diff --git a/server_privileges.php b/server_privileges.php
index 0e1afece2..d43896bb3 100644
--- a/server_privileges.php
+++ b/server_privileges.php
@@ -1151,7 +1151,7 @@ if (!empty($update_privs)) {
}
$sql_query = $sql_query0 . ' ' . $sql_query1 . ' ' . $sql_query2;
$message = PMA_Message::success('strUpdatePrivMessage');
- $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . $hostname . '\'');
+ $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
}
@@ -1175,7 +1175,7 @@ if (isset($_REQUEST['revokeall'])) {
}
$sql_query = $sql_query0 . ' ' . $sql_query1;
$message = PMA_Message::success('strRevokeMessage');
- $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . $hostname . '\'');
+ $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
if (! isset($tablename)) {
unset($dbname);
} else {
@@ -1211,7 +1211,7 @@ if (isset($_REQUEST['change_pw'])) {
PMA_DBI_try_query($local_query)
or PMA_mysqlDie(PMA_DBI_getError(), $sql_query, FALSE, $err_url);
$message = PMA_Message::success('strPasswordChanged');
- $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . $hostname . '\'');
+ $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
}
}
@@ -1591,7 +1591,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
if (isset($dbname)) {
echo ' \''
+ . '&hostname=' . htmlspecialchars(urlencode($hostname)) . '&dbname=&tablename=">\''
. htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname)
. '\'' . "\n";
$url_dbname = urlencode(str_replace(array('\_', '\%'), array('_', '%'), $dbname));
@@ -1599,7 +1599,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
echo ' - ' . ($dbname_is_wildcard ? $GLOBALS['strDatabases'] : $GLOBALS['strDatabase'] );
if (isset($tablename)) {
echo ' ' . htmlspecialchars($dbname) . '';
echo ' - ' . $GLOBALS['strTable'] . ' ' . htmlspecialchars($tablename) . '';
} else {
@@ -1835,14 +1835,14 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
echo '' . "\n"
. ' | ';
printf($link_edit, htmlspecialchars(urlencode($username)),
- urlencode($hostname),
+ urlencode(htmlspecialchars($hostname)),
urlencode((! isset($dbname)) ? $row['Db'] : htmlspecialchars($dbname)),
urlencode((! isset($dbname)) ? '' : $row['Table_name']));
echo ' | ' . "\n"
. ' ';
if (! empty($row['can_delete']) || isset($row['Table_name']) && strlen($row['Table_name'])) {
printf($link_revoke, htmlspecialchars(urlencode($username)),
- urlencode($hostname),
+ urlencode(htmlspecialchars($hostname)),
urlencode((! isset($dbname)) ? $row['Db'] : htmlspecialchars($dbname)),
urlencode((! isset($dbname)) ? '' : $row['Table_name']));
}
|