From 514697082675f054671f6af4aa27c0c4601fcce8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <michal@cihar.com>
Date: Wed, 17 Aug 2011 09:57:29 +0200
Subject: Escape displayed user input

---
 tbl_replace.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'tbl_replace.php')

diff --git a/tbl_replace.php b/tbl_replace.php
index 02e8c49402..f7cc17c1b7 100644
--- a/tbl_replace.php
+++ b/tbl_replace.php
@@ -368,7 +368,7 @@ foreach ($query as $single_query) {
     }
 
     if (! $result) {
-        $error_messages[] = PMA_DBI_getError();
+        $error_messages[] = PMA_Message::sanitize(PMA_DBI_getError());
     } else {
         // The next line contains a real assignment, it's not a typo
         if ($tmp = @PMA_DBI_affected_rows()) {
@@ -392,8 +392,8 @@ foreach ($query as $single_query) {
     } // end if
 
     foreach (PMA_DBI_get_warnings() as $warning) {
-        $warning_messages[] = $warning['Level'] . ': #' . $warning['Code']
-            . ' ' . $warning['Message'];
+        $warning_messages[] = PMA_Message::sanitize($warning['Level'] . ': #' . $warning['Code']
+            . ' ' . $warning['Message']);
     }
 
     unset($result);
-- 
cgit v1.2.3