bug #3115519: fixed XSS on search

2010-11-25 11:50:50 +01:00
parent e356354c44
commit 6d3b66059a
1 changed files with 1 additions and 1 deletions
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -1769,7 +1769,7 @@ function PMA_linkOrButton($url, $message, $tag_params = array(),
        $tmp = $tag_params;
        $tag_params = array();
        if (!empty($tmp)) {
-            $tag_params['onclick'] = 'return confirmLink(this, \'' . $tmp . '\')';
+            $tag_params['onclick'] = 'return confirmLink(this, \'' . PMA_escapeJsString($tmp) . '\')';
        }
        unset($tmp);
    }