[adminer-svn] SF.net SVN: adminer:[1421] branches/sqlite

[<jak...@us...>]

Revision: 1421
          http://adminer.svn.sourceforge.net/adminer/?rev=1421&view=rev
Author:   jakubvrana
Date:     2010-04-12 11:42:31 +0000 (Mon, 12 Apr 2010)

Log Message:
-----------
Token initialization

Modified Paths:
--------------
    branches/sqlite/adminer/include/adminer.inc.php
    branches/sqlite/adminer/include/auth.inc.php
    branches/sqlite/adminer/include/bootstrap.inc.php
    branches/sqlite/editor/include/adminer.inc.php

Modified: branches/sqlite/adminer/include/adminer.inc.php
===================================================================
--- branches/sqlite/adminer/include/adminer.inc.php	2010-04-12 11:22:40 UTC (rev 1420)
+++ branches/sqlite/adminer/include/adminer.inc.php	2010-04-12 11:42:31 UTC (rev 1421)
@@ -488,7 +488,7 @@
 	* @return null
 	*/
 	function navigation($missing) {
-		global $VERSION, $connection;
+		global $VERSION, $connection, $token;
 		?>
 <h1>
 <a href="http://www.adminer.org/" id="h1"><?php echo $this->name(); ?></a>
@@ -503,7 +503,7 @@
 <p class="logout">
 <a href="<?php echo h(ME); ?>sql="><?php echo bold(lang('SQL command'), isset($_GET["sql"])); ?></a>
 <a href="<?php echo h(ME); ?>dump=<?php echo urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]); ?>"><?php echo bold(lang('Dump'), isset($_GET["dump"])); ?></a>
-<input type="hidden" name="token" value="<?php echo $_SESSION["token"]; ?>">
+<input type="hidden" name="token" value="<?php echo $token; ?>">
 <input type="submit" name="logout" value="<?php echo lang('Logout'); ?>">
 </p>
 </form>

Modified: branches/sqlite/adminer/include/auth.inc.php
===================================================================
--- branches/sqlite/adminer/include/auth.inc.php	2010-04-12 11:22:40 UTC (rev 1420)
+++ branches/sqlite/adminer/include/auth.inc.php	2010-04-12 11:42:31 UTC (rev 1421)
@@ -8,6 +8,10 @@
 }
 
 $_GET["server"] = $_GET[$_GET["driver"]]; // translate pgsql=localhost to driver=pgsql&server=localhost
+$token = $_SESSION["token"];
+if (!$_SESSION["token"]) {
+	$_SESSION["token"] = rand(1, 1e6); // defense against cross-site request forgery
+}
 
 if (isset($_POST["server"])) {
 	session_regenerate_id(); // defense against session fixation
@@ -29,7 +33,6 @@
 		redirect($location);
 	}
 } elseif ($_POST["logout"]) {
-	$token = $_SESSION["token"];
 	if ($token && $_POST["token"] != $token) {
 		page_header(lang('Logout'), lang('Invalid CSRF token. Send the form again.'));
 		page_footer("db");
@@ -50,13 +53,13 @@
 }
 
 function auth_error($exception = null) {
-	global $connection, $adminer;
+	global $connection, $adminer, $token;
 	$session_name = session_name();
 	$error = "";
 	if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_get("session.use_only_cookies")) {
 		$error = lang('Session support must be enabled.');
 	} elseif (isset($_GET["username"])) {
-		if (($_COOKIE[$session_name] || $_GET[$session_name]) && !isset($_SESSION["token"])) {
+		if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) {
 			$error = lang('Session expired, please login again.');
 		} else {
 			$password = get_session("passwords");
@@ -64,9 +67,6 @@
 				$error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.')));
 			}
 		}
-		if (!$_SESSION["token"]) { // checked for existence of session
-			$_SESSION["token"] = rand(1, 1e6);
-		}
 	}
 	page_header(lang('Login'), $error, null);
 	echo "<form action='' method='post'>\n";
@@ -86,13 +86,10 @@
 	exit;
 }
 
-if (!$_SESSION["token"]) {
-	$_SESSION["token"] = rand(1, 1e6); // defense against cross-site request forgery
-}
+$token = $_SESSION["token"]; ///< @var string CSRF protection
 if (isset($_POST["server"]) && $_POST["token"]) {
-	$_POST["token"] = $_SESSION["token"]; // reset token after explicit login
+	$_POST["token"] = $token; // reset token after explicit login
 }
-$token = $_SESSION["token"]; ///< @var string CSRF protection
 $error = ($_POST ///< @var string
 	? ($_POST["token"] == $token ? "" : lang('Invalid CSRF token. Send the form again.'))
 	: ($_SERVER["REQUEST_METHOD"] != "POST" ? "" : lang('Too big POST data. Reduce the data or increase the %s configuration directive.', '"post_max_size"')) // posted form with no data means that post_max_size exceeded because Adminer always sends token at least

Modified: branches/sqlite/adminer/include/bootstrap.inc.php
===================================================================
--- branches/sqlite/adminer/include/bootstrap.inc.php	2010-04-12 11:22:40 UTC (rev 1420)
+++ branches/sqlite/adminer/include/bootstrap.inc.php	2010-04-12 11:42:31 UTC (rev 1421)
@@ -76,7 +76,12 @@
 @set_time_limit(0); // @ - can be disabled
 
 define("DB", $_GET["db"]); // for the sake of speed and size
-define("ME", preg_replace('~^[^?]*/([^?]*).*~', '\\1', $_SERVER["REQUEST_URI"]) . '?' . (SID && !ini_get("session.use_only_cookies") ? SID . '&' : '') . (isset($_GET["server"]) ? urlencode($_GET["driver"]) . "=" . urlencode($_GET["server"]) . '&' : '') . (isset($_GET["username"]) ? "username=" . urlencode($_GET["username"]) . '&' : '') . (DB != "" ? 'db=' . urlencode(DB) . '&' : ''));
+define("ME", preg_replace('~^[^?]*/([^?]*).*~', '\\1', $_SERVER["REQUEST_URI"]) . '?'
+	. (SID && !$_COOKIE ? SID . '&' : '') // !$_COOKIE - don't pass SID with permanent login
+	. (isset($_GET["server"]) ? urlencode($_GET["driver"]) . "=" . urlencode($_GET["server"]) . '&' : '')
+	. (isset($_GET["username"]) ? "username=" . urlencode($_GET["username"]) . '&' : '')
+	. (DB != "" ? 'db=' . urlencode(DB) . '&' : '')
+);
 
 include "../adminer/include/functions.inc.php";
 include "../adminer/include/lang.inc.php";

Modified: branches/sqlite/editor/include/adminer.inc.php
===================================================================
--- branches/sqlite/editor/include/adminer.inc.php	2010-04-12 11:22:40 UTC (rev 1420)
+++ branches/sqlite/editor/include/adminer.inc.php	2010-04-12 11:42:31 UTC (rev 1421)
@@ -443,7 +443,7 @@
 	}
 	
 	function navigation($missing) {
-		global $VERSION;
+		global $VERSION, $token;
 		?>
 <h1>
 <a href="http://www.adminer.org/" id="h1"><?php echo $this->name(); ?></a>
@@ -455,7 +455,7 @@
 			?>
 <form action="" method="post">
 <p class="logout">
-<input type="hidden" name="token" value="<?php echo $_SESSION["token"]; ?>">
+<input type="hidden" name="token" value="<?php echo $token; ?>">
 <input type="submit" name="logout" value="<?php echo lang('Logout'); ?>">
 </p>
 </form>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.