$title_all
\n"; echo "\n"; restart_session(); page_messages($error); $databases = &get_session("dbs"); if (DB != "" && $databases && !in_array(DB, $databases, true)) { $databases = null; } stop_session(); define("PAGE_HEADER", 1); } /** Send HTTP headers * @return null */ function page_headers() { global $adminer; header("Content-Type: text/html; charset=utf-8"); header("Cache-Control: no-cache"); header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9 header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page header("X-Content-Type-Options: nosniff"); header("Referrer-Policy: origin-when-cross-origin"); $csp = array(); foreach ($adminer->csp() as $key => $val) { $csp[] = "$key $val"; } header("Content-Security-Policy: " . implode("; ", $csp)); $adminer->headers(); } /** Get Content Security Policy headers * @return array directive name in key, allowed sources in value */ function csp() { return array( "default-src" => "'none'", "script-src" => "'self' 'unsafe-inline'", "style-src" => "'self' 'unsafe-inline'", "connect-src" => "'self'", "img-src" => "'self' data:", "frame-src" => "https://www.adminer.org", "form-action" => "'self'", ); } /** Print flash and error messages * @param string * @return null */ function page_messages($error) { $uri = preg_replace('~^[^?]*~', '', $_SERVER["REQUEST_URI"]); $messages = $_SESSION["messages"][$uri]; if ($messages) { echo " \n \n"; unset($_SESSION["messages"][$uri]); } if ($error) { echo "$error
\n";
}
}
/** Print HTML footer
* @param string "auth", "db", "ns"
* @return null
*/
function page_footer($missing = "") {
global $adminer, $token;
?>