From 656809ac3bdc8ba61b84657b8789dde8c0cb8a2e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <mcihar@suse.cz>
Date: Fri, 2 Mar 2012 11:16:19 +0100
Subject: [PATCH] Error can possibly contain html chars and should be escaped

---
 libraries/Error_Handler.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/Error_Handler.class.php b/libraries/Error_Handler.class.php
index 0b9089833..d6832fc41 100644
--- a/libraries/Error_Handler.class.php
+++ b/libraries/Error_Handler.class.php
@@ -116,7 +116,7 @@ class PMA_Error_Handler
     public function handleError($errno, $errstr, $errfile, $errline)
     {
         // create error object
-        $error = new PMA_Error($errno, $errstr, $errfile, $errline);
+        $error = new PMA_Error($errno, htmlspecialchars($errstr), $errfile, $errline);
 
         // do not repeat errors
         $this->_errors[$error->getHash()] = $error;