diff --git a/adminer/include/bootstrap.inc.php b/adminer/include/bootstrap.inc.php
index 4873f96d..7ca461b2 100644
--- a/adminer/include/bootstrap.inc.php
+++ b/adminer/include/bootstrap.inc.php
@@ -95,3 +95,10 @@ include "./include/auth.inc.php";
 include "./include/connect.inc.php";
 include "./include/editing.inc.php";
 include "./include/export.inc.php";
+
+$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
+$token = $_SESSION["tokens"][$_GET["server"]];
+$error = ($_POST
+	? ($_POST["token"] == $token || isset($_GET["dump"]) ? "" : lang('Invalid CSRF token. Send the form again.'))
+	: ($_SERVER["REQUEST_METHOD"] != "POST" ? "" : lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.')) // posted form with no data means that post_max_size exceeded because Adminer always sends token at least
+);
diff --git a/adminer/index.php b/adminer/index.php
index dda4c90c..f2c2bc2d 100644
--- a/adminer/index.php
+++ b/adminer/index.php
@@ -10,8 +10,6 @@ include "./include/bootstrap.inc.php";
 
 $enum_length = '\'(?:\'\'|[^\'\\\\]+|\\\\.)*\'|"(?:""|[^"\\\\]+|\\\\.)*"';
 $inout = array("IN", "OUT", "INOUT");
-$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
-$error = "";
 
 if (isset($_GET["download"])) {
 	include "./download.inc.php";
@@ -25,16 +23,7 @@ if (isset($_GET["download"])) {
 	include "./dump.inc.php";
 } elseif (isset($_GET["privileges"])) {
 	include "./privileges.inc.php";
-} else { // uses CSRF token
-	$token = $_SESSION["tokens"][$_GET["server"]];
-	if ($_POST) {
-		if ($_POST["token"] != $token) {
-			$error = lang('Invalid CSRF token. Send the form again.');
-		}
-	} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
-		// posted form with no data means exceeded post_max_size because Adminer always sends token at least
-		$error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
-	}
+} else {
 	if (isset($_GET["default"])) {
 		// edit form is used for default values and distinguished by checking isset($_GET["default"]) in edit.inc.php
 		$_GET["edit"] = $_GET["default"];
diff --git a/editor/index.php b/editor/index.php
index 3f559c17..db6b0ce0 100644
--- a/editor/index.php
+++ b/editor/index.php
@@ -8,21 +8,9 @@
 
 include "../adminer/include/bootstrap.inc.php";
 
-$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
-$error = "";
-
 if (isset($_GET["download"])) {
 	include "../adminer/download.inc.php";
-} else { // uses CSRF token
-	$token = $_SESSION["tokens"][$_GET["server"]];
-	if ($_POST) {
-		if ($_POST["token"] != $token) {
-			$error = lang('Invalid CSRF token. Send the form again.');
-		}
-	} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
-		// posted form with no data means exceeded post_max_size because Adminer always sends token at least
-		$error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
-	}
+} else {
 	if (isset($_GET["select"]) && ($_POST["edit"] || $_POST["clone"]) && !$_POST["save"]) {
 		$_GET["edit"] = $_GET["select"];
 	}