Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
  • 5 commits
  • 2 files changed
  • 0 comments
  • 2 contributors
3  ChangeLog
@@ -82,6 +82,9 @@ phpMyAdmin - ChangeLog
82 82
 - bug #3486970 [import] Exception on XML import
83 83
 - bug #3488777 [navi] $cfg['ShowTooltipAliasTB'] and blank names in navigation
84 84
 
  85
+3.4.10.1 (2012-02-18)
  86
+- [security] XSS in replication setup, see PMASA-2012-1
  87
+
85 88
 3.4.10.0 (2012-02-14)
86 89
 - bug #3460090 [interface] TextareaAutoSelect feature broken
87 90
 - patch #3375984 [export] PHP Array export might generate invalid php code
10  js/replication.js
@@ -5,7 +5,7 @@
5 5
  */
6 6
 
7 7
 var random_server_id = Math.floor(Math.random() * 10000000);
8  
-var conf_prefix = "server-id=" + random_server_id + "<br />log-bin=mysql-bin<br />log-error=mysql-bin.err<br />";
  8
+var conf_prefix = "server-id=" + random_server_id + "\nlog-bin=mysql-bin\nlog-error=mysql-bin.err\n";
9 9
 
10 10
 function update_config()
11 11
 {
@@ -17,16 +17,16 @@ function update_config()
17 17
     });
18 18
 
19 19
     if ($('#db_select option:selected').size() == 0) {
20  
-        $('#rep').html(conf_prefix);
  20
+        $('#rep').text(conf_prefix);
21 21
     } else if ($('#db_type option:selected').val() == 'all') {
22  
-        $('#rep').html(conf_prefix + conf_ignore + database_list);
  22
+        $('#rep').text(conf_prefix + conf_ignore + database_list);
23 23
     } else {
24  
-        $('#rep').html(conf_prefix + conf_do + database_list);
  24
+        $('#rep').text(conf_prefix + conf_do + database_list);
25 25
     }
26 26
 }
27 27
 
28 28
 $(document).ready(function() {
29  
-    $('#rep').html(conf_prefix);
  29
+    $('#rep').text(conf_prefix);
30 30
     $('#db_type').change(update_config);
31 31
     $('#db_select').change(update_config);
32 32
 

No commit comments for this range

Something went wrong with that request. Please try again.