XSS fixes

This commit is contained in:
Herman van Rink
2011-08-05 10:14:18 +02:00
parent 09b30b8b6e
commit ec848d825f

View File

@@ -281,17 +281,17 @@ if (isset($_REQUEST['snapshot'])) {
<tr class="noclick <?php echo $style; ?>"> <tr class="noclick <?php echo $style; ?>">
<?php <?php
if ($field['Key'] == 'PRI') { if ($field['Key'] == 'PRI') {
echo '<td><b><u>' . $field['Field'] . '</u></b></td>' . "\n"; echo '<td><b><u>' . htmlspecialchars($field['Field']) . '</u></b></td>' . "\n";
} else { } else {
echo '<td><b>' . $field['Field'] . '</b></td>' . "\n"; echo '<td><b>' . htmlspecialchars($field['Field']) . '</b></td>' . "\n";
} }
?> ?>
<td><?php echo $field['Type'];?></td> <td><?php echo htmlspecialchars($field['Type']);?></td>
<td><?php echo $field['Collation'];?></td> <td><?php echo htmlspecialchars($field['Collation']);?></td>
<td><?php echo $field['Null'];?></td> <td><?php echo htmlspecialchars($field['Null']);?></td>
<td><?php echo $field['Default'];?></td> <td><?php echo htmlspecialchars($field['Default']);?></td>
<td><?php echo $field['Extra'];?></td> <td><?php echo htmlspecialchars($field['Extra']);?></td>
<td><?php echo $field['Comment'];?></td> <td><?php echo htmlspecialchars($field['Comment']);?></td>
</tr> </tr>
<?php <?php
if ($style == 'even') { if ($style == 'even') {
@@ -337,15 +337,15 @@ if (isset($_REQUEST['snapshot'])) {
} }
?> ?>
<tr class="noclick <?php echo $style; ?>"> <tr class="noclick <?php echo $style; ?>">
<td><b><?php echo $index['Key_name'];?></b></td> <td><b><?php echo htmlspecialchars($index['Key_name']);?></b></td>
<td><?php echo $index['Index_type'];?></td> <td><?php echo htmlspecialchars($index['Index_type']);?></td>
<td><?php echo $str_unique;?></td> <td><?php echo $str_unique;?></td>
<td><?php echo $str_packed;?></td> <td><?php echo $str_packed;?></td>
<td><?php echo $index['Column_name'];?></td> <td><?php echo htmlspecialchars($index['Column_name']);?></td>
<td><?php echo $index['Cardinality'];?></td> <td><?php echo htmlspecialchars($index['Cardinality']);?></td>
<td><?php echo $index['Collation'];?></td> <td><?php echo htmlspecialchars($index['Collation']);?></td>
<td><?php echo $index['Null'];?></td> <td><?php echo htmlspecialchars($index['Null']);?></td>
<td><?php echo $index['Comment'];?></td> <td><?php echo htmlspecialchars($index['Comment']);?></td>
</tr> </tr>
<?php <?php
if ($style == 'even') { if ($style == 'even') {