[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_4, updated. RELEASE_3_4_3_2-66-g599c9b5
Michal Čihař
nijel at users.sourceforge.net
Fri Aug 19 11:59:56 CEST 2011
The branch, QA_3_4 has been updated
via 599c9b5e1bacc01a9c9bb6621ec1ed3279c4104a (commit)
via e7d6cab2a25e5014c1c10ce927413481dc9ab074 (commit)
from 514697082675f054671f6af4aa27c0c4601fcce8 (commit)
- Log -----------------------------------------------------------------
commit 599c9b5e1bacc01a9c9bb6621ec1ed3279c4104a
Author: Michal Čihař <michal at cihar.com>
Date: Fri Aug 19 11:56:38 2011 +0200
More of missing escaping
commit e7d6cab2a25e5014c1c10ce927413481dc9ab074
Author: Michal Čihař <michal at cihar.com>
Date: Fri Aug 19 11:54:34 2011 +0200
Missing escaping
-----------------------------------------------------------------------
Summary of changes:
db_datadict.php | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/db_datadict.php b/db_datadict.php
index e67c096..6981462 100644
--- a/db_datadict.php
+++ b/db_datadict.php
@@ -65,7 +65,7 @@ while ($row = PMA_DBI_fetch_assoc($rowset)) {
echo '<div>' . "\n";
- echo '<h2>' . $table . '</h2>' . "\n";
+ echo '<h2>' . htmlspecialchars($table) . '</h2>' . "\n";
/**
* Gets table informations
@@ -249,9 +249,9 @@ while ($row = PMA_DBI_fetch_assoc($rowset)) {
<td nowrap="nowrap">
<?php
if (isset($pk_array[$row['Field']])) {
- echo '<u>' . $field_name . '</u>';
+ echo '<u>' . htmlspecialchars($field_name) . '</u>';
} else {
- echo $field_name;
+ echo htmlspecialchars($field_name);
}
?>
</td>
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list