Skip to content
Permalink
Browse files

ConnectionPanel: uses Tracy\Helpers::escapeHtml()

  • Loading branch information...
dg committed Mar 11, 2019
1 parent 31ce4a1 commit a00558eafa79e640747d2028c038d0bc51ea1f99
@@ -3,8 +3,9 @@ declare(strict_types=1);
namespace Nette\Bridges\DatabaseTracy;
use Nette\Database\Helpers;
use Nette\Database\Helpers as DbHelpers;
use Tracy;
use Tracy\Helpers;
?>
<style class="tracy-debug">
@@ -13,12 +14,12 @@ use Tracy;
#tracy-debug .nette-DbConnectionPanel-explain td { white-space: pre }
</style>

<h1 title="<?= htmlspecialchars($connection->getDsn(), ENT_QUOTES, 'UTF-8') ?>">Queries: <?php
echo $count, ($totalTime ? sprintf(', time: %0.3f ms', $totalTime * 1000) : ''), ', ', htmlspecialchars($name, ENT_NOQUOTES, 'UTF-8') ?></h1>
<h1 title="<?= Helpers::escapeHtml($connection->getDsn()) ?>">Queries: <?php
echo $count, ($totalTime ? sprintf(', time: %0.3f ms', $totalTime * 1000) : ''), ', ', Helpers::escapeHtml($name) ?></h1>

<div class="tracy-inner">
<div class="tracy-inner-container">
<table>
<table class="tracy-sortable">
<tr><th>Time&nbsp;ms</th><th>SQL Query</th><th>Rows</th></tr>
<?php
foreach ($queries as $query):
@@ -27,31 +28,31 @@ use Tracy;
<tr>
<td>
<?php if ($error): ?>
<span title="<?= htmlspecialchars($error, ENT_IGNORE | ENT_QUOTES, 'UTF-8') ?>">ERROR</span>
<span title="<?= Helpers::escapeHtml($error) ?>">ERROR</span>
<?php elseif ($time !== null): echo sprintf('%0.3f', $time * 1000); endif ?>
<?php if ($explain): ?>
<br /><a class="tracy-toggle tracy-collapsed" data-tracy-ref="^tr .nette-DbConnectionPanel-explain">explain</a>
<?php endif ?>
</td>
<td class="nette-DbConnectionPanel-sql"><?= Helpers::dumpSql($sql, $params, $connection) ?>
<td class="nette-DbConnectionPanel-sql"><?= DbHelpers::dumpSql($sql, $params, $connection) ?>
<?php if ($explain): ?>
<table class="tracy-collapsed nette-DbConnectionPanel-explain">
<tr>
<?php foreach ($explain[0] as $col => $foo): ?>
<th><?= htmlspecialchars((string) $col, ENT_NOQUOTES, 'UTF-8') ?></th>
<th><?= Helpers::escapeHtml($col) ?></th>
<?php endforeach ?>
</tr>
<?php foreach ($explain as $row): ?>
<tr>
<?php foreach ($row as $col): ?>
<td><?= htmlspecialchars((string) $col, ENT_NOQUOTES, 'UTF-8') ?></td>
<td><?= Helpers::escapeHtml($col) ?></td>
<?php endforeach ?>
</tr>
<?php endforeach ?>
</table>
<?php endif ?>
<?php if ($source) {
echo substr_replace(Tracy\Helpers::editorLink($source[0], $source[1]), ' class="nette-DbConnectionPanel-source"', 2, 0);
echo substr_replace(Helpers::editorLink($source[0], $source[1]), ' class="nette-DbConnectionPanel-source"', 2, 0);
} ?>
</td>
<td><?= $rows ?></td>
@@ -3,8 +3,10 @@ declare(strict_types=1);
namespace Nette\Bridges\DatabaseTracy;
use Tracy\Helpers;
?>
<span title="Nette\Database <?= htmlspecialchars($name, ENT_QUOTES, 'UTF-8') ?>">
<span title="Nette\Database <?= Helpers::escapeHtml($name) ?>">
<svg viewBox="0 0 2048 2048"><path fill="<?= $count ? '#b079d6' : '#aaa' ?>" d="M1024 896q237 0 443-43t325-127v170q0 69-103 128t-280 93.5-385 34.5-385-34.5-280-93.5-103-128v-170q119 84 325 127t443 43zm0 768q237 0 443-43t325-127v170q0 69-103 128t-280 93.5-385 34.5-385-34.5-280-93.5-103-128v-170q119 84 325 127t443 43zm0-384q237 0 443-43t325-127v170q0 69-103 128t-280 93.5-385 34.5-385-34.5-280-93.5-103-128v-170q119 84 325 127t443 43zm0-1152q208 0 385 34.5t280 93.5 103 128v128q0 69-103 128t-280 93.5-385 34.5-385-34.5-280-93.5-103-128v-128q0-69 103-128t280-93.5 385-34.5z"/>
</svg><span class="tracy-label"><?= ($totalTime ? sprintf('%0.1f ms / ', $totalTime * 1000) : '') . $count ?></span>
</span>

0 comments on commit a00558e

Please sign in to comment.
You can’t perform that action at this time.