mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-09 08:06:59 +02:00
Code Issues Releases Wiki Activity

Hide error message from HTTP servers

Browse Source
This commit is contained in:
Jakub Vrana
2025-02-18 08:16:53 +01:00
parent 578c9fca92
commit 51dbfb6987
5 changed files with 9 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
changes.txt
View File

@@ -1,3 +1,7 @@
Adminer 4.15.0-dev:
Don't allow path in HTTP servers
Hide error message from HTTP servers
Adminer 4.14.0: Adminer 4.14.0:
Use autofocus HTML attribute Use autofocus HTML attribute
PostgreSQL: Fix initial value of exported autoincrement PostgreSQL: Fix initial value of exported autoincrement

9
plugins/drivers/clickhouse.php
View File

@@ -9,7 +9,6 @@ if (isset($_GET["clickhouse"])) {
var $_db = 'default'; var $_db = 'default';
function rootQuery($db, $query) { function rootQuery($db, $query) {
@ini_set('track_errors', 1); // @ - may be disabled
$file = @file_get_contents("$this->_url/?database=$db", false, stream_context_create(array('http' => array( $file = @file_get_contents("$this->_url/?database=$db", false, stream_context_create(array('http' => array(
'method' => 'POST', 'method' => 'POST',
'content' => $this->isQuerySelectLike($query) ? "$query FORMAT JSONCompact" : $query, 'content' => $this->isQuerySelectLike($query) ? "$query FORMAT JSONCompact" : $query,
@@ -19,12 +18,8 @@ if (isset($_GET["clickhouse"])) {
'max_redirects' => 0, 'max_redirects' => 0,
)))); ))));
if ($file === false) { if ($file === false || !preg_match('~^HTTP/[0-9.]+ 2~i', $http_response_header[0])) {
$this->error = $php_errormsg; $this->error = lang('Invalid credentials.');
return $file;
}
if (!preg_match('~^HTTP/[0-9.]+ 2~i', $http_response_header[0])) {
$this->error = lang('Invalid credentials.') . " $http_response_header[0]";
return false; return false;
} }
$return = json_decode($file, true); $return = json_decode($file, true);

2
plugins/drivers/elastic.php
View File

@@ -17,8 +17,6 @@ if (isset($_GET["elastic"])) {
* @return array|false * @return array|false
*/ */
function rootQuery($path, array $content = null, $method = 'GET') { function rootQuery($path, array $content = null, $method = 'GET') {
@ini_set('track_errors', 1); // @ - may be disabled
$file = @file_get_contents("$this->_url/" . ltrim($path, '/'), false, stream_context_create(array('http' => array( $file = @file_get_contents("$this->_url/" . ltrim($path, '/'), false, stream_context_create(array('http' => array(
'method' => $method, 'method' => $method,
'content' => $content !== null ? json_encode($content) : null, 'content' => $content !== null ? json_encode($content) : null,

10
plugins/drivers/elastic5.php
View File

@@ -15,8 +15,6 @@ if (isset($_GET["elastic5"])) {
* @return mixed * @return mixed
*/ */
function rootQuery($path, $content = array(), $method = 'GET') { function rootQuery($path, $content = array(), $method = 'GET') {
@ini_set('track_errors', 1); // @ - may be disabled
$file = @file_get_contents("$this->_url/" . ltrim($path, '/'), false, stream_context_create(array('http' => array( $file = @file_get_contents("$this->_url/" . ltrim($path, '/'), false, stream_context_create(array('http' => array(
'method' => $method, 'method' => $method,
'content' => $content === null ? $content : json_encode($content), 'content' => $content === null ? $content : json_encode($content),
@@ -25,12 +23,8 @@ if (isset($_GET["elastic5"])) {
'follow_location' => 0, 'follow_location' => 0,
'max_redirects' => 0, 'max_redirects' => 0,
)))); ))));
if (!$file) { if (!$file || !preg_match('~^HTTP/[0-9.]+ 2~i', $http_response_header[0])) {
$this->error = $php_errormsg; $this->error = lang('Invalid credentials.');
return $file;
}
if (!preg_match('~^HTTP/[0-9.]+ 2~i', $http_response_header[0])) {
$this->error = lang('Invalid credentials.') . " $http_response_header[0]";
return false; return false;
} }
$return = json_decode($file, true); $return = json_decode($file, true);

3
plugins/drivers/simpledb.php
View File

@@ -424,7 +424,6 @@ if (isset($_GET["simpledb"])) {
} }
$query = str_replace('%7E', '~', substr($query, 1)); $query = str_replace('%7E', '~', substr($query, 1));
$query .= "&Signature=" . urlencode(base64_encode(hmac('sha1', "POST\n" . preg_replace('~^https?://~', '', $host) . "\n/\n$query", $secret, true))); $query .= "&Signature=" . urlencode(base64_encode(hmac('sha1', "POST\n" . preg_replace('~^https?://~', '', $host) . "\n/\n$query", $secret, true)));
@ini_set('track_errors', 1); // @ - may be disabled
$file = @file_get_contents((preg_match('~^https?://~', $host) ? $host : "http://$host"), false, stream_context_create(array('http' => array( $file = @file_get_contents((preg_match('~^https?://~', $host) ? $host : "http://$host"), false, stream_context_create(array('http' => array(
'method' => 'POST', // may not fit in URL with GET 'method' => 'POST', // may not fit in URL with GET
'content' => $query, 'content' => $query,
@@ -433,7 +432,7 @@ if (isset($_GET["simpledb"])) {
'max_redirects' => 0, 'max_redirects' => 0,
)))); ))));
if (!$file) { if (!$file) {
$connection->error = $php_errormsg; $this->error = lang('Invalid credentials.');
return false; return false;
} }
libxml_use_internal_errors(true); libxml_use_internal_errors(true);