Add option to escape PMA_sanitize output.

This is required when it is used in form values.
This commit is contained in:
Michal Čihař
2010-08-17 16:09:07 +02:00
parent c910f4c9ec
commit c69fca50ee

View File

@@ -17,7 +17,7 @@
*
* @access public
*/
function PMA_sanitize($message)
function PMA_sanitize($message, $escape = false)
{
$replace_pairs = array(
'<' => '&lt;',
@@ -65,6 +65,10 @@ function PMA_sanitize($message)
$message = preg_replace($pattern, '<a href="\1" target="\2">', $message);
}
if ($escape) {
$message = htmlspecialchars($message);
}
return $message;
}
?>