aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/db/mysql.php
diff options
context:
space:
mode:
authorLudovic Arnaud <ludovic_arnaud@users.sourceforge.net>2003-04-16 20:22:12 +0000
committerLudovic Arnaud <ludovic_arnaud@users.sourceforge.net>2003-04-16 20:22:12 +0000
commitafaf95bb133ec8a577f87abfa4158f51677cd3c4 (patch)
tree6a23043029ffc0d8c570760c45d1ac8eac4e9424 /phpBB/includes/db/mysql.php
parent1f4b7d27afcac0d7ea2ee1b57fdda7961f093020 (diff)
downloadforums-afaf95bb133ec8a577f87abfa4158f51677cd3c4.tar
forums-afaf95bb133ec8a577f87abfa4158f51677cd3c4.tar.gz
forums-afaf95bb133ec8a577f87abfa4158f51677cd3c4.tar.bz2
forums-afaf95bb133ec8a577f87abfa4158f51677cd3c4.tar.xz
forums-afaf95bb133ec8a577f87abfa4158f51677cd3c4.zip
Random XSS exploit
git-svn-id: file:///svn/phpbb/trunk@3855 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/db/mysql.php')
-rw-r--r--phpBB/includes/db/mysql.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/includes/db/mysql.php b/phpBB/includes/db/mysql.php
index f670c8e682..1da5ee2622 100644
--- a/phpBB/includes/db/mysql.php
+++ b/phpBB/includes/db/mysql.php
@@ -429,7 +429,7 @@ class sql_db
$this_page = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF'];
$this_page .= '&' . ((!empty($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : $_ENV['QUERY_STRING']);
- $message = '<u>SQL ERROR</u> [ ' . SQL_LAYER . ' ]<br /><br />' . @mysql_error() . '<br /><br /><u>CALLING PAGE</u><br /><br />' . $this_page . (($sql != '') ? '<br /><br /><u>SQL</u><br /><br />' . $sql : '') . '<br />';
+ $message = '<u>SQL ERROR</u> [ ' . SQL_LAYER . ' ]<br /><br />' . @mysql_error() . '<br /><br /><u>CALLING PAGE</u><br /><br />' . htmlspecialchars($this_page) . (($sql != '') ? '<br /><br /><u>SQL</u><br /><br />' . $sql : '') . '<br />';
trigger_error($message, E_USER_ERROR);
}
generated by cgit v1.2.1 (git 2.21.0) at 2025-04-26 17:48:56 +0000