Escape links

diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php
index 0445d8a54e2a32d4a50dccbe64835e065e3a9b00..c0d1eb445962a20da8e87f9ae7abf1f309f5566a 100644 (file)
--- a/adminer/include/adminer.inc.php
+++ b/adminer/include/adminer.inc.php
@@ -196,7 +196,7 @@ username.form['auth[driver]'].onchange();
                if (ereg('blob|bytea|raw|file', $field["type"]) && !is_utf8($val)) {
                        $return = lang('%d byte(s)', strlen($val));
                }
-               return ($link ? "<a href='$link'>$return</a>" : $return);
+               return ($link ? "<a href='" . h($link) . "'>$return</a>" : $return);
        }
        
        /** Value conversion used in select and edit

diff --git a/editor/include/adminer.inc.php b/editor/include/adminer.inc.php
index 7c29e5e58c1f5573daebc7b06672498f71e3e72f..8fad714392cb995ac281b8e5ed41370ade689899 100644 (file)
--- a/editor/include/adminer.inc.php
+++ b/editor/include/adminer.inc.php
@@ -164,6 +164,7 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
        
        function selectVal($val, $link, $field) {
                $return = ($val === null ? " " : $val);
+               $link = h($link);
                if (ereg('blob|bytea', $field["type"]) && !is_utf8($val)) {
                        $return = lang('%d byte(s)', strlen($val));
                        if (ereg("^(GIF|\xFF\xD8\xFF|\x89PNG\x0D\x0A\x1A\x0A)", $val)) { // GIF|JPG|PNG, getimagetype() works with filename