XSS vuln on convcharset

This commit is contained in:
Marc Delisle
2005-03-29 21:11:31 +00:00
parent e08f775b68
commit 25468cde68
2 changed files with 33 additions and 24 deletions

View File

@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
$Id$
$Source$
2005-03-29 Marc Delisle <lem9@users.sourceforge.net>
* libraries/common.lib.php: XSS vulnerability on convcharset
2005-03-29 Alexander M. Turek <me@derrabus.de>
* server_collations.php, libraries/mysql_charsets.lib.php: Don't offer
unavailable collations (bug #1172517).

View File

@@ -157,6 +157,36 @@ require_once('./libraries/select_lang.lib.php');
*/
require_once('./libraries/defines.lib.php');
/**
* Sanitizes $message, taking into account our special codes
* for formatting
*
* @param string the message
*
* @return string the sanitized message
*
* @access public
*/
function PMA_sanitize($message)
{
$replace_pairs = array(
'<' => '&lt;',
'>' => '&gt;',
'[i]' => '<i>',
'[/i]' => '</i>',
'[b]' => '<b>',
'[br]' => '<br />',
'[/b]' => '</b>',
);
return strtr($message, $replace_pairs);
}
// XSS
if (isset($convcharset)) {
$convcharset = PMA_sanitize($convcharset);
}
if ($is_minimum_common == FALSE) {
/**
* Define $is_upload
@@ -1600,30 +1630,6 @@ if (typeof(window.parent) != 'undefined'
}
}
/**
* Sanitizes $message, taking into account our special codes
* for formatting
*
* @param string the message
*
* @return string the sanitized message
*
* @access public
*/
function PMA_sanitize($message)
{
$replace_pairs = array(
'<' => '&lt;',
'>' => '&gt;',
'[i]' => '<i>',
'[/i]' => '</i>',
'[b]' => '<b>',
'[br]' => '<br />',
'[/b]' => '</b>',
);
return strtr($message, $replace_pairs);
}
/**
* Displays a message at the top of the "main" (right) frame
*