The branch, master has been updated via 2dee226c5010cc9dd3f3ca85ac7138af61a24358 (commit) via a7fe9db58180d429866bee77e5d0d27f913ed860 (commit) from 8738697fb115b96fe7a686bf5fe28f0feda812a8 (commit)
- Log ----------------------------------------------------------------- commit 2dee226c5010cc9dd3f3ca85ac7138af61a24358 Author: Piotr Przybylski piotrprz@gmail.com Date: Fri Jul 22 14:11:59 2011 +0200
Add missing HTML escaping
commit a7fe9db58180d429866bee77e5d0d27f913ed860 Author: Piotr Przybylski piotrprz@gmail.com Date: Fri Jul 22 14:09:57 2011 +0200
Change strings
-----------------------------------------------------------------------
Summary of changes: libraries/import.lib.php | 24 ++++++++++++------------ 1 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/libraries/import.lib.php b/libraries/import.lib.php index f257205..54c9fc6 100644 --- a/libraries/import.lib.php +++ b/libraries/import.lib.php @@ -1066,15 +1066,15 @@ function PMA_buildSQL($db_name, &$tables, &$analyses = null, &$additional_sql =
$message = '<br /><br />'; $message .= '<strong>' . __('The following structures have either been created or altered. Here you can:') . '</strong><br />'; - $message .= '<ul><li>' . __('View a structure`s contents by clicking on its name') . '</li>'; - $message .= '<li>' . __('Change any of its settings by clicking the corresponding "Options" link') . '</li>'; - $message .= '<li>' . __('Edit its structure by following the "Structure" link') . '</li>'; + $message .= '<ul><li>' . __("View a structure's contents by clicking on its name") . '</li>'; + $message .= '<li>' . htmlspecialchars(__('Change any of its settings by clicking the corresponding "Options" link')) . '</li>'; + $message .= '<li>' . htmlspecialchars(__('Edit structure by following the "Structure" link')) . '</li>'; $message .= sprintf('<br /><li><a href="%s" title="%s">%s</a> (<a href="%s" title="%s">' . __('Options') . '</a>)</li>', $db_url, - __('Go to database') . ': ' . PMA_backquote($db_name), - $db_name, + __('Go to database') . ': ' . htmlspecialchars(PMA_backquote($db_name)), + htmlspecialchars($db_name), $db_ops_url, - __('Edit') . ' ' . PMA_backquote($db_name) . ' ' . __('settings')); + __('Edit') . ' ' . htmlspecialchars(PMA_backquote($db_name)) . ' ' . __('settings'));
$message .= '<ul>';
@@ -1093,17 +1093,17 @@ function PMA_buildSQL($db_name, &$tables, &$analyses = null, &$additional_sql = if (! PMA_isView($db_name, $tables[$i][TBL_NAME])) { $message .= sprintf('<li><a href="%s" title="%s">%s</a> (<a href="%s" title="%s">' . __('Structure') . '</a>) (<a href="%s" title="%s">' . __('Options') . '</a>)</li>', $tbl_url, - __('Go to table') . ': ' . PMA_backquote($tables[$i][TBL_NAME]), - $tables[$i][TBL_NAME], + __('Go to table') . ': ' . htmlspecialchars(PMA_backquote($tables[$i][TBL_NAME])), + htmlspecialchars($tables[$i][TBL_NAME]), $tbl_struct_url, - PMA_backquote($tables[$i][TBL_NAME]) . ' ' . __('structure'), + htmlspecialchars(PMA_backquote($tables[$i][TBL_NAME])) . ' ' . __('structure'), $tbl_ops_url, - __('Edit') . ' ' . PMA_backquote($tables[$i][TBL_NAME]) . ' ' . __('settings')); + __('Edit') . ' ' . htmlspecialchars(PMA_backquote($tables[$i][TBL_NAME])) . ' ' . __('settings')); } else { $message .= sprintf('<li><a href="%s" title="%s">%s</a></li>', $tbl_url, - __('Go to view') . ': ' . PMA_backquote($tables[$i][TBL_NAME]), - $tables[$i][TBL_NAME]); + __('Go to view') . ': ' . htmlspecialchars(PMA_backquote($tables[$i][TBL_NAME])), + htmlspecialchars($tables[$i][TBL_NAME])); } }
hooks/post-receive