Centralize common variables

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@842 7c3ca157-0c34-0410-bff1-cbf682f78f5c

diff --git a/adminer/include/bootstrap.inc.php b/adminer/include/bootstrap.inc.php
index 4873f96d5e53d8cdad7f621f5a5452e5717d35e4..7ca461b25c23c3f2e296894e068f60eeb8835880 100644 (file)
--- a/adminer/include/bootstrap.inc.php
+++ b/adminer/include/bootstrap.inc.php
@@ -95,3 +95,10 @@ include "./include/auth.inc.php";
 include "./include/connect.inc.php";
 include "./include/editing.inc.php";
 include "./include/export.inc.php";
+
+$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
+$token = $_SESSION["tokens"][$_GET["server"]];
+$error = ($_POST
+       ? ($_POST["token"] == $token || isset($_GET["dump"]) ? "" : lang('Invalid CSRF token. Send the form again.'))
+       : ($_SERVER["REQUEST_METHOD"] != "POST" ? "" : lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.')) // posted form with no data means that post_max_size exceeded because Adminer always sends token at least
+);

diff --git a/adminer/index.php b/adminer/index.php
index dda4c90c942dd941e9a9ca1b807e1de42588994c..f2c2bc2d5e9d82cac2e6d5f76ee95734b8e3451a 100644 (file)
--- a/adminer/index.php
+++ b/adminer/index.php
@@ -10,8 +10,6 @@ include "./include/bootstrap.inc.php";
 
 $enum_length = '\'(?:\'\'|[^\'\\\\]+|\\\\.)*\'|"(?:""|[^"\\\\]+|\\\\.)*"';
 $inout = array("IN", "OUT", "INOUT");
-$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
-$error = "";
 
 if (isset($_GET["download"])) {
        include "./download.inc.php";
@@ -25,16 +23,7 @@ if (isset($_GET["download"])) {
        include "./dump.inc.php";
 } elseif (isset($_GET["privileges"])) {
        include "./privileges.inc.php";
-} else { // uses CSRF token
-       $token = $_SESSION["tokens"][$_GET["server"]];
-       if ($_POST) {
-               if ($_POST["token"] != $token) {
-                       $error = lang('Invalid CSRF token. Send the form again.');
-               }
-       } elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
-               // posted form with no data means exceeded post_max_size because Adminer always sends token at least
-               $error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
-       }
+} else {
        if (isset($_GET["default"])) {
                // edit form is used for default values and distinguished by checking isset($_GET["default"]) in edit.inc.php
                $_GET["edit"] = $_GET["default"];

diff --git a/editor/index.php b/editor/index.php
index 3f559c17c9665d3ea16d5b9f9efa728526d7e975..db6b0ce041bcc0385fec25718e7a8faf75e2a5cd 100644 (file)
--- a/editor/index.php
+++ b/editor/index.php
@@ -8,21 +8,9 @@
 
 include "../adminer/include/bootstrap.inc.php";
 
-$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
-$error = "";
-
 if (isset($_GET["download"])) {
        include "../adminer/download.inc.php";
-} else { // uses CSRF token
-       $token = $_SESSION["tokens"][$_GET["server"]];
-       if ($_POST) {
-               if ($_POST["token"] != $token) {
-                       $error = lang('Invalid CSRF token. Send the form again.');
-               }
-       } elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
-               // posted form with no data means exceeded post_max_size because Adminer always sends token at least
-               $error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
-       }
+} else {
        if (isset($_GET["select"]) && ($_POST["edit"] || $_POST["clone"]) && !$_POST["save"]) {
                $_GET["edit"] = $_GET["select"];
        }