The branch, QA_3_4 has been updated
via 599c9b5e1bacc01a9c9bb6621ec1ed3279c4104a (commit)
via e7d6cab2a25e5014c1c10ce927413481dc9ab074 (commit)
from 514697082675f054671f6af4aa27c0c4601fcce8 (commit)
- Log -----------------------------------------------------------------
commit 599c9b5e1bacc01a9c9bb6621ec1ed3279c4104a
Author: Michal Čihař <[email protected]>
Date: Fri Aug 19 11:56:38 2011 +0200
More of missing escaping
commit e7d6cab2a25e5014c1c10ce927413481dc9ab074
Author: Michal Čihař <[email protected]>
Date: Fri Aug 19 11:54:34 2011 +0200
Missing escaping
-----------------------------------------------------------------------
Summary of changes:
db_datadict.php | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/db_datadict.php b/db_datadict.php
index e67c096..6981462 100644
--- a/db_datadict.php
+++ b/db_datadict.php
@@ -65,7 +65,7 @@ while ($row = PMA_DBI_fetch_assoc($rowset)) {
echo '<div>' . "\n";
- echo '<h2>' . $table . '</h2>' . "\n";
+ echo '<h2>' . htmlspecialchars($table) . '</h2>' . "\n";
/**
* Gets table informations
@@ -249,9 +249,9 @@ while ($row = PMA_DBI_fetch_assoc($rowset)) {
<td nowrap="nowrap">
<?php
if (isset($pk_array[$row['Field']])) {
- echo '<u>' . $field_name . '</u>';
+ echo '<u>' . htmlspecialchars($field_name) . '</u>';
} else {
- echo $field_name;
+ echo htmlspecialchars($field_name);
}
?>
</td>
hooks/post-receive
--
phpMyAdmin
------------------------------------------------------------------------------
Get a FREE DOWNLOAD! and learn more about uberSVN rich system,
user administration capabilities and model configuration. Take
the hassle out of deploying and managing Subversion and the
tools developers use with it. http://p.sf.net/sfu/wandisco-d2d-2
_______________________________________________
Phpmyadmin-git mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-git
