Generate token before session close
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@114 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
parent
cac154e6c3
commit
b085cb44c1
|
@ -30,6 +30,9 @@ if (isset($_POST["server"])) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["server"], $_SESSION["usernames"][$_GET["server"]], $_SESSION["passwords"][$_GET["server"]])) {
|
if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["server"], $_SESSION["usernames"][$_GET["server"]], $_SESSION["passwords"][$_GET["server"]])) {
|
||||||
|
if ($_POST["token"]) {
|
||||||
|
$_POST["token"] = token();
|
||||||
|
}
|
||||||
page_header(lang('Login'));
|
page_header(lang('Login'));
|
||||||
if (isset($_SESSION["usernames"][$_GET["server"]])) {
|
if (isset($_SESSION["usernames"][$_GET["server"]])) {
|
||||||
echo "<p class='error'>" . lang('Invalid credentials.') . "</p>\n";
|
echo "<p class='error'>" . lang('Invalid credentials.') . "</p>\n";
|
||||||
|
@ -56,8 +59,6 @@ if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["s
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} elseif ($key == "token") {
|
|
||||||
echo '<input type="hidden" name="token" value="' . token() . '" />';
|
|
||||||
} elseif (!in_array($key, $ignore)) {
|
} elseif (!in_array($key, $ignore)) {
|
||||||
echo '<input type="hidden" name="' . htmlspecialchars($key) . '" value="' . htmlspecialchars($val) . '" />';
|
echo '<input type="hidden" name="' . htmlspecialchars($key) . '" value="' . htmlspecialchars($val) . '" />';
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue