Merge branch 'MAINT_2_11_10' into QA_2_11

Conflicts: ChangeLog Documentation.html README libraries/Config.class.php translators.html
2010-08-20 13:32:34 +02:00
parent 8ae41bbc02 b1cb5590ee
commit c1865ca7b8
14 changed files with 70 additions and 38 deletions
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -473,7 +473,7 @@ function PMA_mysqlDie($error_message = '', $the_query = '',
        $formatted_sql = '';
    } else {
        if (strlen($the_query) > $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) {
-            $formatted_sql = substr($the_query, 0, $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) . '[...]';
+            $formatted_sql = htmlspecialchars(substr($the_query, 0, $GLOBALS['cfg']['MaxCharactersInDisplayedSQL'])) . '[...]';
        } else {
            $formatted_sql = PMA_formatSql(PMA_SQP_parse($the_query), $the_query);
        }
@@ -622,22 +622,23 @@ function PMA_convert_using($string, $mode='unquoted', $force_utf8 = false)
 function PMA_sendHeaderLocation($uri)
 {
    if (PMA_IS_IIS && strlen($uri) > 600) {
+        require_once './libraries/js_escape.lib.php';

        echo '<html><head><title>- - -</title>' . "\n";
        echo '<meta http-equiv="expires" content="0">' . "\n";
        echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
        echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
-        echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n";
+        echo '<meta http-equiv="Refresh" content="0;url=' .  htmlspecialchars($uri) . '">' . "\n";
        echo '<script type="text/javascript">' . "\n";
        echo '//<![CDATA[' . "\n";
-        echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n";
+        echo 'setTimeout("window.location = unescape(\'"' . PMA_escapeJsString($uri) . '"\')", 2000);' . "\n";
        echo '//]]>' . "\n";
        echo '</script>' . "\n";
        echo '</head>' . "\n";
        echo '<body>' . "\n";
        echo '<script type="text/javascript">' . "\n";
        echo '//<![CDATA[' . "\n";
-        echo 'document.write(\'<p><a href="' . $uri . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
+        echo 'document.write(\'<p><a href="' . htmlspecialchars($uri) . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
        echo '//]]>' . "\n";
        echo '</script></body></html>' . "\n";

--- a/libraries/database_interface.lib.php
+++ b/libraries/database_interface.lib.php
@@ -208,6 +208,10 @@ function PMA_usort_comparison_callback($a, $b)
    } else {
        $sorter = 'strcasecmp';
    }
+    /* No sorting when key is not present */
+    if (!isset($a[$GLOBALS['callback_sort_by']]) || ! isset($b[$GLOBALS['callback_sort_by']])) {
+        return 0;
+    }
    // produces f.e.:
    // return -1 * strnatcasecmp($a["SCHEMA_TABLES"], $b["SCHEMA_TABLES"])
    return ($GLOBALS['callback_sort_order'] == 'ASC' ? 1 : -1) * $sorter($a[$GLOBALS['callback_sort_by']], $b[$GLOBALS['callback_sort_by']]);
--- a/libraries/dbi/mysql.dbi.lib.php
+++ b/libraries/dbi/mysql.dbi.lib.php
@@ -300,6 +300,8 @@ function PMA_DBI_getError($link = null)
        $error_message = PMA_DBI_convert_message($error_message);
    }

+    $error_message = htmlspecialchars($error_message);
+
    // Some errors messages cannot be obtained by mysql_error()
    if ($error_number == 2002) {
        $error = '#' . ((string) $error_number) . ' - ' . $GLOBALS['strServerNotResponding'] . ' ' . $GLOBALS['strSocketProblem'];
--- a/libraries/dbi/mysqli.dbi.lib.php
+++ b/libraries/dbi/mysqli.dbi.lib.php
@@ -417,6 +417,8 @@ function PMA_DBI_getError($link = null)
        $error_message = PMA_DBI_convert_message($error_message);
    }

+    $error_message = htmlspecialchars($error_message);
+
    if ($error_number == 2002) {
        $error = '#' . ((string) $error_number) . ' - ' . $GLOBALS['strServerNotResponding'] . ' ' . $GLOBALS['strSocketProblem'];
    } elseif (defined('PMA_MYSQL_INT_VERSION') && PMA_MYSQL_INT_VERSION >= 40100) {
--- a/libraries/sanitizing.lib.php
+++ b/libraries/sanitizing.lib.php
@@ -7,17 +7,26 @@

 /**
 * Sanitizes $message, taking into account our special codes
- * for formatting
+ * for formatting.
+ *
+ * If you want to include result in element attribute, you should escape it.
+ *
+ * Examples:
+ *
+ * <p><?php echo PMA_sanitize($foo); ?></p>
+ *
+ * <a title="<?php echo PMA_sanitize($foo, true); ?>">bar</a>
 *
 * @uses    preg_replace()
 * @uses    strtr()
 * @param   string   the message
+ * @param   boolean  whether to escape html in result
 *
 * @return  string   the sanitized message
 *
 * @access  public
 */
-function PMA_sanitize($message)
+function PMA_sanitize($message, $escape = false)
 {
    $replace_pairs = array(
        '<'         => '&lt;',
@@ -65,6 +74,10 @@ function PMA_sanitize($message)
        $message = preg_replace($pattern, '<a href="\1" target="\2">', $message);
    }

+    if ($escape) {
+        $message = htmlspecialchars($message);
+    }
+
    return $message;
 }
 ?>
--- a/libraries/sqlparser.lib.php
+++ b/libraries/sqlparser.lib.php
@@ -2425,7 +2425,7 @@ if (! defined('PMA_MINIMUM_COMMON')) {
            }
            $after                 .= "\n";
 */
-            $str .= $before . ($mode=='color' ? PMA_SQP_formatHTML_colorize($arr[$i]) : $arr[$i]['data']). $after;
+            $str .= $before . ($mode=='color' ? PMA_SQP_formatHTML_colorize($arr[$i]) : htmlspecialchars($arr[$i]['data'])). $after;
        } // end for
        if ($mode=='color') {
            $str .= '</span>';