Skip to content
Permalink
Browse files Browse the repository at this point in the history
Require POST method to delete servers in Setup
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
  • Loading branch information
MauricioFauth committed Sep 19, 2019
1 parent bc0d37c commit 427fbed
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 3 deletions.
5 changes: 3 additions & 2 deletions setup/frames/index.inc.php
Expand Up @@ -156,8 +156,9 @@
echo '<a href="' , Url::getCommon(array('page' => 'servers', 'mode' => 'edit', 'id' => $id)), '">'
, __('Edit') , '</a>';
echo ' | ';
echo '<a href="' , Url::getCommon(array('page' => 'servers', 'mode' => 'remove', 'id' => $id)), '">'
, __('Delete') , '</a>';
echo '<a class="delete-server" href="' . Url::getCommon(array('page' => 'servers', 'mode' => 'remove', 'id' => $id));
echo '" data-post="' . Url::getCommon(array('token' => $_SESSION[' PMA_token ']), '') . '">';
echo __('Delete') . '</a>';
echo '</small>';
echo '</td>';
echo '</tr>';
Expand Down
2 changes: 1 addition & 1 deletion setup/frames/servers.inc.php
Expand Up @@ -27,7 +27,7 @@
$page_title = __('Edit server')
. ' ' . $id
. ' <small>(' . htmlspecialchars($cf->getServerDSN($id)) . ')</small>';
} elseif ($mode == 'remove' && $server_exists) {
} elseif ($mode == 'remove' && $server_exists && $_SERVER['REQUEST_METHOD'] == 'POST') {
$cf->removeServer($id);
header('Location: index.php' . Url::getCommonRaw());
exit;
Expand Down
10 changes: 10 additions & 0 deletions setup/scripts.js
Expand Up @@ -216,3 +216,13 @@ $(function () {
//
// END: User preferences allow/disallow UI
// ------------------------------------------------------------------

$(function () {
$('.delete-server').on('click', function (e) {
e.preventDefault();
var $this = $(this);
$.post($this.attr('href'), $this.attr('data-post'), function () {
window.location.replace('index.php');
});
});
});

0 comments on commit 427fbed

Please sign in to comment.