nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix XSS on field_str in db_search.php.

Browse Source
This commit is contained in:
Michal Čihař
2010-08-17 16:20:15 +02:00
parent f3f073a0ba
commit 6d548f7d44
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
db_search.php
View File

@@ -355,7 +355,7 @@ $alter_select =
<tr><td align="right"> <tr><td align="right">
<?php echo $GLOBALS['strSearchInField']; ?></td> <?php echo $GLOBALS['strSearchInField']; ?></td>
<td><input type="text" name="field_str" size="60" <td><input type="text" name="field_str" size="60"
value="<?php echo ! empty($field_str) ? $field_str : ''; ?>" /></td> value="<?php echo ! empty($field_str) ? htmlspecialchars($field_str) : ''; ?>" /></td>
</tr> </tr>
</table> </table>
</fieldset> </fieldset>