From 7de139b90ca6926d9ec06c2684ef8877a01b5ed7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= Date: Thu, 30 Jun 2016 10:54:05 +0200 Subject: [PATCH] Properly escape generated XML export MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Many fields could contain XML markup, so we need to ensure the generated XML is valid. Signed-off-by: Michal Čihař --- libraries/plugins/export/ExportXml.php | 14 +++++++------- test/classes/plugin/export/ExportXmlTest.php | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/libraries/plugins/export/ExportXml.php b/libraries/plugins/export/ExportXml.php index 325e2e6e379d..1ccffeee58af 100644 --- a/libraries/plugins/export/ExportXml.php +++ b/libraries/plugins/export/ExportXml.php @@ -185,7 +185,7 @@ private function _exportDefinitions($db, $type, $dbitype, $names) if ($names) { foreach ($names as $name) { $head .= ' ' . $crlf; + . htmlspecialchars($name) . '">' . $crlf; // Do some formatting $sql = $GLOBALS['dbi']->getDefinition($db, $dbitype, $name); @@ -232,7 +232,7 @@ public function exportHeader() . '- version ' . PMA_VERSION . $crlf . '- https://www.phpmyadmin.net' . $crlf . '-' . $crlf - . '- ' . __('Host:') . ' ' . $cfg['Server']['host']; + . '- ' . __('Host:') . ' ' . htmlspecialchars($cfg['Server']['host']); if (!empty($cfg['Server']['port'])) { $head .= ':' . $cfg['Server']['port']; } @@ -263,7 +263,7 @@ public function exportHeader() $head .= ' -->' . $crlf; $head .= ' ' . $crlf; $head .= ' ' . $crlf; if (count($tables) == 0) { @@ -296,7 +296,7 @@ public function exportHeader() continue; } - $head .= ' ' + $head .= ' ' . $crlf; $tbl = " " . htmlspecialchars($tbl); @@ -314,7 +314,7 @@ public function exportHeader() foreach ($triggers as $trigger) { $code = $trigger['create']; $head .= ' ' . $crlf; + . htmlspecialchars($trigger['name']) . '">' . $crlf; // Do some formatting $code = mb_substr(rtrim($code), 0, -3); @@ -402,7 +402,7 @@ public function exportDBHeader($db, $db_alias = '') ) { $head = ' ' . $crlf . ' ' . $crlf; @@ -491,7 +491,7 @@ public function exportData( unset($i); $buffer = ' ' . $crlf; + . htmlspecialchars($table_alias) . ' -->' . $crlf; if (!PMA_exportOutputHandler($buffer)) { return false; } diff --git a/test/classes/plugin/export/ExportXmlTest.php b/test/classes/plugin/export/ExportXmlTest.php index e2034b5e7314..e2dcefbf4bbb 100644 --- a/test/classes/plugin/export/ExportXmlTest.php +++ b/test/classes/plugin/export/ExportXmlTest.php @@ -589,7 +589,7 @@ public function testExportData() $result = ob_get_clean(); $this->assertContains( - "", + "", $result );