Fix persistent XSS in table browsing mode

$where_clause was used instead of escaped $where_clause_html. This would
only come into play when a string field was contained in the index (and
thus used in the where clause).

Signed-off-by: Daniel Knittl-Frank <knittl89+git@googlemail.com>
This commit is contained in:
Daniel Knittl-Frank
2010-09-20 18:12:05 +02:00
parent f7076ab686
commit 4b313daa7a
2 changed files with 2 additions and 2 deletions

View File

@@ -1488,7 +1488,7 @@ function PMA_displayTableBody(&$dt_result, &$is_display, $map, $analyzed_sql) {
}
if( !empty($where_clause) ) {
$vertical_display['where_clause'][$row_no] = '<input type="hidden" class="where_clause" value ="' . $where_clause . '" />';
$vertical_display['where_clause'][$row_no] = '<input type="hidden" class="where_clause" value ="' . $where_clause_html . '" />';
}
else {
unset($vertical_display['where_clause'][$row_no]);

View File

@@ -58,6 +58,6 @@ if ($doWriteModifyAt == 'left') {
}
}
if( !empty($where_clause)) {
echo '<input type="hidden" class="where_clause" value ="' . $where_clause . '" />';
echo '<input type="hidden" class="where_clause" value ="' . $where_clause_html . '" />';
}
?>