projects / phppgadmin.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 649866e)
move xss prevention to end of lib.inc.php in case we override $lang[appcharset]
authorxzilla <xzilla>
Fri, 1 Jun 2007 12:30:45 +0000 (12:30 +0000)
committerxzilla <xzilla>
Fri, 1 Jun 2007 12:30:45 +0000 (12:30 +0000)
libraries/lib.inc.php patch | blob | blame | history

diff --git a/libraries/lib.inc.php b/libraries/lib.inc.php
index cda3baf5832de96183040566c10ca4860f1b92d0..adfa9f277abbd9ade82340cedb2159d90599880e 100644 (file)
--- a/libraries/lib.inc.php
+++ b/libraries/lib.inc.php
@@ -3,12 +3,9 @@
        /**
         * Function library read in upon startup
         *
-        * $Id: lib.inc.php,v 1.111.2.3 2007/05/28 19:30:17 soranzo Exp $
+        * $Id: lib.inc.php,v 1.111.2.4 2007/06/01 12:30:45 xzilla Exp $
         */
 
-       // Prevent XSS attacks
-       $PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF']);
-
        include_once('./libraries/decorator.inc.php');
        include_once('./lang/translations.php');
        
@@ -223,4 +220,7 @@
                }
        }
 
+       // Prevent XSS attacks
+    $PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, $lang['appcharset']);
+
 ?>
phpPgAdmin is the premiere web based administration tool for PostgreSQL.