diff options
| author | Jim Winstead <jimw@mysql.com> | 2009-04-28 10:54:26 -0700 |
|---|---|---|
| committer | Jim Winstead <jimw@mysql.com> | 2009-04-28 10:54:26 -0700 |
| commit | fb2d75cb75e438fe0912cb81347638167e9ff8ca (patch) | |
| tree | 71e3fb98018d6bed527e2fd876f3f1169c8c256c | |
| parent | 90815182f09d8c9647b8ce2f907b7e3d6b687375 (diff) | |
| download | mariadb-git-fb2d75cb75e438fe0912cb81347638167e9ff8ca.tar.gz | |
Bug #27884: mysql --html does not quote HTML special characters in output
Fix encoding of field values and names in HTML output from mysql client.
| -rw-r--r-- | client/mysql.cc | 11 | ||||
| -rw-r--r-- | mysql-test/r/mysql.result | 1 | ||||
| -rw-r--r-- | mysql-test/t/mysql.test | 6 |
3 files changed, 14 insertions, 4 deletions
diff --git a/client/mysql.cc b/client/mysql.cc index 46141cd975f..eb8b522d972 100644 --- a/client/mysql.cc +++ b/client/mysql.cc @@ -3381,9 +3381,12 @@ print_table_data_html(MYSQL_RES *result) { while((field = mysql_fetch_field(result))) { - tee_fprintf(PAGER, "<TH>%s</TH>", (field->name ? - (field->name[0] ? field->name : - " ") : "NULL")); + tee_fputs("<TH>", PAGER); + if (field->name && field->name[0]) + xmlencode_print(field->name, field->name_length); + else + tee_fputs(field->name ? " " : "NULL", PAGER); + tee_fputs("</TH>", PAGER); } (void) tee_fputs("</TR>", PAGER); } @@ -3396,7 +3399,7 @@ print_table_data_html(MYSQL_RES *result) for (uint i=0; i < mysql_num_fields(result); i++) { (void) tee_fputs("<TD>", PAGER); - safe_put_field(cur[i],lengths[i]); + xmlencode_print(cur[i], lengths[i]); (void) tee_fputs("</TD>", PAGER); } (void) tee_fputs("</TR>", PAGER); diff --git a/mysql-test/r/mysql.result b/mysql-test/r/mysql.result index 5054c3aa76f..c53a2243811 100644 --- a/mysql-test/r/mysql.result +++ b/mysql-test/r/mysql.result @@ -200,4 +200,5 @@ Warning (Code 1286): Unknown table engine 'nonexistent2' Warning (Code 1266): Using storage engine MyISAM for table 't2' Error (Code 1050): Table 't2' already exists drop tables t1, t2; +<TABLE BORDER=1><TR><TH><</TH></TR><TR><TD>< & ></TD></TR></TABLE> End of tests diff --git a/mysql-test/t/mysql.test b/mysql-test/t/mysql.test index 7e970d5b104..91679c8c2ff 100644 --- a/mysql-test/t/mysql.test +++ b/mysql-test/t/mysql.test @@ -367,4 +367,10 @@ remove_file $MYSQLTEST_VARDIR/tmp/bug31060.sql; drop tables t1, t2; +# +# Bug #27884: mysql --html does not quote HTML special characters in output +# +--exec $MYSQL --html test -e "select '< & >' as \`<\`" + +--echo --echo End of tests |