From e49ab1bfe13119633c6bf94eb7439ecb0d28841d Mon Sep 17 00:00:00 2001
From: Herman van Rink <rink@initfour.nl>
Date: Fri, 10 Jun 2011 21:43:16 +0200
Subject: [PATCH] Minor xss reported by Aung Khant

---
 server_replication.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server_replication.php b/server_replication.php
index 9b7724d28..a52459106 100644
--- a/server_replication.php
+++ b/server_replication.php
@@ -53,7 +53,7 @@ if (isset($GLOBALS['sr_take_action'])) {
 
         if (! $link_to_master) {
             $_SESSION['replication']['sr_action_status'] = 'error';
-            $_SESSION['replication']['sr_action_info'] = sprintf(__('Unable to connect to master %s.'), $sr['hostname']);
+            $_SESSION['replication']['sr_action_info'] = sprintf(__('Unable to connect to master %s.'), htmlspecialchars($sr['hostname']));
         } else {
             // Read the current master position
             $position = PMA_replication_slave_bin_log_master($link_to_master);
@@ -70,6 +70,7 @@ if (isset($GLOBALS['sr_take_action'])) {
                 } else {
                     $_SESSION['replication']['sr_action_status'] = 'success';
                     $_SESSION['replication']['sr_action_info'] = sprintf(__('Master server changed succesfully to %s'), $sr['hostname']);
+                    $_SESSION['replication']['sr_action_info'] = sprintf(__('Master server changed succesfully to %s'), htmlspecialchars($sr['hostname']));
                 }
             }
         }