi_edit_columns_null</code>
<code>$multi_edit_columns_null_prev</code>
@@ -7910,9 +7903,8 @@
</file>
<file src="libraries/classes/InsertEdit.php">
<LessSpecificReturnStatement occurrences="1"/>
- <MixedArgument occurrences="78">
+ <MixedArgument occurrences="77">
<code>$_POST['fields']['multi_edit']</code>
- <code>$_POST['fields']['multi_edit'][$rownumber][$key]</code>
<code>$backupField</code>
<code>$columnMime['input_transformation_options']</code>
<code>$column['Default']</code>
diff --git a/test/classes/InsertEditTest.php b/test/classes/InsertEditTest.php
index ecdff50432..0d0776ce62 100644
--- a/test/classes/InsertEditTest.php
+++ b/test/classes/InsertEditTest.php
@@ -2187,7 +2187,6 @@ class InsertEditTest extends AbstractTestCase
[],
'',
[],
- 0,
[],
[],
[],
@@ -2206,7 +2205,6 @@ class InsertEditTest extends AbstractTestCase
['test'],
'',
[1],
- 0,
[],
[],
[],
@@ -2225,7 +2223,6 @@ class InsertEditTest extends AbstractTestCase
['test'],
'',
[],
- 0,
[],
[],
[],
@@ -2245,7 +2242,6 @@ class InsertEditTest extends AbstractTestCase
['set'],
'',
[],
- 0,
[],
[],
[],
@@ -2264,7 +2260,6 @@ class InsertEditTest extends AbstractTestCase
['protected'],
'',
[],
- 0,
['name'],
[],
[],
@@ -2283,7 +2278,6 @@ class InsertEditTest extends AbstractTestCase
['protected'],
'',
[],
- 0,
['a'],
[],
[],
@@ -2302,7 +2296,6 @@ class InsertEditTest extends AbstractTestCase
['bit'],
'20\'12',
[],
- 0,
['a'],
[],
[],
@@ -2321,7 +2314,6 @@ class InsertEditTest extends AbstractTestCase
['date'],
'20\'12',
[],
- 0,
['a'],
[],
[],
@@ -2341,7 +2333,6 @@ class InsertEditTest extends AbstractTestCase
['set'],
'',
[],
- 0,
[],
[1],
[],
@@ -2360,7 +2351,6 @@ class InsertEditTest extends AbstractTestCase
['protected'],
'',
[],
- 0,
['a'],
[],
[1],
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-27 01:43:35 +0300