ChangeLog for XSS search
[phpmyadmin/sankalp_k.git] / error.php
blob750ac60e3ad13f3cb850e2b9304f116f3ed1c1ea
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * phpMyAdmin fatal error display page
6 * @version $Id$
7 */
9 /* Input sanitizing */
10 require_once './libraries/sanitizing.lib.php';
12 /* Get variables */
13 if (! empty($_REQUEST['lang']) && is_string($_REQUEST['lang'])) {
14 $lang = htmlspecialchars($_REQUEST['lang']);
15 } else {
16 $lang = 'en';
19 if (! empty($_REQUEST['dir']) && is_string($_REQUEST['dir'])) {
20 $dir = htmlspecialchars($_REQUEST['dir']);
21 } else {
22 $dir = 'ltr';
25 if (! empty($_REQUEST['type']) && is_string($_REQUEST['type'])) {
26 $type = htmlspecialchars($_REQUEST['type']);
27 } else {
28 $type = 'error';
31 // force utf-8 to avoid XSS with crafted URL and utf-7 in charset parameter
32 $charset = 'utf-8';
34 header('Content-Type: text/html; charset=' . $charset);
36 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
37 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $lang; ?>" dir="<?php echo $dir; ?>">
38 <head>
39 <link rel="icon" href="./favicon.ico" type="image/x-icon" />
40 <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
41 <title>phpMyAdmin</title>
42 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $charset; ?>" />
43 <style type="text/css">
44 <!--
45 html {
46 padding: 0;
47 margin: 0;
49 body {
50 font-family: sans-serif;
51 font-size: small;
52 color: #000000;
53 background-color: #F5F5F5;
54 margin: 1em;
56 h1 {
57 margin: 0;
58 padding: 0.3em;
59 font-size: 1.4em;
60 font-weight: bold;
61 color: #ffffff;
62 background-color: #ff0000;
64 p {
65 margin: 0;
66 padding: 0.5em;
67 border: 0.1em solid red;
68 background-color: #ffeeee;
70 //-->
71 </style>
72 </head>
73 <body>
74 <h1>phpMyAdmin - <?php echo $type; ?></h1>
75 <p><?php
76 if (!empty($_REQUEST['error'])) {
77 if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
78 echo PMA_sanitize(stripslashes($_REQUEST['error']));
79 } else {
80 echo PMA_sanitize($_REQUEST['error']);
82 } else {
83 echo 'No error message!';
85 ?></p>
86 </body>
87 </html>