Permalink
Browse files

Escape JavaScript strings (bug #3093243)

  • Loading branch information...
1 parent 7d601c0 commit 28f21aaa6cb23b5486ffa0b2361ff456d793d206 @vrana committed Oct 22, 2010
@@ -560,7 +560,7 @@ function navigation($missing) {
$links[] = preg_quote($table, '/');
}
echo "<script type='text/javascript'>\n";
- echo "var jushLinks = { $jush: [ '" . addcslashes(h(ME), "\\'/") . "table=\$&', /\\b(" . implode("|", $links) . ")\\b/g ] };\n";
+ echo "var jushLinks = { $jush: [ '" . js_escape(ME) . "table=\$&', /\\b(" . implode("|", $links) . ")\\b/g ] };\n";
foreach (array("bac", "bra", "sqlite_quo", "mssql_bra") as $val) {
echo "jushLinks.$val = jushLinks.$jush;\n";
}
@@ -143,6 +143,14 @@ function confirm($count = "") {
return " onclick=\"return confirm('" . lang('Are you sure?') . ($count ? " (' + $count + ')" : "") . "');\"";
}
+/** Escape string for JavaScript apostrophes
+* @param string
+* @return string
+*/
+function js_escape($string) {
+ return addcslashes($string, "\r\n'\\/"); // slash for <script>
+}
+
/** Get INI boolean value
* @param string
* @return bool
@@ -591,7 +599,7 @@ function input($field, $value, $function) {
}
$first++;
}
- $onchange = ($first ? " onchange=\"var f = this.form['function[" . addcslashes($name, "\r\n'\\") . "]']; if ($first > f.selectedIndex) f.selectedIndex = $first;\"" : "");
+ $onchange = ($first ? " onchange=\"var f = this.form['function[" . js_escape($name) . "]']; if ($first > f.selectedIndex) f.selectedIndex = $first;\"" : "");
$attrs .= $onchange;
echo (count($functions) > 1 ? html_select("function[$name]", $functions, !isset($function) || in_array($function, $functions) || isset($functions[$function]) ? $function : "") : nbsp(reset($functions))) . '<td>';
$input = $adminer->editInput($_GET["edit"], $field, $attrs, $value); // usage in call is without a table
@@ -7,7 +7,7 @@
preg_match_all('~([^:]+):([-0-9.]+)x([-0-9.]+)(_|$)~', $_COOKIE["adminer_schema"], $matches, PREG_SET_ORDER); //! ':' in table name
foreach ($matches as $i => $match) {
$table_pos[$match[1]] = array($match[2], $match[3]);
- $table_pos_js[] = "\n\t'" . addcslashes($match[1], "\r\n'\\/") . "': [ $match[2], $match[3] ]";
+ $table_pos_js[] = "\n\t'" . js_escape($match[1]) . "': [ $match[2], $match[3] ]";
}
$top = 0;
@@ -7,11 +7,11 @@
if ($_GET["script"] == "db") {
$sums = array("Data_length" => 0, "Index_length" => 0, "Data_free" => 0);
foreach (table_status() as $row) {
- $id = addcslashes($row["Name"], "\\'/");
- echo "setHtml('Comment-$id', '" . addcslashes(nbsp($row["Comment"]), "'\\") . "');\n";
+ $id = js_escape($row["Name"]);
+ echo "setHtml('Comment-$id', '" . js_escape(nbsp($row["Comment"])) . "');\n";
if (!is_view($row)) {
foreach (array("Engine", "Collation") as $key) {
- echo "setHtml('$key-$id', '" . addcslashes(nbsp($row[$key]), "'\\") . "');\n";
+ echo "setHtml('$key-$id', '" . js_escape(nbsp($row[$key])) . "');\n";
}
foreach ($sums + array("Auto_increment" => 0, "Rows" => 0) as $key => $val) {
if ($row[$key] != "") {
@@ -31,7 +31,7 @@
}
} else { // connect
foreach (count_tables(get_databases()) as $db => $val) {
- echo "setHtml('tables-" . addcslashes($db, "\\'/") . "', '$val');\n";
+ echo "setHtml('tables-" . js_escape($db) . "', '$val');\n";
}
}
@@ -30,7 +30,7 @@
<form action="" method="post" id="form">
<table cellspacing="0">
-<tr><th><?php echo lang('Time'); ?><td><?php echo html_select("Timing", $trigger_options["Timing"], $row["Timing"], "if (/^" . h(preg_quote($TABLE, "/")) . "_[ba][iud]$/.test(this.form['Trigger'].value)) this.form['Trigger'].value = '" . h(addcslashes($TABLE, "\r\n'\\")) . "_' + selectValue(this).charAt(0).toLowerCase() + selectValue(this.form['Event']).charAt(0).toLowerCase();"); ?>
+<tr><th><?php echo lang('Time'); ?><td><?php echo html_select("Timing", $trigger_options["Timing"], $row["Timing"], "if (/^" . h(preg_quote($TABLE, "/")) . "_[ba][iud]$/.test(this.form['Trigger'].value)) this.form['Trigger'].value = '" . h(js_escape($TABLE)) . "_' + selectValue(this).charAt(0).toLowerCase() + selectValue(this.form['Event']).charAt(0).toLowerCase();"); ?>
<tr><th><?php echo lang('Event'); ?><td><?php echo html_select("Event", $trigger_event, $row["Event"], "this.form['Timing'].onchange();"); ?>
<tr><th><?php echo lang('Type'); ?><td><?php echo html_select("Type", $trigger_options["Type"], $row["Type"]); ?>
</table>

0 comments on commit 28f21aa

Please sign in to comment.