diff --git a/checkin_notes b/checkin_notes
index 8b701e4b93..9e53764d20 100755
--- a/checkin_notes
+++ b/checkin_notes
@@ -22894,3 +22894,9 @@ David 18 Jan 2005
white.css
sched/
db_dump.C
+
+David 18 Jan 2005
+ - fix "added clauses" feature of admin web DB interface
+
+ html/inc/
+ db_ops.inc
diff --git a/html/inc/db_ops.inc b/html/inc/db_ops.inc
index 156df5e041..e8771c7516 100644
--- a/html/inc/db_ops.inc
+++ b/html/inc/db_ops.inc
@@ -118,8 +118,9 @@ class SqlQueryString {
}
function addclause($clause) {
if ($clause) {
- $this->add($clause);
- $this->urlquery .= "&clauses=".urlencode($clause);
+ $c = stripslashes(urldecode($clause));
+ $this->add("( $c )");
+ $this->urlquery .= "&clauses=$clause)";
}
}
function addeq($name) {
@@ -197,8 +198,9 @@ class SqlQueryString {
$this->addeq_not_CHOOSE_ALL('outcome');
$this->addeq_not_CHOOSE_ALL('client_state');
$this->addeq_not_CHOOSE_ALL('validate_state');
- if ($_GET['clauses']) {
- $this->addclause("( " . urldecode($_GET['clauses']) . " )");
+ $clauses = $_GET['clauses'];
+ if ($clauses) {
+ $this->addclause($clauses);
}
$this->addsort('sort_by');
}
diff --git a/html/ops/db_action.php b/html/ops/db_action.php
index 2c60fc9dec..4bda46b5b9 100644
--- a/html/ops/db_action.php
+++ b/html/ops/db_action.php
@@ -103,8 +103,12 @@
$show_aggregate = $_GET['show_aggregate'];
if ($show_aggregate) {
$query = "select sum(d_total) as tot_sum, sum(d_free) as free_sum, sum(m_nbytes) as tot_mem from host";
- if ($_GET['clauses']) {
- $query = $query." WHERE " . urldecode($_GET['clauses']);
+ $clauses = $_GET['clauses'];
+ if ($clauses) {
+ echo "$clauses
";
+ $clauses = stripslashes(urldecode($clauses));
+ echo "$clauses
";
+ $query = "$query WHERE $clauses";
}
$result = mysql_query($query);
$disk_info = mysql_fetch_object($result);