diff options
| -rw-r--r-- | backend/php-mysql/database.sql | 2 | ||||
| -rw-r--r-- | backend/php-mysql/index.php | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/backend/php-mysql/database.sql b/backend/php-mysql/database.sql index 9bdf1d6..ad05726 100644 --- a/backend/php-mysql/database.sql +++ b/backend/php-mysql/database.sql @@ -2,7 +2,7 @@ DROP TABLE IF EXISTS `wwwsqldesigner`; CREATE TABLE `wwwsqldesigner` ( `keyword` varchar(30) NOT NULL default '', - `data` text, + `data` mediumtext, `dt` timestamp, PRIMARY KEY (`keyword`) ); diff --git a/backend/php-mysql/index.php b/backend/php-mysql/index.php index 1c6859c..89cb690 100644 --- a/backend/php-mysql/index.php +++ b/backend/php-mysql/index.php @@ -39,7 +39,7 @@ $table = $row["TABLE_NAME"]; $xml .= '<table name="'.$table.'">'; $comment = (isset($row["TABLE_COMMENT"]) ? $row["TABLE_COMMENT"] : ""); - if ($comment) { $xml .= '<comment>'.$comment.'</comment>'; } + if ($comment) { $xml .= '<comment>'.htmlspecialchars($comment).'</comment>'; } $q = "SELECT * FROM COLUMNS WHERE TABLE_NAME = '".$table."' AND TABLE_SCHEMA = '".$db."'"; $result2 = mysql_query($q); @@ -54,7 +54,7 @@ $xml .= '<row name="'.$name.'" null="'.$null.'" autoincrement="'.$ai.'">'; $xml .= '<datatype>'.strtoupper($type).'</datatype>'; $xml .= '<default>'.$def.'</default>'; - if ($comment) { $xml .= '<comment>'.$comment.'</comment>'; } + if ($comment) { $xml .= '<comment>'.htmlspecialchars($comment).'</comment>'; } /* fk constraints */ $q = "SELECT |