diff --git a/adminer/include/design.inc.php b/adminer/include/design.inc.php index 85c501c0..383f1e51 100644 --- a/adminer/include/design.inc.php +++ b/adminer/include/design.inc.php @@ -38,7 +38,7 @@ var areYouSure = ''; -
onkeydown="bodyKeydown(event);" onload="bodyLoad('server_info, 0, 3) : ""); ?>');"> + onkeydown="bodyKeydown(event);" onload="bodyLoad('server_info, 0, 3) : ""); ?>');"> diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php index d6a6ffc9..89b393dd 100644 --- a/adminer/include/functions.inc.php +++ b/adminer/include/functions.inc.php @@ -130,7 +130,7 @@ function optionlist($options, $selected = null, $use_keys = false) { */ function html_select($name, $options, $value = "", $onchange = true) { if ($onchange) { - return ""; + return ""; } $return = ""; foreach ($options as $key => $val) { @@ -676,7 +676,7 @@ function input($field, $value, $function) { } $first++; } - $onchange = ($first ? " onchange=\"var f = this.form['function[" . js_escape($name) . "]']; if ($first > f.selectedIndex) f.selectedIndex = $first;\"" : ""); + $onchange = ($first ? " onchange=\"var f = this.form['function[" . h(js_escape($name)) . "]']; if ($first > f.selectedIndex) f.selectedIndex = $first;\"" : ""); $attrs .= $onchange; echo (count($functions) > 1 ? html_select("function[$name]", $functions, !isset($function) || in_array($function, $functions) || isset($functions[$function]) ? $function : "", "functionChange(this);") : nbsp(reset($functions))) . '