nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] XSS and SQL injection

Browse Source
This commit is contained in:
Marc Delisle
2009-10-12 21:47:40 +00:00
parent 14645a5035
commit 8ec5434999
5 changed files with 22 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
db_operations.php
View File

@@ -627,7 +627,7 @@ if ($cfgRelation['pdfwork'] && $num_tables > 0) { ?>
<?php
while ($pages = @PMA_DBI_fetch_assoc($test_rs)) {
echo ' <option value="' . $pages['page_nr'] . '">'
. $pages['page_nr'] . ': ' . $pages['page_descr'] . '</option>' . "\n";
. $pages['page_nr'] . ': ' . htmlspecialchars($pages['page_descr']) . '</option>' . "\n";
} // end while
PMA_DBI_free_result($test_rs);
unset($test_rs);