From e1f4901ffc400b6d2df15eac0ba5015fe48a27c4 Mon Sep 17 00:00:00 2001
From: Herman van Rink <rink@initfour.nl>
Date: Thu, 25 Nov 2010 11:50:50 +0100
Subject: [PATCH] bug #3115519: fixed XSS on search

---
 libraries/common.lib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index 716af94d2..4dcbe8ee3 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -1644,7 +1644,7 @@ function PMA_linkOrButton($url, $message, $tag_params = array(),
         $tmp = $tag_params;
         $tag_params = array();
         if (!empty($tmp)) {
-            $tag_params['onclick'] = 'return confirmLink(this, \'' . $tmp . '\')';
+            $tag_params['onclick'] = 'return confirmLink(this, \'' . PMA_escapeJsString($tmp) . '\')';
         }
         unset($tmp);
     }