From 6d3b66059afe25da2bb1df00bdac76829f2f940d Mon Sep 17 00:00:00 2001
From: Herman van Rink <rink@initfour.nl>
Date: Thu, 25 Nov 2010 11:50:50 +0100
Subject: [PATCH] bug #3115519: fixed XSS on search

---
 libraries/common.lib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index ec5100f45..4b194deb3 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -1769,7 +1769,7 @@ function PMA_linkOrButton($url, $message, $tag_params = array(),
         $tmp = $tag_params;
         $tag_params = array();
         if (!empty($tmp)) {
-            $tag_params['onclick'] = 'return confirmLink(this, \'' . $tmp . '\')';
+            $tag_params['onclick'] = 'return confirmLink(this, \'' . PMA_escapeJsString($tmp) . '\')';
         }
         unset($tmp);
     }