Fix open redirect if Adminer is accessible at //adminer.php%2F@ (thanks to Prakash Sharma)
This commit is contained in:
parent
a9c1004232
commit
6a2de873e1
|
@ -84,7 +84,7 @@ include "../adminer/drivers/mysql.inc.php"; // must be included as last driver
|
|||
|
||||
define("SERVER", $_GET[DRIVER]); // read from pgsql=localhost
|
||||
define("DB", $_GET["db"]); // for the sake of speed and size
|
||||
define("ME", str_replace(":", "%3a", preg_replace('~^[^?]*/([^?]*).*~', '\1', $_SERVER["REQUEST_URI"])) . '?'
|
||||
define("ME", str_replace(":", "%3a", preg_replace('~\?.*~', '', relative_uri())) . '?'
|
||||
. (sid() ? SID . '&' : '')
|
||||
. (SERVER !== null ? DRIVER . "=" . urlencode(SERVER) . '&' : '')
|
||||
. (isset($_GET["username"]) ? "username=" . urlencode($_GET["username"]) . '&' : '')
|
||||
|
|
|
@ -721,12 +721,19 @@ function format_time($start) {
|
|||
return lang('%.3f s', max(0, microtime(true) - $start));
|
||||
}
|
||||
|
||||
/** Get relative REQUEST_URI
|
||||
* @return string
|
||||
*/
|
||||
function relative_uri() {
|
||||
return preg_replace('~^[^?]*/([^?]*)~', '\1', $_SERVER["REQUEST_URI"]);
|
||||
}
|
||||
|
||||
/** Remove parameter from query string
|
||||
* @param string
|
||||
* @return string
|
||||
*/
|
||||
function remove_from_uri($param = "") {
|
||||
return substr(preg_replace("~(?<=[?&])($param" . (SID ? "" : "|" . session_name()) . ")=[^&]*&~", '', "$_SERVER[REQUEST_URI]&"), 0, -1);
|
||||
return substr(preg_replace("~(?<=[?&])($param" . (SID ? "" : "|" . session_name()) . ")=[^&]*&~", '', relative_uri() . "&"), 0, -1);
|
||||
}
|
||||
|
||||
/** Generate page number for pagination
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
Adminer 4.7.7-dev:
|
||||
Fix open redirect if Adminer is accessible at //adminer.php%2F@
|
||||
|
||||
Adminer 4.7.6 (released 2020-01-31):
|
||||
Speed up alter table form (regression from 4.4.0)
|
||||
|
|
Loading…
Reference in a new issue