diff options
author | William Desportes <williamdes@wdes.fr> | 2020-05-17 13:26:47 +0300 |
---|---|---|
committer | William Desportes <williamdes@wdes.fr> | 2020-05-17 13:27:39 +0300 |
commit | 19df63b0365621427697edc185ff7c9c5707c523 (patch) | |
tree | dae063268f39a97716a3e16c42104808454f4813 /libraries | |
parent | 5364df21c65ceb2bdf934988e40e2bb223544c46 (diff) |
Fix #314 - make sure where_clause is not modified
Signed-off-by: William Desportes <williamdes@wdes.fr>
Diffstat (limited to 'libraries')
-rw-r--r-- | libraries/classes/Display/Results.php | 1 | ||||
-rw-r--r-- | libraries/classes/InsertEdit.php | 3 |
2 files changed, 4 insertions, 0 deletions
diff --git a/libraries/classes/Display/Results.php b/libraries/classes/Display/Results.php index 80120f20c8..6809c227c9 100644 --- a/libraries/classes/Display/Results.php +++ b/libraries/classes/Display/Results.php @@ -3001,6 +3001,7 @@ class Results $_url_params = array( 'db' => $this->__get('db'), 'table' => $meta->orgtable, + 'where_clause_sign' => Core::signSqlQuery($whereClauseMap[$row_no][$meta->orgtable]), 'where_clause' => $whereClauseMap[$row_no][$meta->orgtable], 'transform_key' => $meta->orgname ); diff --git a/libraries/classes/InsertEdit.php b/libraries/classes/InsertEdit.php index 10a91ae3a9..ad692f0509 100644 --- a/libraries/classes/InsertEdit.php +++ b/libraries/classes/InsertEdit.php @@ -18,6 +18,7 @@ use PhpMyAdmin\Template; use PhpMyAdmin\Transformations; use PhpMyAdmin\Url; use PhpMyAdmin\Util; +use PhpMyAdmin\Core; /** * PhpMyAdmin\InsertEdit class @@ -2480,6 +2481,7 @@ class InsertEdit $_url_params = array( 'db' => $db, 'table' => $table, + 'where_clause_sign' => Core::signSqlQuery($_POST['where_clause']), 'where_clause' => $_POST['where_clause'], 'transform_key' => $column_name ); @@ -3275,6 +3277,7 @@ class InsertEdit 'db' => $db, 'table' => $table, 'transform_key' => $column['Field'], + 'where_clause_sign' => Core::signSqlQuery($where_clause), 'where_clause' => $where_clause ); $transformation_options['wrapper_link'] |