nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed bug #1433882 html special chars not escaped in query in querybox

Browse Source
This commit is contained in:
Sebastian Mendel
2006-02-18 13:51:11 +00:00
parent 29b387b350
commit 2433c3f2af
2 changed files with 56 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
$Id$ $Id$
$Source$ $Source$
2006-02-17 Sebastian Mendel <cybot_tm@users.sourceforge.net>
* libraries/sql_query_form.lib.php:
fixed bug #1433882 html special chars not escaped in query in querybox
2006-02-17 Marc Delisle <lem9@users.sourceforge.net> 2006-02-17 Marc Delisle <lem9@users.sourceforge.net>
* lang/*, db_details_structure.php: * lang/*, db_details_structure.php:
bug #1431352, no %d in strViewMaxExactCount bug #1431352, no %d in strViewMaxExactCount

6
libraries/sql_query_form.lib.php
View File

@@ -11,8 +11,8 @@
* @usedby querywindow.php * @usedby querywindow.php
*/ */
require_once('./libraries/file_listing.php'); // used for file listing require_once './libraries/file_listing.php'; // used for file listing
require_once('./libraries/bookmark.lib.php'); // used for file listing require_once './libraries/bookmark.lib.php'; // used for file listing
/** /**
* prints the sql query boxes * prints the sql query boxes
@@ -276,7 +276,7 @@ function PMA_sqlQueryFormInsert($query = '', $is_querywindow = false)
.' cols="' . $GLOBALS['cfg']['TextareaCols'] . '"' .' cols="' . $GLOBALS['cfg']['TextareaCols'] . '"'
.' rows="' . $GLOBALS['cfg']['TextareaRows'] . '"' .' rows="' . $GLOBALS['cfg']['TextareaRows'] . '"'
.' dir="' . $GLOBALS['text_dir'] . '"' .' dir="' . $GLOBALS['text_dir'] . '"'
.$auto_sel . $locking . '>' . $query . '</textarea>' . "\n"; .$auto_sel . $locking . '>' . htmlspecialchars($query) . '</textarea>' . "\n";
echo '</div>' . "\n"; echo '</div>' . "\n";
if (count($fields_list)) { if (count($fields_list)) {