Generate token before session close

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@114 7c3ca157-0c34-0410-bff1-cbf682f78f5c
2007-07-11 08:03:08 +00:00 · 2007-07-11 08:03:08 +00:00 · b085cb44c1
parent cac154e6c3
commit b085cb44c1
1 changed files with 3 additions and 2 deletions
--- a/auth.inc.php
+++ b/auth.inc.php
@ -30,6 +30,9 @@ if (isset($_POST["server"])) {
 }

 if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["server"], $_SESSION["usernames"][$_GET["server"]], $_SESSION["passwords"][$_GET["server"]])) {
+	if ($_POST["token"]) {
+		$_POST["token"] = token();
+	}
 	page_header(lang('Login'));
 	if (isset($_SESSION["usernames"][$_GET["server"]])) {
 		echo "<p class='error'>" . lang('Invalid credentials.') . "</p>\n";
@ -56,8 +59,6 @@ if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["s
 					}
 				}
 			}
-		} elseif ($key == "token") {
-			echo '<input type="hidden" name="token" value="' . token() . '" />';
 		} elseif (!in_array($key, $ignore)) {
 			echo '<input type="hidden" name="' . htmlspecialchars($key) . '" value="' . htmlspecialchars($val) . '" />';
 		}