Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Protection against big POST data

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@373 7c3ca157-0c34-0410-bff1-cbf682f78f5c
  • Loading branch information...
commit 4d38c7d9635fb008af11dd4ced1ff9193f034693 1 parent c54ba01
jakubvrana authored
View
2  abstraction.inc.php
@@ -195,7 +195,7 @@ function free() {
} else {
page_header(lang('No MySQL extension'), null);
- echo "<p class='error'>" . lang('None of supported PHP extensions (%s) are available.', 'mysqli, mysql, pdo') . "</p>\n";
+ echo "<p class='error'>" . lang('None of supported PHP extensions (%s) are available.', 'MySQLi, MySQL, PDO') . "</p>\n";
page_footer("auth");
exit;
}
View
4 call.inc.php
@@ -13,7 +13,9 @@
}
}
-if ($_POST) {
+if ($error) {
+ echo "<p class='error'>" . htmlspecialchars($error) . "</p>\n";
+} elseif ($_POST) {
$call = array();
foreach ($routine["fields"] as $key => $field) {
if (in_array($key, $in)) {
View
5 create.inc.php
@@ -65,14 +65,15 @@
}
$result->free();
+if ($error) {
+ echo "<p class='error'>" . lang('Unable to operate table') . ": " . htmlspecialchars($error) . "</p>\n";
+}
if ($_POST) {
$row = $_POST;
ksort($row["fields"]);
$row["fields"] = array_values($row["fields"]);
if ($_POST["add"]) {
array_splice($row["fields"], key($_POST["add"]), 0, array(array()));
- } elseif (!$_POST["drop_col"]) {
- echo "<p class='error'>" . lang('Unable to operate table') . ": " . htmlspecialchars($error) . "</p>\n";
}
if ($row["auto_increment_col"]) {
$row["fields"][$row["auto_increment_col"] - 1]["auto_increment"] = true;
View
7 database.inc.php
@@ -28,12 +28,13 @@
}
$error = $mysql->error;
}
-
page_header(strlen($_GET["db"]) ? lang('Alter database') : lang('Create database'), array(), $_GET["db"]);
-$collations = collations();
-if ($_POST) {
+$collations = collations();
+if ($error) {
echo "<p class='error'>" . lang('Unable to operate database') . ": " . htmlspecialchars($error) . "</p>\n";
+}
+if ($_POST) {
$name = $_POST["name"];
$collate = $_POST["collation"];
} else {
View
4 edit.inc.php
@@ -43,8 +43,10 @@
}
page_header((isset($_GET["default"]) ? lang('Default values') : ($_GET["where"] ? lang('Edit') : lang('Insert'))), array((isset($_GET["default"]) ? "table" : "select") => $_GET["edit"]), $_GET["edit"]);
-if ($_POST) {
+if ($error) {
echo "<p class='error'>" . lang('Error during saving') . ": " . htmlspecialchars($error) . "</p>\n";
+}
+if ($_POST) {
$row = (array) $_POST["fields"];
foreach ((array) $_POST["null"] as $key => $val) {
$row[$key] = null;
View
4 editing.inc.php
@@ -51,8 +51,8 @@ function process_input($name, $field) {
return (isset($_GET["default"]) ? "'" . implode(",", array_map(array($mysql, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value));
} elseif (preg_match('~binary|blob~', $field["type"])) {
$file = get_file($name);
- if (!is_string($file) && !$field["null"]) {
- return false; //! report errors, also empty $_POST (too big POST data, not only FILES)
+ if (!is_string($file) && ($file != UPLOAD_ERR_NO_FILE || !$field["null"])) {
+ return false; //! report errors
}
return "_binary'" . (is_string($file) ? $mysql->escape_string($file) : "") . "'";
} elseif ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
View
6 foreign.inc.php
@@ -24,7 +24,6 @@
}
$error = $mysql->error;
}
-
page_header(lang('Foreign key'), array("table" => $_GET["foreign"]), $_GET["foreign"]);
$tables = array();
@@ -36,6 +35,9 @@
}
$result->free();
+if ($error) {
+ echo "<p class='error'>" . lang('Unable to operate foreign keys') . ": " . htmlspecialchars($error) . "</p>\n";
+}
if ($_POST) {
$row = $_POST;
ksort($row["source"]);
@@ -43,8 +45,6 @@
$row["source"][] = "";
} elseif ($_POST["change"] || $_POST["change-js"]) {
$row["target"] = array();
- } else {
- echo "<p class='error'>" . lang('Unable to operate foreign keys') . ": " . htmlspecialchars($error) . "</p>\n";
}
} elseif (strlen($_GET["name"])) {
$foreign_keys = foreign_keys($_GET["foreign"]);
View
2  functions.inc.php
@@ -204,7 +204,7 @@ function remove_from_uri($param = "") {
function get_file($key) {
if (isset($_POST["files"][$key])) {
$length = strlen($_POST["files"][$key]);
- return ($length & $length < 4 ? intval($_POST["files"][$key]) : base64_decode($_POST["files"][$key]));
+ return ($length && $length < 4 ? intval($_POST["files"][$key]) : base64_decode($_POST["files"][$key]));
}
return (!$_FILES[$key] || $_FILES[$key]["error"] ? $_FILES[$key]["error"] : file_get_contents($_FILES[$key]["tmp_name"]));
}
View
10 index.php
@@ -1,5 +1,5 @@
<?php
-/** phpMinAdmin - MySQL management tool
+/** phpMinAdmin - Compact MySQL management
* @link http://phpminadmin.sourceforge.net
* @author Jakub Vrana, http://php.vrana.cz
* @copyright 2007 Jakub Vrana
@@ -50,8 +50,13 @@
include "./privileges.inc.php";
} else { // uses CSRF token
include "./editing.inc.php";
+ $error = "";
if ($_POST) {
- $error = (in_array($_POST["token"], (array) $TOKENS) ? "" : lang('Invalid CSRF token. Send the form again.'));
+ if (!in_array($_POST["token"], (array) $TOKENS)) {
+ $error = lang('Invalid CSRF token. Send the form again.');
+ }
+ } elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
+ $error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
}
$token = ($_POST && !$error ? $_POST["token"] : token());
if (isset($_GET["default"])) {
@@ -90,7 +95,6 @@
} elseif (isset($_GET["select"])) {
include "./select.inc.php";
} else {
- $TOKENS = array();
page_header(lang('Database') . ": " . htmlspecialchars($_GET["db"]), false);
echo '<p><a href="' . htmlspecialchars($SELF) . 'database=">' . lang('Alter database') . "</a></p>\n";
echo '<p><a href="' . htmlspecialchars($SELF) . 'schema=">' . lang('Database schema') . "</a></p>\n";
View
7 indexes.inc.php
@@ -40,12 +40,13 @@
}
page_header(lang('Indexes'), array("table" => $_GET["indexes"]), $_GET["indexes"]);
+if ($error) {
+ echo "<p class='error'>" . lang('Unable to operate indexes') . ": " . htmlspecialchars($error) . "</p>\n";
+}
$fields = array_keys(fields($_GET["indexes"]));
if ($_POST) {
$row = $_POST;
- if (!$_POST["add"]) {
- echo "<p class='error'>" . lang('Unable to operate indexes') . ": " . htmlspecialchars($error) . "</p>\n";
- } else {
+ if ($_POST["add"]) {
foreach ($row["indexes"] as $key => $index) {
if (strlen($index["columns"][count($index["columns"])])) {
$row["indexes"][$key]["columns"][] = "";
View
1  lang/cs.inc.php
@@ -167,4 +167,5 @@
'all' => 'vše',
'Delete selected' => 'Smazat označené',
'Truncate table' => 'Promazat tabulku',
+ 'Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.' => 'Příliš velká POST data. Zmenšete data nebo zvyšte hodnotu konfigurační direktivy "post_max_size".',
);
View
6 procedure.inc.php
@@ -29,12 +29,14 @@
}
$error = $mysql->error;
}
-
page_header(strlen($_GET["procedure"])
? (isset($_GET["function"]) ? lang('Alter function') : lang('Alter procedure')) . ": " . htmlspecialchars($_GET["procedure"])
: (isset($_GET["function"]) ? lang('Create function') : lang('Create procedure'))
);
+if ($error) {
+ echo "<p class='error'>" . lang('Unable to operate routine') . ": " . htmlspecialchars($error) . "</p>\n";
+}
$collations = get_vals("SHOW CHARACTER SET");
if ($_POST) {
$row = $_POST;
@@ -43,8 +45,6 @@
$row["fields"] = array_values($row["fields"]);
if ($_POST["add"]) {
array_splice($row["fields"], key($_POST["add"]), 0, array(array()));
- } elseif (!$_POST["drop_col"]) {
- echo "<p class='error'>" . lang('Unable to operate routine') . ": " . htmlspecialchars($error) . "</p>\n";
}
} elseif (strlen($_GET["procedure"])) {
$row = routine($_GET["procedure"], $routine);
View
3  processlist.inc.php
@@ -11,10 +11,9 @@
}
$error = $mysql->error;
}
-
page_header(lang('Process list'));
-if ($_POST) {
+if ($error) {
echo "<p class='error'>" . lang('Unable to kill process') . ": " . htmlspecialchars($error) . "</p>\n";
}
?>
View
4 select.inc.php
@@ -83,9 +83,9 @@
}
$error = $mysql->error;
}
-
page_header(lang('Select') . ": " . htmlspecialchars($_GET["select"]));
-if ($_POST) {
+
+if ($error) {
echo "<p class='error'>" . lang('Error during deleting') . ": " . htmlspecialchars($error) . "</p>\n";
}
View
5 sql.inc.php
@@ -3,11 +3,10 @@
setcookie("highlight", $_POST["highlight"], strtotime("+1 month"), preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]));
$_COOKIE["highlight"] = $_POST["highlight"];
}
-
page_header(lang('SQL command'));
-if ($_POST && $error) {
- echo "<p class='error'>$error</p>\n";
+if ($error) {
+ echo "<p class='error'>" . htmlspecialchars($error) . "</p>\n";
} elseif ($_POST && is_string($query = (isset($_POST["query"]) ? $_POST["query"] : get_file("sql_file")))) {
$delimiter = ";";
$offset = 0;
View
5 trigger.inc.php
@@ -19,12 +19,13 @@
}
$error = $mysql->error;
}
-
page_header(strlen($_GET["name"]) ? lang('Alter trigger') . ": " . htmlspecialchars($_GET["name"]) : lang('Create trigger'), array("table" => $_GET["trigger"]));
+if ($error) {
+ echo "<p class='error'>" . lang('Unable to operate trigger') . ": " . htmlspecialchars($error) . "</p>\n";
+}
if ($_POST) {
$row = $_POST;
- echo "<p class='error'>" . lang('Unable to operate trigger') . ": " . htmlspecialchars($error) . "</p>\n";
} elseif (strlen($_GET["name"])) {
$result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string(addcslashes($_GET["trigger"], "%_")) . "'");
while ($row = $result->fetch_assoc()) {
View
5 user.inc.php
@@ -117,13 +117,14 @@ function all_privileges(&$grants, $privileges) {
$error = $mysql->error;
}
}
-
page_header((isset($_GET["host"]) ? lang('Username') . ": " . htmlspecialchars("$_GET[user]@$_GET[host]") : lang('Create user')), array("privileges" => lang('Privileges')));
+if ($error) {
+ echo "<p class='error'>" . lang('Unable to operate user') . ": " . htmlspecialchars($error) . "</p>\n";
+}
if ($_POST) {
$row = $_POST;
$grants = $new_grants;
- echo "<p class='error'>" . lang('Unable to operate user') . ": " . htmlspecialchars($error) . "</p>\n";
} else {
$row = $_GET + array("host" => "localhost");
$row["pass"] = $old_pass;
Please sign in to comment.
Something went wrong with that request. Please try again.