sysutils/webmin/patches/patch-am

   1 $NetBSD$
   2
   3 --- mysql/search_form.cgi.orig  2007-09-21 23:26:42.000000000 +0200
   4 +++ mysql/search_form.cgi
   5 @@ -12,7 +12,8 @@ require './view-lib.pl';
   6  &can_edit_db($in{'db'}) || &error($text{'dbase_ecannot'});
   7  @str = &table_structure($in{'db'}, $in{'table'});
   8
   9 -$desc = &text('table_header', "<tt>$in{'table'}</tt>", "<tt>$in{'db'}</tt>");
  10 +$desc = &text('table_header', "<tt>" . &html_escape($in{'table'}) .
  11 +       "</tt>", "<tt>" . &html_escape($in{'db'}) . "</tt>");
  12  &ui_print_header($desc, $text{'adv_title'}, "");
  13
  14  print &ui_form_start("view_table.cgi", "post");
  15 @@ -36,13 +37,13 @@ print "</table>\n";
  16  print &ui_form_end([ [ "advanced", $text{'adv_ok'} ] ]);
  17
  18  if ($access{'edonly'}) {
  19 -       &ui_print_footer("edit_dbase.cgi?db=$in{'db'}",$text{'dbase_return'},
  20 -               "", $text{'index_return'});
  21 +       &ui_print_footer("edit_dbase.cgi?db=" . &urlize($in{'db'}),
  22 +               $text{'dbase_return'}, "", $text{'index_return'});
  23         }
  24  else {
  25 -       &ui_print_footer("edit_table.cgi?db=$in{'db'}&table=$in{'table'}",
  26 -               $text{'table_return'},
  27 -               "edit_dbase.cgi?db=$in{'db'}", $text{'dbase_return'},
  28 -               "", $text{'index_return'});
  29 +       &ui_print_footer("edit_table.cgi?db=" . &urlize($in{'db'}) .
  30 +               "&table=" . &urlize($in{'table'}), $text{'table_return'},
  31 +               "edit_dbase.cgi?db=" .  &urlize($in{'db'}),
  32 +               $text{'dbase_return'}, "", $text{'index_return'});
  33         }
  34