Compatibility with security tokens (bug #1488453).

ChangeLog

@@ -5,6 +5,9 @@ phpMyAdmin - ChangeLog
 $Id$
 $Source$
 
+2006-05-15 Michal Čihař  <michal@cihar.com>
+    * scripts/setup.php: Compatibility with security tokens (bug #1488453).
+
 2006-05-14 Michal Čihař  <michal@cihar.com>
     * libraries/common.lib.php: Fix reading database list with MySQL wildcards
       (bug #1487613).

scripts/setup.php

@@ -314,6 +314,7 @@ function get_hidden_cfg() {
 function get_action($name, $title, $added = '', $enabled = TRUE) {
     $ret = '';
     $ret .= '<form class="action" method="post" action="">';
+    $ret .= '<input type="hidden" name="token" value="' . $_SESSION['PMA_token'] . '" />';
     $ret .= '<input type="hidden" name="action" value="' . $name . '" />';
     $ret .= $added;
     $ret .= '<input type="submit" value="' . $title . '"';
@@ -339,6 +340,7 @@ function get_action($name, $title, $added = '', $enabled = TRUE) {
 function get_url_action($url, $title, $params = array()) {
     $ret = '';
     $ret .= '<form class="action" method="get" action="' . $url . '" target="_blank">';
+    $ret .= '<input type="hidden" name="token" value="' . $_SESSION['PMA_token'] . '" />';
     foreach ($params as $key => $val) {
         $ret .= '<input type="hidden" name="' . $key . '" value="' . $val . '" />';
     }
@@ -707,6 +709,7 @@ function show_config_form($list, $legend, $help, $defaults = array(), $save = ''
 function show_security_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="feat_security_real" />
     <?php
         echo get_hidden_cfg();
@@ -737,6 +740,7 @@ function show_security_form($defaults = array()) {
 function show_manual_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="feat_manual_real" />
     <?php
         echo get_hidden_cfg();
@@ -763,6 +767,7 @@ function show_charset_form($defaults = array()) {
     global $PMA_Config;
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="feat_charset_real" />
     <?php
         echo get_hidden_cfg();
@@ -790,6 +795,7 @@ function show_charset_form($defaults = array()) {
 function show_extensions_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="feat_extensions_real" />
     <?php
         echo get_hidden_cfg();
@@ -815,6 +821,7 @@ function show_relation_form($defaults = array()) {
     global $PMA_Config;
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="feat_relation_real" />
     <?php
         echo get_hidden_cfg();
@@ -842,6 +849,7 @@ function show_relation_form($defaults = array()) {
 function show_upload_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="feat_upload_real" />
     <?php
         echo get_hidden_cfg();
@@ -868,6 +876,7 @@ function show_upload_form($defaults = array()) {
 function show_server_form($defaults = array(), $number = FALSE) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="addserver_real" />
     <?php
         echo get_hidden_cfg();
@@ -914,6 +923,7 @@ function show_server_form($defaults = array(), $number = FALSE) {
 function show_left_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="lay_left_real" />
     <?php
         echo get_hidden_cfg();
@@ -945,6 +955,7 @@ function show_left_form($defaults = array()) {
 function show_tabs_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="lay_tabs_real" />
     <?php
         echo get_hidden_cfg();
@@ -972,6 +983,7 @@ function show_tabs_form($defaults = array()) {
 function show_icons_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="lay_icons_real" />
     <?php
         echo get_hidden_cfg();
@@ -1000,6 +1012,7 @@ function show_icons_form($defaults = array()) {
 function show_browse_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="lay_browse_real" />
     <?php
         echo get_hidden_cfg();
@@ -1029,6 +1042,7 @@ function show_browse_form($defaults = array()) {
 function show_edit_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="lay_edit_real" />
     <?php
         echo get_hidden_cfg();
@@ -1062,6 +1076,7 @@ function show_edit_form($defaults = array()) {
 function show_window_form($defaults = array()) {
     ?>
 <form method="post" action="">
+    <input type="hidden" name="token" value="<?php echo $_SESSION['PMA_token']; ?>" />
     <input type="hidden" name="action" value="lay_window_real" />
     <?php
         echo get_hidden_cfg();