Use stricter regexp in URL
This commit is contained in:
parent
9bfc2a311c
commit
1aa3144d05
|
@ -11,7 +11,7 @@ if ($_POST && !$error && !isset($_POST["add_x"])) { // add is an image and PHP c
|
|||
// create or rename database
|
||||
if (DB != "") {
|
||||
$_GET["db"] = $name;
|
||||
queries_redirect(preg_replace('~db=[^&]*&~', '', ME) . "db=" . urlencode($name), lang('Database has been renamed.'), rename_database($name, $row["collation"]));
|
||||
queries_redirect(preg_replace('~\bdb=[^&]*&~', '', ME) . "db=" . urlencode($name), lang('Database has been renamed.'), rename_database($name, $row["collation"]));
|
||||
} else {
|
||||
$databases = explode("\n", str_replace("\r", "", $name));
|
||||
$success = true;
|
||||
|
|
|
@ -44,7 +44,7 @@ if ($auth) {
|
|||
set_session($key, null);
|
||||
}
|
||||
unset_permanent();
|
||||
redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
|
||||
redirect(substr(preg_replace('~\b(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
|
||||
}
|
||||
|
||||
} elseif ($permanent && !$_SESSION["pwds"]) {
|
||||
|
|
|
@ -37,9 +37,9 @@ document.body.className = document.body.className.replace(/ nojs/, ' js');
|
|||
<div id="content">
|
||||
<?php
|
||||
if ($breadcrumb !== null) {
|
||||
$link = substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1);
|
||||
$link = substr(preg_replace('~\b(username|db|ns)=[^&]*&~', '', ME), 0, -1);
|
||||
echo '<p id="breadcrumb"><a href="' . h($link ? $link : ".") . '">' . $drivers[DRIVER] . '</a> » ';
|
||||
$link = substr(preg_replace('~(db|ns)=[^&]*&~', '', ME), 0, -1);
|
||||
$link = substr(preg_replace('~\b(db|ns)=[^&]*&~', '', ME), 0, -1);
|
||||
$server = (SERVER != "" ? h(SERVER) : lang('Server'));
|
||||
if ($breadcrumb === false) {
|
||||
echo "$server\n";
|
||||
|
|
Loading…
Reference in a new issue