From 4085b80bdc8fa96835d30dcda895665febbe1abc Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Sat, 3 May 2008 11:59:52 +0000
Subject: [PATCH] sanitize table comments in print view

---
 ChangeLog         | 2 ++
 tbl_printview.php | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index e527fdd11..bb76cabab 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -61,6 +61,8 @@ danbarry
   thanks to Norman Hippert
 - [structure] do not remove the BINARY attribute in drop-down
 - bug #1955386 [session] Overriding session.hash_bits_per_character 
+- [interface] sanitize the table comments in table print view, 
+  thanks to Norman Hippert
 
 2.11.6.0 (2008-04-29)
 - bug #1903724 [interface] Displaying of very large queries in error message
diff --git a/tbl_printview.php b/tbl_printview.php
index 3dc914ca9..4ebda1f65 100644
--- a/tbl_printview.php
+++ b/tbl_printview.php
@@ -140,7 +140,7 @@ foreach ($the_tables as $key => $table) {
      * Displays the comments of the table if MySQL >= 3.23
      */
     if (!empty($show_comment)) {
-        echo $strTableComments . ': ' . $show_comment . '<br /><br />';
+        echo $strTableComments . ': ' . htmlspecialchars($show_comment) . '<br /><br />';
     }
 
     /**