Code review comment for lp:~edb/quam-plures/plugins_list_available

Okay, I'm SO sorry it's still broken. And it's not just me saying that because there's some code I don't like, it's because I'm getting a Red Page of Death when trying to install a plugin (with a SQL error).

Diff line 195:

  echo '[<a href='.$dispatcher.'?ctrl=plugins&amp;action=install&amp;plugin='.rawurlencode($loop_Plugin->classname).'">'.

There's a missing double quote right after href= (which should be href="), causing the browser to think I want to install a plugin with the classname <whatever>" (with a trailing double quote).

Actually, this shows that we have a big fat SQL injection vulnerability in Plugins_admin::install() because the double quote should be escaped and not cause an SQL error! Anyway, not in the scope of this branch. Just fix the missing double quote and in the meanwhile, I will report a new bug.

Once you have fixed the missing quote, everything should FINALLY be okay. Sigh.