Protect against php code input from user (bug #1530370).

2006-07-28 14:49:47 +00:00
parent 708c596779
commit fbfb5d2f02
2 changed files with 13 additions and 5 deletions
--- a/4
+++ b/4
@@ -6,6 +6,10 @@ $Id$
 $Source$


+2006-07-28 Michal Čihař  <michal@cihar.com>
+    * scripts/setup.php: Protect against php code input from user (bug
+      #1530370).
+
 2006-07-27 Marc Delisle  <lem9@users.sourceforge.net>
    * pdf_pages.php: automatic layout for InnoDB tables
    * tbl_properties_operations.php: problem switching from InnoDB to MyISAM
--- a/scripts/setup.php
+++ b/scripts/setup.php
@@ -395,17 +395,21 @@ function get_server_auth($val) {
 *
 * @return  string  fancy server name
 */
-function get_server_name($val, $id = FALSE) {
+function get_server_name($val, $id = FALSE, $escape = true) {
    if (!empty($val['verbose'])) {
-        $ret = htmlspecialchars($val['verbose']);
+        $ret = $val['verbose'];
    } else {
-        $ret = htmlspecialchars($val['host']);
+        $ret = $val['host'];
    }
    $ret .= ' (' . get_server_auth($val) . ')';
    if ($id !== FALSE) {
        $ret .= ' [' . ($id + 1) . ']' ;
    }
-    return $ret;
+    if ($escape) {
+        return htmlspecialchars($ret);
+    } else {
+        return $ret;
+    }
 }


@@ -502,7 +506,7 @@ function get_cfg_string($cfg) {
    if (count($c['Servers']) > 0) {
        $ret .= "/* Servers configuration */\n\$i = 0;\n";
        foreach ($c['Servers'] as $cnt => $srv) {
-            $ret .= "\n/* Server " . get_server_name($srv, $cnt) . " */\n\$i++;\n";
+            $ret .= "\n/* Server " . strtr(get_server_name($srv, $cnt, false), '*', '-') . " */\n\$i++;\n";
            foreach ($srv as $key => $val) {
                $ret .= get_cfg_val("\$cfg['Servers'][\$i]['$key']", $val);
            }