nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixes for HTML entities in field/table/db names

Browse Source
This commit is contained in:
Michal Čihař
2003-03-26 14:02:16 +00:00
parent be41dc5bc5
commit b4cadaf745
10 changed files with 23 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tbl_select.php3
View File

@@ -81,7 +81,7 @@ if (!isset($param) || $param[0] == '') {
echo "\n";
// Displays the list of the fields
for ($i = 0 ; $i < $fields_cnt; $i++) {
echo ' <option value="' . urlencode($fields_list[$i]) . '" selected="selected">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
echo ' <option value="' . htmlspecialchars($fields_list[$i]) . '" selected="selected">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
}
?>
</select><br />
@@ -152,7 +152,7 @@ if (!isset($param) || $param[0] == '') {
while ($relrow = @PMA_mysql_fetch_array($disp)) {
$key = $relrow[$foreign_field];
$value = (($foreign_display != FALSE) ? '-' . htmlspecialchars($relrow[$foreign_display]) : '');
echo ' <option value="' . urlencode($key) . '">'
echo ' <option value="' . htmlspecialchars($key) . '">'
. htmlspecialchars($key) . $value . '</option>' . "\n";
} // end while
echo ' </select>' . "\n";
@@ -171,7 +171,7 @@ if (!isset($param) || $param[0] == '') {
}
?>
<input type="hidden" name="names[]" value="<?php echo urlencode($fields_list[$i]); ?>" />
<input type="hidden" name="names[]" value="<?php echo htmlspecialchars($fields_list[$i]); ?>" />
<input type="hidden" name="types[]" value="<?php echo $fields_type[$i]; ?>" />
</td>
</tr>
@@ -189,7 +189,7 @@ if (!isset($param) || $param[0] == '') {
echo "\n";
for ($i = 0; $i < $fields_cnt; $i++) {
echo ' ';
echo '<option value="' . urlencode($fields_list[$i]) . '">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
echo '<option value="' . htmlspecialchars($fields_list[$i]) . '">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
} // end for
?>
</select>