beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Centralize common variables

Browse source 
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@842 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana 2009-07-16 14:06:33 +00:00
parent e2a03c08c3
commit 08dc4b654e
3 changed files with 9 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
adminer/include/bootstrap.inc.php
View file

@ -95,3 +95,10 @@ include "./include/auth.inc.php";
include "./include/connect.inc.php";
include "./include/editing.inc.php";
include "./include/export.inc.php";
$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
$token = $_SESSION["tokens"][$_GET["server"]];
$error = ($_POST
? ($_POST["token"] == $token || isset($_GET["dump"]) ? "" : lang('Invalid CSRF token. Send the form again.'))
: ($_SERVER["REQUEST_METHOD"] != "POST" ? "" : lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.')) // posted form with no data means that post_max_size exceeded because Adminer always sends token at least
);

13
adminer/index.php
View file

@ -10,8 +10,6 @@ include "./include/bootstrap.inc.php";
$enum_length = '\'(?:\'\'|[^\'\\\\]+|\\\\.)*\'|"(?:""|[^"\\\\]+|\\\\.)*"';
$inout = array("IN", "OUT", "INOUT");
$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
$error = "";
if (isset($_GET["download"])) {
include "./download.inc.php";
@ -25,16 +23,7 @@ if (isset($_GET["download"])) {
include "./dump.inc.php";
} elseif (isset($_GET["privileges"])) {
include "./privileges.inc.php";
} else { // uses CSRF token
$token = $_SESSION["tokens"][$_GET["server"]];
if ($_POST) {
if ($_POST["token"] != $token) {
$error = lang('Invalid CSRF token. Send the form again.');
}
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
// posted form with no data means exceeded post_max_size because Adminer always sends token at least
$error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
}
} else {
if (isset($_GET["default"])) {
// edit form is used for default values and distinguished by checking isset($_GET["default"]) in edit.inc.php
$_GET["edit"] = $_GET["default"];

14
editor/index.php
View file

@ -8,21 +8,9 @@
include "../adminer/include/bootstrap.inc.php";
$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
$error = "";
if (isset($_GET["download"])) {
include "../adminer/download.inc.php";
} else { // uses CSRF token
$token = $_SESSION["tokens"][$_GET["server"]];
if ($_POST) {
if ($_POST["token"] != $token) {
$error = lang('Invalid CSRF token. Send the form again.');
}
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
// posted form with no data means exceeded post_max_size because Adminer always sends token at least
$error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
}
} else {
if (isset($_GET["select"]) && ($_POST["edit"] || $_POST["clone"]) && !$_POST["save"]) {
$_GET["edit"] = $_GET["select"];
}