From 2748fc9fac256f713be6a22a01fd0db373a8c545 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <michal@cihar.com>
Date: Tue, 9 Dec 2008 14:03:57 +0000
Subject: [PATCH] Forgotten branch.

---
 ChangeLog                         | 3 +++
 libraries/db_table_exists.lib.php | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index be63e3bab..2e7ce4487 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - ChangeLog
 $Id$
 $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
 
+2.11.9.4 (2008-12-09)
+- [security] possible XSRF on several pages
+
 2.11.9.3 (2008-10-30)
 - [security] XSS in a Designer component 
 
diff --git a/libraries/db_table_exists.lib.php b/libraries/db_table_exists.lib.php
index 19a5827b9..0f8e60d59 100644
--- a/libraries/db_table_exists.lib.php
+++ b/libraries/db_table_exists.lib.php
@@ -64,7 +64,7 @@ if (empty($is_table) && !defined('PMA_SUBMIT_MULT')) {
                  * @todo should this check really only happen if IS_TRANSFORMATION_WRAPPER?
                  */
                 $_result = PMA_DBI_try_query(
-                    'SELECT COUNT(*) FROM `' . PMA_sqlAddslashes($table, true) . '`;',
+                    'SELECT COUNT(*) FROM ' . PMA_backquote($table) . ';',
                     null, PMA_DBI_QUERY_STORE);
                 $is_table = ($_result && @PMA_DBI_num_rows($_result));
                 PMA_DBI_free_result($_result);