nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Escape verbose server name (bug #1362671).

Browse Source
This commit is contained in:
Michal Čihař
2005-11-21 12:03:12 +00:00
parent d7b1759c54
commit bee36e92a8
4 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@@ -12,6 +12,9 @@ $Source$
ignored for 2.7.0 release.
* libraries/common.lib.php: Make code more redable, default to MySQL 5.0
documentation as it is latest stable version.
* main.php, libraries/select_server.lib.php,
libraries/auth/cookie.auth.lib.php: Escape verbose server name (bug
#1362671).
2005-11-20 Marc Delisle <lem9@users.sourceforge.net>
### 2.7.0-rc1 released

4
libraries/auth/cookie.auth.lib.php
View File

@@ -266,9 +266,9 @@ if (top != self) {
}
echo '>';
if ($val['verbose'] != '') {
echo $val['verbose'];
echo htmlspecialchars($val['verbose']);
} else {
echo $val['host'];
echo htmlspecialchars($val['host']);
if (!empty($val['port'])) {
echo ':' . $val['port'];
}

6
libraries/select_server.lib.php
View File

@@ -45,12 +45,12 @@ if (count($cfg['Servers']) > 1) {
if ($cfg['DisplayServersList']){
if ($selected && !$show_server_left) {
echo '&raquo; <b>' . $label . '</b><br />';
echo '&raquo; <b>' . htmlspecialchars($label) . '</b><br />';
}else{
echo '&raquo; <a class="item" href="index.php?server=' . $key . '&amp;lang=' . $lang . '&amp;convcharset=' . $convcharset . '" target="_top">' . $label . '</a><br />';
echo '&raquo; <a class="item" href="index.php?server=' . $key . '&amp;lang=' . $lang . '&amp;convcharset=' . $convcharset . '" target="_top">' . htmlspecialchars($label) . '</a><br />';
}
} else {
echo ' <option value="' . $key . '" ' . ($selected ? ' selected="selected"' : '') . '>' . $label . '</option>' . "\n";
echo ' <option value="' . $key . '" ' . ($selected ? ' selected="selected"' : '') . '>' . htmlspecialchars($label) . '</option>' . "\n";
}
} // end if (!empty($val['host']))

2
main.php
View File

@@ -88,7 +88,7 @@ if ( $server > 0 ) {
unset($res, $row);
$full_string = str_replace('%pma_s1%', '<bdo dir="ltr" xml:lang="en">' . PMA_MYSQL_STR_VERSION . '</bdo>', $strMySQLServerProcess);
$full_string = str_replace('%pma_s2%', $server_info, $full_string);
$full_string = str_replace('%pma_s2%', htmlspecialchars($server_info), $full_string);
$full_string = str_replace('%pma_s3%', htmlspecialchars($mysql_cur_user_and_host), $full_string);
echo ' <p><strong>' . $full_string . '</strong></p>' . "\n";