Escape in correct places to avoid double escaping sometimes

This commit is contained in:
Michal Čihař
2012-02-08 14:20:25 +01:00
parent c898f60641
commit b4296d6acb
2 changed files with 4 additions and 3 deletions

View File

@@ -116,7 +116,7 @@ class ConfigFile
/**
* Returns PMA_Config without user preferences applied
*
*
* @return PMA_Config
*/
public function getOrgConfigObj()
@@ -422,10 +422,10 @@ class ConfigFile
}
$verbose = $this->get("Servers/$id/verbose");
if (!empty($verbose)) {
return htmlspecialchars($verbose);
return $verbose;
}
$host = $this->get("Servers/$id/host");
return empty($host) ? 'localhost' : htmlspecialchars($host);
return empty($host) ? 'localhost' : $host;
}
/**

View File

@@ -279,6 +279,7 @@ function perform_config_checks()
if ($server_name == 'localhost') {
$server_name .= " [$i]";
}
$server_name = htmlspecialchars($server_name);
if ($cookie_auth_server && $blowfish_secret === null) {
$blowfish_secret = uniqid('', true);