nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[XSS] clean $_SERVER variables (sometimes i just forget to save all files before checkin ...)

Browse Source
This commit is contained in:
Sebastian Mendel
2005-10-27 19:27:57 +00:00
parent e1062426cf
commit dfab220458
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libraries/common.lib.php
View File

@@ -2346,7 +2346,7 @@ window.parent.updateTableTitle( '<?php echo $uni_tbl; ?>', '<?php echo PMA_jsFor
* $GLOBALS['strEmpty'] * $GLOBALS['strEmpty']
* $GLOBALS['strDrop'] * $GLOBALS['strDrop']
* $GLOBALS['active_page'] * $GLOBALS['active_page']
* $_SERVER['PHP_SELF'] * $GLOBALS['PHP_SELF']
* htmlentities() * htmlentities()
* PMA_generate_common_url() * PMA_generate_common_url()
* $GLOBALS['url_query'] * $GLOBALS['url_query']
@@ -2384,7 +2384,7 @@ window.parent.updateTableTitle( '<?php echo $uni_tbl; ?>', '<?php echo PMA_jsFor
elseif ( isset( $tab['active'] ) && $tab['active'] elseif ( isset( $tab['active'] ) && $tab['active']
|| isset( $GLOBALS['active_page'] ) || isset( $GLOBALS['active_page'] )
&& $GLOBALS['active_page'] == $tab['link'] && $GLOBALS['active_page'] == $tab['link']
|| basename( $_SERVER['PHP_SELF'] ) == $tab['link'] ) || basename( $GLOBALS['PHP_SELF'] ) == $tab['link'] )
{ {
$tab['class'] = 'active'; $tab['class'] = 'active';
} }