mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-09 16:17:48 +02:00
Code Issues Releases Wiki Activity

Escape unknown field in select

Browse Source
This commit is contained in:
Jakub Vrana
2025-02-18 10:29:28 +01:00
parent 7541149522
commit 274fa2259b
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adminer/select.inc.php
View File

@@ -326,7 +326,7 @@ if (!$columns && support("table")) {
if (!isset($unselected[$key])) { if (!isset($unselected[$key])) {
$val = $_GET["columns"][key($select)]; $val = $_GET["columns"][key($select)];
$field = $fields[$select ? ($val ? $val["col"] : current($select)) : $key]; $field = $fields[$select ? ($val ? $val["col"] : current($select)) : $key];
$name = ($field ? $adminer->fieldName($field, $rank) : ($val["fun"] ? "*" : $key)); $name = ($field ? $adminer->fieldName($field, $rank) : ($val["fun"] ? "*" : h($key)));
if ($name != "") { if ($name != "") {
$rank++; $rank++;
$names[$key] = $name; $names[$key] = $name;

1
changes.txt
View File

@@ -1,4 +1,5 @@
Adminer 4.15.0-dev: Adminer 4.15.0-dev:
Escape unknown field in select
HTTP drivers: Don't allow path in server name HTTP drivers: Don't allow path in server name
HTTP drivers: Hide connection error message HTTP drivers: Hide connection error message
SimpleDB: Disable XML entity loader SimpleDB: Disable XML entity loader