Skip to content

Commit 427fbed

Browse files
committed
Require POST method to delete servers in Setup
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
1 parent bc0d37c commit 427fbed

File tree

3 files changed

+14
-3
lines changed

3 files changed

+14
-3
lines changed

Diff for: setup/frames/index.inc.php

+3-2
Original file line numberDiff line numberDiff line change
@@ -156,8 +156,9 @@
156156
echo '<a href="' , Url::getCommon(array('page' => 'servers', 'mode' => 'edit', 'id' => $id)), '">'
157157
, __('Edit') , '</a>';
158158
echo ' | ';
159-
echo '<a href="' , Url::getCommon(array('page' => 'servers', 'mode' => 'remove', 'id' => $id)), '">'
160-
, __('Delete') , '</a>';
159+
echo '<a class="delete-server" href="' . Url::getCommon(array('page' => 'servers', 'mode' => 'remove', 'id' => $id));
160+
echo '" data-post="' . Url::getCommon(array('token' => $_SESSION[' PMA_token ']), '') . '">';
161+
echo __('Delete') . '</a>';
161162
echo '</small>';
162163
echo '</td>';
163164
echo '</tr>';

Diff for: setup/frames/servers.inc.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
$page_title = __('Edit server')
2828
. ' ' . $id
2929
. ' <small>(' . htmlspecialchars($cf->getServerDSN($id)) . ')</small>';
30-
} elseif ($mode == 'remove' && $server_exists) {
30+
} elseif ($mode == 'remove' && $server_exists && $_SERVER['REQUEST_METHOD'] == 'POST') {
3131
$cf->removeServer($id);
3232
header('Location: index.php' . Url::getCommonRaw());
3333
exit;

Diff for: setup/scripts.js

+10
Original file line numberDiff line numberDiff line change
@@ -216,3 +216,13 @@ $(function () {
216216
//
217217
// END: User preferences allow/disallow UI
218218
// ------------------------------------------------------------------
219+
220+
$(function () {
221+
$('.delete-server').on('click', function (e) {
222+
e.preventDefault();
223+
var $this = $(this);
224+
$.post($this.attr('href'), $this.attr('data-post'), function () {
225+
window.location.replace('index.php');
226+
});
227+
});
228+
});

0 commit comments

Comments
 (0)