From 596f8df373cd3efe5bcb6013858bd7a6bb5ecb2c Mon Sep 17 00:00:00 2001
From: Jakub Vrana <jakub@vrana.cz>
Date: Wed, 5 Aug 2015 18:12:36 -0700
Subject: [PATCH] Fix XSS in alter table (found by HP Fortify)

---
 adminer/include/editing.inc.php | 1 +
 adminer/include/version.inc.php | 2 +-
 changes.txt                     | 3 +++
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/adminer/include/editing.inc.php b/adminer/include/editing.inc.php
index fd2b9e24..3a347a87 100644
--- a/adminer/include/editing.inc.php
+++ b/adminer/include/editing.inc.php
@@ -234,6 +234,7 @@ function type_class($type) {
 */
 function edit_fields($fields, $collations, $type = "TABLE", $foreign_keys = array(), $comments = false) {
 	global $connection, $inout;
+	$fields = array_values($fields);
 	?>
 <thead><tr class="wrap">
 <?php if ($type == "PROCEDURE") { ?><td>&nbsp;<?php } ?>
diff --git a/adminer/include/version.inc.php b/adminer/include/version.inc.php
index 95642c3c..2c60500b 100644
--- a/adminer/include/version.inc.php
+++ b/adminer/include/version.inc.php
@@ -1,2 +1,2 @@
 <?php
-$VERSION = "4.2.1";
+$VERSION = "4.2.2";
diff --git a/changes.txt b/changes.txt
index bb3be89f..e4160af2 100644
--- a/changes.txt
+++ b/changes.txt
@@ -1,3 +1,6 @@
+Adminer 4.2.2 (released ):
+Fix XSS in alter table (found by HP Fortify)
+
 Adminer 4.2.1 (released 2015-03-10):
 Send referrer header to the same domain
 MySQL: Fix usage of utf8mb4 if the client library doesn't support it