Escape special chars when displaying filename template cookies.
This commit is contained in:
Michal Čihař
@@ -173,19 +173,19 @@ echo PMA_pluginGetJavascript($export_list);
|
|||||||
echo ' value="';
|
echo ' value="';
|
||||||
if ($export_type == 'database') {
|
if ($export_type == 'database') {
|
||||||
if (isset($_COOKIE) && !empty($_COOKIE['pma_db_filename_template'])) {
|
if (isset($_COOKIE) && !empty($_COOKIE['pma_db_filename_template'])) {
|
||||||
echo $_COOKIE['pma_db_filename_template'];
|
echo htmlspecialchars($_COOKIE['pma_db_filename_template']);
|
||||||
} else {
|
} else {
|
||||||
echo $GLOBALS['cfg']['Export']['file_template_database'];
|
echo $GLOBALS['cfg']['Export']['file_template_database'];
|
||||||
}
|
}
|
||||||
} elseif ($export_type == 'table') {
|
} elseif ($export_type == 'table') {
|
||||||
if (isset($_COOKIE) && !empty($_COOKIE['pma_table_filename_template'])) {
|
if (isset($_COOKIE) && !empty($_COOKIE['pma_table_filename_template'])) {
|
||||||
echo $_COOKIE['pma_table_filename_template'];
|
echo htmlspecialchars($_COOKIE['pma_table_filename_template']);
|
||||||
} else {
|
} else {
|
||||||
echo $GLOBALS['cfg']['Export']['file_template_table'];
|
echo $GLOBALS['cfg']['Export']['file_template_table'];
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (isset($_COOKIE) && !empty($_COOKIE['pma_server_filename_template'])) {
|
if (isset($_COOKIE) && !empty($_COOKIE['pma_server_filename_template'])) {
|
||||||
echo $_COOKIE['pma_server_filename_template'];
|
echo htmlspecialchars($_COOKIE['pma_server_filename_template']);
|
||||||
} else {
|
} else {
|
||||||
echo $GLOBALS['cfg']['Export']['file_template_server'];
|
echo $GLOBALS['cfg']['Export']['file_template_server'];
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user