]> git.joonet.de Git - adminer.git/commitdiff
projects / adminer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 36c2ae7)
Move $ignore
authorjakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Fri, 20 Nov 2009 17:15:33 +0000 (17:15 +0000)
committerjakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Fri, 20 Nov 2009 17:15:33 +0000 (17:15 +0000)
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1247 7c3ca157-0c34-0410-bff1-cbf682f78f5c

adminer/include/auth.inc.php patch | blob | history

diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index c261b07f6cd3cf1577c98d968255ce07b3c985e7..678e8b1a9fdf2eba5af13ca8db30b45edc2b53f2 100644 (file)
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -1,10 +1,9 @@
 <?php
-$ignore = array("server", "username", "password");
 if (isset($_POST["server"])) {
        session_regenerate_id(); // defense against session fixation
        $_SESSION["usernames"][$_POST["server"]] = $_POST["username"];
        $_SESSION["passwords"][$_POST["server"]] = $_POST["password"];
-       if (count($_POST) == count($ignore)) {
+       if (count($_POST) == 3) { // 3 - count($ignore)
                $location = ((string) $_GET["server"] === $_POST["server"] ? remove_from_uri() : preg_replace('~^([^?]*).*~', '\\1', $_SERVER["REQUEST_URI"]) . (strlen($_POST["server"]) ? '?server=' . urlencode($_POST["server"]) : ''));
                if (!isset($_COOKIE[session_name()])) {
                        $location .= (strpos($location, "?") === false ? "?" : "&") . SID;
@@ -30,7 +29,7 @@ if (isset($_POST["server"])) {
 }
 
 function auth_error($exception = null) {
-       global $ignore, $connection, $adminer;
+       global $connection, $adminer;
        $session_name = session_name();
        $username = $_SESSION["usernames"][$_GET["server"]];
        unset($_SESSION["usernames"][$_GET["server"]]);
@@ -41,7 +40,7 @@ function auth_error($exception = null) {
        echo "<form action='' method='post'>\n";
        $adminer->loginForm($username);
        echo "<p>\n";
-       hidden_fields($_POST, $ignore); // expired session
+       hidden_fields($_POST, array("server", "username", "password")); // expired session
        foreach ($_FILES as $key => $val) {
                echo '<input type="hidden" name="files[' . h($key) . ']" value="' . ($val["error"] ? $val["error"] : base64_encode(file_get_contents($val["tmp_name"]))) . '">';
        }
Sources of adminer, a webclient for database management systems.