Permalink
Browse files

Centralize common variables

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@842 7c3ca157-0c34-0410-bff1-cbf682f78f5c
  • Loading branch information...
1 parent e2a03c0 commit 08dc4b654e487ae7b51427df9a838991296abde0 jakubvrana committed Jul 16, 2009
Showing with 9 additions and 25 deletions.
  1. +7 −0 adminer/include/bootstrap.inc.php
  2. +1 −12 adminer/index.php
  3. +1 −13 editor/index.php
@@ -95,3 +95,10 @@ function save_coverage() {
include "./include/connect.inc.php";
include "./include/editing.inc.php";
include "./include/export.inc.php";
+
+$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
+$token = $_SESSION["tokens"][$_GET["server"]];
+$error = ($_POST
+ ? ($_POST["token"] == $token || isset($_GET["dump"]) ? "" : lang('Invalid CSRF token. Send the form again.'))
+ : ($_SERVER["REQUEST_METHOD"] != "POST" ? "" : lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.')) // posted form with no data means that post_max_size exceeded because Adminer always sends token at least
+);
View
@@ -10,8 +10,6 @@
$enum_length = '\'(?:\'\'|[^\'\\\\]+|\\\\.)*\'|"(?:""|[^"\\\\]+|\\\\.)*"';
$inout = array("IN", "OUT", "INOUT");
-$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
-$error = "";
if (isset($_GET["download"])) {
include "./download.inc.php";
@@ -25,16 +23,7 @@
include "./dump.inc.php";
} elseif (isset($_GET["privileges"])) {
include "./privileges.inc.php";
-} else { // uses CSRF token
- $token = $_SESSION["tokens"][$_GET["server"]];
- if ($_POST) {
- if ($_POST["token"] != $token) {
- $error = lang('Invalid CSRF token. Send the form again.');
- }
- } elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
- // posted form with no data means exceeded post_max_size because Adminer always sends token at least
- $error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
- }
+} else {
if (isset($_GET["default"])) {
// edit form is used for default values and distinguished by checking isset($_GET["default"]) in edit.inc.php
$_GET["edit"] = $_GET["default"];
View
@@ -8,21 +8,9 @@
include "../adminer/include/bootstrap.inc.php";
-$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
-$error = "";
-
if (isset($_GET["download"])) {
include "../adminer/download.inc.php";
-} else { // uses CSRF token
- $token = $_SESSION["tokens"][$_GET["server"]];
- if ($_POST) {
- if ($_POST["token"] != $token) {
- $error = lang('Invalid CSRF token. Send the form again.');
- }
- } elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
- // posted form with no data means exceeded post_max_size because Adminer always sends token at least
- $error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
- }
+} else {
if (isset($_GET["select"]) && ($_POST["edit"] || $_POST["clone"]) && !$_POST["save"]) {
$_GET["edit"] = $_GET["select"];
}

0 comments on commit 08dc4b6

Please sign in to comment.