patch #2602633 [core] support column name having square brackets
[phpmyadmin/crack.git] / error.php
blob674d08e0fb3605b6a19556cf463ae7f44f1d822d
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * phpMyAdmin fatal error display page
6 * @version $Id$
7 * @package phpMyAdmin
8 */
10 /**
11 * Input sanitizing.
13 require_once './libraries/sanitizing.lib.php';
15 /* Get variables */
16 if (! empty($_REQUEST['lang']) && is_string($_REQUEST['lang'])) {
17 $lang = htmlspecialchars($_REQUEST['lang']);
18 } else {
19 $lang = 'en';
22 if (! empty($_REQUEST['dir']) && is_string($_REQUEST['dir'])) {
23 $dir = htmlspecialchars($_REQUEST['dir']);
24 } else {
25 $dir = 'ltr';
28 if (! empty($_REQUEST['type']) && is_string($_REQUEST['type'])) {
29 $type = htmlspecialchars($_REQUEST['type']);
30 } else {
31 $type = 'error';
34 // force utf-8 to avoid XSS with crafted URL and utf-7 in charset parameter
35 $charset = 'utf-8';
37 header('Content-Type: text/html; charset=' . $charset);
39 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
40 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $lang; ?>" dir="<?php echo $dir; ?>">
41 <head>
42 <link rel="icon" href="./favicon.ico" type="image/x-icon" />
43 <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
44 <title>phpMyAdmin</title>
45 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $charset; ?>" />
46 <style type="text/css">
47 <!--
48 html {
49 padding: 0;
50 margin: 0;
52 body {
53 font-family: sans-serif;
54 font-size: small;
55 color: #000000;
56 background-color: #F5F5F5;
57 margin: 1em;
59 h1 {
60 margin: 0;
61 padding: 0.3em;
62 font-size: 1.4em;
63 font-weight: bold;
64 color: #ffffff;
65 background-color: #ff0000;
67 p {
68 margin: 0;
69 padding: 0.5em;
70 border: 0.1em solid red;
71 background-color: #ffeeee;
73 //-->
74 </style>
75 </head>
76 <body>
77 <h1>phpMyAdmin - <?php echo $type; ?></h1>
78 <p><?php
79 if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
80 echo PMA_sanitize(stripslashes($_REQUEST['error']));
81 } else {
82 echo PMA_sanitize($_REQUEST['error']);
84 ?></p>
85 </body>
86 </html>