From 3b592c64b4d9cf99d791531a24a5f6f6af45ffce Mon Sep 17 00:00:00 2001
From: jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Date: Thu, 30 Jul 2009 08:37:38 +0000
Subject: [PATCH] Escape $functions

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@945 7c3ca157-0c34-0410-bff1-cbf682f78f5c
---
 adminer/include/functions.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index f4a43da3..4859e4f2 100644
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -303,7 +303,7 @@ function input($field, $value, $function) {
 		$functions = (isset($_GET["select"]) ? array("orig" => lang('original')) : array()) + $adminer->editFunctions($field);
 		$first = array_search("", $functions) + (isset($_GET["select"]) ? 1 : 0);
 		$onchange = ($first ? " onchange=\"var f = this.form['function[" . addcslashes($name, "\r\n'\\") . "]']; if ($first > f.selectedIndex) f.selectedIndex = $first;\"" : "");
-		echo (count($functions) > 1 ? "<select name='function[$name]'>" . optionlist($functions, $function) . "</select>" : (strlen($functions[0]) ? $functions[0] : "&nbsp;")) . '<td>';
+		echo (count($functions) > 1 ? "<select name='function[$name]'>" . optionlist($functions, $function) . "</select>" : (strlen($functions[0]) ? h($functions[0]) : "&nbsp;")) . '<td>';
 		$input = $adminer->editInput($_GET["edit"], $field, " name='fields[$name]'$onchange", $value); // usage in call is without a table
 		if (strlen($input)) {
 			echo $input;