Use stricter regexp in URL
This commit is contained in:
parent
9bfc2a311c
commit
1aa3144d05
|
@ -11,7 +11,7 @@ if ($_POST && !$error && !isset($_POST["add_x"])) { // add is an image and PHP c
|
||||||
// create or rename database
|
// create or rename database
|
||||||
if (DB != "") {
|
if (DB != "") {
|
||||||
$_GET["db"] = $name;
|
$_GET["db"] = $name;
|
||||||
queries_redirect(preg_replace('~db=[^&]*&~', '', ME) . "db=" . urlencode($name), lang('Database has been renamed.'), rename_database($name, $row["collation"]));
|
queries_redirect(preg_replace('~\bdb=[^&]*&~', '', ME) . "db=" . urlencode($name), lang('Database has been renamed.'), rename_database($name, $row["collation"]));
|
||||||
} else {
|
} else {
|
||||||
$databases = explode("\n", str_replace("\r", "", $name));
|
$databases = explode("\n", str_replace("\r", "", $name));
|
||||||
$success = true;
|
$success = true;
|
||||||
|
|
|
@ -44,7 +44,7 @@ if ($auth) {
|
||||||
set_session($key, null);
|
set_session($key, null);
|
||||||
}
|
}
|
||||||
unset_permanent();
|
unset_permanent();
|
||||||
redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
|
redirect(substr(preg_replace('~\b(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
} elseif ($permanent && !$_SESSION["pwds"]) {
|
} elseif ($permanent && !$_SESSION["pwds"]) {
|
||||||
|
|
|
@ -37,9 +37,9 @@ document.body.className = document.body.className.replace(/ nojs/, ' js');
|
||||||
<div id="content">
|
<div id="content">
|
||||||
<?php
|
<?php
|
||||||
if ($breadcrumb !== null) {
|
if ($breadcrumb !== null) {
|
||||||
$link = substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1);
|
$link = substr(preg_replace('~\b(username|db|ns)=[^&]*&~', '', ME), 0, -1);
|
||||||
echo '<p id="breadcrumb"><a href="' . h($link ? $link : ".") . '">' . $drivers[DRIVER] . '</a> » ';
|
echo '<p id="breadcrumb"><a href="' . h($link ? $link : ".") . '">' . $drivers[DRIVER] . '</a> » ';
|
||||||
$link = substr(preg_replace('~(db|ns)=[^&]*&~', '', ME), 0, -1);
|
$link = substr(preg_replace('~\b(db|ns)=[^&]*&~', '', ME), 0, -1);
|
||||||
$server = (SERVER != "" ? h(SERVER) : lang('Server'));
|
$server = (SERVER != "" ? h(SERVER) : lang('Server'));
|
||||||
if ($breadcrumb === false) {
|
if ($breadcrumb === false) {
|
||||||
echo "$server\n";
|
echo "$server\n";
|
||||||
|
|
Loading…
Reference in a new issue