nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

XSS vulnerability

Browse Source
This commit is contained in:
Marc Delisle
2006-03-17 01:26:17 +00:00
parent b628fcc8a9
commit 0933619b6b
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -7,6 +7,7 @@ $Source$
2006-03-16 Marc Delisle <lem9@users.sourceforge.net> 2006-03-16 Marc Delisle <lem9@users.sourceforge.net>
* libraries/display_tbl.lib.php: undefined variable when a BLOB is NULL * libraries/display_tbl.lib.php: undefined variable when a BLOB is NULL
* libraries/Theme_Manager.class.php: XSS vulnerability
2006-03-16 Michal Čihař <michal@cihar.com> 2006-03-16 Michal Čihař <michal@cihar.com>
* libraries/select_server.lib.php: Move end of fieldset to correct place * libraries/select_server.lib.php: Move end of fieldset to correct place

4
libraries/Theme_Manager.class.php
View File

@@ -80,9 +80,9 @@ class PMA_Theme_Manager {
{ {
if ( ! $this->checkTheme($theme)) { if ( ! $this->checkTheme($theme)) {
$GLOBALS['PMA_errors'][] = sprintf($GLOBALS['strThemeNotFound'], $GLOBALS['PMA_errors'][] = sprintf($GLOBALS['strThemeNotFound'],
$theme); PMA_sanitize($theme));
trigger_error( trigger_error(
sprintf($GLOBALS['strThemeNotFound'], $theme), sprintf($GLOBALS['strThemeNotFound'], PMA_sanitize($theme)),
E_USER_WARNING); E_USER_WARNING);
return false; return false;
} }