The branch, master has been updated
via b9a7ac74251c490c67dae063e3cf4bb637cce288 (commit)
from fc7a273edabc88a3b28d0fa6affcf5916435100f (commit)
- Log -----------------------------------------------------------------
commit b9a7ac74251c490c67dae063e3cf4bb637cce288
Author: Michal Čihař <[email protected]>
Date: Thu Aug 4 14:06:27 2011 +0200
Avoid skiping authentication and token check
-----------------------------------------------------------------------
Summary of changes:
file_echo.php | 17 +++++++----------
1 files changed, 7 insertions(+), 10 deletions(-)
diff --git a/file_echo.php b/file_echo.php
index 95689a4..da8baa0 100644
--- a/file_echo.php
+++ b/file_echo.php
@@ -5,30 +5,27 @@
*
* @package phpMyAdmin
*/
-
-
-define('PMA_MINIMUM_COMMON', true);
require_once './libraries/common.inc.php';
if(isset($_REQUEST['filename']) && isset($_REQUEST['image'])) {
$allowed = Array( 'image/png'=>'png', 'image/svg+xml'=>'svg');
-
+
if (! isset($allowed[$_REQUEST['type']])) exit('Invalid export type');
-
+
if (! preg_match("/(".implode("|",$allowed).")$/i", $_REQUEST['filename']))
$_REQUEST['filename'] .= '.' . $allowed[$_REQUEST['type']];
-
+
downloadHeader($_REQUEST['filename'],$_REQUEST['type']);
if ($allowed[$_REQUEST['type']] != 'svg')
echo base64_decode(substr($_REQUEST['image'],
strpos($_REQUEST['image'],',') + 1));
else
echo $_REQUEST['image'];
-
+
exit();
}
-
+
if(isset($_REQUEST['monitorconfig'])) {
downloadHeader('monitor.cfg','application/force-download');
echo urldecode($_REQUEST['monitorconfig']);
@@ -38,7 +35,7 @@ if(isset($_REQUEST['monitorconfig'])) {
if(isset($_REQUEST['import'])) {
echo '<html><body>' . file_get_contents($_FILES['file']['tmp_name']) .
'</body></html>';
exit();
-}
+}
exit('Invalid request');
@@ -49,4 +46,4 @@ function downloadHeader($file,$type) {
header("Content-Type: ".$type);
header("Content-Transfer-Encoding: binary");
}
-?>
\ No newline at end of file
+?>
hooks/post-receive
--
phpMyAdmin
------------------------------------------------------------------------------
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
The must-attend event for mobile developers. Connect with experts.
Get tools for creating Super Apps. See the latest technologies.
Sessions, hands-on labs, demos & much more. Register early & save!
http://p.sf.net/sfu/rim-blackberry-1
_______________________________________________
Phpmyadmin-git mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-git
