Fix XSS on delimiter in tbl_sql.php.

2010-08-17 16:23:09 +02:00
parent 5bcd95a42c
commit 7f266483b8
1 changed files with 1 additions and 1 deletions
--- a/tbl_sql.php
+++ b/tbl_sql.php
@@ -38,7 +38,7 @@ require_once './libraries/tbl_links.inc.php';
 /**
 * Query box, bookmark, insert data from textfile
 */
-PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? $_REQUEST['delimiter'] : ';');
+PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? htmlspecialchars($_REQUEST['delimiter']) : ';');

 /**
 * Displays the footer