Skip to content

Commit

Permalink
Fix XSS in indexes (non-MySQL only)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vrana
vrana committed Nov 8, 2015
1 parent 6c6bb45 commit 4be0b66
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
2 changes: 1 addition & 1 deletion adminer/indexes.inc.php
View file
Expand Up @@ -117,7 +117,7 @@
$i = 1;
foreach ($index["columns"] as $key => $column) {
echo "<span>" . select_input(
" name='indexes[$j][columns][$i]' onchange=\"" . ($i == count($index["columns"]) ? "indexesAddColumn" : "indexesChangeColumn") . "(this, '" . js_escape($jush == "sql" ? "" : $_GET["indexes"] . "_") . "');\"",
" name='indexes[$j][columns][$i]' onchange=\"" . ($i == count($index["columns"]) ? "indexesAddColumn" : "indexesChangeColumn") . "(this, '" . h(js_escape($jush == "sql" ? "" : $_GET["indexes"] . "_")) . "');\"",
($fields ? array_combine($fields, $fields) : $fields),
$column
);
Expand Down
1 change: 1 addition & 0 deletions changes.txt
View file
@@ -1,4 +1,5 @@
Adminer 4.2.3-dev:
Fix XSS in indexes (non-MySQL only)
Support PHP 7
Greek translation
Galician translation
Expand Down

0 comments on commit 4be0b66

Please sign in to comment.