From 890918a20dd09ee1fcd4d9edd6a62869ab81a922 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <michal@cihar.com>
Date: Thu, 20 Apr 2006 14:16:13 +0000
Subject: [PATCH] Check target against goto_whitelist.

---
 ChangeLog | 3 +++
 index.php | 4 +---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index b35897c22..0a7c788c7 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
 $Id$
 $Source$
 
+2006-04-20 Michal Čihař  <michal@cihar.com>
+    * index.php: Check target against goto_whitelist.
+
 2006-04-13 Marc Delisle  <lem9@users.sourceforge.net>
     * server_databases.php: need brackets for correct calculation of page
 
diff --git a/index.php b/index.php
index b9fe44ebf..141dcd053 100644
--- a/index.php
+++ b/index.php
@@ -88,9 +88,7 @@ if (! isset($GLOBALS['db']) || ! strlen($GLOBALS['db'])) {
 
 $url_query = PMA_generate_common_url($_GET);
 
-if (! empty( $GLOBALS['target'])
-  && preg_match( '@[a-z_]+\.php@', $GLOBALS['target'])
-  && $GLOBALS['target'] != 'index.php') {
+if (!empty($GLOBALS['target']) && in_array($GLOBALS['target'], $goto_whitelist)) {
     $main_target = $GLOBALS['target'];
 }