<body class="<?php echo lang('ltr'); ?> nojs">
<?php
$filename = get_temp_dir() . "/adminer.version";
- if (!$_COOKIE["adminer_version"] && file_exists($filename) && filemtime($filename) + 86400 > time()) { // 86400 - 1 day in seconds
- $_COOKIE["adminer_version"] = file_get_contents($filename); // doesn't need to send to the browser
+ if (!$_COOKIE["adminer_version"] && function_exists('openssl_verify') && file_exists($filename) && filemtime($filename) + 86400 > time()) { // 86400 - 1 day in seconds
+ $version = unserialize(file_get_contents($filename));
+ $public = "-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqWOVuF5uw7/+Z70djoK
+RlHIZFZPO0uYRezq90+7Amk+FDNd7KkL5eDve+vHRJBLAszF/7XKXe11xwliIsFs
+DFWQlsABVZB3oisKCBEuI71J4kPH8dKGEWR9jDHFw3cWmoH3PmqImX6FISWbG3B8
+h7FIx3jEaw5ckVPVTeo5JRm/1DZzJxjyDenXvBQ/6o9DgZKeNDgxwKzH+sw9/YCO
+jHnq1cFpOIISzARlrHMa/43YfeNRAm/tsBXjSxembBPo7aQZLAWHmaj5+K19H10B
+nCpz9Y++cipkVEiKRGih4ZEvjoFysEOdRLj6WiD/uUNky4xGeA6LaJqh5XpkFkcQ
+fQIDAQAB
+-----END PUBLIC KEY-----
+";
+ if (openssl_verify($version["version"], base64_decode($version["signature"]), $public) == 1) {
+ $_COOKIE["adminer_version"] = $version["version"]; // doesn't need to send to the browser
+ }
}
?>
<script<?php echo nonce(); ?>>
} elseif ($_GET["script"] == "version") {
$fp = file_open_lock(get_temp_dir() . "/adminer.version");
if ($fp) {
- file_write_unlock($fp, $_POST["version"]);
+ file_write_unlock($fp, serialize(array("signature" => $_POST["signature"], "version" => $_POST["version"])));
}
} else { // connect
if (match) {
cookie('adminer_version=' + match[1], 1);
ajax(url + 'script=version', function () {
- }, 'version=' + match[1] + '&token=' + token);
+ }, event.data + '&token=' + token);
}
}
}, false);
projects / adminer.git / commitdiff