Permalink
Browse files

Prevent CSRF

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@76 7c3ca157-0c34-0410-bff1-cbf682f78f5c
  • Loading branch information...
jakubvrana
jakubvrana committed Jul 6, 2007
1 parent f90c7d8 commit 505b79d82cbf44c708bd4023f5ea279bd38c7724
Showing with 39 additions and 27 deletions.
  1. +39 −27 index.php
View
@@ -13,41 +13,53 @@
if (isset($_GET["dump"])) {
include "./dump.inc.php";
} else {
- if (isset($_GET["sql"])) {
- include "./sql.inc.php";
- } elseif (isset($_GET["table"])) {
+ if (isset($_GET["table"])) {
include "./table.inc.php";
} elseif (isset($_GET["select"])) {
include "./select.inc.php";
- } elseif (isset($_GET["edit"])) {
- include "./edit.inc.php";
- } elseif (isset($_GET["create"])) {
- include "./create.inc.php";
- } elseif (isset($_GET["indexes"])) {
- include "./indexes.inc.php";
} elseif (isset($_GET["view"])) {
include "./view.inc.php";
- } elseif (isset($_GET["database"])) {
- include "./database.inc.php";
} else {
- page_header(htmlspecialchars(lang('Database') . ": " . $_GET["db"]));
- echo '<p><a href="' . htmlspecialchars($SELF) . 'database=">' . lang('Alter database') . "</a></p>\n";
- if (mysql_get_server_info() >= 5) {
- $result = mysql_query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . mysql_real_escape_string($_GET["db"]) . "'");
- if (mysql_num_rows($result)) {
- echo "<h2>" . lang('Routines') . "</h2>\n";
- echo "<table border='0' cellspacing='0' cellpadding='2'>\n";
- while ($row = mysql_fetch_assoc($result)) {
- echo "<tr valign='top'>";
- echo "<th>" . htmlspecialchars($row["ROUTINE_TYPE"]) . "</th>";
- echo "<th>" . htmlspecialchars($row["ROUTINE_NAME"]) . "</th>"; //! parameters from SHOW CREATE {PROCEDURE|FUNCTION}
- echo "<td><pre>" . htmlspecialchars($row["ROUTINE_DEFINITION"]) . "</pre></td>";
- echo "</tr>\n";
- //! call, drop, replace
+ $params = preg_replace('~.*\\?~', '', $_SERVER["REQUEST_URI"]);
+ if ($_POST) {
+ $error = (in_array($_POST["token"], (array) $_SESSION["tokens"][$params]) ? "" : lang('Invalid CSRF token.'));
+ }
+ if ($_POST && !$error) {
+ $token = $_POST["token"];
+ } else {
+ $token = rand(1, 1e6);
+ $_SESSION["tokens"][$params][] = $token;
+ }
+ if (isset($_GET["sql"])) {
+ include "./sql.inc.php";
+ } elseif (isset($_GET["edit"])) {
+ include "./edit.inc.php";
+ } elseif (isset($_GET["create"])) {
+ include "./create.inc.php";
+ } elseif (isset($_GET["indexes"])) {
+ include "./indexes.inc.php";
+ } elseif (isset($_GET["database"])) {
+ include "./database.inc.php";
+ } else {
+ unset($_SESSION["tokens"][$params]);
+ page_header(htmlspecialchars(lang('Database') . ": " . $_GET["db"]));
+ echo '<p><a href="' . htmlspecialchars($SELF) . 'database=">' . lang('Alter database') . "</a></p>\n";
+ if (mysql_get_server_info() >= 5) {
+ $result = mysql_query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . mysql_real_escape_string($_GET["db"]) . "'");
+ if (mysql_num_rows($result)) {
+ echo "<h2>" . lang('Routines') . "</h2>\n";
+ echo "<table border='0' cellspacing='0' cellpadding='2'>\n";
+ while ($row = mysql_fetch_assoc($result)) {
+ echo "<tr valign='top'>";
+ echo "<th>" . htmlspecialchars($row["ROUTINE_TYPE"]) . "</th>";
+ echo "<th>" . htmlspecialchars($row["ROUTINE_NAME"]) . "</th>"; //! parameters from SHOW CREATE {PROCEDURE|FUNCTION}
+ echo "<td><pre>" . htmlspecialchars($row["ROUTINE_DEFINITION"]) . "</pre></td>";
+ echo "</tr>\n";
+ }
+ echo "</table>\n";
}
- echo "</table>\n";
+ mysql_free_result($result);
}
- mysql_free_result($result);
}
}
page_footer();

0 comments on commit 505b79d

Please sign in to comment.