From 689699aa171df4cfbb2507afe9298977aaef828a Mon Sep 17 00:00:00 2001
From: jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Date: Tue, 28 Jul 2009 16:20:50 +0000
Subject: [PATCH] Shortcut for htmlspecialchars

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@936 7c3ca157-0c34-0410-bff1-cbf682f78f5c
---
 adminer/call.inc.php              |  8 +++---
 adminer/create.inc.php            | 14 +++++-----
 adminer/database.inc.php          |  4 +--
 adminer/db.inc.php                | 34 +++++++++++------------
 adminer/dump.inc.php              |  6 ++--
 adminer/edit.inc.php              |  2 +-
 adminer/event.inc.php             | 14 +++++-----
 adminer/include/adminer.inc.php   | 38 ++++++++++++-------------
 adminer/include/auth.inc.php      |  4 +--
 adminer/include/connect.inc.php   |  6 ++--
 adminer/include/design.inc.php    | 12 ++++----
 adminer/include/editing.inc.php   |  6 ++--
 adminer/include/functions.inc.php | 46 +++++++++++++++++--------------
 adminer/indexes.inc.php           |  2 +-
 adminer/privileges.inc.php        |  6 ++--
 adminer/procedure.inc.php         |  6 ++--
 adminer/schema.inc.php            |  8 +++---
 adminer/select.inc.php            | 26 ++++++++---------
 adminer/sql.inc.php               |  6 ++--
 adminer/table.inc.php             | 36 ++++++++++++------------
 adminer/trigger.inc.php           |  8 +++---
 adminer/user.inc.php              | 14 +++++-----
 adminer/variables.inc.php         |  4 +--
 adminer/view.inc.php              |  4 +--
 compile.php                       |  2 +-
 coverage.php                      |  2 +-
 editor/example.php                |  4 +--
 editor/include/adminer.inc.php    | 16 +++++------
 28 files changed, 171 insertions(+), 167 deletions(-)

diff --git a/adminer/call.inc.php b/adminer/call.inc.php
index e0c17d03..b3f6e179 100644
--- a/adminer/call.inc.php
+++ b/adminer/call.inc.php
@@ -1,5 +1,5 @@
 <?php
-page_header(lang('Call') . ": " . htmlspecialchars($_GET["call"]), $error);
+page_header(lang('Call') . ": " . h($_GET["call"]), $error);
 
 $routine = routine($_GET["call"], (isset($_GET["callf"]) ? "FUNCTION" : "PROCEDURE"));
 $in = array();
@@ -22,14 +22,14 @@ if (!$error && $_POST) {
 				$val = "''";
 			}
 			if (isset($out[$key])) {
-				$dbh->query("SET @" . idf_escape($field["field"]) . " = " . $val);
+				$dbh->query("SET @" . idf_escape($field["field"]) . " = $val");
 			}
 		}
 		$call[] = (isset($out[$key]) ? "@" . idf_escape($field["field"]) : $val);
 	}
 	$result = $dbh->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($_GET["call"]) . "(" . implode(", ", $call) . ")");
 	if (!$result) {
-		echo "<p class='error'>" . htmlspecialchars($dbh->error) . "\n";
+		echo "<p class='error'>" . h($dbh->error) . "\n";
 	} else {
 		do {
 			$result = $dbh->store_result();
@@ -52,7 +52,7 @@ if ($in) {
 	echo "<table cellspacing='0'>\n";
 	foreach ($in as $key) {
 		$field = $routine["fields"][$key];
-		echo "<tr><th>" . htmlspecialchars($field["field"]);
+		echo "<tr><th>" . h($field["field"]);
 		$value = $_POST["fields"][$key];
 		if (strlen($value) && ($field["type"] == "enum" || $field["type"] == "set")) {
 			$value = intval($value);
diff --git a/adminer/create.inc.php b/adminer/create.inc.php
index ce5bb3b0..64de551a 100644
--- a/adminer/create.inc.php
+++ b/adminer/create.inc.php
@@ -126,13 +126,13 @@ $collations = collations();
 
 $suhosin = floor(extension_loaded("suhosin") ? (min(ini_get("suhosin.request.max_vars"), ini_get("suhosin.post.max_vars")) - 13) / 8 : 0);
 if ($suhosin && count($row["fields"]) > $suhosin) {
-	echo "<p class='error'>" . htmlspecialchars(lang('Maximum number of allowed fields exceeded. Please increase %s and %s.', 'suhosin.post.max_vars', 'suhosin.request.max_vars')) . "\n";
+	echo "<p class='error'>" . h(lang('Maximum number of allowed fields exceeded. Please increase %s and %s.', 'suhosin.post.max_vars', 'suhosin.request.max_vars')) . "\n";
 }
 ?>
 
 <form action="" method="post" id="form">
 <p>
-<?php echo lang('Table name'); ?>: <input name="name" maxlength="64" value="<?php echo htmlspecialchars($row["name"]); ?>">
+<?php echo lang('Table name'); ?>: <input name="name" maxlength="64" value="<?php echo h($row["name"]); ?>">
 <select name="Engine"><option value="">(<?php echo lang('engine'); ?>)<?php echo optionlist($engines, $row["Engine"]); ?></select>
 <select name="Collation"><option value="">(<?php echo lang('collation'); ?>)<?php echo optionlist($collations, $row["Collation"]); ?></select>
 <input type="submit" value="<?php echo lang('Save'); ?>">
@@ -141,7 +141,7 @@ if ($suhosin && count($row["fields"]) > $suhosin) {
 </table>
 <p>
 <?php echo lang('Auto Increment'); ?>: <input name="Auto_increment" size="6" value="<?php echo intval($row["Auto_increment"]); ?>">
-<?php echo lang('Comment'); ?>: <input name="Comment" value="<?php echo htmlspecialchars($row["Comment"]); ?>" maxlength="60">
+<?php echo lang('Comment'); ?>: <input name="Comment" value="<?php echo h($row["Comment"]); ?>" maxlength="60">
 <script type="text/javascript">// <![CDATA[
 document.write('<label><input type="checkbox"<?php if ($column_comments) { ?> checked="checked"<?php } ?> onclick="column_comments_click(this.checked);"><?php echo lang('Show column comments'); ?></label>');
 // ]]></script>
@@ -155,15 +155,15 @@ if ($dbh->server_info >= 5.1) {
 <fieldset><legend><?php echo lang('Partition by'); ?></legend>
 <p>
 <select name="partition_by" onchange="partition_by_change(this);"><option><?php echo optionlist($partition_by, $row["partition_by"]); ?></select>
-(<input name="partition" value="<?php echo htmlspecialchars($row["partition"]); ?>">)
-<?php echo lang('Partitions'); ?>: <input name="partitions" size="2" value="<?php echo htmlspecialchars($row["partitions"]); ?>"<?php echo ($partition_table || !$row["partition_by"] ? " class='hidden'" : ""); ?>>
+(<input name="partition" value="<?php echo h($row["partition"]); ?>">)
+<?php echo lang('Partitions'); ?>: <input name="partitions" size="2" value="<?php echo h($row["partitions"]); ?>"<?php echo ($partition_table || !$row["partition_by"] ? " class='hidden'" : ""); ?>>
 <table cellspacing="0" id="partition-table"<?php echo ($partition_table ? "" : " class='hidden'"); ?>>
 <thead><tr><th><?php echo lang('Partition name'); ?><th><?php echo lang('Values'); ?></thead>
 <?php
 foreach ($row["partition_names"] as $key => $val) {
 	echo '<tr>';
-	echo '<td><input name="partition_names[]" value="' . htmlspecialchars($val) . '"' . ($key == count($row["partition_names"]) - 1 ? ' onchange="partition_name_change(this);"' : '') . '>';
-	echo '<td><input name="partition_values[]" value="' . htmlspecialchars($row["partition_values"][$key]) . '">';
+	echo '<td><input name="partition_names[]" value="' . h($val) . '"' . ($key == count($row["partition_names"]) - 1 ? ' onchange="partition_name_change(this);"' : '') . '>';
+	echo '<td><input name="partition_values[]" value="' . h($row["partition_values"][$key]) . '">';
 }
 ?>
 </table>
diff --git a/adminer/database.inc.php b/adminer/database.inc.php
index f807da57..d70e37a3 100644
--- a/adminer/database.inc.php
+++ b/adminer/database.inc.php
@@ -72,8 +72,8 @@ if ($_POST) {
 <form action="" method="post">
 <p>
 <?php echo ($_POST["add_x"]
-	? '<textarea name="name" rows="10" cols="40">' . htmlspecialchars($name) . '</textarea><br>'
-	: '<input name="name" value="' . htmlspecialchars($name) . '" maxlength="64">'
+	? '<textarea name="name" rows="10" cols="40">' . h($name) . '</textarea><br>'
+	: '<input name="name" value="' . h($name) . '" maxlength="64">'
 ) . "\n"; ?>
 <select name="collation"><option value="">(<?php echo lang('collation'); ?>)<?php echo optionlist($collations, $collate); ?></select>
 <input type="hidden" name="token" value="<?php echo $token; ?>">
diff --git a/adminer/db.inc.php b/adminer/db.inc.php
index ba068171..5fcdbb7f 100644
--- a/adminer/db.inc.php
+++ b/adminer/db.inc.php
@@ -31,16 +31,16 @@ if ($tables_views && !$error) {
 			$message = lang('Tables have been dropped.');
 		} else {
 			while ($row = $result->fetch_assoc()) {
-				$message .= htmlspecialchars("$row[Table]: $row[Msg_text]") . "<br>";
+				$message .= h("$row[Table]: $row[Msg_text]") . "<br>";
 			}
 		}
 	}
 	query_redirect(queries(), substr($SELF, 0, -1), $message, $result, false, !$result);
 }
 
-page_header(lang('Database') . ": " . htmlspecialchars($_GET["db"]), $error, false);
-echo '<p><a href="' . htmlspecialchars($SELF) . 'database=">' . lang('Alter database') . "</a>\n";
-echo '<p><a href="' . htmlspecialchars($SELF) . 'schema=">' . lang('Database schema') . "</a>\n";
+page_header(lang('Database') . ": " . h($_GET["db"]), $error, false);
+echo '<p><a href="' . h($SELF) . 'database=">' . lang('Alter database') . "</a>\n";
+echo '<p><a href="' . h($SELF) . 'schema=">' . lang('Database schema') . "</a>\n";
 
 echo "<h3>" . lang('Tables and views') . "</h3>\n";
 $table_status = table_status();
@@ -53,17 +53,17 @@ if (!$table_status) {
 	foreach ($table_status as $row) {
 		$name = $row["Name"];
 		table_comment($row);
-		echo '<tr' . odd() . '><td><input type="checkbox" name="' . (isset($row["Rows"]) ? 'tables' : 'views') . '[]" value="' . htmlspecialchars($name) . '"' . (in_array($name, $tables_views, true) ? ' checked="checked"' : '') . ' onclick="form_uncheck(\'check-all\');">';
-		echo '<th><a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($name) . '">' . htmlspecialchars($name) . '</a>';
+		echo '<tr' . odd() . '><td><input type="checkbox" name="' . (isset($row["Rows"]) ? 'tables' : 'views') . '[]" value="' . h($name) . '"' . (in_array($name, $tables_views, true) ? ' checked="checked"' : '') . ' onclick="form_uncheck(\'check-all\');">';
+		echo '<th><a href="' . h($SELF) . 'table=' . urlencode($name) . '">' . h($name) . '</a>';
 		if (isset($row["Rows"])) {
 			echo "<td>$row[Engine]<td>$row[Collation]";
 			foreach (array("Data_length" => "create", "Index_length" => "indexes", "Data_free" => "edit", "Auto_increment" => "create", "Rows" => "select") as $key => $link) {
 				$val = number_format($row[$key], 0, '.', lang(','));
-				echo '<td align="right">' . (strlen($row[$key]) ? '<a href="' . htmlspecialchars("$SELF$link=") . urlencode($name) . '">' . str_replace(" ", "&nbsp;", ($key == "Rows" && $row["Engine"] == "InnoDB" && $val ? lang('~ %s', $val) : $val)) . '</a>' : '&nbsp;');
+				echo '<td align="right">' . (strlen($row[$key]) ? '<a href="' . h("$SELF$link=") . urlencode($name) . '">' . str_replace(" ", "&nbsp;", ($key == "Rows" && $row["Engine"] == "InnoDB" && $val ? lang('~ %s', $val) : $val)) . '</a>' : '&nbsp;');
 			}
-			echo "<td>" . (strlen(trim($row["Comment"])) ? htmlspecialchars($row["Comment"]) : "&nbsp;");
+			echo "<td>" . (strlen(trim($row["Comment"])) ? h($row["Comment"]) : "&nbsp;");
 		} else {
-			echo '<td colspan="8"><a href="' . htmlspecialchars($SELF) . "select=" . urlencode($name) . '">' . lang('View') . '</a>';
+			echo '<td colspan="8"><a href="' . h($SELF) . "select=" . urlencode($name) . '">' . lang('View') . '</a>';
 		}
 	}
 	echo "</table>\n";
@@ -71,27 +71,27 @@ if (!$table_status) {
 	$dbs = get_databases();
 	if (count($dbs) != 1) {
 		$db = (isset($_POST["target"]) ? $_POST["target"] : $_GET["db"]);
-		echo "<p>" . lang('Move to other database') . ($dbs ? ": <select name='target'>" . optionlist($dbs, $db) . "</select>" : ': <input name="target" value="' . htmlspecialchars($db) . '">') . " <input type='submit' name='move' value='" . lang('Move') . "'>\n";
+		echo "<p>" . lang('Move to other database') . ($dbs ? ": <select name='target'>" . optionlist($dbs, $db) . "</select>" : ': <input name="target" value="' . h($db) . '">') . " <input type='submit' name='move' value='" . lang('Move') . "'>\n";
 	}
 	echo "</form>\n";
 }
 
 if ($dbh->server_info >= 5) {
-	echo '<p><a href="' . htmlspecialchars($SELF) . 'view=">' . lang('Create view') . "</a>\n";
+	echo '<p><a href="' . h($SELF) . 'view=">' . lang('Create view') . "</a>\n";
 	echo "<h3>" . lang('Routines') . "</h3>\n";
 	$result = $dbh->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = " . $dbh->quote($_GET["db"]));
 	if ($result->num_rows) {
 		echo "<table cellspacing='0'>\n";
 		while ($row = $result->fetch_assoc()) {
 			echo "<tr>";
-			echo "<td>" . htmlspecialchars($row["ROUTINE_TYPE"]);
-			echo '<th><a href="' . htmlspecialchars($SELF) . ($row["ROUTINE_TYPE"] == "FUNCTION" ? 'callf=' : 'call=') . urlencode($row["ROUTINE_NAME"]) . '">' . htmlspecialchars($row["ROUTINE_NAME"]) . '</a>';
-			echo '<td><a href="' . htmlspecialchars($SELF) . ($row["ROUTINE_TYPE"] == "FUNCTION" ? 'function=' : 'procedure=') . urlencode($row["ROUTINE_NAME"]) . '">' . lang('Alter') . "</a>";
+			echo "<td>" . h($row["ROUTINE_TYPE"]);
+			echo '<th><a href="' . h($SELF) . ($row["ROUTINE_TYPE"] == "FUNCTION" ? 'callf=' : 'call=') . urlencode($row["ROUTINE_NAME"]) . '">' . h($row["ROUTINE_NAME"]) . '</a>';
+			echo '<td><a href="' . h($SELF) . ($row["ROUTINE_TYPE"] == "FUNCTION" ? 'function=' : 'procedure=') . urlencode($row["ROUTINE_NAME"]) . '">' . lang('Alter') . "</a>";
 		}
 		echo "</table>\n";
 	}
 	$result->free();
-	echo '<p><a href="' . htmlspecialchars($SELF) . 'procedure=">' . lang('Create procedure') . '</a> <a href="' . htmlspecialchars($SELF) . 'function=">' . lang('Create function') . "</a>\n";
+	echo '<p><a href="' . h($SELF) . 'procedure=">' . lang('Create procedure') . '</a> <a href="' . h($SELF) . 'function=">' . lang('Create function') . "</a>\n";
 }
 
 if ($dbh->server_info >= 5.1 && ($result = $dbh->query("SHOW EVENTS"))) {
@@ -101,12 +101,12 @@ if ($dbh->server_info >= 5.1 && ($result = $dbh->query("SHOW EVENTS"))) {
 		echo "<thead><tr><th>" . lang('Name') . "<td>" . lang('Schedule') . "<td>" . lang('Start') . "<td>" . lang('End') . "</thead>\n";
 		while ($row = $result->fetch_assoc()) {
 			echo "<tr>";
-			echo '<th><a href="' . htmlspecialchars($SELF) . 'event=' . urlencode($row["Name"]) . '">' . htmlspecialchars($row["Name"]) . "</a>";
+			echo '<th><a href="' . h($SELF) . 'event=' . urlencode($row["Name"]) . '">' . h($row["Name"]) . "</a>";
 			echo "<td>" . ($row["Execute at"] ? lang('At given time') . "<td>" . $row["Execute at"] : lang('Every') . " " . $row["Interval value"] . " " . $row["Interval field"] . "<td>$row[Starts]");
 			echo "<td>$row[Ends]";
 		}
 		echo "</table>\n";
 	}
 	$result->free();
-	echo '<p><a href="' . htmlspecialchars($SELF) . 'event=">' . lang('Create event') . "</a>\n";
+	echo '<p><a href="' . h($SELF) . 'event=">' . lang('Create event') . "</a>\n";
 }
diff --git a/adminer/dump.inc.php b/adminer/dump.inc.php
index a27b0e0b..60d4d1d3 100644
--- a/adminer/dump.inc.php
+++ b/adminer/dump.inc.php
@@ -182,11 +182,11 @@ if (strlen($_GET["db"])) {
 	$views = "";
 	foreach (table_status() as $row) {
 		$checked = (strlen($_GET["dump"]) && $row["Name"] != $_GET["dump"] ? '' : " checked='checked'");
-		$print = '<tr><td><label><input type="checkbox" name="tables[]" value="' . htmlspecialchars($row["Name"]) . "\"$checked onclick=\"form_uncheck('check-tables');\">" . htmlspecialchars($row["Name"]) . "</label>";
+		$print = "<tr><td><label><input type='checkbox' name='tables[]' value='" . h($row["Name"]) . "'$checked onclick=\"form_uncheck('check-tables');\">" . h($row["Name"]) . "</label>";
 		if (!$row["Engine"]) {
 			$views .= "$print\n";
 		} else {
-			echo "$print<td align='right'><label>" . ($row["Engine"] == "InnoDB" && $row["Rows"] ? lang('~ %s', $row["Rows"]) : $row["Rows"]) . '<input type="checkbox" name="data[]" value="' . htmlspecialchars($row["Name"]) . "\"$checked onclick=\"form_uncheck('check-data');\"></label>\n";
+			echo "$print<td align='right'><label>" . ($row["Engine"] == "InnoDB" && $row["Rows"] ? lang('~ %s', $row["Rows"]) : $row["Rows"]) . "<input type='checkbox' name='data[]' value='" . h($row["Name"]) . "'$checked onclick=\"form_uncheck('check-data');\"></label>\n";
 		}
 	}
 	echo $views;
@@ -194,7 +194,7 @@ if (strlen($_GET["db"])) {
 	echo "<thead><tr><th style='text-align: left;'><label><input type='checkbox' id='check-databases' checked='checked' onclick='form_check(this, /^databases\\[/);'>" . lang('Database') . "</label></thead>\n";
 	foreach (get_databases() as $db) {
 		if (!information_schema($db)) {
-			echo '<tr><td><label><input type="checkbox" name="databases[]" value="' . htmlspecialchars($db) . '" checked="checked" onclick="form_uncheck(\'check-databases\');">' . htmlspecialchars($db) . "</label>\n";
+			echo '<tr><td><label><input type="checkbox" name="databases[]" value="' . h($db) . '" checked="checked" onclick="form_uncheck(\'check-databases\');">' . h($db) . "</label>\n";
 		}
 	}
 }
diff --git a/adminer/edit.inc.php b/adminer/edit.inc.php
index e556c038..c134e988 100644
--- a/adminer/edit.inc.php
+++ b/adminer/edit.inc.php
@@ -85,7 +85,7 @@ if ($fields) {
 				$create = $dbh->result($dbh->query("SHOW CREATE TABLE " . idf_escape($_GET["edit"])), 1);
 			}
 			$checked = ($_POST ? $_POST["on_update"][bracket_escape($name)] : preg_match("~\n\\s*" . preg_quote(idf_escape($name), '~') . " timestamp.* on update CURRENT_TIMESTAMP~i", $create));
-			echo '<label><input type="checkbox" name="on_update[' . htmlspecialchars(bracket_escape($name)) . ']" value="1"' . ($checked ? ' checked="checked"' : '') . '>' . lang('ON UPDATE CURRENT_TIMESTAMP') . '</label>';
+			echo '<label><input type="checkbox" name="on_update[' . h(bracket_escape($name)) . ']" value="1"' . ($checked ? ' checked="checked"' : '') . '>' . lang('ON UPDATE CURRENT_TIMESTAMP') . '</label>';
 		}
 		echo "\n";
 	}
diff --git a/adminer/event.inc.php b/adminer/event.inc.php
index 6ada53ff..07208ef5 100644
--- a/adminer/event.inc.php
+++ b/adminer/event.inc.php
@@ -23,7 +23,7 @@ if ($_POST && !$error) {
 	}
 }
 
-page_header((strlen($_GET["event"]) ? lang('Alter event') . ": " . htmlspecialchars($_GET["event"]) : lang('Create event')), $error);
+page_header((strlen($_GET["event"]) ? lang('Alter event') . ": " . h($_GET["event"]) : lang('Create event')), $error);
 
 $row = array();
 if ($_POST) {
@@ -37,15 +37,15 @@ if ($_POST) {
 
 <form action="" method="post">
 <table cellspacing="0">
-<tr><th><?php echo lang('Name'); ?><td><input name="EVENT_NAME" value="<?php echo htmlspecialchars($row["EVENT_NAME"]); ?>" maxlength="64">
-<tr><th><?php echo lang('Start'); ?><td><input name="STARTS" value="<?php echo htmlspecialchars("$row[EXECUTE_AT]$row[STARTS]"); ?>">
-<tr><th><?php echo lang('End'); ?><td><input name="ENDS" value="<?php echo htmlspecialchars($row["ENDS"]); ?>">
-<tr><th><?php echo lang('Every'); ?><td><input name="INTERVAL_VALUE" value="<?php echo htmlspecialchars($row["INTERVAL_VALUE"]); ?>" size="6"> <select name="INTERVAL_FIELD"><?php echo optionlist($intervals, $row["INTERVAL_FIELD"]); ?></select>
+<tr><th><?php echo lang('Name'); ?><td><input name="EVENT_NAME" value="<?php echo h($row["EVENT_NAME"]); ?>" maxlength="64">
+<tr><th><?php echo lang('Start'); ?><td><input name="STARTS" value="<?php echo h("$row[EXECUTE_AT]$row[STARTS]"); ?>">
+<tr><th><?php echo lang('End'); ?><td><input name="ENDS" value="<?php echo h($row["ENDS"]); ?>">
+<tr><th><?php echo lang('Every'); ?><td><input name="INTERVAL_VALUE" value="<?php echo h($row["INTERVAL_VALUE"]); ?>" size="6"> <select name="INTERVAL_FIELD"><?php echo optionlist($intervals, $row["INTERVAL_FIELD"]); ?></select>
 <tr><th><?php echo lang('Status'); ?><td><select name="STATUS"><?php echo optionlist($statuses, $row["STATUS"]); ?></select>
-<tr><th><?php echo lang('Comment'); ?><td><input name="EVENT_COMMENT" value="<?php echo htmlspecialchars($row["EVENT_COMMENT"]); ?>" maxlength="64">
+<tr><th><?php echo lang('Comment'); ?><td><input name="EVENT_COMMENT" value="<?php echo h($row["EVENT_COMMENT"]); ?>" maxlength="64">
 <tr><th>&nbsp;<td><label><input type="checkbox" name="ON_COMPLETION" value="PRESERVE"<?php echo ($row["ON_COMPLETION"] == "PRESERVE" ? " checked='checked'" : ""); ?>><?php echo lang('On completion preserve'); ?></label>
 </table>
-<p><textarea name="EVENT_DEFINITION" rows="10" cols="80" style="width: 98%;"><?php echo htmlspecialchars($row["EVENT_DEFINITION"]); ?></textarea>
+<p><textarea name="EVENT_DEFINITION" rows="10" cols="80" style="width: 98%;"><?php echo h($row["EVENT_DEFINITION"]); ?></textarea>
 <p>
 <input type="hidden" name="token" value="<?php echo $token; ?>">
 <input type="submit" value="<?php echo lang('Save'); ?>">
diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php
index f835ab5a..919fd192 100644
--- a/adminer/include/adminer.inc.php
+++ b/adminer/include/adminer.inc.php
@@ -33,8 +33,8 @@ class Adminer {
 	function loginForm($username) {
 		?>
 <table cellspacing="0">
-<tr><th><?php echo lang('Server'); ?><td><input name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>">
-<tr><th><?php echo lang('Username'); ?><td><input name="username" value="<?php echo htmlspecialchars($username); ?>">
+<tr><th><?php echo lang('Server'); ?><td><input name="server" value="<?php echo h($_GET["server"]); ?>">
+<tr><th><?php echo lang('Username'); ?><td><input name="username" value="<?php echo h($username); ?>">
 <tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
 </table>
 <?php
@@ -54,7 +54,7 @@ class Adminer {
 	* @return string
 	*/
 	function tableName($tableStatus) {
-		return htmlspecialchars($tableStatus["Name"]);
+		return h($tableStatus["Name"]);
 	}
 	
 	/** Field caption used in select and edit
@@ -63,7 +63,7 @@ class Adminer {
 	* @return string
 	*/
 	function fieldName($field, $order = 0) {
-		return '<span title="' . htmlspecialchars($field["full_type"]) . '">' . htmlspecialchars($field["field"]) . '</span>';
+		return '<span title="' . h($field["full_type"]) . '">' . h($field["field"]) . '</span>';
 	}
 	
 	/** Links after select heading
@@ -72,7 +72,7 @@ class Adminer {
 	*/
 	function selectLinks($tableStatus) {
 		global $SELF;
-		return '<a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($_GET['select']) . '">' . lang('Table structure') . '</a>';
+		return '<a href="' . h($SELF) . 'table=' . urlencode($_GET['select']) . '">' . lang('Table structure') . '</a>';
 	}
 	
 	/** Find backward keys for table
@@ -90,7 +90,7 @@ class Adminer {
 	function selectQuery($query) {
 		global $SELF;
 		// it would be nice if $query can be passed by reference and printed value would be returned but call_user() doesn't allow reference parameters
-		return "<p><code class='jush-sql'>" . htmlspecialchars($query) . "</code> <a href='" . htmlspecialchars($SELF) . "sql=" . urlencode($query) . "'>" . lang('Edit') . "</a>\n";
+		return "<p><code class='jush-sql'>" . h($query) . "</code> <a href='" . h($SELF) . "sql=" . urlencode($query) . "'>" . lang('Edit') . "</a>\n";
 	}
 	
 	/** Description of a row in a table
@@ -163,8 +163,8 @@ class Adminer {
 		echo '<fieldset><legend><a href="#fieldset-search" onclick="return !toggle(\'fieldset-search\');">' . lang('Search') . "</a></legend><div id='fieldset-search'" . ($where ? "" : " class='hidden'") . ">\n";
 		foreach ($indexes as $i => $index) {
 			if ($index["type"] == "FULLTEXT") {
-				echo "(<i>" . implode("</i>, <i>", array_map('htmlspecialchars', $index["columns"])) . "</i>) AGAINST";
-				echo ' <input name="fulltext[' . $i . ']" value="' . htmlspecialchars($_GET["fulltext"][$i]) . '">';
+				echo "(<i>" . implode("</i>, <i>", array_map('h', $index["columns"])) . "</i>) AGAINST";
+				echo " <input name='fulltext[$i]' value='" . h($_GET["fulltext"][$i]) . "'>";
 				echo "<label><input type='checkbox' name='boolean[$i]' value='1'" . (isset($_GET["boolean"][$i]) ? " checked='checked'" : "") . ">" . lang('BOOL') . "</label>";
 				echo "<br>\n";
 			}
@@ -174,7 +174,7 @@ class Adminer {
 			if (strlen("$val[col]$val[val]") && in_array($val["op"], $this->operators)) {
 				echo "<div><select name='where[$i][col]'><option value=''>" . lang('(anywhere)') . optionlist($columns, $val["col"], true) . "</select>";
 				echo "<select name='where[$i][op]'>" . optionlist($this->operators, $val["op"]) . "</select>";
-				echo "<input name='where[$i][val]' value=\"" . htmlspecialchars($val["val"]) . "\"></div>\n";
+				echo "<input name='where[$i][val]' value='" . h($val["val"]) . "'></div>\n";
 				$i++;
 			}
 		}
@@ -211,7 +211,7 @@ class Adminer {
 	*/
 	function selectLimitPrint($limit) {
 		echo "<fieldset><legend>" . lang('Limit') . "</legend><div>"; // <div> for easy styling
-		echo "<input name='limit' size='3' value=\"" . htmlspecialchars($limit) . "\">";
+		echo "<input name='limit' size='3' value='" . h($limit) . "'>";
 		echo "</div></fieldset>\n";
 	}
 	
@@ -222,7 +222,7 @@ class Adminer {
 	function selectLengthPrint($text_length) {
 		if (isset($text_length)) {
 			echo "<fieldset><legend>" . lang('Text length') . "</legend><div>";
-			echo '<input name="text_length" size="3" value="' . htmlspecialchars($text_length) . '">';
+			echo '<input name="text_length" size="3" value="' . h($text_length) . '">';
 			echo "</div></fieldset>\n";
 		}
 	}
@@ -340,7 +340,7 @@ class Adminer {
 		global $SELF;
 		$id = "sql-" . count($_SESSION["messages"]);
 		$_SESSION["history"][$_GET["server"]][$_GET["db"]][] = $query;
-		return " <a href='#$id' onclick=\"return !toggle('$id');\">" . lang('SQL command') . "</a><div id='$id' class='hidden'><pre class='jush-sql'>" . htmlspecialchars($query) . '</pre><a href="' . htmlspecialchars($SELF . 'sql=&history=' . (count($_SESSION["history"][$_GET["server"]][$_GET["db"]]) - 1)) . '">' . lang('Edit') . '</a></div>';
+		return " <a href='#$id' onclick=\"return !toggle('$id');\">" . lang('SQL command') . "</a><div id='$id' class='hidden'><pre class='jush-sql'>" . h($query) . '</pre><a href="' . h($SELF . 'sql=&history=' . (count($_SESSION["history"][$_GET["server"]][$_GET["db"]]) - 1)) . '">' . lang('Edit') . '</a></div>';
 	}
 	
 	/** Functions displayed in edit form
@@ -422,18 +422,18 @@ class Adminer {
 			?>
 <form action="" method="post">
 <p>
-<a href="<?php echo htmlspecialchars($SELF); ?>sql="><?php echo lang('SQL command'); ?></a>
-<a href="<?php echo htmlspecialchars($SELF); ?>dump=<?php echo urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]); ?>"><?php echo lang('Dump'); ?></a>
+<a href="<?php echo h($SELF); ?>sql="><?php echo lang('SQL command'); ?></a>
+<a href="<?php echo h($SELF); ?>dump=<?php echo urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]); ?>"><?php echo lang('Dump'); ?></a>
 <input type="hidden" name="token" value="<?php echo $_SESSION["tokens"][$_GET["server"]]; ?>">
 <input type="submit" name="logout" value="<?php echo lang('Logout'); ?>">
 </p>
 </form>
 <form action="">
-<p><?php if (strlen($_GET["server"])) { ?><input type="hidden" name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>"><?php } ?>
+<p><?php if (strlen($_GET["server"])) { ?><input type="hidden" name="server" value="<?php echo h($_GET["server"]); ?>"><?php } ?>
 <?php if ($databases) { ?>
 <select name="db" onchange="this.form.submit();"><option value="">(<?php echo lang('database'); ?>)<?php echo optionlist($databases, $_GET["db"]); ?></select>
 <?php } else { ?>
-<input name="db" value="<?php echo htmlspecialchars($_GET["db"]); ?>">
+<input name="db" value="<?php echo h($_GET["db"]); ?>">
 <?php } ?>
 <?php if (isset($_GET["sql"])) { ?><input type="hidden" name="sql" value=""><?php } ?>
 <?php if (isset($_GET["schema"])) { ?><input type="hidden" name="schema" value=""><?php } ?>
@@ -449,12 +449,12 @@ class Adminer {
 				} else {
 					echo "<p>\n";
 					while ($row = $result->fetch_row()) {
-						echo '<a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($row[0]) . '">' . lang('select') . '</a> ';
-						echo '<a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($row[0]) . '">' . $this->tableName(array("Name" => $row[0])) . "</a><br>\n"; //! Adminer::tableName may work with full table status
+						echo '<a href="' . h($SELF) . 'select=' . urlencode($row[0]) . '">' . lang('select') . '</a> ';
+						echo '<a href="' . h($SELF) . 'table=' . urlencode($row[0]) . '">' . $this->tableName(array("Name" => $row[0])) . "</a><br>\n"; //! Adminer::tableName may work with full table status
 					}
 				}
 				$result->free();
-				echo '<p><a href="' . htmlspecialchars($SELF) . 'create=">' . lang('Create new table') . "</a>\n";
+				echo '<p><a href="' . h($SELF) . 'create=">' . lang('Create new table') . "</a>\n";
 			}
 		}
 	}
diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index 0b99c7b2..9be6903b 100644
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -40,13 +40,13 @@ function auth_error($exception = null) {
 	global $ignore, $dbh, $adminer;
 	$username = $_SESSION["usernames"][$_GET["server"]];
 	unset($_SESSION["usernames"][$_GET["server"]]);
-	page_header(lang('Login'), (isset($username) ? htmlspecialchars($exception ? $exception->getMessage() : (is_string($dbh) ? $dbh : lang('Invalid credentials.'))) : (isset($_POST["server"]) ? lang('Sessions must be enabled.') : ($_POST ? lang('Session expired, please login again.') : ""))), null);
+	page_header(lang('Login'), (isset($username) ? h($exception ? $exception->getMessage() : (is_string($dbh) ? $dbh : lang('Invalid credentials.'))) : (isset($_POST["server"]) ? lang('Sessions must be enabled.') : ($_POST ? lang('Session expired, please login again.') : ""))), null);
 	echo "<form action='' method='post'>\n";
 	$adminer->loginForm($username);
 	echo "<p>\n";
 	hidden_fields($_POST, $ignore); // expired session
 	foreach ($_FILES as $key => $val) {
-		echo '<input type="hidden" name="files[' . htmlspecialchars($key) . ']" value="' . ($val["error"] ? $val["error"] : base64_encode(file_get_contents($val["tmp_name"]))) . '">';
+		echo '<input type="hidden" name="files[' . h($key) . ']" value="' . ($val["error"] ? $val["error"] : base64_encode(file_get_contents($val["tmp_name"]))) . '">';
 	}
 	echo "<input type='submit' value='" . lang('Login') . "'>\n</form>\n";
 	page_footer("auth");
diff --git a/adminer/include/connect.inc.php b/adminer/include/connect.inc.php
index 8d10be5b..ffe05339 100644
--- a/adminer/include/connect.inc.php
+++ b/adminer/include/connect.inc.php
@@ -2,7 +2,7 @@
 function connect_error() {
 	global $dbh, $SELF, $VERSION;
 	if (strlen($_GET["db"])) {
-		page_header(lang('Database') . ": " . htmlspecialchars($_GET["db"]), lang('Invalid database.'), false);
+		page_header(lang('Database') . ": " . h($_GET["db"]), lang('Invalid database.'), false);
 	} else {
 		page_header(lang('Select database'), "", null);
 		foreach (array(
@@ -11,10 +11,10 @@ function connect_error() {
 			'processlist' => lang('Process list'),
 			'variables' => lang('Variables'),
 		) as $key => $val) {
-			echo '<p><a href="' . htmlspecialchars($SELF) . "$key=\">$val</a>\n";
+			echo '<p><a href="' . h($SELF) . "$key=\">$val</a>\n";
 		}
 		echo "<p>" . lang('MySQL version: %s through PHP extension %s', "<b" . ($dbh->server_info < 4.1 ? " class='binary'" : "") . ">$dbh->server_info</b>", "<b>$dbh->extension</b>") . "\n";
-		echo "<p>" . lang('Logged as: %s', "<b>" . htmlspecialchars($dbh->result($dbh->query("SELECT USER()"))) . "</b>") . "\n";
+		echo "<p>" . lang('Logged as: %s', "<b>" . h($dbh->result($dbh->query("SELECT USER()"))) . "</b>") . "\n";
 	}
 	page_footer("db");
 }
diff --git a/adminer/include/design.inc.php b/adminer/include/design.inc.php
index 07cd3547..060db123 100644
--- a/adminer/include/design.inc.php
+++ b/adminer/include/design.inc.php
@@ -8,7 +8,7 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
 <meta http-equiv="Content-Script-Type" content="text/javascript">
 <meta name="robots" content="noindex">
-<title><?php echo $title . (strlen($title2) ? ": " . htmlspecialchars($title2) : "") . (strlen($_GET["server"]) && $_GET["server"] != "localhost" ? htmlspecialchars("- $_GET[server]") : "") . " - " . $adminer->name(); ?></title>
+<title><?php echo $title . (strlen($title2) ? ": " . h($title2) : "") . (strlen($_GET["server"]) && $_GET["server"] != "localhost" ? h("- $_GET[server]") : "") . " - " . $adminer->name(); ?></title>
 <link rel="shortcut icon" type="image/x-icon" href="../adminer/favicon.ico">
 <link rel="stylesheet" type="text/css" href="../adminer/default.css<?php // Ondrej Valka, http://valka.info ?>">
 <?php if (file_exists("adminer.css")) { ?>
@@ -23,21 +23,21 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
 <?php
 	if (isset($breadcrumb)) {
 		$link = substr(preg_replace('~db=[^&]*&~', '', $SELF), 0, -1);
-		echo '<p id="breadcrumb"><a href="' . (strlen($link) ? htmlspecialchars($link) : ".") . '">' . (isset($_GET["server"]) ? htmlspecialchars($_GET["server"]) : lang('Server')) . '</a> &raquo; ';
+		echo '<p id="breadcrumb"><a href="' . (strlen($link) ? h($link) : ".") . '">' . (isset($_GET["server"]) ? h($_GET["server"]) : lang('Server')) . '</a> &raquo; ';
 		if (is_array($breadcrumb)) {
 			if (strlen($_GET["db"])) {
-				echo '<a href="' . htmlspecialchars(substr($SELF, 0, -1)) . '">' . htmlspecialchars($_GET["db"]) . '</a> &raquo; ';
+				echo '<a href="' . h(substr($SELF, 0, -1)) . '">' . h($_GET["db"]) . '</a> &raquo; ';
 			}
 			foreach ($breadcrumb as $key => $val) {
 				$desc = (is_array($val) ? $val[1] : $val);
 				if (strlen($desc)) {
-					echo '<a href="' . htmlspecialchars("$SELF$key=") . urlencode(is_array($val) ? $val[0] : $val) . '">' . htmlspecialchars($desc) . '</a> &raquo; ';
+					echo '<a href="' . h("$SELF$key=") . urlencode(is_array($val) ? $val[0] : $val) . '">' . h($desc) . '</a> &raquo; ';
 				}
 			}
 		}
 		echo "$title\n";
 	}
-	echo "<h2>$title" . (strlen($title2) ? ": " . htmlspecialchars($title2) : "") . "</h2>\n";
+	echo "<h2>$title" . (strlen($title2) ? ": " . h($title2) : "") . "</h2>\n";
 	if ($_SESSION["messages"]) {
 		echo "<div class='message'>" . implode("</div>\n<div class='message'>", $_SESSION["messages"]) . "</div>\n";
 		$_SESSION["messages"] = array();
@@ -63,7 +63,7 @@ function page_footer($missing = false) {
 <?php switch_lang(); ?>
 <div id="menu">
 <h1><a href="http://www.adminer.org/" class="h1"><?php echo $adminer->name(); ?></a> &nbsp; <?php echo $VERSION; ?> &nbsp;
-<a href='http://www.adminer.org/#download' id="version"><?php echo (version_compare($VERSION, $_COOKIE["adminer_version"]) < 0 ? htmlspecialchars($_COOKIE["adminer_version"]) : ""); ?></a>
+<a href='http://www.adminer.org/#download' id="version"><?php echo (version_compare($VERSION, $_COOKIE["adminer_version"]) < 0 ? h($_COOKIE["adminer_version"]) : ""); ?></a>
 </h1>
 <?php $adminer->navigation($missing); ?>
 </div>
diff --git a/adminer/include/editing.inc.php b/adminer/include/editing.inc.php
index 9202a43e..7c515257 100644
--- a/adminer/include/editing.inc.php
+++ b/adminer/include/editing.inc.php
@@ -21,7 +21,7 @@ function edit_type($key, $field, $collations, $foreign_keys = array()) {
 	global $structured_types, $unsigned, $inout;
 	?>
 <td><select name="<?php echo $key; ?>[type]" onchange="editing_type_change(this);"><?php echo optionlist($structured_types + ($foreign_keys ? array(lang('Foreign keys') => $foreign_keys) : array()), $field["type"]); ?></select>
-<td><input name="<?php echo $key; ?>[length]" value="<?php echo htmlspecialchars($field["length"]); ?>" size="3">
+<td><input name="<?php echo $key; ?>[length]" value="<?php echo h($field["length"]); ?>" size="3">
 <td><?php
 echo "<select name=\"$key" . '[collation]"' . (ereg('(char|text|enum|set)$', $field["type"]) ? "" : " class='hidden'") . '><option value="">(' . lang('collation') . ')' . optionlist($collations, $field["collation"]) . '</select>';
 echo ($unsigned ? " <select name=\"$key" . '[unsigned]"' . (!$field["type"] || ereg('(int|float|double|decimal)$', $field["type"]) ? "" : " class='hidden'") . '><option>' . optionlist($unsigned, $field["unsigned"]) . '</select>' : '');
@@ -84,12 +84,12 @@ function edit_fields($fields, $collations, $type = "TABLE", $allowed = 0, $forei
 		?>
 <tr<?php echo ($display ? "" : " style='display: none;'"); ?>>
 <?php if ($type == "PROCEDURE") { ?><td><select name="fields[<?php echo $i; ?>][inout]"><?php echo optionlist($inout, $field["inout"]); ?></select><?php } ?>
-<th><?php if ($display) { ?><input name="fields[<?php echo $i; ?>][field]" value="<?php echo htmlspecialchars($field["field"]); ?>" onchange="<?php echo (strlen($field["field"]) || count($fields) > 1 ? "" : "editing_add_row(this, $allowed); "); ?>editing_name_change(this);" maxlength="64"><?php } ?><input type="hidden" name="fields[<?php echo $i; ?>][orig]" value="<?php echo htmlspecialchars($field[($_POST ? "orig" : "field")]); ?>">
+<th><?php if ($display) { ?><input name="fields[<?php echo $i; ?>][field]" value="<?php echo h($field["field"]); ?>" onchange="<?php echo (strlen($field["field"]) || count($fields) > 1 ? "" : "editing_add_row(this, $allowed); "); ?>editing_name_change(this);" maxlength="64"><?php } ?><input type="hidden" name="fields[<?php echo $i; ?>][orig]" value="<?php echo h($field[($_POST ? "orig" : "field")]); ?>">
 <?php edit_type("fields[$i]", $field, $collations, $foreign_keys); ?>
 <?php if ($type == "TABLE") { ?>
 <td><input type="checkbox" name="fields[<?php echo $i; ?>][null]" value="1"<?php if ($field["null"]) { ?> checked="checked"<?php } ?>>
 <td><input type="radio" name="auto_increment_col" value="<?php echo $i; ?>"<?php if ($field["auto_increment"]) { ?> checked="checked"<?php } ?>>
-<td<?php echo ($column_comments ? "" : " class='hidden'"); ?>><input name="fields[<?php echo $i; ?>][comment]" value="<?php echo htmlspecialchars($field["comment"]); ?>" maxlength="255">
+<td<?php echo ($column_comments ? "" : " class='hidden'"); ?>><input name="fields[<?php echo $i; ?>][comment]" value="<?php echo h($field["comment"]); ?>" maxlength="255">
 <?php } ?>
 <?php
 		echo "<td class='nowrap'><input type='image' name='add[$i]' src='../adminer/plus.gif' alt='+' title='" . lang('Add next') . "' onclick='var x = editing_add_row(this, $allowed); if (x) { x.focus(); x.onchange = function () { }; } return !x;'>";
diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index 587b5abc..a918c534 100644
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -25,14 +25,18 @@ function bracket_escape($idf, $back = false) {
 	return strtr($idf, ($back ? array_flip($trans) : $trans));
 }
 
+function h($string) {
+	return htmlspecialchars($string, ENT_QUOTES);
+}
+
 function optionlist($options, $selected = null, $use_keys = false) {
 	$return = "";
 	foreach ($options as $k => $v) {
 		if (is_array($v)) {
-			$return .= '<optgroup label="' . htmlspecialchars($k) . '">';
+			$return .= '<optgroup label="' . h($k) . '">';
 		}
 		foreach ((is_array($v) ? $v : array($k => $v)) as $key => $val) {
-			$return .= '<option' . ($use_keys || is_string($key) ? ' value="' . htmlspecialchars($key) . '"' : '') . (($use_keys || is_string($key) ? (string) $key : $val) === $selected ? ' selected="selected"' : '') . '>' . htmlspecialchars($val);
+			$return .= '<option' . ($use_keys || is_string($key) ? ' value="' . h($key) . '"' : '') . (($use_keys || is_string($key) ? (string) $key : $val) === $selected ? ' selected="selected"' : '') . '>' . h($val);
 		}
 		if (is_array($v)) {
 			$return .= '</optgroup>';
@@ -121,7 +125,7 @@ function query_redirect($query, $location, $message, $redirect = true, $execute
 		$failed = !$dbh->query($query);
 	}
 	if ($failed) {
-		$error = htmlspecialchars($dbh->error) . $sql;
+		$error = h($dbh->error) . $sql;
 		return false;
 	}
 	if ($redirect) {
@@ -147,7 +151,7 @@ function remove_from_uri($param = "") {
 }
 
 function pagination($page) {
-	return " " . ($page == $_GET["page"] ? $page + 1 : '<a href="' . htmlspecialchars(remove_from_uri("page") . ($page ? "&page=$page" : "")) . '">' . ($page + 1) . "</a>");
+	return " " . ($page == $_GET["page"] ? $page + 1 : '<a href="' . h(remove_from_uri("page") . ($page ? "&page=$page" : "")) . '">' . ($page + 1) . "</a>");
 }
 
 function get_file($key) {
@@ -212,7 +216,7 @@ function select($result, $dbh2 = null) {
 						$blobs[$j] = true;
 					}
 					$types[$j] = $field->type;
-					echo "<th>" . htmlspecialchars($field->name);
+					echo "<th>" . h($field->name);
 				}
 				echo "</thead>\n";
 			}
@@ -226,7 +230,7 @@ function select($result, $dbh2 = null) {
 					} elseif (!strlen(trim($val, " \t"))) {
 						$val = "&nbsp;"; // some content to print a border
 					} else {
-						$val = nl2br(htmlspecialchars($val));
+						$val = nl2br(h($val));
 						if ($types[$key] == 254) {
 							$val = "<code>$val</code>";
 						}
@@ -236,7 +240,7 @@ function select($result, $dbh2 = null) {
 						foreach ($indexes[$links[$key]] as $col => $j) {
 							$link .= "&amp;where" . urlencode("[" . bracket_escape($col) . "]") . "=" . urlencode($row[$j]);
 						}
-						$val = '<a href="' . htmlspecialchars($SELF) . $link . '">' . $val . '</a>';
+						$val = "<a href='" . h($SELF) . "$link'>$val</a>";
 					}
 				}
 				echo "<td>$val";
@@ -254,7 +258,7 @@ function is_utf8($val) {
 
 function shorten_utf8($string, $length = 80, $suffix = "") {
 	preg_match("~^((?:.|\n){0,$length})(.|\n)?~u", $string, $match); // ~s causes trash in $match[2] under some PHP versions
-	return htmlspecialchars($match[1]) . $suffix . ($match[2] ? "<em>...</em>" : "");
+	return h($match[1]) . $suffix . ($match[2] ? "<em>...</em>" : "");
 }
 
 function friendly_url($val) {
@@ -269,7 +273,7 @@ function hidden_fields($process, $ignore = array()) {
 				$process[$key . "[$k]"] = $v;
 			}
 		} elseif (!in_array($key, $ignore)) {
-			echo '<input type="hidden" name="' . htmlspecialchars($key) . '" value="' . htmlspecialchars($val) . '">';
+			echo '<input type="hidden" name="' . h($key) . '" value="' . h($val) . '">';
 		}
 	}
 }
@@ -286,28 +290,28 @@ function column_foreign_keys($table) {
 
 function input($field, $value, $function) {
 	global $types, $adminer;
-	$name = htmlspecialchars(bracket_escape($field["field"]));
+	$name = h(bracket_escape($field["field"]));
 	echo "<td class='function'>";
 	if ($field["type"] == "enum") {
-		echo "&nbsp;<td>" . (isset($_GET["select"]) ? ' <label><input type="radio" name="fields[' . $name . ']" value="-1" checked="checked"><em>' . lang('original') . '</em></label>' : "");
+		echo "&nbsp;<td>" . (isset($_GET["select"]) ? " <label><input type='radio' name='fields[$name]' value='-1' checked='checked'><em>" . lang('original') . "</em></label>" : "");
 		if ($field["null"] || isset($_GET["default"])) {
-			echo ' <label><input type="radio" name="fields[' . $name . ']" value=""' . (($field["null"] ? isset($value) : strlen($value)) || isset($_GET["select"]) ? '' : ' checked="checked"') . '>' . ($field["null"] ? '<em>NULL</em>' : '') . '</label>';
+			echo " <label><input type='radio' name='fields[$name]' value=''" . (($field["null"] ? isset($value) : strlen($value)) || isset($_GET["select"]) ? '' : ' checked="checked"') . '>' . ($field["null"] ? '<em>NULL</em>' : '') . '</label>';
 		}
 		if (!isset($_GET["default"])) {
-			echo '<input type="radio" name="fields[' . $name . ']" value="0"' . ($value === 0 ? ' checked="checked"' : '') . '>';
+			echo "<input type='radio' name='fields[$name]' value='0'" . ($value === 0 ? ' checked="checked"' : '') . '>';
 		}
 		preg_match_all("~'((?:[^']+|'')*)'~", $field["length"], $matches);
 		foreach ($matches[1] as $i => $val) {
 			$val = stripcslashes(str_replace("''", "'", $val));
 			$checked = (is_int($value) ? $value == $i+1 : $value === $val);
-			echo ' <label><input type="radio" name="fields[' . $name . ']" value="' . (isset($_GET["default"]) ? (strlen($val) ? htmlspecialchars($val) : " ") : $i+1) . '"' . ($checked ? ' checked="checked"' : '') . '>' . htmlspecialchars($val) . '</label>';
+			echo " <label><input type='radio' name='fields[$name]' value='" . (isset($_GET["default"]) ? (strlen($val) ? h($val) : " ") : $i+1) . "'" . ($checked ? ' checked="checked"' : '') . '>' . h($val) . '</label>';
 		}
 	} else {
 		$functions = (isset($_GET["select"]) ? array("orig" => lang('original')) : array()) + $adminer->editFunctions($field);
 		$first = array_search("", $functions) + (isset($_GET["select"]) ? 1 : 0);
-		$onchange = ($first ? ' onchange="var f = this.form[\'function[' . addcslashes($name, "\r\n'\\") . ']\']; if (' . $first . ' > f.selectedIndex) f.selectedIndex = ' . $first . ';"' : '');
-		echo (count($functions) > 1 ? '<select name="function[' . $name . ']">' . optionlist($functions, $function) . '</select>' : "&nbsp;") . '<td>';
-		$input = $adminer->editInput($_GET["edit"], $field, ' name="fields[' . $name . ']"' . $onchange, $value); // usage in call is without a table
+		$onchange = ($first ? " onchange=\"var f = this.form['function[" . addcslashes($name, "\r\n'\\") . "]']; if ($first > f.selectedIndex) f.selectedIndex = $first;\"" : "");
+		echo (count($functions) > 1 ? "<select name='function[$name]'>" . optionlist($functions, $function) . "</select>" : "&nbsp;") . '<td>';
+		$input = $adminer->editInput($_GET["edit"], $field, " name='fields[$name]'$onchange", $value); // usage in call is without a table
 		if (strlen($input)) {
 			echo $input;
 		} elseif ($field["type"] == "set") { //! 64 bits
@@ -315,16 +319,16 @@ function input($field, $value, $function) {
 			foreach ($matches[1] as $i => $val) {
 				$val = stripcslashes(str_replace("''", "'", $val));
 				$checked = (is_int($value) ? ($value >> $i) & 1 : in_array($val, explode(",", $value), true));
-				echo ' <label><input type="checkbox" name="fields[' . $name . '][' . $i . ']" value="' . (isset($_GET["default"]) ? htmlspecialchars($val) : 1 << $i) . '"' . ($checked ? ' checked="checked"' : '') . "$onchange>" . htmlspecialchars($val) . '</label>';
+				echo " <label><input type='checkbox' name='fields[$name][$i]' value='" . (isset($_GET["default"]) ? h($val) : 1 << $i) . "'" . ($checked ? ' checked="checked"' : '') . "$onchange>" . h($val) . '</label>';
 			}
 		} elseif (strpos($field["type"], "text") !== false) {
-			echo '<textarea name="fields[' . $name . ']" cols="50" rows="12"' . "$onchange>" . htmlspecialchars($value) . '</textarea>';
+			echo "<textarea name='fields[$name]' cols='50' rows='12'$onchange>" . h($value) . '</textarea>';
 		} elseif (ereg('binary|blob', $field["type"])) {
-			echo (ini_get("file_uploads") ? '<input type="file" name="' . $name . '"' . "$onchange>" : lang('File uploads are disabled.'));
+			echo (ini_get("file_uploads") ? "<input type='file' name='$name'$onchange>" : lang('File uploads are disabled.'));
 		} else {
 			// int(3) is only a display hint
 			$maxlength = (!ereg('int', $field["type"]) && preg_match('~^([0-9]+)(,([0-9]+))?$~', $field["length"], $match) ? ($match[1] + ($match[3] ? 1 : 0) + ($match[2] && !$field["unsigned"] ? 1 : 0)) : ($types[$field["type"]] ? $types[$field["type"]] + ($field["unsigned"] ? 0 : 1) : 0));
-			echo '<input name="fields[' . $name . ']" value="' . htmlspecialchars($value) . '"' . ($maxlength ? " maxlength='$maxlength'" : "") . "$onchange>";
+			echo "<input name='fields[$name]' value='" . h($value) . "'" . ($maxlength ? " maxlength='$maxlength'" : "") . "$onchange>";
 		}
 	}
 }
diff --git a/adminer/indexes.inc.php b/adminer/indexes.inc.php
index 555d2286..7bf43600 100644
--- a/adminer/indexes.inc.php
+++ b/adminer/indexes.inc.php
@@ -74,7 +74,7 @@ foreach ($row["indexes"] as $index) {
 	ksort($index["columns"]);
 	foreach ($index["columns"] as $i => $column) {
 		echo "<span><select name='indexes[$j][columns][$i]'" . ($i == count($index["columns"]) ? " onchange='indexes_add_column(this);'" : "") . "><option>" . optionlist($fields, $column) . "</select>";
-		echo "<input name='indexes[$j][lengths][$i]' size='2' value=\"" . htmlspecialchars($index["lengths"][$i]) . "\"> </span>\n";
+		echo "<input name='indexes[$j][lengths][$i]' size='2' value='" . h($index["lengths"][$i]) . "'> </span>\n";
 	}
 	echo "\n";
 	$j++;
diff --git a/adminer/privileges.inc.php b/adminer/privileges.inc.php
index 3dbaa8b3..0342fd7a 100644
--- a/adminer/privileges.inc.php
+++ b/adminer/privileges.inc.php
@@ -1,12 +1,12 @@
 <?php
 page_header(lang('Privileges'));
-echo '<p><a href="' . htmlspecialchars($SELF) . 'user=">' . lang('Create user') . "</a>";
+echo '<p><a href="' . h($SELF) . 'user=">' . lang('Create user') . "</a>";
 
 $result = $dbh->query("SELECT User, Host FROM mysql.user ORDER BY Host, User");
 if (!$result) {
 	?>
 	<form action=""><p>
-	<?php if (strlen($_GET["server"])) { ?><input type="hidden" name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>"><?php } ?>
+	<?php if (strlen($_GET["server"])) { ?><input type="hidden" name="server" value="<?php echo h($_GET["server"]); ?>"><?php } ?>
 	<?php echo lang('Username'); ?>: <input name="user">
 	<?php echo lang('Server'); ?>: <input name="host" value="localhost">
 	<input type="hidden" name="grant" value="">
@@ -19,7 +19,7 @@ if (!$result) {
 echo "<table cellspacing='0'>\n";
 echo "<thead><tr><th>&nbsp;<th>" . lang('Username') . "<th>" . lang('Server') . "</thead>\n";
 while ($row = $result->fetch_assoc()) {
-	echo '<tr' . odd() . '><td><a href="' . htmlspecialchars($SELF . 'user=' . urlencode($row["User"]) . '&host=' . urlencode($row["Host"])) . '">' . lang('edit') . '</a><td>' . htmlspecialchars($row["User"]) . "<td>" . htmlspecialchars($row["Host"]) . "\n";
+	echo '<tr' . odd() . '><td><a href="' . h($SELF . 'user=' . urlencode($row["User"]) . '&host=' . urlencode($row["Host"])) . '">' . lang('edit') . '</a><td>' . h($row["User"]) . "<td>" . h($row["Host"]) . "\n";
 }
 echo "</table>\n";
 $result->free();
diff --git a/adminer/procedure.inc.php b/adminer/procedure.inc.php
index e59226c2..a939f42e 100644
--- a/adminer/procedure.inc.php
+++ b/adminer/procedure.inc.php
@@ -23,7 +23,7 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
 	}
 }
 
-page_header((strlen($_GET["procedure"]) ? (isset($_GET["function"]) ? lang('Alter function') : lang('Alter procedure')) . ": " . htmlspecialchars($_GET["procedure"]) : (isset($_GET["function"]) ? lang('Create function') : lang('Create procedure'))), $error);
+page_header((strlen($_GET["procedure"]) ? (isset($_GET["function"]) ? lang('Alter function') : lang('Alter procedure')) . ": " . h($_GET["procedure"]) : (isset($_GET["function"]) ? lang('Create function') : lang('Create procedure'))), $error);
 
 $collations = get_vals("SHOW CHARACTER SET");
 sort($collations);
@@ -43,11 +43,11 @@ if ($_POST) {
 <?php edit_fields($row["fields"], $collations, $routine); ?>
 <?php if (isset($_GET["function"])) { ?><tr><td><?php echo lang('Return type'); ?><?php echo edit_type("returns", $row["returns"], $collations); ?><?php } ?>
 </table>
-<p><textarea name="definition" rows="10" cols="80" style="width: 98%;"><?php echo htmlspecialchars($row["definition"]); ?></textarea>
+<p><textarea name="definition" rows="10" cols="80" style="width: 98%;"><?php echo h($row["definition"]); ?></textarea>
 <p>
 <input type="hidden" name="token" value="<?php echo $token; ?>">
 <?php if ($dropped) { ?><input type="hidden" name="dropped" value="1"><?php } ?>
-<?php echo lang('Name'); ?>: <input name="name" value="<?php echo htmlspecialchars($row["name"]); ?>" maxlength="64">
+<?php echo lang('Name'); ?>: <input name="name" value="<?php echo h($row["name"]); ?>" maxlength="64">
 <input type="submit" value="<?php echo lang('Save'); ?>">
 <?php if (strlen($_GET["procedure"])) { ?><input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"<?php echo $confirm; ?>><?php } ?>
 </form>
diff --git a/adminer/schema.inc.php b/adminer/schema.inc.php
index bcc91dc6..c2f7cad3 100644
--- a/adminer/schema.inc.php
+++ b/adminer/schema.inc.php
@@ -60,9 +60,9 @@ document.onmouseup = schema_mouseup;
 <?php
 foreach ($schema as $name => $table) {
 	echo "<div class='table' style='top: " . $table["pos"][0] . "em; left: " . $table["pos"][1] . "em;' onmousedown='schema_mousedown(this, event);'>";
-	echo '<a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($name) . '"><strong>' . htmlspecialchars($name) . "</strong></a><br>\n";
+	echo '<a href="' . h($SELF) . 'table=' . urlencode($name) . '"><strong>' . h($name) . "</strong></a><br>\n";
 	foreach ($table["fields"] as $field) {
-		$val = '<span' . type_class($field["type"]) . ' title="' . htmlspecialchars($field["full_type"] . ($field["null"] ? " " . lang('NULL') : '')) . '">' . htmlspecialchars($field["field"]) . '</span>';
+		$val = '<span' . type_class($field["type"]) . ' title="' . h($field["full_type"] . ($field["null"] ? " " . lang('NULL') : '')) . '">' . h($field["field"]) . '</span>';
 		echo ($field["primary"] ? "<em>$val</em>" : $val) . "<br>\n";
 	}
 	foreach ((array) $table["references"] as $target_name => $refs) {
@@ -70,7 +70,7 @@ foreach ($schema as $name => $table) {
 			$left1 = $left - $table_pos[$name][1];
 			$i = 0;
 			foreach ($ref[0] as $source) {
-				echo '<div class="references" title="' . htmlspecialchars($target_name) . "\" id='refs$left-" . ($i++) . "' style='left: $left1" . "em; top: " . $table["fields"][$source]["pos"] . "em; padding-top: .5em;'><div style='border-top: 1px solid Gray; width: " . (-$left1) . "em;'></div></div>\n";
+				echo "<div class='references' title='" . h($target_name) . "' id='refs$left-" . ($i++) . "' style='left: $left1" . "em; top: " . $table["fields"][$source]["pos"] . "em; padding-top: .5em;'><div style='border-top: 1px solid Gray; width: " . (-$left1) . "em;'></div></div>\n";
 			}
 		}
 	}
@@ -79,7 +79,7 @@ foreach ($schema as $name => $table) {
 			$left1 = $left - $table_pos[$name][1];
 			$i = 0;
 			foreach ($columns as $target) {
-				echo '<div class="references" title="' . htmlspecialchars($target_name) . "\" id='refd$left-" . ($i++) . "' style='left: $left1" . "em; top: " . $table["fields"][$target]["pos"] . "em; height: 1.25em; background: url(../adminer/arrow.gif) no-repeat right center;'><div style='height: .5em; border-bottom: 1px solid Gray; width: " . (-$left1) . "em;'></div></div>\n";
+				echo "<div class='references' title='" . h($target_name) . "' id='refd$left-" . ($i++) . "' style='left: $left1" . "em; top: " . $table["fields"][$target]["pos"] . "em; height: 1.25em; background: url(../adminer/arrow.gif) no-repeat right center;'><div style='height: .5em; border-bottom: 1px solid Gray; width: " . (-$left1) . "em;'></div></div>\n";
 			}
 		}
 	}
diff --git a/adminer/select.inc.php b/adminer/select.inc.php
index 511ef698..944520b5 100644
--- a/adminer/select.inc.php
+++ b/adminer/select.inc.php
@@ -119,18 +119,18 @@ page_header(lang('Select') . ": " . $adminer->tableName($table_status), $error);
 echo "<p>";
 if (isset($rights["insert"])) {
 	//! pass search values forth and back
-	echo '<a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET['select']) . '">' . lang('New item') . '</a> ';
+	echo '<a href="' . h($SELF) . 'edit=' . urlencode($_GET['select']) . '">' . lang('New item') . '</a> ';
 }
 echo $adminer->selectLinks($table_status);
 
 if (!$columns) {
-	echo "<p class='error'>" . lang('Unable to select the table') . ($fields ? "" : ": " . htmlspecialchars($dbh->error)) . ".\n";
+	echo "<p class='error'>" . lang('Unable to select the table') . ($fields ? "" : ": " . h($dbh->error)) . ".\n";
 } else {
 	echo "<form action='' id='form'>\n";
 	echo "<div style='display: none;'>";
-	echo (strlen($_GET["server"]) ? '<input type="hidden" name="server" value="' . htmlspecialchars($_GET["server"]) . '">' : "");
-	echo '<input type="hidden" name="db" value="' . htmlspecialchars($_GET["db"]) . '">';
-	echo '<input type="hidden" name="select" value="' . htmlspecialchars($_GET["select"]) . '">';
+	echo (strlen($_GET["server"]) ? '<input type="hidden" name="server" value="' . h($_GET["server"]) . '">' : "");
+	echo '<input type="hidden" name="db" value="' . h($_GET["db"]) . '">';
+	echo '<input type="hidden" name="select" value="' . h($_GET["select"]) . '">';
 	echo "</div>\n";
 	$adminer->selectColumnsPrint($select, $columns);
 	$adminer->selectSearchPrint($where, $columns, $indexes);
@@ -145,7 +145,7 @@ if (!$columns) {
 	
 	$result = $dbh->query($query);
 	if (!$result) {
-		echo "<p class='error'>" . htmlspecialchars($dbh->error) . "\n";
+		echo "<p class='error'>" . h($dbh->error) . "\n";
 	} else {
 		$email_fields = array();
 		echo "<form action='' method='post' enctype='multipart/form-data'>\n";
@@ -184,14 +184,14 @@ if (!$columns) {
 				if (strlen($name)) {
 					$order++;
 					$names[$key] = $name;
-					echo '<th><a href="' . htmlspecialchars(remove_from_uri('(order|desc)[^=]*') . '&order%5B0%5D=' . urlencode($key) . ($_GET["order"] == array($key) && !$_GET["desc"][0] ? '&desc%5B0%5D=1' : '')) . '">' . apply_sql_function($val["fun"], $name) . "</a>"; //! columns looking like functions
+					echo '<th><a href="' . h(remove_from_uri('(order|desc)[^=]*') . '&order%5B0%5D=' . urlencode($key) . ($_GET["order"] == array($key) && !$_GET["desc"][0] ? '&desc%5B0%5D=1' : '')) . '">' . apply_sql_function($val["fun"], $name) . "</a>"; //! columns looking like functions
 				}
 				next($select);
 			}
 			echo ($table_names ? "<th>" . lang('Relations') : "") . "</thead>\n";
 			foreach ($descriptions as $n => $row) {
 				$unique_idf = implode('&amp;', unique_idf($rows[$n], $indexes));
-				echo '<tr' . odd() . '><td><input type="checkbox" name="check[]" value="' . $unique_idf . '" onclick="this.form[\'all\'].checked = false; form_uncheck(\'all-page\');">' . (count($select) != count($group) || information_schema($_GET["db"]) ? '' : ' <a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET['select']) . '&amp;' . $unique_idf . '">' . lang('edit') . '</a>');
+				echo "<tr" . odd() . "><td><input type='checkbox' name='check[]' value='$unique_idf' onclick=\"this.form['all'].checked = false; form_uncheck('all-page');\">" . (count($select) != count($group) || information_schema($_GET["db"]) ? '' : " <a href='" . h($SELF) . "edit=" . urlencode($_GET['select']) . "&amp;$unique_idf" . "'>" . lang('edit') . "</a>");
 				foreach ($row as $key => $val) {
 					if (isset($names[$key])) {
 						if (strlen($val) && (!isset($email_fields[$key]) || strlen($email_fields[$key]))) {
@@ -203,14 +203,14 @@ if (!$columns) {
 							$val = "<i>NULL</i>";
 						} else {
 							if (ereg('blob|binary', $fields[$key]["type"]) && strlen($val)) {
-								$link = htmlspecialchars($SELF . 'download=' . urlencode($_GET["select"]) . '&field=' . urlencode($key) . '&') . $unique_idf;
+								$link = h($SELF . 'download=' . urlencode($_GET["select"]) . '&field=' . urlencode($key) . '&') . $unique_idf;
 							}
 							if (!strlen(trim($val, " \t"))) {
 								$val = "&nbsp;";
 							} elseif (strlen($text_length) && ereg('blob|text', $fields[$key]["type"]) && is_utf8($val)) {
 								$val = nl2br(shorten_utf8($val, max(0, intval($text_length)))); // usage of LEFT() would reduce traffic but complicate query
 							} else {
-								$val = nl2br(htmlspecialchars($val));
+								$val = nl2br(h($val));
 							}
 							
 							// link related items
@@ -219,7 +219,7 @@ if (!$columns) {
 									foreach ($foreign_key["source"] as $i => $source) {
 										$link .= where_link($i, $foreign_key["target"][$i], $rows[$n][$source]);
 									}
-									$link = htmlspecialchars((strlen($foreign_key["db"]) ? preg_replace('~([?&]db=)[^&]+~', '\\1' . urlencode($foreign_key["db"]), $SELF) : $SELF) . 'select=' . urlencode($foreign_key["table"])) . $link; // InnoDB supports non-UNIQUE keys
+									$link = h((strlen($foreign_key["db"]) ? preg_replace('~([?&]db=)[^&]+~', '\\1' . urlencode($foreign_key["db"]), $SELF) : $SELF) . 'select=' . urlencode($foreign_key["table"])) . $link; // InnoDB supports non-UNIQUE keys
 									break;
 								}
 							}
@@ -235,13 +235,13 @@ if (!$columns) {
 					echo "<td>";
 					foreach ($table_names as $table => $name) {
 						foreach ($backward_keys[$table] as $columns) {
-							echo ' <a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($table);
+							echo " <a href='" . h($SELF) . 'select=' . urlencode($table);
 							$i = 0;
 							foreach ($columns as $column => $val) {
 								echo where_link($i, $column, $rows[$n][$val]);
 								$i++;
 							}
-							echo "\">$name</a>";
+							echo "'>$name</a>";
 						}
 					}
 				}
diff --git a/adminer/sql.inc.php b/adminer/sql.inc.php
index 9fbcb858..a165fb02 100644
--- a/adminer/sql.inc.php
+++ b/adminer/sql.inc.php
@@ -42,7 +42,7 @@ if (!$error && $_POST) {
 					$start = explode(" ", microtime()); // microtime(true) is available since PHP 5
 					//! don't allow changing of character_set_results, convert encoding of displayed query
 					if (!$dbh->multi_query(substr($query, 0, $match[0][1]))) {
-						echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars($dbh->error) . "\n";
+						echo "<p class='error'>" . lang('Error in query') . ": " . h($dbh->error) . "\n";
 						if ($_POST["error_stops"]) {
 							break;
 						}
@@ -76,7 +76,7 @@ if (!$error && $_POST) {
 ?>
 
 <form action="" method="post" enctype="multipart/form-data">
-<p><textarea name="query" rows="20" cols="80" style="width: 98%;"><?php echo htmlspecialchars($_POST ? $_POST["query"] : (strlen($_GET["history"]) ? $_SESSION["history"][$_GET["server"]][$_GET["db"]][$_GET["history"]] : $_GET["sql"])); ?></textarea>
+<p><textarea name="query" rows="20" cols="80" style="width: 98%;"><?php echo h($_POST ? $_POST["query"] : (strlen($_GET["history"]) ? $_SESSION["history"][$_GET["server"]][$_GET["db"]][$_GET["history"]] : $_GET["sql"])); ?></textarea>
 <p>
 <input type="hidden" name="token" value="<?php echo $token; ?>">
 <input type="submit" value="<?php echo lang('Execute'); ?>">
@@ -96,7 +96,7 @@ if ($history) {
 	echo "<fieldset><legend>" . lang('History') . "</legend>\n";
 	foreach ($history as $key => $val) {
 		//! save and display timestamp
-		echo '<a href="' . htmlspecialchars($SELF . "sql=&history=$key") . '">' . lang('Edit') . '</a> <code class="jush-sql">' . shorten_utf8(ltrim(str_replace("\n", " ", preg_replace('~^(#|-- ).*~m', '', $val))), 80, "</code>") . "<br>\n";
+		echo '<a href="' . h($SELF . "sql=&history=$key") . '">' . lang('Edit') . '</a> <code class="jush-sql">' . shorten_utf8(ltrim(str_replace("\n", " ", preg_replace('~^(#|-- ).*~m', '', $val))), 80, "</code>") . "<br>\n";
 	}
 	echo "<input type='submit' name='clear' value='" . lang('Clear') . "'>\n";
 	echo "</fieldset>\n";
diff --git a/adminer/table.inc.php b/adminer/table.inc.php
index 0f73572a..e6ca6081 100644
--- a/adminer/table.inc.php
+++ b/adminer/table.inc.php
@@ -1,12 +1,12 @@
 <?php
 $result = $dbh->query("SHOW COLUMNS FROM " . idf_escape($_GET["table"]));
 if (!$result) {
-	$error = htmlspecialchars($dbh->error);
+	$error = h($dbh->error);
 }
 $table_status = ($result ? table_status($_GET["table"]) : array());
 $is_view = !isset($table_status["Rows"]);
 
-page_header(($result && $is_view ? lang('View') : lang('Table')) . ": " . htmlspecialchars($_GET["table"]), $error);
+page_header(($result && $is_view ? lang('View') : lang('Table')) . ": " . h($_GET["table"]), $error);
 
 if ($result) {
 	$auto_increment_only = true;
@@ -15,20 +15,20 @@ if ($result) {
 		if (!$row["auto_increment"]) {
 			$auto_increment_only = false;
 		}
-		echo "<tr><th>" . htmlspecialchars($row["Field"]) . "<td>" . htmlspecialchars($row["Type"]) . ($row["Null"] == "YES" ? " <i>NULL</i>" : "") . "\n";
+		echo "<tr><th>" . h($row["Field"]) . "<td>" . h($row["Type"]) . ($row["Null"] == "YES" ? " <i>NULL</i>" : "") . "\n";
 	}
 	echo "</table>\n";
 	$result->free();
 	
 	echo "<p>";
 	if ($is_view) {
-		echo '<a href="' . htmlspecialchars($SELF) . 'view=' . urlencode($_GET["table"]) . '">' . lang('Alter view') . '</a>';
+		echo '<a href="' . h($SELF) . 'view=' . urlencode($_GET["table"]) . '">' . lang('Alter view') . '</a>';
 	} else {
-		echo '<a href="' . htmlspecialchars($SELF) . 'create=' . urlencode($_GET["table"]) . '">' . lang('Alter table') . '</a>';
-		echo ($auto_increment_only ? '' : ' <a href="' . htmlspecialchars($SELF) . 'default=' . urlencode($_GET["table"]) . '">' . lang('Default values') . '</a>');
+		echo '<a href="' . h($SELF) . 'create=' . urlencode($_GET["table"]) . '">' . lang('Alter table') . '</a>';
+		echo ($auto_increment_only ? '' : ' <a href="' . h($SELF) . 'default=' . urlencode($_GET["table"]) . '">' . lang('Default values') . '</a>');
 	}
-	echo ' <a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($_GET["table"]) . '">' . lang('Select table') . '</a>';
-	echo ' <a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET["table"]) . '">' . lang('New item') . '</a>';
+	echo ' <a href="' . h($SELF) . 'select=' . urlencode($_GET["table"]) . '">' . lang('Select table') . '</a>';
+	echo ' <a href="' . h($SELF) . 'edit=' . urlencode($_GET["table"]) . '">' . lang('New item') . '</a>';
 	
 	if (!$is_view) {
 		echo "<h3>" . lang('Indexes') . "</h3>\n";
@@ -39,13 +39,13 @@ if ($result) {
 				ksort($index["columns"]); // enforce correct columns order
 				$print = array();
 				foreach ($index["columns"] as $key => $val) {
-					$print[] = "<i>" . htmlspecialchars($val) . "</i>" . ($index["lengths"][$key] ? "(" . $index["lengths"][$key] . ")" : "");
+					$print[] = "<i>" . h($val) . "</i>" . ($index["lengths"][$key] ? "(" . $index["lengths"][$key] . ")" : "");
 				}
 				echo "<tr><th>$index[type]<td>" . implode(", ", $print) . "\n";
 			}
 			echo "</table>\n";
 		}
-		echo '<p><a href="' . htmlspecialchars($SELF) . 'indexes=' . urlencode($_GET["table"]) . '">' . lang('Alter indexes') . "</a>\n";
+		echo '<p><a href="' . h($SELF) . 'indexes=' . urlencode($_GET["table"]) . '">' . lang('Alter indexes') . "</a>\n";
 		
 		if ($table_status["Engine"] == "InnoDB") {
 			echo "<h3>" . lang('Foreign keys') . "</h3>\n";
@@ -53,16 +53,16 @@ if ($result) {
 			if ($foreign_keys) {
 				echo "<table cellspacing='0'>\n";
 				foreach ($foreign_keys as $name => $foreign_key) {
-					$link = (strlen($foreign_key["db"]) ? "<strong>" . htmlspecialchars($foreign_key["db"]) . "</strong>." : "") . htmlspecialchars($foreign_key["table"]);
+					$link = (strlen($foreign_key["db"]) ? "<strong>" . h($foreign_key["db"]) . "</strong>." : "") . h($foreign_key["table"]);
 					echo "<tr>";
-					echo "<th><i>" . implode("</i>, <i>", array_map('htmlspecialchars', $foreign_key["source"])) . "</i>";
-					echo '<td><a href="' . htmlspecialchars(strlen($foreign_key["db"]) ? preg_replace('~db=[^&]*~', "db=" . urlencode($foreign_key["db"]), $SELF) : $SELF) . "table=" . urlencode($foreign_key["table"]) . "\">$link</a>";
-					echo "(<em>" . implode("</em>, <em>", array_map('htmlspecialchars', $foreign_key["target"])) . "</em>)";
-					echo "<td>" . (!strlen($foreign_key["db"]) ? '<a href="' . htmlspecialchars($SELF) . 'foreign=' . urlencode($_GET["table"]) . '&amp;name=' . urlencode($name) . '">' . lang('Alter') . '</a>' : '&nbsp;');
+					echo "<th><i>" . implode("</i>, <i>", array_map('h', $foreign_key["source"])) . "</i>";
+					echo "<td><a href='" . h(strlen($foreign_key["db"]) ? preg_replace('~db=[^&]*~', "db=" . urlencode($foreign_key["db"]), $SELF) : $SELF) . "table=" . urlencode($foreign_key["table"]) . "'>$link</a>";
+					echo "(<em>" . implode("</em>, <em>", array_map('h', $foreign_key["target"])) . "</em>)";
+					echo "<td>" . (!strlen($foreign_key["db"]) ? '<a href="' . h($SELF) . 'foreign=' . urlencode($_GET["table"]) . '&amp;name=' . urlencode($name) . '">' . lang('Alter') . '</a>' : '&nbsp;');
 				}
 				echo "</table>\n";
 			}
-			echo '<p><a href="' . htmlspecialchars($SELF) . 'foreign=' . urlencode($_GET["table"]) . '">' . lang('Add foreign key') . "</a>\n";
+			echo '<p><a href="' . h($SELF) . 'foreign=' . urlencode($_GET["table"]) . '">' . lang('Add foreign key') . "</a>\n";
 		}
 		
 		if ($dbh->server_info >= 5) {
@@ -71,12 +71,12 @@ if ($result) {
 			if ($result->num_rows) {
 				echo "<table cellspacing='0'>\n";
 				while ($row = $result->fetch_assoc()) {
-					echo "<tr valign='top'><td>$row[Timing]<td>$row[Event]<th>" . htmlspecialchars($row["Trigger"]) . "<td><a href=\"" . htmlspecialchars($SELF) . 'trigger=' . urlencode($_GET["table"]) . '&amp;name=' . urlencode($row["Trigger"]) . '">' . lang('Alter') . "</a>\n";
+					echo "<tr valign='top'><td>$row[Timing]<td>$row[Event]<th>" . h($row["Trigger"]) . "<td><a href=\"" . h($SELF) . 'trigger=' . urlencode($_GET["table"]) . '&amp;name=' . urlencode($row["Trigger"]) . '">' . lang('Alter') . "</a>\n";
 				}
 				echo "</table>\n";
 			}
 			$result->free();
-			echo '<p><a href="' . htmlspecialchars($SELF) . 'trigger=' . urlencode($_GET["table"]) . '">' . lang('Add trigger') . "</a>\n";
+			echo '<p><a href="' . h($SELF) . 'trigger=' . urlencode($_GET["table"]) . '">' . lang('Add trigger') . "</a>\n";
 		}
 	}
 }
diff --git a/adminer/trigger.inc.php b/adminer/trigger.inc.php
index b178fc2a..825a05e7 100644
--- a/adminer/trigger.inc.php
+++ b/adminer/trigger.inc.php
@@ -14,7 +14,7 @@ if ($_POST && !$error) {
 	}
 }
 
-page_header((strlen($_GET["name"]) ? lang('Alter trigger') . ": " . htmlspecialchars($_GET["name"]) : lang('Create trigger')), $error, array("table" => $_GET["trigger"]));
+page_header((strlen($_GET["name"]) ? lang('Alter trigger') . ": " . h($_GET["name"]) : lang('Create trigger')), $error, array("table" => $_GET["trigger"]));
 
 $row = array("Trigger" => "$_GET[trigger]_bi");
 if ($_POST) {
@@ -28,11 +28,11 @@ if ($_POST) {
 
 <form action="" method="post" id="form">
 <table cellspacing="0">
-<tr><th><?php echo lang('Time'); ?><td><select name="Timing" onchange="if (/^<?php echo htmlspecialchars(preg_quote($_GET["trigger"], "/")); ?>_[ba][iud]$/.test(this.form['Trigger'].value)) this.form['Trigger'].value = '<?php echo htmlspecialchars(addcslashes($_GET["trigger"], "\r\n'\\")); ?>_' + this.value.charAt(0).toLowerCase() + this.form['Event'].value.charAt(0).toLowerCase();"><?php echo optionlist($trigger_time, $row["Timing"]); ?></select>
+<tr><th><?php echo lang('Time'); ?><td><select name="Timing" onchange="if (/^<?php echo h(preg_quote($_GET["trigger"], "/")); ?>_[ba][iud]$/.test(this.form['Trigger'].value)) this.form['Trigger'].value = '<?php echo h(addcslashes($_GET["trigger"], "\r\n'\\")); ?>_' + this.value.charAt(0).toLowerCase() + this.form['Event'].value.charAt(0).toLowerCase();"><?php echo optionlist($trigger_time, $row["Timing"]); ?></select>
 <tr><th><?php echo lang('Event'); ?><td><select name="Event" onchange="this.form['Timing'].onchange();"><?php echo optionlist($trigger_event, $row["Event"]); ?></select>
-<tr><th><?php echo lang('Name'); ?><td><input name="Trigger" value="<?php echo htmlspecialchars($row["Trigger"]); ?>" maxlength="64">
+<tr><th><?php echo lang('Name'); ?><td><input name="Trigger" value="<?php echo h($row["Trigger"]); ?>" maxlength="64">
 </table>
-<p><textarea name="Statement" rows="10" cols="80" style="width: 98%;"><?php echo htmlspecialchars($row["Statement"]); ?></textarea>
+<p><textarea name="Statement" rows="10" cols="80" style="width: 98%;"><?php echo h($row["Statement"]); ?></textarea>
 <p>
 <input type="hidden" name="token" value="<?php echo $token; ?>">
 <?php if ($dropped) { ?><input type="hidden" name="dropped" value="1"><?php } ?>
diff --git a/adminer/user.inc.php b/adminer/user.inc.php
index 3ce8d0b8..bee1649f 100644
--- a/adminer/user.inc.php
+++ b/adminer/user.inc.php
@@ -114,7 +114,7 @@ if ($_POST && !$error) {
 	}
 }
 
-page_header((isset($_GET["host"]) ? lang('Username') . ": " . htmlspecialchars("$_GET[user]@$_GET[host]") : lang('Create user')), $error, array("privileges" => array('', lang('Privileges'))));
+page_header((isset($_GET["host"]) ? lang('Username') . ": " . h("$_GET[user]@$_GET[host]") : lang('Create user')), $error, array("privileges" => array('', lang('Privileges'))));
 
 if ($_POST) {
 	$row = $_POST;
@@ -131,9 +131,9 @@ if ($_POST) {
 ?>
 <form action="" method="post">
 <table cellspacing="0">
-<tr><th><?php echo lang('Username'); ?><td><input name="user" maxlength="16" value="<?php echo htmlspecialchars($row["user"]); ?>">
-<tr><th><?php echo lang('Server'); ?><td><input name="host" maxlength="60" value="<?php echo htmlspecialchars($row["host"]); ?>">
-<tr><th><?php echo lang('Password'); ?><td><input id="pass" name="pass" value="<?php echo htmlspecialchars($row["pass"]); ?>"><?php if (!$row["hashed"]) { ?><script type="text/javascript">document.getElementById('pass').type = 'password';</script><?php } ?> <label><input type="checkbox" name="hashed" value="1"<?php if ($row["hashed"]) { ?> checked="checked"<?php } ?> onclick="this.form['pass'].type = (this.checked ? 'text' : 'password');"><?php echo lang('Hashed'); ?></label>
+<tr><th><?php echo lang('Username'); ?><td><input name="user" maxlength="16" value="<?php echo h($row["user"]); ?>">
+<tr><th><?php echo lang('Server'); ?><td><input name="host" maxlength="60" value="<?php echo h($row["host"]); ?>">
+<tr><th><?php echo lang('Password'); ?><td><input id="pass" name="pass" value="<?php echo h($row["pass"]); ?>"><?php if (!$row["hashed"]) { ?><script type="text/javascript">document.getElementById('pass').type = 'password';</script><?php } ?> <label><input type="checkbox" name="hashed" value="1"<?php if ($row["hashed"]) { ?> checked="checked"<?php } ?> onclick="this.form['pass'].type = (this.checked ? 'text' : 'password');"><?php echo lang('Hashed'); ?></label>
 </table>
 
 <?php
@@ -142,7 +142,7 @@ echo "<table cellspacing='0'>\n";
 echo "<thead><tr><th colspan='2'>" . lang('Privileges');
 $i = 0;
 foreach ($grants as $object => $grant) {
-	echo '<th>' . ($object != "*.*" ? '<input name="objects[' . $i . ']" value="' . htmlspecialchars($object) . '" size="10">' : '<input type="hidden" name="objects[' . $i . ']" value="*.*" size="10">*.*'); //! separate db, table, columns, PROCEDURE|FUNCTION, routine
+	echo '<th>' . ($object != "*.*" ? "<input name='objects[$i]' value='" . h($object) . "' size='10'>" : "<input type='hidden' name='objects[$i]' value='*.*' size='10'>*.*"); //! separate db, table, columns, PROCEDURE|FUNCTION, routine
 	$i++;
 }
 echo "</thead>\n";
@@ -155,10 +155,10 @@ foreach (array(
 	"Procedures" => lang('Routine'),
 ) as $context => $desc) {
 	foreach ((array) $privileges[$context] as $privilege => $comment) {
-		echo "<tr" . odd() . "><td" . ($desc ? ">$desc<td" : " colspan='2'") . ' lang="en" title="' . htmlspecialchars($comment) . '">' . htmlspecialchars($privilege);
+		echo "<tr" . odd() . "><td" . ($desc ? ">$desc<td" : " colspan='2'") . ' lang="en" title="' . h($comment) . '">' . h($privilege);
 		$i = 0;
 		foreach ($grants as $object => $grant) {
-			$name = '"grants[' . $i . '][' . htmlspecialchars(strtoupper($privilege)) . ']"';
+			$name = "'grants[$i][" . h(strtoupper($privilege)) . "]'";
 			$value = $grant[strtoupper($privilege)];
 			if ($context == "Server Admin" && $object != (isset($grants["*.*"]) ? "*.*" : "")) {
 				echo "<td>&nbsp;";
diff --git a/adminer/variables.inc.php b/adminer/variables.inc.php
index ad853fee..eba9c048 100644
--- a/adminer/variables.inc.php
+++ b/adminer/variables.inc.php
@@ -5,8 +5,8 @@ echo "<table cellspacing='0'>\n";
 $result = $dbh->query("SHOW VARIABLES");
 while ($row = $result->fetch_assoc()) {
 	echo "<tr>";
-	echo "<th><code class='jush-sqlset'>" . htmlspecialchars($row["Variable_name"]) . "</code>";
-	echo "<td>" . (strlen(trim($row["Value"])) ? htmlspecialchars($row["Value"]) : "&nbsp;");
+	echo "<th><code class='jush-sqlset'>" . h($row["Variable_name"]) . "</code>";
+	echo "<td>" . (strlen(trim($row["Value"])) ? h($row["Value"]) : "&nbsp;");
 }
 $result->free();
 echo "</table>\n";
diff --git a/adminer/view.inc.php b/adminer/view.inc.php
index 5b34e134..3db85e18 100644
--- a/adminer/view.inc.php
+++ b/adminer/view.inc.php
@@ -19,10 +19,10 @@ if ($_POST) {
 ?>
 
 <form action="" method="post">
-<p><textarea name="select" rows="10" cols="80" style="width: 98%;"><?php echo htmlspecialchars($row["select"]); ?></textarea>
+<p><textarea name="select" rows="10" cols="80" style="width: 98%;"><?php echo h($row["select"]); ?></textarea>
 <p>
 <input type="hidden" name="token" value="<?php echo $token; ?>">
 <?php if ($dropped) { // old view was dropped but new wasn't created ?><input type="hidden" name="dropped" value="1"><?php } ?>
-<?php echo lang('Name'); ?>: <input name="name" value="<?php echo htmlspecialchars($row["name"]); ?>" maxlength="64">
+<?php echo lang('Name'); ?>: <input name="name" value="<?php echo h($row["name"]); ?>" maxlength="64">
 <input type="submit" value="<?php echo lang('Save'); ?>">
 </form>
diff --git a/compile.php b/compile.php
index fc8b87b0..8c3f4628 100644
--- a/compile.php
+++ b/compile.php
@@ -177,7 +177,7 @@ if ($_COOKIE["adminer_lang"]) {
 }
 $file = str_replace('<script type="text/javascript" src="editing.js"></script>' . "\n", "", $file);
 $file = preg_replace_callback("~compile_file\\('([^']+)', '([^']+)'\\);~", 'compile_file', $file); // integrate static files
-$replace = 'htmlspecialchars(preg_replace("~\\\\\\\\?.*~", "", $_SERVER["REQUEST_URI"]), ENT_QUOTES) . "?file=\\1&amp;version=' . $VERSION;
+$replace = 'h(preg_replace("~\\\\\\\\?.*~", "", $_SERVER["REQUEST_URI"])) . "?file=\\1&amp;version=' . $VERSION;
 $file = preg_replace('~\\.\\./adminer/(default\\.css|functions\\.js|favicon\\.ico)~', '<?php echo ' . $replace . '"; ?>', $file);
 $file = preg_replace('~\\.\\./adminer/((plus|cross|up|down|arrow)\\.gif)~', '" . ' . $replace, $file);
 $file = str_replace("../externals/jush/", "http://jush.sourceforge.net/", $file);
diff --git a/coverage.php b/coverage.php
index ac2b6576..487b150e 100644
--- a/coverage.php
+++ b/coverage.php
@@ -47,7 +47,7 @@ if (!extension_loaded("xdebug")) {
 			$prev_color = $color;
 		}
 		if ($prev_color != $color || !isset($line)) {
-			echo "<div" . ($prev_color ? " style='background-color: $prev_color;'" : "") . ">" . $s;
+			echo "<div" . ($prev_color ? " style='background-color: $prev_color;'" : "") . ">$s";
 			$open_tags = xhtml_open_tags($s);
 			foreach (array_reverse($open_tags) as $tag) {
 				echo "</" . preg_replace('~ .*~', '', $tag) . ">";
diff --git a/editor/example.php b/editor/example.php
index b71e23dc..1a8b518e 100644
--- a/editor/example.php
+++ b/editor/example.php
@@ -25,12 +25,12 @@ function adminer_object() {
 		
 		function tableName($tableStatus) {
 			// tables without comments would return empty string and will be ignored by Adminer
-			return htmlspecialchars($tableStatus["Comment"]);
+			return h($tableStatus["Comment"]);
 		}
 		
 		function fieldName($field, $order = 0) {
 			// only first five columns with comments will be displayed
-			return ($order < 5 ? htmlspecialchars($field["comment"]) : "");
+			return ($order < 5 ? h($field["comment"]) : "");
 		}
 		
 	}
diff --git a/editor/include/adminer.inc.php b/editor/include/adminer.inc.php
index 38bba839..28f0acef 100644
--- a/editor/include/adminer.inc.php
+++ b/editor/include/adminer.inc.php
@@ -17,7 +17,7 @@ class Adminer {
 	function loginForm($username) {
 		?>
 <table cellspacing="0">
-<tr><th><?php echo lang('Username'); ?><td><input type="hidden" name="server" value="" /><input name="username" value="<?php echo htmlspecialchars($username); ?>">
+<tr><th><?php echo lang('Username'); ?><td><input type="hidden" name="server" value="" /><input name="username" value="<?php echo h($username); ?>">
 <tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
 </table>
 <?php
@@ -29,11 +29,11 @@ class Adminer {
 	
 	function tableName($tableStatus) {
 		table_comment($tableStatus);
-		return htmlspecialchars(strlen($tableStatus["Comment"]) ? $tableStatus["Comment"] : $tableStatus["Name"]);
+		return h(strlen($tableStatus["Comment"]) ? $tableStatus["Comment"] : $tableStatus["Name"]);
 	}
 	
 	function fieldName($field, $order = 0) {
-		return htmlspecialchars(strlen($field["comment"]) ? $field["comment"] : $field["field"]);
+		return h(strlen($field["comment"]) ? $field["comment"] : $field["field"]);
 	}
 	
 	function selectLinks($tableStatus) {
@@ -116,7 +116,7 @@ ORDER BY ORDINAL_POSITION"); //! requires MySQL 5
 			}
 		}
 		if ($field["full_type"] == "tinyint(1)" && $return != "&nbsp;") { // bool
-			$return = '<img src="' . ($val ? "../adminer/plus.gif" : "../adminer/cross.gif") . '" alt="' . htmlspecialchars($val) . '">';
+			$return = '<img src="' . ($val ? "../adminer/plus.gif" : "../adminer/cross.gif") . '" alt="' . h($val) . '">';
 		}
 		return ($link ? "<a href=\"$link\">$return</a>" : $return);
 	}
@@ -139,7 +139,7 @@ ORDER BY ORDINAL_POSITION"); //! requires MySQL 5
 		foreach ((array) $_GET["where"] as $val) {
 			if (strlen("$val[col]$val[val]")) {
 				echo "<div><select name='where[$i][col]'><option value=''>" . lang('(anywhere)') . optionlist($columns, $val["col"], true) . "</select>";
-				echo "<input name='where[$i][val]' value=\"" . htmlspecialchars($val["val"]) . "\"></div>\n";
+				echo "<input name='where[$i][val]' value='" . h($val["val"]) . "'></div>\n";
 				$i++;
 			}
 		}
@@ -189,7 +189,7 @@ ORDER BY ORDINAL_POSITION"); //! requires MySQL 5
 			echo "<p>" . lang('From') . ": <input name='email_from'>\n";
 			echo lang('Subject') . ": <input name='email_subject'>\n";
 			echo "<p><textarea name='email_message' rows='15' cols='60'></textarea>\n";
-			echo "<p>" . (count($emailFields) == 1 ? '<input type="hidden" name="email_field" value="' . htmlspecialchars(key($emailFields)) . '">' : '<select name="email_field">' . optionlist($emailFields) . '</select> ');
+			echo "<p>" . (count($emailFields) == 1 ? '<input type="hidden" name="email_field" value="' . h(key($emailFields)) . '">' : '<select name="email_field">' . optionlist($emailFields) . '</select> ');
 			echo "<input type='submit' name='email' value='" . lang('Send') . "'$confirm>\n";
 			echo "</div></fieldset>\n";
 		}
@@ -310,7 +310,7 @@ ORDER BY ORDINAL_POSITION"); //! requires MySQL 5
 			}
 		}
 		if ($field["full_type"] == "tinyint(1)") { // bool
-			return '<input type="checkbox" value="' . htmlspecialchars($value ? $value : 1) . '"' . ($value ? ' checked="checked"' : '') . "$attrs>";
+			return '<input type="checkbox" value="' . h($value ? $value : 1) . '"' . ($value ? ' checked="checked"' : '') . "$attrs>";
 		}
 		return '';
 	}
@@ -346,7 +346,7 @@ ORDER BY ORDINAL_POSITION"); //! requires MySQL 5
 					foreach ($table_status as $row) {
 						$name = $this->tableName($row);
 						if (isset($row["Engine"]) && strlen($name)) { // ignore views and tables without name
-							echo '<a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($row["Name"]) . "\">$name</a><br>\n";
+							echo "<a href='" . h($SELF) . 'select=' . urlencode($row["Name"]) . "'>$name</a><br>\n";
 						}
 					}
 				}