The branch, STABLE has been updated via 092ab350dba15cef61a771338f89e18ae8e019ad (commit) via 5a0fec9b3c6327bf8d4be31190f0a780a0071e2c (commit) via d128f806057e752db082272fd5e5c2f7244821b9 (commit) via 59b3b4916b31fa44f31b1e2d243ca7dda012ba37 (commit) via 782b8b46be4f06c695ab713eeefbd75970358e2f (commit) via bf60ec82e948450ae18b9e66c48d27da55ebe860 (commit) via f273e6cbf6e2eea7367f7ef9c63c97ea55b92ca0 (commit) via d2e0e09e0d402555a6223f0b683fdbfa97821a63 (commit) via b337f45a0a1ba8ff28e3d13f194f137e9aa85e8e (commit) via 05ca00e0a20d0eb4848d69bf7a1365df5bba872d (commit) via 48e909660032ddcbc13172830761e363e7a64d72 (commit) via be0f47a93141e2950ad400b8d22a2a98512825c2 (commit) via cd205cc55a46e3dc0f8883966f5c854f842e1000 (commit) via 7dc6cea06522b2d4af50934c983f3967540a4918 (commit) via 6028221d97efa2a7d56a61ab4c5750d1b2343619 (commit) via 2a1233b69ccc6c64819c2840ca5277c2dde0b9e0 (commit) via 25ac7de38c125d8067f42bab24212891389ac1e3 (commit) via fa30188dde357426d339d0d7e29a3969f88d188a (commit) via 00add5c43f594f80dab6304a5bb35d2e50540d2d (commit) via c75e41d5d8cdd9bbc745c8cbe2c16998fda1de0c (commit) via 533e10213590e7ccd83b98a5cd19ba1c3be119dd (commit) via ea3b718fc379c15e773cc2f18ea4c8ccfa9af57b (commit) via 7f266483b827fb05a4be11663003418c2ef1c878 (commit) via 5bcd95a42c8ba924d389eafee4d7be80bd4039a3 (commit) via 6d548f7d449b7d4b796949d10a503484f63eaf82 (commit) from c6c09344ea3dc027ae91c736e41cce52ded06a76 (commit)
- Log ----------------------------------------------------------------- commit 092ab350dba15cef61a771338f89e18ae8e019ad Merge: c6c09344ea3dc027ae91c736e41cce52ded06a76 5a0fec9b3c6327bf8d4be31190f0a780a0071e2c Author: Michal Čihař mcihar@novell.com Date: Fri Aug 20 13:55:43 2010 +0200
Merge branch 'MAINT_3_3_5' into STABLE
-----------------------------------------------------------------------
Summary of changes: ChangeLog | 3 +++ Documentation.html | 4 ++-- README | 4 ++-- db_search.php | 2 +- db_sql.php | 2 +- error.php | 10 +++++++--- libraries/Config.class.php | 2 +- libraries/common.lib.php | 9 +++++---- libraries/database_interface.lib.php | 4 ++++ libraries/db_info.inc.php | 3 ++- libraries/dbi/mysql.dbi.lib.php | 2 ++ libraries/dbi/mysqli.dbi.lib.php | 2 ++ libraries/sanitizing.lib.php | 17 +++++++++++++++-- libraries/sqlparser.lib.php | 2 +- server_databases.php | 22 ++++++++++++++++++---- server_privileges.php | 30 +++++++++++++++--------------- sql.php | 14 +++++++------- tbl_sql.php | 2 +- translators.html | 4 ++-- 19 files changed, 91 insertions(+), 47 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 53adf96..4183ff5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,9 @@ phpMyAdmin - ChangeLog $Id$ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/C... $
+3.3.5.1 (2010-10-20) +- [core] Fixed various XSS issues, see PMASA-2010-5 for more details. + 3.3.5.0 (2010-07-26) - patch #2932113 [information_schema] Slow export when having lots of databases, thanks to Stéphane Pontier - shadow_walker diff --git a/Documentation.html b/Documentation.html index 100b9ae..289d02a 100644 --- a/Documentation.html +++ b/Documentation.html @@ -10,7 +10,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78 <link rel="icon" href="./favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> - <title>phpMyAdmin 3.3.5 - Documentation</title> + <title>phpMyAdmin 3.3.5.1 - Documentation</title> <link rel="stylesheet" type="text/css" href="docs.css" /> </head>
@@ -18,7 +18,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78 <div id="header"> <h1> <a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a> - 3.3.5 + 3.3.5.1 Documentation </h1> </div> diff --git a/README b/README index 279f66f..072d0d9 100644 --- a/README +++ b/README @@ -5,8 +5,8 @@ phpMyAdmin - Readme
A set of PHP-scripts to manage MySQL over the web.
- Version 3.3.5 - ------------- + Version 3.3.5.1 + --------------- http://www.phpmyadmin.net/
Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller.com> diff --git a/db_search.php b/db_search.php index 751675d..455aa61 100644 --- a/db_search.php +++ b/db_search.php @@ -355,7 +355,7 @@ $alter_select = <tr><td align="right"> <?php echo $GLOBALS['strSearchInField']; ?></td> <td><input type="text" name="field_str" size="60" - value="<?php echo ! empty($field_str) ? $field_str : ''; ?>" /></td> + value="<?php echo ! empty($field_str) ? htmlspecialchars($field_str) : ''; ?>" /></td> </tr> </table> </fieldset> diff --git a/db_sql.php b/db_sql.php index 2ac198b..420561e 100644 --- a/db_sql.php +++ b/db_sql.php @@ -37,7 +37,7 @@ if ($num_tables == 0 && empty($db_query_force)) { /** * Query box, bookmark, insert data from textfile */ -PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? $_REQUEST['delimiter'] : ';'); +PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? htmlspecialchars($_REQUEST['delimiter']) : ';');
/** * Displays the footer diff --git a/error.php b/error.php index 674d08e..7e86ffb 100644 --- a/error.php +++ b/error.php @@ -76,10 +76,14 @@ header('Content-Type: text/html; charset=' . $charset); <body> <h1>phpMyAdmin - <?php echo $type; ?></h1> <p><?php -if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { - echo PMA_sanitize(stripslashes($_REQUEST['error'])); +if (!empty($_REQUEST['error'])) { + if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { + echo PMA_sanitize(stripslashes($_REQUEST['error'])); + } else { + echo PMA_sanitize($_REQUEST['error']); + } } else { - echo PMA_sanitize($_REQUEST['error']); + echo 'No error message!'; } ?></p> </body> diff --git a/libraries/Config.class.php b/libraries/Config.class.php index e73de8b..0ac18b2 100644 --- a/libraries/Config.class.php +++ b/libraries/Config.class.php @@ -92,7 +92,7 @@ class PMA_Config */ function checkSystem() { - $this->set('PMA_VERSION', '3.3.5'); + $this->set('PMA_VERSION', '3.3.5.1'); /** * @deprecated */ diff --git a/libraries/common.lib.php b/libraries/common.lib.php index c62d518..4a9c789 100644 --- a/libraries/common.lib.php +++ b/libraries/common.lib.php @@ -575,7 +575,7 @@ function PMA_mysqlDie($error_message = '', $the_query = '', $formatted_sql = ''; } else { if (strlen($the_query) > $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) { - $formatted_sql = substr($the_query, 0, $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) . '[...]'; + $formatted_sql = htmlspecialchars(substr($the_query, 0, $GLOBALS['cfg']['MaxCharactersInDisplayedSQL'])) . '[...]'; } else { $formatted_sql = PMA_formatSql(PMA_SQP_parse($the_query), $the_query); } @@ -705,22 +705,23 @@ function PMA_mysqlDie($error_message = '', $the_query = '', function PMA_sendHeaderLocation($uri) { if (PMA_IS_IIS && strlen($uri) > 600) { + require_once './libraries/js_escape.lib.php';
echo '<html><head><title>- - -</title>' . "\n"; echo '<meta http-equiv="expires" content="0">' . "\n"; echo '<meta http-equiv="Pragma" content="no-cache">' . "\n"; echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n"; - echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n"; + echo '<meta http-equiv="Refresh" content="0;url=' . htmlspecialchars($uri) . '">' . "\n"; echo '<script type="text/javascript">' . "\n"; echo '//<![CDATA[' . "\n"; - echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n"; + echo 'setTimeout("window.location = unescape(\'"' . PMA_escapeJsString($uri) . '"\')", 2000);' . "\n"; echo '//]]>' . "\n"; echo '</script>' . "\n"; echo '</head>' . "\n"; echo '<body>' . "\n"; echo '<script type="text/javascript">' . "\n"; echo '//<![CDATA[' . "\n"; - echo 'document.write(\'<p><a href="' . $uri . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n"; + echo 'document.write(\'<p><a href="' . htmlspecialchars($uri) . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n"; echo '//]]>' . "\n"; echo '</script></body></html>' . "\n";
diff --git a/libraries/database_interface.lib.php b/libraries/database_interface.lib.php index a7d9e72..3c0408d 100644 --- a/libraries/database_interface.lib.php +++ b/libraries/database_interface.lib.php @@ -205,6 +205,10 @@ function PMA_usort_comparison_callback($a, $b) } else { $sorter = 'strcasecmp'; } + /* No sorting when key is not present */ + if (!isset($a[$GLOBALS['callback_sort_by']]) || ! isset($b[$GLOBALS['callback_sort_by']])) { + return 0; + } // produces f.e.: // return -1 * strnatcasecmp($a["SCHEMA_TABLES"], $b["SCHEMA_TABLES"]) return ($GLOBALS['callback_sort_order'] == 'ASC' ? 1 : -1) * $sorter($a[$GLOBALS['callback_sort_by']], $b[$GLOBALS['callback_sort_by']]); diff --git a/libraries/db_info.inc.php b/libraries/db_info.inc.php index 4f59baa..1e5b401 100644 --- a/libraries/db_info.inc.php +++ b/libraries/db_info.inc.php @@ -213,7 +213,8 @@ if (! isset($sot_ready)) { );
// Make sure the sort type is implemented - if ($sort = $sortable_name_mappings[$_REQUEST['sort']]) { + if (isset($sortable_name_mappings[$_REQUEST['sort']])) { + $sort = $sortable_name_mappings[$_REQUEST['sort']]; if ($_REQUEST['sort_order'] == 'DESC') { $sort_order = 'DESC'; } diff --git a/libraries/dbi/mysql.dbi.lib.php b/libraries/dbi/mysql.dbi.lib.php index 2754588..4750ee2 100644 --- a/libraries/dbi/mysql.dbi.lib.php +++ b/libraries/dbi/mysql.dbi.lib.php @@ -348,6 +348,8 @@ function PMA_DBI_getError($link = null) $error_message = PMA_DBI_convert_message($error_message); }
+ $error_message = htmlspecialchars($error_message); + // Some errors messages cannot be obtained by mysql_error() if ($error_number == 2002) { $error = '#' . ((string) $error_number) . ' - ' . $GLOBALS['strServerNotResponding'] . ' ' . $GLOBALS['strSocketProblem']; diff --git a/libraries/dbi/mysqli.dbi.lib.php b/libraries/dbi/mysqli.dbi.lib.php index 913bce6..52f7601 100644 --- a/libraries/dbi/mysqli.dbi.lib.php +++ b/libraries/dbi/mysqli.dbi.lib.php @@ -406,6 +406,8 @@ function PMA_DBI_getError($link = null) $error_message = PMA_DBI_convert_message($error_message); }
+ $error_message = htmlspecialchars($error_message); + if ($error_number == 2002) { $error = '#' . ((string) $error_number) . ' - ' . $GLOBALS['strServerNotResponding'] . ' ' . $GLOBALS['strSocketProblem']; } else { diff --git a/libraries/sanitizing.lib.php b/libraries/sanitizing.lib.php index 2b54bf1..d17fc50 100644 --- a/libraries/sanitizing.lib.php +++ b/libraries/sanitizing.lib.php @@ -9,17 +9,26 @@
/** * Sanitizes $message, taking into account our special codes - * for formatting + * for formatting. + * + * If you want to include result in element attribute, you should escape it. + * + * Examples: + * + * <p><?php echo PMA_sanitize($foo); ?></p> + * + * <a title="<?php echo PMA_sanitize($foo, true); ?>">bar</a> * * @uses preg_replace() * @uses strtr() * @param string the message + * @param boolean whether to escape html in result * * @return string the sanitized message * * @access public */ -function PMA_sanitize($message) +function PMA_sanitize($message, $escape = false) { $replace_pairs = array( '<' => '<', @@ -67,6 +76,10 @@ function PMA_sanitize($message) $message = preg_replace($pattern, '<a href="\1" target="\2">', $message); }
+ if ($escape) { + $message = htmlspecialchars($message); + } + return $message; } ?> diff --git a/libraries/sqlparser.lib.php b/libraries/sqlparser.lib.php index 53f239a..f844e23 100644 --- a/libraries/sqlparser.lib.php +++ b/libraries/sqlparser.lib.php @@ -2456,7 +2456,7 @@ if (! defined('PMA_MINIMUM_COMMON')) { } $after .= "\n"; */ - $str .= $before . ($mode=='color' ? PMA_SQP_formatHTML_colorize($arr[$i]) : $arr[$i]['data']). $after; + $str .= $before . ($mode=='color' ? PMA_SQP_formatHTML_colorize($arr[$i]) : htmlspecialchars($arr[$i]['data'])). $after; } // end for if ($mode=='color') { $str .= '</span>'; diff --git a/server_databases.php b/server_databases.php index 47037cc..5e6d0ec 100644 --- a/server_databases.php +++ b/server_databases.php @@ -22,7 +22,21 @@ require './libraries/replication.inc.php'; if (empty($_REQUEST['sort_by'])) { $sort_by = 'SCHEMA_NAME'; } else { - $sort_by = PMA_sanitize($_REQUEST['sort_by']); + $sort_by_whitelist = array( + 'SCHEMA_NAME', + 'DEFAULT_COLLATION_NAME', + 'SCHEMA_TABLES', + 'SCHEMA_TABLE_ROWS', + 'SCHEMA_DATA_LENGTH', + 'SCHEMA_INDEX_LENGTH', + 'SCHEMA_LENGTH', + 'SCHEMA_DATA_FREE' + ); + if (in_array($_REQUEST['sort_by'], $sort_by_whitelist)) { + $sort_by = $_REQUEST['sort_by']; + } else { + $sort_by = 'SCHEMA_NAME'; + } }
if (isset($_REQUEST['sort_order']) @@ -342,11 +356,11 @@ if ($databases_count > 0) { unset($column_order, $stat_name, $stat, $databases, $table_columns);
if ($is_superuser || $cfg['AllowUserDropDatabase']) { - $common_url_query = PMA_generate_common_url() . '&sort_by=' . $sort_by . '&sort_order=' . $sort_order . '&dbstats=' . $dbstats; + $common_url_query = PMA_generate_common_url(array('sort_by' => $sort_by, 'sort_order' => $sort_order, 'dbstats' => $dbstats)); echo '<img class="selectallarrow" src="' . $pmaThemeImage . 'arrow_' . $text_dir . '.png" width="38" height="22" alt="' . $strWithChecked . '" />' . "\n" - . '<a href="./server_databases.php?' . $common_url_query . '&checkall=1" onclick="if (markAllRows(\'tabledatabases\')) return false;">' . "\n" + . '<a href="./server_databases.php' . $common_url_query . '&checkall=1" onclick="if (markAllRows(\'tabledatabases\')) return false;">' . "\n" . ' ' . $strCheckAll . '</a> / ' . "\n" - . '<a href="./server_databases.php?' . $common_url_query . '" onclick="if (unMarkAllRows(\'tabledatabases\')) return false;">' . "\n" + . '<a href="./server_databases.php' . $common_url_query . '" onclick="if (unMarkAllRows(\'tabledatabases\')) return false;">' . "\n" . ' ' . $strUncheckAll . '</a>' . "\n" . '<i>' . $strWithChecked . '</i>' . "\n"; PMA_buttonOrImage('drop_selected_dbs', 'mult_submit', 'drop_selected_dbs', $strDrop, 'b_deltbl.png'); diff --git a/server_privileges.php b/server_privileges.php index fd2796f..d43896b 100644 --- a/server_privileges.php +++ b/server_privileges.php @@ -1151,7 +1151,7 @@ if (!empty($update_privs)) { } $sql_query = $sql_query0 . ' ' . $sql_query1 . ' ' . $sql_query2; $message = PMA_Message::success('strUpdatePrivMessage'); - $message->addParam(''' . $username . ''@'' . $hostname . '''); + $message->addParam(''' . htmlspecialchars($username) . ''@'' . htmlspecialchars($hostname) . '''); }
@@ -1175,7 +1175,7 @@ if (isset($_REQUEST['revokeall'])) { } $sql_query = $sql_query0 . ' ' . $sql_query1; $message = PMA_Message::success('strRevokeMessage'); - $message->addParam(''' . $username . ''@'' . $hostname . '''); + $message->addParam(''' . htmlspecialchars($username) . ''@'' . htmlspecialchars($hostname) . '''); if (! isset($tablename)) { unset($dbname); } else { @@ -1211,7 +1211,7 @@ if (isset($_REQUEST['change_pw'])) { PMA_DBI_try_query($local_query) or PMA_mysqlDie(PMA_DBI_getError(), $sql_query, FALSE, $err_url); $message = PMA_Message::success('strPasswordChanged'); - $message->addParam(''' . $username . ''@'' . $hostname . '''); + $message->addParam(''' . htmlspecialchars($username) . ''@'' . htmlspecialchars($hostname) . '''); } }
@@ -1590,8 +1590,8 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
if (isset($dbname)) { echo ' <i><a href="server_privileges.php?' - . $GLOBALS['url_query'] . '&username=' . urlencode($username) - . '&hostname=' . urlencode($hostname) . '&dbname=&tablename=">'' + . $GLOBALS['url_query'] . '&username=' . htmlspecialchars(urlencode($username)) + . '&hostname=' . htmlspecialchars(urlencode($hostname)) . '&dbname=&tablename=">'' . htmlspecialchars($username) . ''@'' . htmlspecialchars($hostname) . ''</a></i>' . "\n"; $url_dbname = urlencode(str_replace(array('_', '%'), array('_', '%'), $dbname)); @@ -1599,8 +1599,8 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs echo ' - ' . ($dbname_is_wildcard ? $GLOBALS['strDatabases'] : $GLOBALS['strDatabase'] ); if (isset($tablename)) { echo ' <i><a href="server_privileges.php?' . $GLOBALS['url_query'] - . '&username=' . urlencode($username) . '&hostname=' . urlencode($hostname) - . '&dbname=' . $url_dbname . '&tablename=">' . htmlspecialchars($dbname) . '</a></i>'; + . '&username=' . htmlspecialchars(urlencode($username)) . '&hostname=' . htmlspecialchars(urlencode($hostname)) + . '&dbname=' . htmlspecialchars($url_dbname) . '&tablename=">' . htmlspecialchars($dbname) . '</a></i>'; echo ' - ' . $GLOBALS['strTable'] . ' <i>' . htmlspecialchars($tablename) . '</i>'; } else { echo ' <i>' . htmlspecialchars($dbname) . '</i>'; @@ -1834,16 +1834,16 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs } echo '</td>' . "\n" . ' <td>'; - printf($link_edit, urlencode($username), - urlencode($hostname), - urlencode((! isset($dbname)) ? $row['Db'] : $dbname), + printf($link_edit, htmlspecialchars(urlencode($username)), + urlencode(htmlspecialchars($hostname)), + urlencode((! isset($dbname)) ? $row['Db'] : htmlspecialchars($dbname)), urlencode((! isset($dbname)) ? '' : $row['Table_name'])); echo '</td>' . "\n" . ' <td>'; if (! empty($row['can_delete']) || isset($row['Table_name']) && strlen($row['Table_name'])) { - printf($link_revoke, urlencode($username), - urlencode($hostname), - urlencode((! isset($dbname)) ? $row['Db'] : $dbname), + printf($link_revoke, htmlspecialchars(urlencode($username)), + urlencode(htmlspecialchars($hostname)), + urlencode((! isset($dbname)) ? $row['Db'] : htmlspecialchars($dbname)), urlencode((! isset($dbname)) ? '' : $row['Table_name'])); } echo '</td>' . "\n" @@ -1923,7 +1923,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs if (isset($tablename)) { echo ' [ ' . $GLOBALS['strTable'] . ' <a href="' . $GLOBALS['cfg']['DefaultTabTable'] . '?' . $GLOBALS['url_query'] - . '&db=' . $url_dbname . '&table=' . urlencode($tablename) + . '&db=' . $url_dbname . '&table=' . htmlspecialchars(urlencode($tablename)) . '&reload=1">' . htmlspecialchars($tablename) . ': ' . PMA_getTitleForTarget($GLOBALS['cfg']['DefaultTabTable']) . "</a> ]\n"; @@ -2150,7 +2150,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
// Offer to create a new user for the current database echo '<fieldset id="fieldset_add_user">' . "\n" - . ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1&dbname=' . $checkprivs .'">' . "\n" + . ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1&dbname=' . htmlspecialchars($checkprivs) .'">' . "\n" . PMA_getIcon('b_usradd.png') . ' ' . $GLOBALS['strAddUser'] . '</a>' . "\n" . '</fieldset>' . "\n"; diff --git a/sql.php b/sql.php index 4898860..15b1beb 100644 --- a/sql.php +++ b/sql.php @@ -175,14 +175,14 @@ if ($do_confirm) { .PMA_generate_common_hidden_inputs($db, $table); ?> <input type="hidden" name="sql_query" value="<?php echo htmlspecialchars($sql_query); ?>" /> - <input type="hidden" name="zero_rows" value="<?php echo isset($zero_rows) ? PMA_sanitize($zero_rows) : ''; ?>" /> + <input type="hidden" name="zero_rows" value="<?php echo isset($zero_rows) ? PMA_sanitize($zero_rows, true) : ''; ?>" /> <input type="hidden" name="goto" value="<?php echo $goto; ?>" /> - <input type="hidden" name="back" value="<?php echo isset($back) ? PMA_sanitize($back) : ''; ?>" /> - <input type="hidden" name="reload" value="<?php echo isset($reload) ? PMA_sanitize($reload) : 0; ?>" /> - <input type="hidden" name="purge" value="<?php echo isset($purge) ? PMA_sanitize($purge) : ''; ?>" /> - <input type="hidden" name="cpurge" value="<?php echo isset($cpurge) ? PMA_sanitize($cpurge) : ''; ?>" /> - <input type="hidden" name="purgekey" value="<?php echo isset($purgekey) ? PMA_sanitize($purgekey) : ''; ?>" /> - <input type="hidden" name="show_query" value="<?php echo isset($show_query) ? PMA_sanitize($show_query) : ''; ?>" /> + <input type="hidden" name="back" value="<?php echo isset($back) ? PMA_sanitize($back, true) : ''; ?>" /> + <input type="hidden" name="reload" value="<?php echo isset($reload) ? PMA_sanitize($reload, true) : 0; ?>" /> + <input type="hidden" name="purge" value="<?php echo isset($purge) ? PMA_sanitize($purge, true) : ''; ?>" /> + <input type="hidden" name="cpurge" value="<?php echo isset($cpurge) ? PMA_sanitize($cpurge, true) : ''; ?>" /> + <input type="hidden" name="purgekey" value="<?php echo isset($purgekey) ? PMA_sanitize($purgekey, true) : ''; ?>" /> + <input type="hidden" name="show_query" value="<?php echo isset($show_query) ? PMA_sanitize($show_query, true) : ''; ?>" /> <?php echo '<fieldset class="confirmation">' . "\n" .' <legend>' . $strDoYouReally . '</legend>' diff --git a/tbl_sql.php b/tbl_sql.php index 5565d92..f3c3aac 100644 --- a/tbl_sql.php +++ b/tbl_sql.php @@ -38,7 +38,7 @@ require_once './libraries/tbl_links.inc.php'; /** * Query box, bookmark, insert data from textfile */ -PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? $_REQUEST['delimiter'] : ';'); +PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? htmlspecialchars($_REQUEST['delimiter']) : ';');
/** * Displays the footer diff --git a/translators.html b/translators.html index d847a9e..eb8c6ff 100644 --- a/translators.html +++ b/translators.html @@ -11,7 +11,7 @@ <link rel="icon" href="./favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> - <title>phpMyAdmin 3.3.5 - Official translators</title> + <title>phpMyAdmin 3.3.5.1 - Official translators</title> <link rel="stylesheet" type="text/css" href="docs.css" /> </head>
@@ -19,7 +19,7 @@ <div id="header"> <h1> <a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a> - 3.3.5 + 3.3.5.1 official translators list </h1> </div>
hooks/post-receive