fix for fixed possible XSS in database name - thanks to Omer Singer, …

…The DigiTrust Group sorry ... should more test ... ;-)
phpmyadmin · Nov 9, 2007 · 1f4db0a · 1f4db0a
1 parent 0aa505c
commit 1f4db0a
Showing 1 changed file with 8 additions and 3 deletions.
diff --git a/libraries/List_Database.class.php b/libraries/List_Database.class.php
@@ -383,10 +383,10 @@ function getHtmlListGrouped($selected = '', $offset, $count)
             if (count($dbs) > 1) {
                 $return .= '<li>' . htmlspecialchars($group) . '<ul>' . "\n";
                 // wether display db_name cuted by the group part
-                $cut = htmlspecialchars($db['disp_name_cut']);
+                $cut = true;
             } else {
                 // .. or full
-                $cut = htmlspecialchars($db['disp_name']);
+                $cut = false;
             }
             foreach ($dbs as $db) {
                 $return .= '<li';
@@ -399,7 +399,12 @@ function getHtmlListGrouped($selected = '', $offset, $count)
                 }
                 $return .= ' href="index.php?' . PMA_generate_common_url($db['name'])
                     . '" target="_parent">';
-                $return .= $cut .' (' . $db['num_tables'] . ')';
+                if ($cut) {
+                    $return .= htmlspecialchars($db['disp_name_cut']);
+                } else {
+                    $return .= htmlspecialchars($db['disp_name']);
+                }
+                $return .= ' (' . $db['num_tables'] . ')';
                 $return .= '</a></li>' . "\n";
             }
             if (count($dbs) > 1) {