Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/phpmyadmin/phpmyadmin.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/normalization.php
diff options
context:
space:
mode:
authorMadhura Jayaratne <madhura.cj@gmail.com>2016-02-25 12:08:38 +0300
committerMichal Čihař <michal@cihar.com>2016-02-25 14:19:26 +0300
commit746240bd13b62b5956fc34389cfbdc09e1e67775 (patch)
tree0d289a5f0d03c020292dc87e5004121da3e4b687 /normalization.php
parent38fa1191049ac0c626a6684eea52068dfbbb5078 (diff)
Fix XSS in normalization
Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
Diffstat (limited to 'normalization.php')
-rw-r--r--normalization.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/normalization.php b/normalization.php
index 4cb9569181..069dabbc0f 100644
--- a/normalization.php
+++ b/normalization.php
@@ -72,7 +72,7 @@ $scripts = $header->getScripts();
$scripts->addFile('normalization.js');
$scripts->addFile('jquery/jquery.uitablefilter.js');
$normalForm = '1nf';
-if (isset($_REQUEST['normalizeTo'])) {
+if (PMA_isValid($_REQUEST['normalizeTo'], array('1nf', '2nf', '3nf'))) {
$normalForm = $_REQUEST['normalizeTo'];
}
if (isset($_REQUEST['createNewTables2NF'])) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 07:13:04 +0300