[adminer-svn] SF.net SVN: adminer:[1305] trunk
Database management in a single PHP file
Brought to you by:
jakubvrana
Menu
▾
▴
[adminer-svn] SF.net SVN: adminer:[1305] trunk
|
From: <jak...@us...> - 2010-02-09 16:39:14
|
Revision: 1305
http://adminer.svn.sourceforge.net/adminer/?rev=1305&view=rev
Author: jakubvrana
Date: 2010-02-09 16:28:34 +0000 (Tue, 09 Feb 2010)
Log Message:
-----------
Cookies management on IIS (bug #2931186)
Modified Paths:
--------------
trunk/adminer/include/adminer.inc.php
trunk/adminer/include/auth.inc.php
trunk/adminer/include/bootstrap.inc.php
trunk/adminer/include/functions.inc.php
trunk/adminer/privileges.inc.php
trunk/editor/db.inc.php
Modified: trunk/adminer/include/adminer.inc.php
===================================================================
--- trunk/adminer/include/adminer.inc.php 2010-02-09 12:11:35 UTC (rev 1304)
+++ trunk/adminer/include/adminer.inc.php 2010-02-09 16:28:34 UTC (rev 1305)
@@ -505,7 +505,7 @@
</form>
<form action="">
<p>
-<?php if (SID) { ?><input type="hidden" name="<?php echo session_name(); ?>" value="<?php echo h(session_id()); ?>"><?php } ?>
+<?php echo SID_FORM; ?>
<?php if ($_GET["server"] != "") { ?><input type="hidden" name="server" value="<?php echo h($_GET["server"]); ?>"><?php } ?>
<?php echo ($databases ? html_select("db", array("" => "(" . lang('database') . ")") + $databases, DB, "this.form.submit();") : '<input name="db" value="' . h(DB) . '">'); ?>
<?php if (isset($_GET["sql"])) { ?><input type="hidden" name="sql" value=""><?php } ?>
Modified: trunk/adminer/include/auth.inc.php
===================================================================
--- trunk/adminer/include/auth.inc.php 2010-02-09 12:11:35 UTC (rev 1304)
+++ trunk/adminer/include/auth.inc.php 2010-02-09 16:28:34 UTC (rev 1305)
@@ -10,9 +10,9 @@
. ":" . base64_encode(encrypt_string($_POST["password"], $adminer->permanentLogin()))
);
}
- if (count($_POST) == 3 + ($_POST["permanent"] ? 1 : 0)) { // 3 - server, username, password
+ if (count($_POST) == ($_POST["permanent"] ? 4 : 3)) { // 3 - server, username, password
$location = ((string) $_GET["server"] === $_POST["server"] ? remove_from_uri(session_name()) : preg_replace('~^([^?]*).*~', '\\1', ME) . ($_POST["server"] != "" ? '?server=' . urlencode($_POST["server"]) : ''));
- if (SID) {
+ if (SID_FORM) {
$pos = strpos($location, '?');
$location = ($pos ? substr_replace($location, SID . "&", $pos + 1, 0) : "$location?" . SID);
}
Modified: trunk/adminer/include/bootstrap.inc.php
===================================================================
--- trunk/adminer/include/bootstrap.inc.php 2010-02-09 12:11:35 UTC (rev 1304)
+++ trunk/adminer/include/bootstrap.inc.php 2010-02-09 16:28:34 UTC (rev 1305)
@@ -46,7 +46,7 @@
session_write_close(); // disable session.auto_start
@ini_set("session.use_trans_sid", false); // protect links in export, @ - may be disabled
session_name("adminer_sid"); // use specific session name to get own namespace
-$params = array(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]), "", (bool) $_SERVER["HTTPS"]);
+$params = array(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]), "", $_SERVER["HTTPS"] && $_SERVER["HTTPS"] != "off");
if (version_compare(PHP_VERSION, '5.2.0') >= 0) {
$params[] = true; // HttpOnly
}
@@ -75,7 +75,8 @@
@set_time_limit(0); // @ - can be disabled
define("DB", $_GET["db"]); // for the sake of speed and size
-define("ME", preg_replace('~^[^?]*/([^?]*).*~', '\\1', $_SERVER["REQUEST_URI"]) . '?' . (SID ? SID . '&' : '') . ($_GET["server"] != "" ? 'server=' . urlencode($_GET["server"]) . '&' : '') . (DB != "" ? 'db=' . urlencode(DB) . '&' : ''));
+define("SID_FORM", SID && !ini_get("session.use_only_cookies") ? '<input type="hidden" name="' . session_name() . '" value="' . h(session_id()) . '">' : '');
+define("ME", preg_replace('~^[^?]*/([^?]*).*~', '\\1', $_SERVER["REQUEST_URI"]) . '?' . (SID_FORM ? SID . '&' : '') . ($_GET["server"] != "" ? 'server=' . urlencode($_GET["server"]) . '&' : '') . (DB != "" ? 'db=' . urlencode(DB) . '&' : ''));
include "../adminer/include/version.inc.php";
include "../adminer/include/functions.inc.php";
Modified: trunk/adminer/include/functions.inc.php
===================================================================
--- trunk/adminer/include/functions.inc.php 2010-02-09 12:11:35 UTC (rev 1304)
+++ trunk/adminer/include/functions.inc.php 2010-02-09 16:28:34 UTC (rev 1305)
@@ -201,7 +201,7 @@
* @return bool
*/
function cookie($name, $value) {
- $params = array($name, $value, time() + 2592000, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]), "", (bool) $_SERVER["HTTPS"]); // 2592000 = 30 * 24 * 60 * 60
+ $params = array($name, $value, time() + 2592000, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]), "", $_SERVER["HTTPS"] && $_SERVER["HTTPS"] != "off"); // 2592000 = 30 * 24 * 60 * 60
if (version_compare(PHP_VERSION, '5.2.0') >= 0) {
$params[] = true; // HttpOnly
}
Modified: trunk/adminer/privileges.inc.php
===================================================================
--- trunk/adminer/privileges.inc.php 2010-02-09 12:11:35 UTC (rev 1304)
+++ trunk/adminer/privileges.inc.php 2010-02-09 16:28:34 UTC (rev 1305)
@@ -5,7 +5,7 @@
if (!$result) {
?>
<form action=""><p>
-<?php if (SID) { ?><input type="hidden" name="<?php echo session_name(); ?>" value="<?php echo h(session_id()); ?>"><?php } ?>
+<?php echo SID_FORM; ?>
<?php if ($_GET["server"] != "") { ?><input type="hidden" name="server" value="<?php echo h($_GET["server"]); ?>"><?php } ?>
<?php echo lang('Username'); ?>: <input name="user">
<?php echo lang('Server'); ?>: <input name="host" value="localhost">
Modified: trunk/editor/db.inc.php
===================================================================
--- trunk/editor/db.inc.php 2010-02-09 12:11:35 UTC (rev 1304)
+++ trunk/editor/db.inc.php 2010-02-09 16:28:34 UTC (rev 1305)
@@ -3,7 +3,7 @@
?>
<form action=""><p>
-<?php if (SID) { ?><input type="hidden" name="<?php echo session_name(); ?>" value="<?php echo h(session_id()); ?>"><?php } ?>
+<?php echo SID_FORM; ?>
<input name="where[][val]" value="<?php echo h($_GET["where"][0]["val"]); ?>">
<input type="submit" value="<?php echo lang('Search'); ?>" />
</form>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|