?>
<p>
<input type="submit" value="<?php echo lang('Call'); ?>">
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
<pre>
<?php if ($name != "") { ?>
<input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"><?php echo confirm(lang('Drop %s?', $name)); ?>
<?php } ?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
}
echo "</table>\n</div></fieldset>\n";
}
+echo input_token();
?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
</form>
} elseif (!$_POST["add_x"] && $_GET["db"] == "") {
echo "<input type='image' class='icon' name='add' src='../adminer/static/plus.gif' alt='+' title='" . lang('Add next') . "'>\n";
}
+echo input_token();
?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
</form>
}
echo "<input type='hidden' name='all' value=''>"; // used by trCheck()
echo script("qsl('input').onclick = function () { selectCount('selected', formChecked(this, /^(tables|views)\[/));" . (support("table") ? " selectCount('selected2', formChecked(this, /^tables\[/) || $tables);" : "") . " }");
- echo "<input type='hidden' name='token' value='$token'>\n";
+ echo input_token();
echo "</div></fieldset>\n";
echo "</div></div>\n";
}
?>
</table>
<p><input type="submit" value="<?php echo lang('Export'); ?>">
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
<table>
<?php
<?php if ($EVENT != "") { ?>
<input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"><?php echo confirm(lang('Drop %s?', $EVENT)); ?>
<?php } ?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
<?php if ($name != "") { ?>
<input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"><?php echo confirm(lang('Drop %s?', $name)); ?>
<?php } ?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
. "</div></div>\n"
: ""
);
- echo "<input type='hidden' name='token' value='$token'>\n";
+ echo input_token();
echo "</form>\n";
echo script("tableCheck();");
}
* @return null
*/
function page_footer($missing = "") {
- global $adminer, $token;
+ global $adminer;
?>
</div>
<p class="logout">
<span><?php echo h($_GET["username"]) . "\n"; ?></span>
<input type="submit" name="logout" value="<?php echo lang('Logout'); ?>" id="logout">
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</p>
</form>
<?php } ?>
return ' nonce="' . get_nonce() . '"';
}
+/** Get <input type="hidden" name="token">
+* @param string token to use instead of global $token
+* @return string HTML
+*/
+function input_token($special = "") {
+ global $token;
+ return "<input type='hidden' name='token' value='" . ($special ?: $token) . "'>\n";
+}
+
/** Get a target="_blank" attribute
* @return string
*/
* @return null
*/
function edit_form($table, $fields, $row, $update) {
- global $adminer, $token, $error;
+ global $adminer, $error;
$table_name = $adminer->tableName(table_status1($table, true));
page_header(
($update ? lang('Edit') : lang('Insert')),
?>
<input type="hidden" name="referer" value="<?php echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]); ?>">
<input type="hidden" name="save" value="1">
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
<?php
}
echo "<form action='' method='post'>\n<div id='lang'>";
echo lang('Language') . ": " . html_select("lang", $langs, $LANG, "this.form.submit();");
echo " <input type='submit' value='" . lang('Use') . "' class='hidden'>\n";
- echo "<input type='hidden' name='token' value='" . get_token() . "'>\n"; // $token may be empty in auth.inc.php
+ echo input_token(get_token()); // $token may be empty in auth.inc.php
echo "</div>\n</form>\n";
}
</div>
<p>
<input type="submit" value="<?php echo lang('Save'); ?>">
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
<?php if ($PROCEDURE != "") { ?>
<input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"><?php echo confirm(lang('Drop %s?', $PROCEDURE)); ?>
<?php } ?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
echo ($i + 1) . "/" . lang('%d in total', max_connections());
echo "<p><input type='submit' value='" . lang('Kill') . "'>\n";
}
+echo input_token();
?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
</form>
<?php echo script("tableCheck();"); ?>
if ($_GET["ns"] != "") {
echo "<input type='submit' name='drop' value='" . lang('Drop') . "'>" . confirm(lang('Drop %s?', $_GET["ns"])) . "\n";
}
+echo input_token();
?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
</form>
echo "</div>";
}
- echo "<input type='hidden' name='token' value='$token'>\n";
+ echo input_token();
echo "</form>\n";
echo (!$group && $select ? "" : script("tableCheck();"));
}
if ($SEQUENCE != "") {
echo "<input type='submit' name='drop' value='" . lang('Drop') . "'>" . confirm(lang('Drop %s?', $SEQUENCE)) . "\n";
}
+echo input_token();
?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
</form>
. html_select("output", $adminer->dumpOutput(), $adminer_export["output"]) . " "
. html_select("format", $dump_format, $adminer_export["format"])
. "<input type='hidden' name='query' value='" . h($q) . "'>"
- . " <input type='submit' name='export' value='" . lang('Export') . "'><input type='hidden' name='token' value='$token'></span>\n"
+ . " <input type='submit' name='export' value='" . lang('Export') . "'>" . input_token() . "</span>\n"
. "</form>\n"
;
}
echo checkbox("error_stops", 1, ($_POST ? $_POST["error_stops"] : isset($_GET["import"]) || $_GET["error_stops"]), lang('Stop on error')) . "\n";
echo checkbox("only_errors", 1, ($_POST ? $_POST["only_errors"] : isset($_GET["import"]) || $_GET["only_errors"]), lang('Show only errors')) . "\n";
-echo "<input type='hidden' name='token' value='$token'>\n";
+echo input_token();
if (!isset($_GET["import"]) && $history) {
print_fieldset("history", lang('History'), $_GET["history"] != "");
<?php if ($name != "") { ?>
<input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"><?php echo confirm(lang('Drop %s?', $name)); ?>
<?php } ?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
textarea("as", $row["as"]);
echo "<p><input type='submit' value='" . lang('Save') . "'>\n";
}
+echo input_token();
?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
</form>
<?php if (isset($_GET["host"])) { ?>
<input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"><?php echo confirm(lang('Drop %s?', "$USER@$_GET[host]")); ?>
<?php } ?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
<?php if ($TABLE != "") { ?>
<input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"><?php echo confirm(lang('Drop %s?', $TABLE)); ?>
<?php } ?>
-<input type="hidden" name="token" value="<?php echo $token; ?>">
+<?php echo input_token(); ?>
</form>
projects / adminer.git / commitdiff