Retrieve parameters from $_POST in import

Signed-off-by: Maurício Meneghini Fauth <mauriciofauth@gmail.com>
author: Maurício Meneghini Fauth <mauriciofauth@gmail.com> 2018-08-18 00:19:15 +0300
committer: Maurício Meneghini Fauth <mauriciofauth@gmail.com> 2018-11-11 01:48:58 +0300
commit: bf3e6c3a77ff5d1fc2a15bba7f0a66e7fcb357e6 (patch)
tree: d2dd6070e3cfd77f7d0ad4cc3120b579fcd6e8cf /import.php
parent: 1edf1aced6ad963c9f282666150f7f36f1ca449e (diff)
1 files changed, 29 insertions, 29 deletions
diff --git a/import.php b/import.php
index 75ba6d685c..f73b6fd81f 100644
--- a/import.php
+++ b/import.php
@@ -29,12 +29,12 @@ if (isset($_POST['format']) && $_POST['format'] == 'ldi') {
  */
 require_once 'libraries/common.inc.php';
 
-if (isset($_REQUEST['show_as_php'])) {
-    $GLOBALS['show_as_php'] = $_REQUEST['show_as_php'];
+if (isset($_POST['show_as_php'])) {
+    $GLOBALS['show_as_php'] = $_POST['show_as_php'];
 }
 
 // If there is a request to 'Simulate DML'.
-if (isset($_REQUEST['simulate_dml'])) {
+if (isset($_POST['simulate_dml'])) {
     Import::handleSimulateDmlRequest();
     exit;
 }
@@ -44,25 +44,25 @@ $response = Response::getInstance();
 $sql = new Sql();
 
 // If it's a refresh console bookmarks request
-if (isset($_REQUEST['console_bookmark_refresh'])) {
+if (isset($_GET['console_bookmark_refresh'])) {
     $response->addJSON(
         'console_message_bookmark', PhpMyAdmin\Console::getBookmarkContent()
     );
     exit;
 }
 // If it's a console bookmark add request
-if (isset($_REQUEST['console_bookmark_add'])) {
-    if (isset($_REQUEST['label']) && isset($_REQUEST['db'])
-        && isset($_REQUEST['bookmark_query']) && isset($_REQUEST['shared'])
+if (isset($_POST['console_bookmark_add'])) {
+    if (isset($_POST['label']) && isset($_POST['db'])
+        && isset($_POST['bookmark_query']) && isset($_POST['shared'])
     ) {
         $cfgBookmark = Bookmark::getParams($GLOBALS['cfg']['Server']['user']);
         $bookmarkFields = array(
-            'bkm_database' => $_REQUEST['db'],
+            'bkm_database' => $_POST['db'],
             'bkm_user'  => $cfgBookmark['user'],
-            'bkm_sql_query' => $_REQUEST['bookmark_query'],
-            'bkm_label' => $_REQUEST['label']
+            'bkm_sql_query' => $_POST['bookmark_query'],
+            'bkm_label' => $_POST['label']
         );
-        $isShared = ($_REQUEST['shared'] == 'true' ? true : false);
+        $isShared = ($_POST['shared'] == 'true' ? true : false);
         $bookmark = Bookmark::createBookmark(
             $GLOBALS['dbi'],
             $GLOBALS['cfg']['Server']['user'],
@@ -124,11 +124,11 @@ $ajax_reload = array();
 if (! empty($sql_query)) {
 
     // apply values for parameters
-    if (! empty($_REQUEST['parameterized'])
-        && ! empty($_REQUEST['parameters'])
-        && is_array($_REQUEST['parameters'])
+    if (! empty($_POST['parameterized'])
+        && ! empty($_POST['parameters'])
+        && is_array($_POST['parameters'])
     ) {
-        $parameters = $_REQUEST['parameters'];
+        $parameters = $_POST['parameters'];
         foreach ($parameters as $parameter => $replacement) {
             $quoted = preg_quote($parameter, '/');
             // making sure that :param does not apply values to :param1
@@ -153,7 +153,7 @@ if (! empty($sql_query)) {
     $_SESSION['sql_from_query_box'] = true;
 
     // If there is a request to ROLLBACK when finished.
-    if (isset($_REQUEST['rollback_query'])) {
+    if (isset($_POST['rollback_query'])) {
         Import::handleRollbackRequest($import_text);
     }
 
@@ -191,7 +191,7 @@ if (! empty($sql_query)) {
     $import_type = 'queryfile';
     $format = 'sql';
     unset($sql_file);
-} elseif (! empty($_REQUEST['id_bookmark'])) {
+} elseif (! empty($_POST['id_bookmark'])) {
     // run bookmark
     $import_type = 'query';
     $format = 'sql';
@@ -305,7 +305,7 @@ if (! empty($cfg['MemoryLimit'])) {
 }
 
 $timestamp = time();
-if (isset($_REQUEST['allow_interrupt'])) {
+if (isset($_POST['allow_interrupt'])) {
     $maximum_time = ini_get('max_execution_time');
 } else {
     $maximum_time = 0;
@@ -331,9 +331,9 @@ $result = false;
 $msg = 'Sorry an unexpected error happened!';
 
 // Bookmark Support: get a query back from bookmark if required
-if (! empty($_REQUEST['id_bookmark'])) {
-    $id_bookmark = (int)$_REQUEST['id_bookmark'];
-    switch ($_REQUEST['action_bookmark']) {
+if (! empty($_POST['id_bookmark'])) {
+    $id_bookmark = (int)$_POST['id_bookmark'];
+    switch ($_POST['action_bookmark']) {
     case 0: // bookmarked query that have to be run
         $bookmark = Bookmark::get(
             $GLOBALS['dbi'],
@@ -341,12 +341,12 @@ if (! empty($_REQUEST['id_bookmark'])) {
             $db,
             $id_bookmark,
             'id',
-            isset($_REQUEST['action_bookmark_all'])
+            isset($_POST['action_bookmark_all'])
         );
 
-        if (! empty($_REQUEST['bookmark_variable'])) {
+        if (! empty($_POST['bookmark_variable'])) {
             $import_text = $bookmark->applyVariables(
-                $_REQUEST['bookmark_variable']
+                $_POST['bookmark_variable']
             );
         } else {
             $import_text = $bookmark->getQuery();
@@ -383,7 +383,7 @@ if (! empty($_REQUEST['id_bookmark'])) {
             $response->setRequestStatus($message->isSuccess());
             $response->addJSON('message', $message);
             $response->addJSON('sql_query', $import_text);
-            $response->addJSON('action_bookmark', $_REQUEST['action_bookmark']);
+            $response->addJSON('action_bookmark', $_POST['action_bookmark']);
             exit;
         } else {
             $run_query = false;
@@ -404,7 +404,7 @@ if (! empty($_REQUEST['id_bookmark'])) {
                 );
                 $response->setRequestStatus($message->isSuccess());
                 $response->addJSON('message', $message);
-                $response->addJSON('action_bookmark', $_REQUEST['action_bookmark']);
+                $response->addJSON('action_bookmark', $_POST['action_bookmark']);
                 $response->addJSON('id_bookmark', $id_bookmark);
                 exit;
             } else {
@@ -576,11 +576,11 @@ if ($reset_charset) {
 }
 
 // Show correct message
-if (! empty($id_bookmark) && $_REQUEST['action_bookmark'] == 2) {
+if (! empty($id_bookmark) && $_POST['action_bookmark'] == 2) {
     $message = PhpMyAdmin\Message::success(__('The bookmark has been deleted.'));
     $display_query = $import_text;
     $error = false; // unset error marker, it was used just to skip processing
-} elseif (! empty($id_bookmark) && $_REQUEST['action_bookmark'] == 1) {
+} elseif (! empty($id_bookmark) && $_POST['action_bookmark'] == 1) {
     $message = PhpMyAdmin\Message::notice(__('Showing bookmark'));
 } elseif ($bookmark_created) {
     $special_message = '[br]'  . sprintf(
@@ -779,6 +779,6 @@ if ($go_sql) {
 }
 
 // If there is request for ROLLBACK in the end.
-if (isset($_REQUEST['rollback_query'])) {
+if (isset($_POST['rollback_query'])) {
     $GLOBALS['dbi']->query('ROLLBACK');
 }
author	Maurício Meneghini Fauth <mauriciofauth@gmail.com>	2018-08-18 00:19:15 +0300
committer	Maurício Meneghini Fauth <mauriciofauth@gmail.com>	2018-11-11 01:48:58 +0300
commit	bf3e6c3a77ff5d1fc2a15bba7f0a66e7fcb357e6 (patch)
tree	d2dd6070e3cfd77f7d0ad4cc3120b579fcd6e8cf /import.php
parent	1edf1aced6ad963c9f282666150f7f36f1ca449e (diff)