nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check target against goto_whitelist.

Browse Source
This commit is contained in:
Michal Čihař
2006-04-20 14:16:13 +00:00
parent 422712289a
commit 890918a20d
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
$Id$ $Id$
$Source$ $Source$
2006-04-20 Michal Čihař <michal@cihar.com>
* index.php: Check target against goto_whitelist.
2006-04-13 Marc Delisle <lem9@users.sourceforge.net> 2006-04-13 Marc Delisle <lem9@users.sourceforge.net>
* server_databases.php: need brackets for correct calculation of page * server_databases.php: need brackets for correct calculation of page

4
index.php
View File

@@ -88,9 +88,7 @@ if (! isset($GLOBALS['db']) || ! strlen($GLOBALS['db'])) {
$url_query = PMA_generate_common_url($_GET); $url_query = PMA_generate_common_url($_GET);
if (! empty( $GLOBALS['target']) if (!empty($GLOBALS['target']) && in_array($GLOBALS['target'], $goto_whitelist)) {
&& preg_match( '@[a-z_]+\.php@', $GLOBALS['target'])
&& $GLOBALS['target'] != 'index.php') {
$main_target = $GLOBALS['target']; $main_target = $GLOBALS['target'];
} }