mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-28 16:49:57 +02:00
Code Issues Releases Wiki Activity

CSRF protection of included JavaScript

Browse Source
This commit is contained in:
Jakub Vrana
2010-10-18 01:20:02 +02:00
parent 031a82a4ad
commit 6f5c1981a0
3 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adminer/db.inc.php
View File

@@ -155,6 +155,6 @@ if ($_GET["ns"] !== "") {
}
page_footer();
echo "<script type='text/javascript' src='" . h(ME) . "script=db'></script>\n";
echo "<script type='text/javascript' src='" . h(ME . "script=db&token=$token") . "'></script>\n";
exit; // page_footer() already called
}