adminer auto update

Martin
2012-12-31
2013-06-06
  • Martin
    Martin
    2012-12-31

    Hi,
    i was lazy to update Adminer, so i made this small DIY auto updater:

    <?php
    $file = (empty($_COOKIE['adminer_version']) ? 'adminer-3.6.2-mysql-en.php' : 'adminer-' . $_COOKIE['adminer_version'] . '-mysql-en.php');
    if (!file_exists($file)) {
        $ch = curl_init('http://www.adminer.org/static/download/' . $_COOKIE['adminer_version'] . '/adminer-' . $_COOKIE['adminer_version'] . '-mysql-en.php');
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        $data = curl_exec ($ch);
        curl_close ($ch);
        $h = fopen($file, "w+");
        fputs($h, $data);
        fclose($h);
    }
    require $file;
    
     
  • Jakub Vrána
    Jakub Vrána
    2013-01-10

    Web server shouldn't have the rights to write PHP files. Also, the cookie is injectable allowing remote inclusion.