nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix XSS on checkprivs.

Browse Source
This commit is contained in:
Michal Čihař
2010-08-18 12:05:32 +02:00
parent 25ac7de38c
commit 2a1233b69c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server_privileges.php
View File

@@ -2150,7 +2150,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
// Offer to create a new user for the current database // Offer to create a new user for the current database
echo '<fieldset id="fieldset_add_user">' . "\n" echo '<fieldset id="fieldset_add_user">' . "\n"
. ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&amp;adduser=1&amp;dbname=' . $checkprivs .'">' . "\n" . ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&amp;adduser=1&amp;dbname=' . htmlspecialchars($checkprivs) .'">' . "\n"
. PMA_getIcon('b_usradd.png') . PMA_getIcon('b_usradd.png')
. ' ' . $GLOBALS['strAddUser'] . '</a>' . "\n" . ' ' . $GLOBALS['strAddUser'] . '</a>' . "\n"
. '</fieldset>' . "\n"; . '</fieldset>' . "\n";