Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/phpmyadmin/phpmyadmin.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/import.php
diff options
context:
space:
mode:
authorMichal Čihař <michal@cihar.com>2017-12-07 12:54:39 +0300
committerMichal Čihař <michal@cihar.com>2017-12-14 12:34:45 +0300
commit72f109a99c82b14c07dcb19946ba9b76efc32a1b (patch)
tree6c921c3ba5d99f472528937a24f78ffe10c81f03 /import.php
parent72925985e0d95747dba3ec125f2fca6f8c80349f (diff)
Accept SQL query only from POST requests
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'import.php')
-rw-r--r--import.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/import.php b/import.php
index 3aac8b85cf..f83d03e295 100644
--- a/import.php
+++ b/import.php
@@ -742,7 +742,7 @@ if ($go_sql) {
$cfgBookmark = Bookmark::getParams($GLOBALS['cfg']['Server']['user']);
Sql::storeTheQueryAsBookmark(
$db, $cfgBookmark['user'],
- $_REQUEST['sql_query'], $_POST['bkm_label'],
+ $_POST['sql_query'], $_POST['bkm_label'],
isset($_POST['bkm_replace']) ? $_POST['bkm_replace'] : null
);
}
@@ -757,7 +757,7 @@ if ($go_sql) {
$cfgBookmark = Bookmark::getParams($GLOBALS['cfg']['Server']['user']);
Sql::storeTheQueryAsBookmark(
$db, $cfgBookmark['user'],
- $_REQUEST['sql_query'], $_POST['bkm_label'],
+ $_POST['sql_query'], $_POST['bkm_label'],
isset($_POST['bkm_replace']) ? $_POST['bkm_replace'] : null
);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 02:02:45 +0300