Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix two security fix about XSS, reported by Mateusz Goik, fixed by io…

…guix.
  • Loading branch information...
commit 1df248203de055f97e092b50b1dd9643ccb73842 1 parent 6e0612e
@ioguix ioguix authored
Showing with 3 additions and 3 deletions.
  1. +1 −1  HISTORY
  2. +1 −1  classes/Misc.php
  3. +1 −1  display.php
View
2  HISTORY
@@ -41,7 +41,7 @@ Bugs
* Fix multiple bugs about quoting and escaping database objects names with special chars
* Fix multiple bugs in the browser tree
* Fix multiple bugs on the SQL and script file import form
-* One security fix about code injection
+* Three security fix about code injection
* Don't allow inserting on a table without fields
* Some fix about commenting databases
* removed deprecated functions from PHP 5.3
View
2  classes/Misc.php
@@ -398,7 +398,7 @@ function printHeader($title = '', $script = null, $frameset = false) {
echo "<link rel=\"shortcut icon\" href=\"images/themes/{$conf['theme']}/Favicon.ico\" type=\"image/vnd.microsoft.icon\" />\n";
echo "<link rel=\"icon\" type=\"image/png\" href=\"images/themes/{$conf['theme']}/Introduction.png\" />\n";
echo "<title>", htmlspecialchars($appName);
- if ($title != '') echo " - {$title}";
+ if ($title != '') echo htmlspecialchars(" - {$title}");
echo "</title>\n";
if ($script) echo "{$script}\n";
View
2  display.php
@@ -578,7 +578,7 @@ function doBrowse($msg = '') {
// Return
if (isset($_REQUEST['return_url']) && isset($_REQUEST['return_desc']))
- echo "\t<li><a href=\"{$_REQUEST['return_url']}\">{$_REQUEST['return_desc']}</a></li>\n";
+ echo "\t<li><a href=\"". htmlspecialchars($_REQUEST['return_url']) ."\">". htmlspecialchars($_REQUEST['return_desc']) ."</a></li>\n";
// Edit SQL link
if (isset($_REQUEST['query']))
Please sign in to comment.
Something went wrong with that request. Please try again.