From dc6c1e8b5cc0d2d116e000cba7752f60be248ffd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <mcihar@suse.cz>
Date: Tue, 21 Jun 2011 12:08:48 +0200
Subject: [PATCH] I think htmlspecialchars should be used here

---
 import.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/import.php b/import.php
index 78e5ffdb4..d706b6055 100644
--- a/import.php
+++ b/import.php
@@ -108,7 +108,7 @@ if ($import_type == 'table') {
     }
     $err_url  = $goto
               . '?' . $common
-              . (preg_match('@^tbl_[a-z]*\.php$@', $goto) ? '&amp;table=' . urlencode($table) : '');
+              . (preg_match('@^tbl_[a-z]*\.php$@', $goto) ? '&amp;table=' . htmlspecialchars($table) : '');
     $_SESSION['Import_message']['go_back_url'] = $err_url;
 }