mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-12 17:44:07 +02:00
Code Issues Releases Wiki Activity

Function htmlspecialchars now uses ENT_QUOTES

Browse Source 
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@950 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana
2009-07-30 14:55:09 +00:00
parent 051b4e9a5b
commit 12c042ce3e
7 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adminer/include/adminer.inc.php
View File

@@ -119,7 +119,7 @@ class Adminer {
if (ereg('blob|binary', $field["type"]) && !is_utf8($val)) {
$return = lang('%d byte(s)', strlen($val));
}
return ($link ? "<a href=\"$link\">$return</a>" : $return);
return ($link ? "<a href='$link'>$return</a>" : $return);
}
/** Value conversion used in select and edit

2
adminer/include/connect.inc.php
View File

@@ -11,7 +11,7 @@ function connect_error() {
'processlist' => lang('Process list'),
'variables' => lang('Variables'),
) as $key => $val) {
echo '<p><a href="' . h(ME) . "$key=\">$val</a>\n";
echo "<p><a href='" . h(ME) . "$key='>$val</a>\n";
}
echo "<p>" . lang('MySQL version: %s through PHP extension %s', "<b" . ($dbh->server_info < 4.1 ? " class='binary'" : "") . ">$dbh->server_info</b>", "<b>$dbh->extension</b>") . "\n";
echo "<p>" . lang('Logged as: %s', "<b>" . h($dbh->result($dbh->query("SELECT USER()"))) . "</b>") . "\n";

4
adminer/include/editing.inc.php
View File

@@ -23,8 +23,8 @@ function edit_type($key, $field, $collations, $foreign_keys = array()) {
<td><select name="<?php echo $key; ?>[type]" onchange="editing_type_change(this);"><?php echo optionlist($structured_types + ($foreign_keys ? array(lang('Foreign keys') => $foreign_keys) : array()), $field["type"]); ?></select>
<td><input name="<?php echo $key; ?>[length]" value="<?php echo h($field["length"]); ?>" size="3">
<td><?php
echo "<select name=\"$key" . '[collation]"' . (ereg('(char|text|enum|set)$', $field["type"]) ? "" : " class='hidden'") . '><option value="">(' . lang('collation') . ')' . optionlist($collations, $field["collation"]) . '</select>';
echo ($unsigned ? " <select name=\"$key" . '[unsigned]"' . (!$field["type"] || ereg('(int|float|double|decimal)$', $field["type"]) ? "" : " class='hidden'") . '><option>' . optionlist($unsigned, $field["unsigned"]) . '</select>' : '');
echo "<select name='$key" . "[collation]'" . (ereg('(char|text|enum|set)$', $field["type"]) ? "" : " class='hidden'") . '><option value="">(' . lang('collation') . ')' . optionlist($collations, $field["collation"]) . '</select>';
echo ($unsigned ? " <select name='$key" . "[unsigned]'" . (!$field["type"] || ereg('(int|float|double|decimal)$', $field["type"]) ? "" : " class='hidden'") . '><option>' . optionlist($unsigned, $field["unsigned"]) . '</select>' : '');
?>
<?php
}

2
adminer/select.inc.php
View File

@@ -198,7 +198,7 @@ if (!$columns) {
echo ($table_names ? "<th>" . lang('Relations') : "") . "</thead>\n";
foreach ($descriptions as $n => $row) {
$unique_idf = implode('&amp;', unique_idf($rows[$n], $indexes));
echo "<tr" . odd() . "><td><input type='checkbox' name='check[]' value='$unique_idf' onclick=\"this.form['all'].checked = false; form_uncheck('all-page');\">" . (count($select) != count($group) || information_schema($_GET["db"]) ? '' : " <a href='" . h(ME) . "edit=" . urlencode($_GET['select']) . "&amp;$unique_idf" . "'>" . lang('edit') . "</a>");
echo "<tr" . odd() . "><td><input type='checkbox' name='check[]' value='$unique_idf' onclick=\"this.form['all'].checked = false; form_uncheck('all-page');\">" . (count($select) != count($group) || information_schema($_GET["db"]) ? '' : " <a href='" . h(ME) . "edit=" . urlencode($_GET['select']) . "&amp;$unique_idf'>" . lang('edit') . "</a>");
foreach ($row as $key => $val) {
if (isset($names[$key])) {
if (strlen($val) && (!isset($email_fields[$key]) || strlen($email_fields[$key]))) {

4
adminer/table.inc.php
View File

@@ -58,7 +58,7 @@ if ($result) {
echo "<th><i>" . implode("</i>, <i>", array_map('h', $foreign_key["source"])) . "</i>";
echo "<td><a href='" . h(strlen($foreign_key["db"]) ? preg_replace('~db=[^&]*~', "db=" . urlencode($foreign_key["db"]), ME) : ME) . "table=" . urlencode($foreign_key["table"]) . "'>$link</a>";
echo "(<em>" . implode("</em>, <em>", array_map('h', $foreign_key["target"])) . "</em>)";
echo "<td>" . (!strlen($foreign_key["db"]) ? '<a href="' . h(ME) . 'foreign=' . urlencode($_GET["table"]) . '&amp;name=' . urlencode($name) . '">' . lang('Alter') . '</a>' : '&nbsp;');
echo "<td>" . (!strlen($foreign_key["db"]) ? '<a href="' . h(ME . 'foreign=' . urlencode($_GET["table"]) . '&name=' . urlencode($name)) . '">' . lang('Alter') . '</a>' : '&nbsp;');
}
echo "</table>\n";
}
@@ -71,7 +71,7 @@ if ($result) {
if ($result->num_rows) {
echo "<table cellspacing='0'>\n";
while ($row = $result->fetch_assoc()) {
echo "<tr valign='top'><td>$row[Timing]<td>$row[Event]<th>" . h($row["Trigger"]) . "<td><a href=\"" . h(ME) . 'trigger=' . urlencode($_GET["table"]) . '&amp;name=' . urlencode($row["Trigger"]) . '">' . lang('Alter') . "</a>\n";
echo "<tr valign='top'><td>$row[Timing]<td>$row[Event]<th>" . h($row["Trigger"]) . "<td><a href='" . h(ME . 'trigger=' . urlencode($_GET["table"]) . '&name=' . urlencode($row["Trigger"])) . "'>" . lang('Alter') . "</a>\n";
}
echo "</table>\n";
}

4
editor/include/adminer.inc.php
View File

@@ -116,13 +116,13 @@ ORDER BY ORDINAL_POSITION"); //! requires MySQL 5
if (ereg('blob|binary', $field["type"]) && !is_utf8($val)) {
$return = lang('%d byte(s)', strlen($val));
if (ereg("^(GIF|\xFF\xD8\xFF|\x89\x50\x4E\x47\x0D\x0A\x1A\x0A)", $val)) { // GIF|JPG|PNG, getimagetype() works with filename
$return = "<img src=\"$link\" alt='$return'>";
$return = "<img src='$link' alt='$return'>";
}
}
if ($field["full_type"] == "tinyint(1)" && $return != "&nbsp;") { // bool
$return = '<img src="' . ($val ? "../adminer/plus.gif" : "../adminer/cross.gif") . '" alt="' . h($val) . '">';
}
return ($link ? "<a href=\"$link\">$return</a>" : $return);
return ($link ? "<a href='$link'>$return</a>" : $return);
}
function editVal($val, $field) {

2
todo.txt
View File

@@ -16,7 +16,7 @@ Table status cache - SHOW TABLE STATUS is slow with big InnoDB tables
? Ability to select external style - list downloaded by JavaScript
? Column and table names auto-completition in SQL textarea
? Save uploaded files after error to session variable instead of hidden field
? Aliasing of built-in functions can save 7 KB, function minification can save 7 KB, substitution of $_GET and friends can save 2 KB, remove of base64_decode() + using chars 127-255 in minification can save 1 KB, JS packer can save 1 KB
? Aliasing of built-in functions can save 7 KB, function minification can save 7 KB, substitution of $_GET and friends can save 2 KB, remove of base64_decode() + using chars 127-255 in minification can save 1 KB, JS packer can save 1 KB, not enclosing attribute values can save 1.2 KB
? AJAX editing - select page has all data to display edit form
Editor: