}
}
-page_header(($TABLE != "" ? lang('Alter table') : lang('Create table')), $error, array("table" => $TABLE), $TABLE);
+page_header(($TABLE != "" ? lang('Alter table') : lang('Create table')), $error, array("table" => $TABLE), h($TABLE));
if (!$_POST) {
$row = array(
}
}
-page_header(DB != "" ? lang('Alter database') : lang('Create database'), $error, array(), DB);
+page_header(DB != "" ? lang('Alter database') : lang('Create database'), $error, array(), h(DB));
$collations = collations();
$name = DB;
exit;
}
-page_header(lang('Export'), $error, ($_GET["export"] != "" ? array("table" => $_GET["export"]) : array()), DB);
+page_header(lang('Export'), $error, ($_GET["export"] != "" ? array("table" => $_GET["export"]) : array()), h(DB));
?>
<form action="" method="post">
($update ? lang('Edit') : lang('Insert')),
$error,
array("select" => array($TABLE, $table_name)),
- $table_name //! two calls of h()
+ $table_name
);
$row = null;
}
}
-page_header(lang('Foreign key'), $error, array("table" => $TABLE), $TABLE);
+page_header(lang('Foreign key'), $error, array("table" => $TABLE), h($TABLE));
if ($_POST) {
ksort($row["source"]);
/** Print HTML header
* @param string used in title, breadcrumb and heading, should be HTML escaped
* @param string
-* @param mixed array("key" => "link=desc", "key2" => array("link", "desc")), null for nothing, false for driver only, true for driver and server
-* @param string used after colon in title and heading, will be HTML escaped
+* @param mixed array("key" => "link", "key2" => array("link", "desc")), null for nothing, false for driver only, true for driver and server
+* @param string used after colon in title and heading, should be HTML escaped
* @return null
*/
function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
global $LANG, $adminer, $connection, $drivers;
page_headers();
- $title_all = $title . ($title2 != "" ? ": " . h($title2) : "");
+ $title_all = $title . ($title2 != "" ? ": $title2" : "");
$title_page = strip_tags($title_all . (SERVER != "" && SERVER != "localhost" ? h(" - " . SERVER) : "") . " - " . $adminer->name());
?>
<!DOCTYPE html>
queries_redirect(ME . "table=" . urlencode($TABLE), lang('Indexes have been altered.'), alter_indexes($TABLE, $alter));
}
-page_header(lang('Indexes'), $error, array("table" => $TABLE), $TABLE);
+page_header(lang('Indexes'), $error, array("table" => $TABLE), h($TABLE));
$fields = array_keys(fields($TABLE));
if ($_POST["add"]) {
<?php
-page_header(lang('Database schema'), "", array(), DB . ($_GET["ns"] ? ".$_GET[ns]" : ""));
+page_header(lang('Database schema'), "", array(), h(DB . ($_GET["ns"] ? ".$_GET[ns]" : "")));
$table_pos = array();
$table_pos_js = array();
}
}
-page_header(($TABLE != "" ? lang('Alter view') : lang('Create view')), $error, array("table" => $TABLE), $TABLE);
+page_header(($TABLE != "" ? lang('Alter view') : lang('Create view')), $error, array("table" => $TABLE), h($TABLE));
?>
<form action="" method="post">
projects / adminer.git / commitdiff