hans/Nominatim
1
0
Fork 1
mirror of https://github.com/osm-search/Nominatim.git synced 2026-02-16 15:47:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

properly encode special HTML characters in debug mode

Browse Source
This commit is contained in:
Sarah Hoffmann
2023-02-20 15:41:04 +01:00
parent 8db6dd995a
commit 513175ce23
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib-php/DebugHtml.php
View File

@@ -135,7 +135,7 @@ class Debug
public static function printSQL($sSQL) public static function printSQL($sSQL)
{ {
echo '<p><tt><b>'.date('c').'</b> <font color="#aaa">'.$sSQL.'</font></tt></p>'."\n"; echo '<p><tt><b>'.date('c').'</b> <font color="#aaa">'.htmlspecialchars($sSQL).'</font></tt></p>'."\n";
} }
private static function outputVar($mVar, $sPreNL) private static function outputVar($mVar, $sPreNL)
@@ -178,11 +178,12 @@ class Debug
} }
if (is_string($mVar)) { if (is_string($mVar)) {
echo "'$mVar'"; $sOut = "'$mVar'";
return strlen($mVar) + 2; } else {
$sOut = (string)$mVar;
} }
echo (string)$mVar; echo htmlspecialchars($sOut);
return strlen((string)$mVar); return strlen($sOut);
} }
} }