$dbname = $uname.DELIMETER.$i_newdb;
if ($User->isOverQuota() && !isAdmin()) {
$err1[] = 'You are over your quota. You may not add more databases.';
- } elseif (count($User->getDBList())>MAXDBS && !isAdmin()) {
+ } elseif (count($User->getDBList())>=$User->getDBQuotaHard() && !isAdmin()) {
$err1[] = 'You have too many databases. You may not add more databases.';
} elseif (empty($i_newdb)) {
$err1[] = 'Your database name may not be empty.';
$err1[] = 'Database already exists.';
}
} else {
- $msg1[] = 'Database `'.$dbname.'` created.';
+ $msg1[] = 'Database `'.htmlentities($dbname).'` created.';
}
$i_newdb = $dbname;
return array($msg1, $err1);
$dropdbs = array_keys($i_drop);
foreach($dropdbs as $dbname) {
if ($User->delDB($dbname)) {
- $msg1[] = 'Database `'.$dbname.'` dropped.';
+ $msg1[] = 'Database `'.htmlentities($dbname).'` dropped.';
} else {
$err1[] = mysql_error();
}