nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor xss reported by Aung Khant

Browse Source
This commit is contained in:
Herman van Rink
2011-06-12 21:41:54 +02:00
parent e49ab1bfe1
commit 7602e1593c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
enum_editor.php
View File

@@ -57,7 +57,7 @@ require_once './libraries/header_meta_style.inc.php';
<?php echo __('+ Restart insertion and add a new value'); ?>
</a>
</p>
<input type="hidden" name="token" value="<?php echo $_GET['token']; ?>" />
<input type="hidden" name="token" value="<?php echo htmlspecialchars($_GET['token']); ?>" />
<input type="hidden" name="field" value="<?php echo htmlspecialchars($_GET['field']); ?>" />
<input type="hidden" name="num_fields" value="<?php echo $total_fields; ?>" />
<input type="submit" value="<?php echo __('Go'); ?>" />
@@ -66,7 +66,7 @@ require_once './libraries/header_meta_style.inc.php';
<div id="enum_editor_output">
<h3><?php echo __('Output'); ?></h3>
<p><?php echo __('Copy and paste the joined values into the "Length/Values" field'); ?></p>
<textarea id="joined_values" cols="95" rows="5"><?php echo join(",", $values); ?></textarea>
<textarea id="joined_values" cols="95" rows="5"><?php echo htmlspecialchars(join(",", $values)); ?></textarea>
</div>
</div>
</body>