diff options
author | Marc Delisle <marc@infomarc.info> | 2007-08-15 20:46:47 +0400 |
---|---|---|
committer | Marc Delisle <marc@infomarc.info> | 2007-08-15 20:46:47 +0400 |
commit | 51bb4a6e4aaad04e8222b749600ec21f13e284d5 (patch) | |
tree | 8255bcad38a35744726b31461ef92879f86bcda5 /browse_foreigners.php | |
parent | 1c10aa49ac0ac27d64b3bb22ac44b824eafbcb99 (diff) |
foreign key browser: encoding mixups, thanks to Thijs Kinkhorst
Diffstat (limited to 'browse_foreigners.php')
-rw-r--r-- | browse_foreigners.php | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/browse_foreigners.php b/browse_foreigners.php index 9b10288f00..4d2670aa43 100644 --- a/browse_foreigners.php +++ b/browse_foreigners.php @@ -17,7 +17,6 @@ require_once './libraries/ob.lib.php'; PMA_outBufferPre(); require_once './libraries/header_http.inc.php'; -$field = urldecode($field); /** * Displays the frame @@ -44,7 +43,7 @@ require './libraries/get_foreign.lib.php'; if (isset($pk)) { $pk_uri = '&pk=' . urlencode($pk); ?> -<input type="hidden" name="pk" value="<?php echo urlencode($pk); ?>" /> +<input type="hidden" name="pk" value="<?php echo htmlspecialchars($pk); ?>" /> <?php } else { $pk_uri = ''; @@ -69,8 +68,8 @@ if (isset($disp_row) && is_array($disp_row)) { 'browse_foreigners.php?field=' . urlencode($field) . '&' . PMA_generate_common_url($db, $table) . $pk_uri . - '&fieldkey=' . (isset($fieldkey) ? $fieldkey : '') . - '&foreign_filter=' . (isset($foreign_filter) ? htmlspecialchars($foreign_filter) : '') . + '&fieldkey=' . (isset($fieldkey) ? urlencode($fieldkey) : '') . + '&foreign_filter=' . (isset($foreign_filter) ? urlencode($foreign_filter) : '') . '&', $session_max_rows, $pageNow, @@ -106,7 +105,7 @@ if (isset($disp_row) && is_array($disp_row)) { var field = 'field_' + field; <?php if (isset($pk)) { ?> - var element_name = field + '[multi_edit][<?php echo urlencode($pk); ?>][]'; + var element_name = field + '[multi_edit][<?php echo htmlspecialchars($pk); ?>][]'; <?php } else { ?> var element_name = field + '[]'; <?php } ?> @@ -141,11 +140,11 @@ if (isset($disp_row) && is_array($disp_row)) { <form action="browse_foreigners.php" method="post"> <fieldset> <?php echo PMA_generate_common_hidden_inputs($db, $table); ?> -<input type="hidden" name="field" value="<?php echo urlencode($field); ?>" /> +<input type="hidden" name="field" value="<?php echo htmlspecialchars($field); ?>" /> <input type="hidden" name="fieldkey" - value="<?php echo isset($fieldkey) ? $fieldkey : ''; ?>" /> + value="<?php echo isset($fieldkey) ? htmlspecialchars($fieldkey) : ''; ?>" /> <?php if (isset($pk)) { ?> -<input type="hidden" name="pk" value="<?php echo urlencode($pk); ?>" /> +<input type="hidden" name="pk" value="<?php echo htmlspecialchars($pk); ?>" /> <?php } ?> <span class="formelement"> <label for="input_foreign_filter"><?php echo $strSearch . ':'; ?></label> |