beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Exception to CSRF can be abused in Editor

Browse source 
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@852 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana 2009-07-20 11:59:11 +00:00
parent ed2c27c249
commit 21c98c49c1
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
adminer/dump.inc.php
View file

@ -162,7 +162,7 @@ if ($dbh->server_info >= 5) {
$db_style[] = 'CREATE+ALTER';
$table_style[] = 'CREATE+ALTER';
}
echo "<tr><th>" . lang('Output') . "<td>$dump_output\n";
echo "<tr><th>" . lang('Output') . "<td><input type='hidden' name='token' value='$token'>$dump_output\n";
echo "<tr><th>" . lang('Format') . "<td>$dump_format\n";
echo "<tr><th>" . lang('Database') . "<td><select name='db_style'><option>" . optionlist($db_style, (strlen($_GET["db"]) ? '' : 'CREATE')) . "</select>\n";
echo "<tr><th>" . lang('Tables') . "<td><select name='table_style'><option>" . optionlist($table_style, 'DROP+CREATE') . "</select>\n";

2
adminer/include/bootstrap.inc.php
View file

@ -99,6 +99,6 @@ include "./include/export.inc.php";
$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
$token = $_SESSION["tokens"][$_GET["server"]];
$error = ($_POST
? ($_POST["token"] == $token || isset($_GET["dump"]) ? "" : lang('Invalid CSRF token. Send the form again.'))
? ($_POST["token"] == $token ? "" : lang('Invalid CSRF token. Send the form again.'))
: ($_SERVER["REQUEST_METHOD"] != "POST" ? "" : lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.')) // posted form with no data means that post_max_size exceeded because Adminer always sends token at least
);