nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Escape in correct places to avoid double escaping sometimes

Browse Source
This commit is contained in:
Michal Čihař
2012-02-08 14:20:25 +01:00
parent c898f60641
commit b4296d6acb
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
libraries/config/ConfigFile.class.php
View File

@@ -116,7 +116,7 @@ class ConfigFile
/** /**
* Returns PMA_Config without user preferences applied * Returns PMA_Config without user preferences applied
* *
* @return PMA_Config * @return PMA_Config
*/ */
public function getOrgConfigObj() public function getOrgConfigObj()
@@ -422,10 +422,10 @@ class ConfigFile
} }
$verbose = $this->get("Servers/$id/verbose"); $verbose = $this->get("Servers/$id/verbose");
if (!empty($verbose)) { if (!empty($verbose)) {
return htmlspecialchars($verbose); return $verbose;
} }
$host = $this->get("Servers/$id/host"); $host = $this->get("Servers/$id/host");
return empty($host) ? 'localhost' : htmlspecialchars($host); return empty($host) ? 'localhost' : $host;
} }
/** /**

1
setup/lib/index.lib.php
View File

@@ -279,6 +279,7 @@ function perform_config_checks()
if ($server_name == 'localhost') { if ($server_name == 'localhost') {
$server_name .= " [$i]"; $server_name .= " [$i]";
} }
$server_name = htmlspecialchars($server_name);
if ($cookie_auth_server && $blowfish_secret === null) { if ($cookie_auth_server && $blowfish_secret === null) {
$blowfish_secret = uniqid('', true); $blowfish_secret = uniqid('', true);