]> andersk Git - sql-web.git/blobdiff - tpl/main.php
andersk / sql-web.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix XSS in the database bars
[sql-web.git] / tpl / main.php
diff --git a/tpl/main.php b/tpl/main.php
index 89b0432de92fe5ce0030d1d053130558d8e0ac60..2a605ddfd86efdee16255e9f0ac7b4a11d635549 100644 (file)
--- a/tpl/main.php
+++ b/tpl/main.php
@@ -33,7 +33,7 @@ if (isset($i_dropask)) {
                if ($total>0)
                        $percentage = $db['nBytes']/$total;
                else $percentage = 0;
-               echo printBar($percentage, $db['Name'], str_replace(' ', ' ', sprintSize($db['nBytes'])));
+               echo printBar($percentage, htmlentities($db['Name']), str_replace(' ', ' ', sprintSize($db['nBytes'])));
                echo '</td><td>';
                echo '<input type="submit" name="dropask[',htmlentities($db['Name']),']" value="drop">';
                echo '</td></tr>';
Unnamed repository; edit this file 'description' to name the repository.
This page took 0.026242 seconds and 4 git commands to generate.