nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] Self-XSS on invalid query (table overview), see PMASA-2011-18

Browse Source
This commit is contained in:
Dieter Adriaenssens
2011-11-22 21:59:19 +01:00
parent dac8d6ce25
commit 077c10020e
2 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libraries/common.lib.php
View File

@@ -1059,13 +1059,10 @@ function PMA_showMessage($message, $sql_query = null, $type = 'notice', $is_view
} else {
// Parse SQL if needed
$parsed_sql = PMA_SQP_parse($query_base);
if (PMA_SQP_isError()) {
unset($parsed_sql);
}
}
// Analyze it
if (isset($parsed_sql)) {
if (isset($parsed_sql) && ! PMA_SQP_isError()) {
$analyzed_display_query = PMA_SQP_analyze($parsed_sql);
// Here we append the LIMIT added for navigation, to
// enable its display. Adding it higher in the code