From 1af28a7c5f10b1abb78ccde47803b8bb379630ac Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Sat, 3 May 2008 11:59:52 +0000
Subject: [PATCH] sanitize table comments in print view

---
 ChangeLog         | 2 ++
 tbl_printview.php | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 06586899ab..1a3b964cb5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,8 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
   thanks to Norman Hippert
 - [structure] do not remove the BINARY attribute in drop-down 
 - bug #1955386 [session] Overriding session.hash_bits_per_character 
+- [interface] sanitize the table comments in table print view, 
+  thanks to Norman Hippert
 
 2.11.6.0 (2008-04-29)
 - bug #1903724 [interface] Displaying of very large queries in error message 
diff --git a/tbl_printview.php b/tbl_printview.php
index 873785f83e..778e5e1f63 100644
--- a/tbl_printview.php
+++ b/tbl_printview.php
@@ -148,7 +148,7 @@ foreach ($the_tables as $key => $table) {
      * Displays the comments of the table if MySQL >= 3.23
      */
     if (!empty($show_comment)) {
-        echo $strTableComments . ': ' . $show_comment . '<br /><br />';
+        echo $strTableComments . ': ' . htmlspecialchars($show_comment) . '<br /><br />';
     }
 
     /**
-- 
2.11.4.GIT