Retrieve parameters from $_POST in server binlog

Signed-off-by: Maurício Meneghini Fauth <mauriciofauth@gmail.com>
phpmyadmin · Nov 10, 2018 · 34972f0 · 34972f0
1 parent 01e8064
commit 34972f0
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 21 deletions.
diff --git a/libraries/classes/Controllers/Server/ServerBinlogController.php b/libraries/classes/Controllers/Server/ServerBinlogController.php
@@ -55,15 +55,15 @@ public function indexAction()
         include_once 'libraries/server_common.inc.php';
 
         $url_params = array();
-        if (! isset($_REQUEST['log'])
-            || ! array_key_exists($_REQUEST['log'], $this->binary_logs)
+        if (! isset($_POST['log'])
+            || ! array_key_exists($_POST['log'], $this->binary_logs)
         ) {
-            $_REQUEST['log'] = '';
+            $_POST['log'] = '';
         } else {
-            $url_params['log'] = $_REQUEST['log'];
+            $url_params['log'] = $_POST['log'];
         }
 
-        if (!empty($_REQUEST['dontlimitchars'])) {
+        if (!empty($_POST['dontlimitchars'])) {
             $url_params['dontlimitchars'] = 1;
         }
 
@@ -89,7 +89,7 @@ private function _getLogSelector(array $url_params)
             array(
                 'url_params' => $url_params,
                 'binary_logs' => $this->binary_logs,
-                'log' => $_REQUEST['log'],
+                'log' => $_POST['log'],
             )
         );
     }
@@ -106,16 +106,16 @@ private function _getLogInfo(array $url_params)
         /**
          * Need to find the real end of rows?
          */
-        if (! isset($_REQUEST['pos'])) {
+        if (! isset($_POST['pos'])) {
             $pos = 0;
         } else {
             /* We need this to be a integer */
-            $pos = (int) $_REQUEST['pos'];
+            $pos = (int) $_POST['pos'];
         }
 
         $sql_query = 'SHOW BINLOG EVENTS';
-        if (! empty($_REQUEST['log'])) {
-            $sql_query .= ' IN \'' . $_REQUEST['log'] . '\'';
+        if (! empty($_POST['log'])) {
+            $sql_query .= ' IN \'' . $_POST['log'] . '\'';
         }
         $sql_query .= ' LIMIT ' . $pos . ', ' . intval($GLOBALS['cfg']['MaxRows']);
 
@@ -134,7 +134,7 @@ private function _getLogInfo(array $url_params)
             $num_rows = 0;
         }
 
-        if (empty($_REQUEST['dontlimitchars'])) {
+        if (empty($_POST['dontlimitchars'])) {
             $dontlimitchars = false;
         } else {
             $dontlimitchars = true;
@@ -192,8 +192,8 @@ private function _getNavigationRow(array $url_params, $pos, $num_rows, $dontlimi
                 $this_url_params['pos'] = $pos - $GLOBALS['cfg']['MaxRows'];
             }
 
-            $html .= '<a href="server_binlog.php'
-                . Url::getCommon($this_url_params) . '"';
+            $html .= '<a href="server_binlog.php" data-post="'
+                . Url::getCommon($this_url_params, '') . '"';
             if (Util::showIcons('TableNavigationLinksMode')) {
                 $html .= ' title="' . _pgettext('Previous page', 'Previous') . '">';
             } else {
@@ -215,7 +215,7 @@ private function _getNavigationRow(array $url_params, $pos, $num_rows, $dontlimi
             $tempTitle = __('Show Full Queries');
             $tempImgMode = 'full';
         }
-        $html .= '<a href="server_binlog.php' . Url::getCommon($this_url_params)
+        $html .= '<a href="server_binlog.php" data-post="' . Url::getCommon($this_url_params, '')
             . '" title="' . $tempTitle . '">'
             . '<img src="' . $GLOBALS['pmaThemeImage'] . 's_' . $tempImgMode
             . 'text.png" alt="' . $tempTitle . '" /></a>';
@@ -225,8 +225,8 @@ private function _getNavigationRow(array $url_params, $pos, $num_rows, $dontlimi
         if ($num_rows >= $GLOBALS['cfg']['MaxRows']) {
             $this_url_params = $url_params;
             $this_url_params['pos'] = $pos + $GLOBALS['cfg']['MaxRows'];
-            $html .= ' - <a href="server_binlog.php'
-                . Url::getCommon($this_url_params)
+            $html .= ' - <a href="server_binlog.php" data-post="'
+                . Url::getCommon($this_url_params, '')
                 . '"';
             if (Util::showIcons('TableNavigationLinksMode')) {
                 $html .= ' title="' . _pgettext('Next page', 'Next') . '">';

diff --git a/templates/server/binlog/log_selector.twig b/templates/server/binlog/log_selector.twig
@@ -1,4 +1,4 @@
-<form action="server_binlog.php" method="get">
+<form action="server_binlog.php" method="post">
     {{ Url_getHiddenInputs(url_params) }}
     <fieldset>
         <legend>

diff --git a/test/classes/Controllers/Server/ServerBinlogControllerTest.php b/test/classes/Controllers/Server/ServerBinlogControllerTest.php
@@ -29,9 +29,9 @@ class ServerBinlogControllerTest extends PmaTestCase
      */
     public function setUp()
     {
-        //$_REQUEST
-        $_REQUEST['log'] = "index1";
-        $_REQUEST['pos'] = 3;
+        //$_POST
+        $_POST['log'] = "index1";
+        $_POST['pos'] = 3;
 
         //$GLOBALS
         $GLOBALS['cfg']['MaxRows'] = 10;
@@ -193,7 +193,7 @@ public function testGetLogInfo()
             $html
         );
         //validate 4: PMA_getNavigationRow is right
-        $urlNavigation = 'server_binlog.php?log=log&amp;dontlimitchars=1&amp;'
+        $urlNavigation = 'server_binlog.php" data-post="log=log&amp;dontlimitchars=1&amp;'
             . 'pos=3&amp;server=1&amp';
         $this->assertContains(
             $urlNavigation,