Store current Adminer version server-side to avoid excessive requests

diff --git a/adminer/include/design.inc.php b/adminer/include/design.inc.php
index 17a76c8a4ac3c51e4990c86ca5548d602d268d04..8d8106e0427e8538dbcc75d1c155107d49a99042 100644 (file)
--- a/adminer/include/design.inc.php
+++ b/adminer/include/design.inc.php
@@ -33,8 +33,16 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
 <?php } ?>
 
 <body class="<?php echo lang('ltr'); ?> nojs">
+<?php
+       $filename = get_temp_dir() . "/adminer.version";
+       if (!$_COOKIE["adminer_version"] && file_exists($filename) && filemtime($filename) + 86400 > time()) { // 86400 - 1 day in seconds
+               $_COOKIE["adminer_version"] = file_get_contents($filename); // doesn't need to send to the browser
+       }
+       ?>
 <script<?php echo nonce(); ?>>
-mixin(document.body, {onkeydown: bodyKeydown, onclick: bodyClick<?php echo (isset($_COOKIE["adminer_version"]) ? "" : ", onload: partial(verifyVersion, '$VERSION')"); ?>});
+mixin(document.body, {onkeydown: bodyKeydown, onclick: bodyClick<?php
+       echo (isset($_COOKIE["adminer_version"]) ? "" : ", onload: partial(verifyVersion, '$VERSION', '" . js_escape(ME) . "', '" . get_token() . "')"); // $token may be empty in auth.inc.php
+       ?>});
 document.body.className = document.body.className.replace(/ nojs/, ' js');
 var offlineMessage = '<?php echo js_escape(lang('You are offline.')); ?>';
 </script>

diff --git a/adminer/script.inc.php b/adminer/script.inc.php
index d36f03df1b7a9ef213686f4c4bcfebdba04011cd..0f896b436be64de640fb2aa7330b02d928f1bd67 100644 (file)
--- a/adminer/script.inc.php
+++ b/adminer/script.inc.php
@@ -34,6 +34,12 @@ if ($_GET["script"] == "db") {
 } elseif ($_GET["script"] == "kill") {
        $connection->query("KILL " . number($_POST["kill"]));
 
+} elseif ($_GET["script"] == "version") {
+       $fp = file_open_lock(get_temp_dir() . "/adminer.version");
+       if ($fp) {
+               file_write_unlock($fp, $_POST["version"]);
+       }
+
 } else { // connect
        foreach (count_tables($adminer->databases()) as $db => $val) {
                json_row("tables-$db", $val);

diff --git a/adminer/static/functions.js b/adminer/static/functions.js
index 58738938e9806d357a9c9943b2e69f2a9fc1b906..b2f39cceae82b9622e46b058ed05300842d0944e 100644 (file)
--- a/adminer/static/functions.js
+++ b/adminer/static/functions.js
@@ -95,8 +95,10 @@ function cookie(assign, days) {
 
 /** Verify current Adminer version
 * @param string
+* @param string own URL base
+* @param string
 */
-function verifyVersion(current) {
+function verifyVersion(current, url, token) {
        cookie('adminer_version=0', 1);
        var iframe = document.createElement('iframe');
        iframe.src = 'https://www.adminer.org/version/?current=' + current;
@@ -112,6 +114,8 @@ function verifyVersion(current) {
                                var match = /version=(.+)/.exec(event.data);
                                if (match) {
                                        cookie('adminer_version=' + match[1], 1);
+                                       ajax(url + 'script=version', function () {
+                                       }, 'version=' + match[1] + '&token=' + token);
                                }
                        }
                }, false);

diff --git a/changes.txt b/changes.txt
index 9d81855286ab7759b0de3a512a730d649741542d..a4c80da20817496d785581f211d7cca2b8cd5d32 100644 (file)
--- a/changes.txt
+++ b/changes.txt
@@ -2,6 +2,7 @@ Adminer 4.4.1-dev:
 Display newlines in column comments (bug #573)
 Support current_timestamp() as default of time fields (bug #572)
 Hide window.opener from pages opened in a new window (bug #561)
+Store current Adminer version server-side to avoid excessive requests
 Adminer: Fix Search data in tables (regression from 4.4.0)
 CSP: Allow any styles, images, media and fonts, disallow base-uri
 MySQL: Support geometry in MySQL 8 (bug #574)