diff options
| author | Herman van Rink <rink@initfour.nl> | 2011-08-19 13:01:45 +0400 |
|---|---|---|
| committer | Herman van Rink <rink@initfour.nl> | 2011-08-19 13:01:45 +0400 |
| commit | f00c57bdf3669d7471b30e6750f6762d2e01947b (patch) | |
| tree | 76ab557ffee4d44e3ec78c7877c12fefd26264fa /tbl_tracking.php | |
| parent | 4e5c583dcfdd6307f1093f80a9e1d1ff0480cc7d (diff) | |
Slightly far fetched XSS prevention
Diffstat (limited to 'tbl_tracking.php')
| -rw-r--r-- | tbl_tracking.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/tbl_tracking.php b/tbl_tracking.php index 047066384c..96d502418e 100644 --- a/tbl_tracking.php +++ b/tbl_tracking.php @@ -423,8 +423,8 @@ if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { ?> <tr class="noclick <?php echo $style; ?>"> <td><small><?php echo $i;?></small></td> - <td><small><?php echo $entry['date'];?></small></td> - <td><small><?php echo $entry['username']; ?></small></td> + <td><small><?php echo htmlspecialchars($entry['date']);?></small></td> + <td><small><?php echo htmlspecialchars($entry['username']); ?></small></td> <td><?php echo $statement; ?></td> </tr> <?php @@ -613,9 +613,9 @@ if ($last_version > 0) { <tr class="noclick <?php echo $style;?>"> <td><?php echo htmlspecialchars($version['db_name']);?></td> <td><?php echo htmlspecialchars($version['table_name']);?></td> - <td><?php echo $version['version'];?></td> - <td><?php echo $version['date_created'];?></td> - <td><?php echo $version['date_updated'];?></td> + <td><?php echo htmlspecialchars($version['version']);?></td> + <td><?php echo htmlspecialchars($version['date_created']);?></td> + <td><?php echo htmlspecialchars($version['date_updated']);?></td> <td><?php echo $version_status;?></td> <td> <a href="tbl_tracking.php<?php echo PMA_generate_common_url($url_params + array('report' => 'true', 'version' => $version['version']) );?>"><?php echo __('Tracking report');?></a> |