Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fix two security fix about XSS, reported by Mateusz Goik, fixed by io…

…guix.
  • Loading branch information...
commit 1df248203de055f97e092b50b1dd9643ccb73842 1 parent 6e0612e
@ioguix ioguix authored
Showing with 3 additions and 3 deletions.
  1. +1 −1  HISTORY
  2. +1 −1  classes/Misc.php
  3. +1 −1  display.php
View
2  HISTORY
@@ -41,7 +41,7 @@ Bugs
* Fix multiple bugs about quoting and escaping database objects names with special chars
* Fix multiple bugs in the browser tree
* Fix multiple bugs on the SQL and script file import form
-* One security fix about code injection
+* Three security fix about code injection
* Don't allow inserting on a table without fields
* Some fix about commenting databases
* removed deprecated functions from PHP 5.3
View
2  classes/Misc.php
@@ -398,7 +398,7 @@ function printHeader($title = '', $script = null, $frameset = false) {
echo "<link rel=\"shortcut icon\" href=\"images/themes/{$conf['theme']}/Favicon.ico\" type=\"image/vnd.microsoft.icon\" />\n";
echo "<link rel=\"icon\" type=\"image/png\" href=\"images/themes/{$conf['theme']}/Introduction.png\" />\n";
echo "<title>", htmlspecialchars($appName);
- if ($title != '') echo " - {$title}";
+ if ($title != '') echo htmlspecialchars(" - {$title}");
echo "</title>\n";
if ($script) echo "{$script}\n";
View
2  display.php
@@ -578,7 +578,7 @@ function doBrowse($msg = '') {
// Return
if (isset($_REQUEST['return_url']) && isset($_REQUEST['return_desc']))
- echo "\t<li><a href=\"{$_REQUEST['return_url']}\">{$_REQUEST['return_desc']}</a></li>\n";
+ echo "\t<li><a href=\"". htmlspecialchars($_REQUEST['return_url']) ."\">". htmlspecialchars($_REQUEST['return_desc']) ."</a></li>\n";
// Edit SQL link
if (isset($_REQUEST['query']))
Please sign in to comment.
Something went wrong with that request. Please try again.