nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed for quotes, HTML entities and other weird characters in db/table name.

Browse Source
This commit is contained in:
Michal Čihař
2003-04-14 10:46:42 +00:00
parent c76adb73e6
commit 9cb587c953
2 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@@ -19,6 +19,8 @@ $Source$
* lang/indonesian: Updted, thanks to Rachim Tamsjadi (tamsy). * lang/indonesian: Updted, thanks to Rachim Tamsjadi (tamsy).
* lang/swedish: Updated, thanks to Bj<42>rn T. Hallberg (bth). * lang/swedish: Updated, thanks to Bj<42>rn T. Hallberg (bth).
* lang/italian: Updated, thanks to Pietro Danesi (danone). * lang/italian: Updated, thanks to Pietro Danesi (danone).
* footer.inc.php3: Fixed for quotes, HTML entities and other weird
characters in db/table name.
2003-04-14 Garvin Hicking <me@supergarv.de> 2003-04-14 Garvin Hicking <me@supergarv.de>
* libraries/common.lib.php3: Fixed SHOW TABLE STATUS LIKE ... FROM ... * libraries/common.lib.php3: Fixed SHOW TABLE STATUS LIKE ... FROM ...

20
footer.inc.php3
View File

@@ -12,29 +12,30 @@
// If query window is wanted and open, update with latest selected db/table. // If query window is wanted and open, update with latest selected db/table.
if ($cfg['QueryFrame'] && $cfg['QueryFrameJS']) { if ($cfg['QueryFrame'] && $cfg['QueryFrameJS']) {
?> ?>
<script> <script type="text/javascript">
<!--
<?php <?php
if ($cfg['QueryFrameDebug']) { if ($cfg['QueryFrameDebug']) {
?> ?>
document.writeln("Updating query window. DB: <?php echo (isset($db) ? $db : 'FALSE'); ?>, Table: <?php echo (isset($table) ? $table : 'FALSE'); ?><br>"); document.writeln("Updating query window. DB: <?php echo (isset($db) ? addslashes($db) : 'FALSE'); ?>, Table: <?php echo (isset($table) ? addslashes($table) : 'FALSE'); ?><br>");
document.writeln("Window: " + top.frames.queryframe.querywindow.location + "<br>"); document.writeln("Window: " + top.frames.queryframe.querywindow.location + "<br>");
<?php <?php
} }
?> ?>
if (top.frames.queryframe && top.frames.queryframe.document && top.frames.queryframe.document.queryframeform) { if (top.frames.queryframe && top.frames.queryframe.document && top.frames.queryframe.document.queryframeform) {
top.frames.queryframe.document.queryframeform.db.value = "<?php echo (isset($db) ? htmlspecialchars($db) : ''); ?>"; top.frames.queryframe.document.queryframeform.db.value = "<?php echo (isset($db) ? addslashes($db) : ''); ?>";
top.frames.queryframe.document.queryframeform.table.value = "<?php echo (isset($table) ? htmlspecialchars($table) : ''); ?>"; top.frames.queryframe.document.queryframeform.table.value = "<?php echo (isset($table) ? addslashes($table) : ''); ?>";
} }
function reload_querywindow () { function reload_querywindow () {
if (top.frames.queryframe && top.frames.queryframe.querywindow && !top.frames.queryframe.querywindow.closed && top.frames.queryframe.querywindow.location) { if (top.frames.queryframe && top.frames.queryframe.querywindow && !top.frames.queryframe.querywindow.closed && top.frames.queryframe.querywindow.location) {
<?php echo ($cfg['QueryFrameDebug'] ? 'document.writeln("<a href=\'#\' onClick=\'top.frames.queryframe.querywindow.focus(); return false;\'>Query Window</a> can be updated.<br>");' : ''); ?> <?php echo ($cfg['QueryFrameDebug'] ? 'document.writeln("<a href=\'#\' onClick=\'top.frames.queryframe.querywindow.focus(); return false;\'>Query Window</a> can be updated.<br>");' : ''); ?>
top.frames.queryframe.querywindow.document.querywindow.db.value = "<?php echo (isset($db) ? htmlspecialchars($db) : '') ?>"; top.frames.queryframe.querywindow.document.querywindow.db.value = "<?php echo (isset($db) ? addslashes($db) : '') ?>";
top.frames.queryframe.querywindow.document.querywindow.query_history_latest_db.value = "<?php echo (isset($db) ? htmlspecialchars($db) : '') ?>"; top.frames.queryframe.querywindow.document.querywindow.query_history_latest_db.value = "<?php echo (isset($db) ? addslashes($db) : '') ?>";
top.frames.queryframe.querywindow.document.querywindow.table.value = "<?php echo (isset($table) ? htmlspecialchars($table) : '') ?>"; top.frames.queryframe.querywindow.document.querywindow.table.value = "<?php echo (isset($table) ? addslashes($table) : '') ?>";
top.frames.queryframe.querywindow.document.querywindow.query_history_latest_table.value = "<?php echo (isset($table) ? htmlspecialchars($table) : '') ?>"; top.frames.queryframe.querywindow.document.querywindow.query_history_latest_table.value = "<?php echo (isset($table) ? addslashes($table) : '') ?>";
<?php echo (isset($sql_query) ? 'top.frames.queryframe.querywindow.document.querywindow.query_history_latest.value = "' . urlencode($sql_query) . '";' : '// no sql query update') . "\n"; ?> <?php echo (isset($sql_query) ? 'top.frames.queryframe.querywindow.document.querywindow.query_history_latest.value = "' . urlencode($sql_query) . '";' : '// no sql query update') . "\n"; ?>
@@ -48,7 +49,7 @@ if ($cfg['QueryFrame'] && $cfg['QueryFrameJS']) {
top.frames.queryframe.querywindow.focus(); top.frames.queryframe.querywindow.focus();
return false; return false;
} else if (top.frames.queryframe) { } else if (top.frames.queryframe) {
new_win_url = 'querywindow.php3?sql_query=' + sql_query + '&<?php echo PMA_generate_common_url(isset($db) ? $db : '', isset($table) ? $table : '', '&'); ?>'; new_win_url = 'querywindow.php3?sql_query=' + sql_query + '&<?php echo PMA_generate_common_url(isset($db) ? addslashes($db) : '', isset($table) ? addslashes($table) : '', '&'); ?>';
top.frames.queryframe.querywindow=window.open(new_win_url, 'js_querywindow','toolbar=0,location=1,directories=0,status=1,menubar=0,scrollbars=yes,resizable=yes,width=<?php echo $cfg['QueryWindowWidth']; ?>,height=<?php echo $cfg['QueryWindowHeight']; ?>'); top.frames.queryframe.querywindow=window.open(new_win_url, 'js_querywindow','toolbar=0,location=1,directories=0,status=1,menubar=0,scrollbars=yes,resizable=yes,width=<?php echo $cfg['QueryWindowWidth']; ?>,height=<?php echo $cfg['QueryWindowHeight']; ?>');
if (!top.frames.queryframe.querywindow.opener) { if (!top.frames.queryframe.querywindow.opener) {
@@ -62,6 +63,7 @@ if ($cfg['QueryFrame'] && $cfg['QueryFrameJS']) {
reload_querywindow(); reload_querywindow();
self.focus(); self.focus();
//-->
</script> </script>
<?php <?php
} }