nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add missing string escapes

Browse Source 
don't create <a> tag if LeftLogoLink is empty
This commit is contained in:
Crack
2010-07-14 17:07:19 +02:00
parent 030abc5114
commit 60285cd665
2 changed files with 20 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libraries/header_scripts.inc.php
View File

@@ -82,7 +82,7 @@ foreach ($GLOBALS['js_include'] as $js_script_file) {
// Updates the title of the frameset if possible (ns4 does not allow this) // Updates the title of the frameset if possible (ns4 does not allow this)
if (typeof(parent.document) != 'undefined' && typeof(parent.document) != 'unknown' if (typeof(parent.document) != 'undefined' && typeof(parent.document) != 'unknown'
&& typeof(parent.document.title) == 'string') { && typeof(parent.document.title) == 'string') {
parent.document.title = '<?php echo PMA_sanitize(PMA_escapeJsString($title)); ?>'; parent.document.title = '<?php echo PMA_sanitize(PMA_escapeJsString(htmlspecialchars($title))); ?>';
} }
<?php <?php

34
libraries/navigation_header.inc.php
View File

@@ -30,22 +30,26 @@ if ($GLOBALS['cfg']['LeftDisplayLogo']) {
.'alt="' . $logo . '" id="imgpmalogo" />'; .'alt="' . $logo . '" id="imgpmalogo" />';
} }
echo '<div id="pmalogo">' . "\n" echo '<div id="pmalogo">' . "\n";
.'<a href="' . $GLOBALS['cfg']['LeftLogoLink']; if ($GLOBALS['cfg']['LeftLogoLink']) {
switch ($GLOBALS['cfg']['LeftLogoLinkWindow']) { echo '<a href="' . htmlspecialchars($GLOBALS['cfg']['LeftLogoLink']);
case 'new': switch ($GLOBALS['cfg']['LeftLogoLinkWindow']) {
echo '" target="_blank"'; case 'new':
break; echo '" target="_blank"';
case 'main': break;
// do not add our parameters for an external link case 'main':
if (substr(strtolower($GLOBALS['cfg']['LeftLogoLink']), 0, 4) !== 'http') { // do not add our parameters for an external link
echo '?' . $query_url . '" target="frame_content"'; if (substr(strtolower($GLOBALS['cfg']['LeftLogoLink']), 0, 4) !== '://') {
} else { echo '?' . $query_url . '" target="frame_content"';
echo '"'; } else {
} echo '" target="_blank"';
}
}
echo '>' . $logo . '</a>' . "\n";
} else {
echo $logo . "\n";
} }
echo '>' . $logo . '</a>' . "\n" echo '</div>' . "\n";
.'</div>' . "\n";
} // end of display logo } // end of display logo
?> ?>
<div id="leftframelinks"> <div id="leftframelinks">