]> git.joonet.de Git - adminer.git/commitdiff
projects / adminer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d777e42)
Initialize token
authorjakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Thu, 16 Jul 2009 17:00:46 +0000 (17:00 +0000)
committerjakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Thu, 16 Jul 2009 17:00:46 +0000 (17:00 +0000)
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@846 7c3ca157-0c34-0410-bff1-cbf682f78f5c

editor/include/auth.inc.php patch | blob | history

diff --git a/editor/include/auth.inc.php b/editor/include/auth.inc.php
index e1367b2066a911aa2fc3ae6f0a679fb739487364..f3d5096ef1886dc370adb494f18fbb6f8544252d 100644 (file)
--- a/editor/include/auth.inc.php
+++ b/editor/include/auth.inc.php
@@ -9,3 +9,4 @@ if (is_string($dbh)) {
        auth_error();
        exit;
 }
+$_SESSION["tokens"][$_GET["server"]] = rand(1, 1e6); // defense against cross-site request forgery
Sources of adminer, a webclient for database management systems.