define("SERVER", $_GET[DRIVER]); // read from pgsql=localhost
define("DB", $_GET["db"]); // for the sake of speed and size
-define("ME", str_replace(":", "%3a", preg_replace('~^[^?]*/([^?]*).*~', '\1', $_SERVER["REQUEST_URI"])) . '?'
+define("ME", str_replace(":", "%3a", preg_replace('~\?.*~', '', relative_uri())) . '?'
. (sid() ? SID . '&' : '')
. (SERVER !== null ? DRIVER . "=" . urlencode(SERVER) . '&' : '')
. (isset($_GET["username"]) ? "username=" . urlencode($_GET["username"]) . '&' : '')
return lang('%.3f s', max(0, microtime(true) - $start));
}
+/** Get relative REQUEST_URI
+* @return string
+*/
+function relative_uri() {
+ return preg_replace('~^[^?]*/([^?]*)~', '\1', $_SERVER["REQUEST_URI"]);
+}
+
/** Remove parameter from query string
* @param string
* @return string
*/
function remove_from_uri($param = "") {
- return substr(preg_replace("~(?<=[?&])($param" . (SID ? "" : "|" . session_name()) . ")=[^&]*&~", '', "$_SERVER[REQUEST_URI]&"), 0, -1);
+ return substr(preg_replace("~(?<=[?&])($param" . (SID ? "" : "|" . session_name()) . ")=[^&]*&~", '', relative_uri() . "&"), 0, -1);
}
/** Generate page number for pagination
Adminer 4.7.7-dev:
+Fix open redirect if Adminer is accessible at //adminer.php%2F@
Adminer 4.7.6 (released 2020-01-31):
Speed up alter table form (regression from 4.4.0)
projects / adminer.git / commitdiff