Escape user input (CVE-2006-2031).

2006-05-02 09:28:42 +00:00
parent 67be078872
commit fad722d2f4
3 changed files with 13 additions and 9 deletions
--- a/4
+++ b/4
@@ -5,6 +5,10 @@ phpMyAdmin - ChangeLog
 $Id$
 $Source$
 2006-05-02 Michal Čihař  <michal@cihar.com>
    * libraries/select_lang.lib.php, libraries/Theme_Manager.class.php: Escape
      user input (CVE-2006-2031).
 2006-04-28 Michal Čihař  <michal@cihar.com>
    * Documentation.html, main.php, libraries/config.default.php: Possibility
      to hide creating of database from main (RFE #1370100).
--- a/libraries/Theme_Manager.class.php
+++ b/libraries/Theme_Manager.class.php
@@ -101,10 +101,10 @@ class PMA_Theme_Manager {
        if ( ! $this->checkTheme($GLOBALS['cfg']['ThemeDefault'])) {
            $GLOBALS['PMA_errors'][] = sprintf( $GLOBALS['strThemeDefaultNotFound'],
-                $GLOBALS['cfg']['ThemeDefault'] );
+                htmlspecialchars($GLOBALS['cfg']['ThemeDefault']));
            trigger_error(
                sprintf($GLOBALS['strThemeDefaultNotFound'],
-                    $GLOBALS['cfg']['ThemeDefault']),
+                    htmlspecialchars($GLOBALS['cfg']['ThemeDefault'])),
                E_USER_WARNING);
            $GLOBALS['cfg']['ThemeDefault'] = false;
        }
@@ -141,9 +141,9 @@ class PMA_Theme_Manager {
    {
        if ( ! $this->checkTheme($theme)) {
            $GLOBALS['PMA_errors'][] = sprintf($GLOBALS['strThemeNotFound'],
-                PMA_sanitize($theme));
+                htmlspecialchars($theme));
            trigger_error(
-                sprintf($GLOBALS['strThemeNotFound'], PMA_sanitize($theme)),
+                sprintf($GLOBALS['strThemeNotFound'], htmlspecialchars($theme)),
                E_USER_WARNING);
            return false;
        }
@@ -217,10 +217,10 @@ class PMA_Theme_Manager {
        if (! is_dir($folder)) {
            $GLOBALS['PMA_errors'][] =
                sprintf($GLOBALS['strThemePathNotFound'],
-                    $folder);
+                    htmlspecialchars($folder));
            trigger_error(
                sprintf($GLOBALS['strThemePathNotFound'],
-                    $folder),
+                    htmlspecialchars($folder)),
                E_USER_WARNING);
            return false;
        }
--- a/libraries/select_lang.lib.php
+++ b/libraries/select_lang.lib.php
@@ -409,13 +409,13 @@ require_once $lang_file;
 // now, that we have loaded the language strings we can send the errors
 if ($lang_failed_cfg) {
-    $GLOBALS['PMA_errors'][] = sprintf($strLanguageUnknown, $lang_failed_cfg);
+    $GLOBALS['PMA_errors'][] = sprintf($strLanguageUnknown, htmlspecialchars($lang_failed_cfg));
 }
 if ($lang_failed_cookie) {
-    $GLOBALS['PMA_errors'][] = sprintf($strLanguageUnknown, $lang_failed_cookie);
+    $GLOBALS['PMA_errors'][] = sprintf($strLanguageUnknown, htmlspecialchars($lang_failed_cookie));
 }
 if ($lang_failed_request) {
-    $GLOBALS['PMA_errors'][] = sprintf($strLanguageUnknown, $lang_failed_request);
+    $GLOBALS['PMA_errors'][] = sprintf($strLanguageUnknown, htmlspecialchars($lang_failed_request));
 }
 unset($strLanguageFileNotFound, $line, $fall_back_lang,