Skip to content

Commit

Permalink
Preventively escape name
Browse files Browse the repository at this point in the history
  • Loading branch information
@vrana
vrana committed May 23, 2021
1 parent 2dd65f0 commit ea1acfc
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion adminer/include/editing.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ function set_adminer_settings($settings) {
*/
function textarea($name, $value, $rows = 10, $cols = 80) {
global $jush;
echo "<textarea name='$name' rows='$rows' cols='$cols' class='sqlarea jush-$jush' spellcheck='false' wrap='off'>";
echo "<textarea name='" . h($name) . "' rows='$rows' cols='$cols' class='sqlarea jush-$jush' spellcheck='false' wrap='off'>";
if (is_array($value)) {
foreach ($value as $val) { // not implode() to save memory
echo h($val[0]) . "\n\n\n"; // $val == array($query, $time, $elapsed)
Expand Down

0 comments on commit ea1acfc

Please sign in to comment.