From e7d78df6ae6a4c69e9c0e69acea0717c9d8aef16 Mon Sep 17 00:00:00 2001
From: David Anderson <davea@ssl.berkeley.edu>
Date: Tue, 18 Jan 2005 22:47:08 +0000
Subject: [PATCH] *** empty log message ***

svn path=/trunk/boinc/; revision=5137
---
 checkin_notes          |  6 ++++++
 html/inc/db_ops.inc    | 10 ++++++----
 html/ops/db_action.php |  8 ++++++--
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/checkin_notes b/checkin_notes
index 8b701e4b93..9e53764d20 100755
--- a/checkin_notes
+++ b/checkin_notes
@@ -22894,3 +22894,9 @@ David  18 Jan 2005
             white.css
     sched/
         db_dump.C
+
+David  18 Jan 2005
+    - fix "added clauses" feature of admin web DB interface
+
+    html/inc/
+        db_ops.inc
diff --git a/html/inc/db_ops.inc b/html/inc/db_ops.inc
index 156df5e041..e8771c7516 100644
--- a/html/inc/db_ops.inc
+++ b/html/inc/db_ops.inc
@@ -118,8 +118,9 @@ class SqlQueryString {
     }
     function addclause($clause) {
         if ($clause) {
-            $this->add($clause);
-            $this->urlquery .= "&clauses=".urlencode($clause);
+            $c = stripslashes(urldecode($clause));
+            $this->add("( $c )");
+            $this->urlquery .= "&clauses=$clause)";
         }
     }
     function addeq($name) {
@@ -197,8 +198,9 @@ class SqlQueryString {
         $this->addeq_not_CHOOSE_ALL('outcome');
         $this->addeq_not_CHOOSE_ALL('client_state');
         $this->addeq_not_CHOOSE_ALL('validate_state');
-        if ($_GET['clauses']) {
-            $this->addclause("( " . urldecode($_GET['clauses']) . " )");
+        $clauses = $_GET['clauses'];
+        if ($clauses) {
+            $this->addclause($clauses);
         }
         $this->addsort('sort_by');
     }
diff --git a/html/ops/db_action.php b/html/ops/db_action.php
index 2c60fc9dec..4bda46b5b9 100644
--- a/html/ops/db_action.php
+++ b/html/ops/db_action.php
@@ -103,8 +103,12 @@
         $show_aggregate = $_GET['show_aggregate'];
         if ($show_aggregate) {
             $query = "select sum(d_total) as tot_sum, sum(d_free) as free_sum, sum(m_nbytes) as tot_mem from host";
-            if ($_GET['clauses']) {
-                $query = $query." WHERE " . urldecode($_GET['clauses']);
+            $clauses = $_GET['clauses'];
+            if ($clauses) {
+                echo "$clauses<br>";
+                $clauses = stripslashes(urldecode($clauses));
+                echo "$clauses<br>";
+                $query = "$query WHERE $clauses";
             }
             $result = mysql_query($query);
             $disk_info = mysql_fetch_object($result);