nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

XSS

Browse Source
This commit is contained in:
Michal Čihař
2003-06-25 13:47:55 +00:00
parent e9ca48fe4b
commit b4d6211261
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
$Id$
$Source$
2003-06-25 Michal Cihar <nijel@users.sourceforge.net>
* libraries/sqlparser.lib.php3: Fixed XSS problem.
2003-06-24 Marc Delisle <lem9@users.sourceforge.net>
* sql.php3, bug 759568, row count, DISTINCT and MySQL 4

4
libraries/sqlparser.lib.php3
View File

@@ -131,7 +131,7 @@ if (!defined('PMA_SQP_LIB_INCLUDED')) {
$SQP_errorString = '<p>'.$GLOBALS['strSQLParserUserError'] . '</p>' . "\n"
. '<pre>' . "\n"
. 'ERROR: ' . $message . "\n"
. 'SQL: ' . $sql . "\n"
. 'SQL: ' . htmlspecialchars($sql) . "\n"
. '</pre>' . "\n";
/*
@@ -162,7 +162,7 @@ if (!defined('PMA_SQP_LIB_INCLUDED')) {
$debugstr .= 'PMA: ' . PMA_VERSION . "\n";
$debugstr .= 'PHP VER,OS: ' . PMA_PHP_STR_VERSION . ' ' . PHP_OS . "\n";
$debugstr .= 'LANG: ' . $GLOBALS['lang'] . "\n";
$debugstr .= 'SQL: ' . $sql;
$debugstr .= 'SQL: ' . htmlspecials($sql);
$encodedstr = $debugstr;
if (PMA_PHP_INT_VERSION >= 40001 && @function_exists('gzcompress')) {