Reset token after explicit login

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1325 7c3ca157-0c34-0410-bff1-cbf682f78f5c

diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index 0eeafdc9fca95c2588ab101a12265fa913275317..b4dde686bbe9c8b649f099439d1c20e56e947ccd 100644 (file)
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -18,7 +18,7 @@ if (isset($_POST["server"])) {
                }
                redirect($location);
        }
-       $_GET["server"] = $_POST["server"];
+       $_GET["server"] = $_POST["server"]; //! used also in ME
 } elseif ($_POST["logout"]) {
        $token = $_SESSION["tokens"][$_GET["server"]];
        if ($token && $_POST["token"] != $token) {
@@ -37,11 +37,11 @@ if (isset($_POST["server"])) {
        }
 } elseif ($_COOKIE["adminer_permanent"] && !isset($_SESSION["usernames"][$_GET["server"]])) {
        list($server, $username, $cipher) = array_map('base64_decode', explode(":", $_COOKIE["adminer_permanent"]));
-       if ($_GET["server"] == "" || $server == $_GET["server"]) {
+       if (($_GET["server"] == "" && !$_POST) || $server == $_GET["server"]) {
                session_regenerate_id(); // defense against session fixation
                $_SESSION["usernames"][$server] = $username;
                $_SESSION["passwords"][$server] = decrypt_string($cipher, $adminer->permanentLogin());
-               if (!$_POST && $server != $_GET["server"]) {
+               if ($server != $_GET["server"]) {
                        redirect(preg_replace('~^([^?]*).*~', '\\1', ME) . '?server=' . urlencode($server));
                }
        }
@@ -79,3 +79,6 @@ unset($username);
 if (!$_SESSION["tokens"][$_GET["server"]]) {
        $_SESSION["tokens"][$_GET["server"]] = rand(1, 1e6); // defense against cross-site request forgery
 }
+if (isset($_POST["server"]) && $_POST["token"]) {
+       $_POST["token"] = $_SESSION["tokens"][$_GET["server"]];
+}