Adminer iframe ? (#78)
* Show Adminer in iframe * Add a link to open in a new page if needed * X-Frame-Options to SameOrigin * Use uppercase as per standard
This commit is contained in:
+4
-1
@@ -136,7 +136,7 @@ if(isset($_GET['view'])){
|
||||
<button type=\"submit\" name=\"view\" value=\"System Controls\" form=\"views\">System Controls".$updatediv."</button>
|
||||
<button type=\"submit\" name=\"view\" value=\"Services\" form=\"views\">Services</button>
|
||||
<button type=\"submit\" name=\"view\" value=\"File\" form=\"views\">File Manager</button>
|
||||
<a href=\"scripts/adminer.php\" target=\"_blank\"><button type=\"submit\" form=\"\">Database Maintenance</button></a>
|
||||
<button type=\"submit\" name=\"view\" value=\"Adminer\" form=\"views\">Database Maintenance</button>
|
||||
<button type=\"submit\" name=\"view\" value=\"Webterm\" form=\"views\">Web Terminal</button>
|
||||
<button type=\"submit\" name=\"view\" value=\"Included\" form=\"views\">Custom Species List</button>
|
||||
<button type=\"submit\" name=\"view\" value=\"Excluded\" form=\"views\">Excluded Species List</button>
|
||||
@@ -205,6 +205,9 @@ if(isset($_GET['view'])){
|
||||
if($_GET['view'] == "File"){
|
||||
echo "<iframe src='scripts/filemanager/filemanager.php'></iframe>";
|
||||
}
|
||||
if($_GET['view'] == "Adminer"){
|
||||
echo "<iframe src='scripts/adminer.php'></iframe>";
|
||||
}
|
||||
if($_GET['view'] == "Webterm"){
|
||||
ensure_authenticated('You cannot access the web terminal');
|
||||
echo "<iframe src='/terminal'></iframe>";
|
||||
|
||||
@@ -639,7 +639,7 @@ var thousandsSeparator = \'',js_escape(' '),'\';
|
||||
<div id="content">
|
||||
';if($Ba!==null){$A=substr(preg_replace('~\b(username|db|ns)=[^&]*&~','',ME),0,-1);echo'<p id="breadcrumb"><a href="'.h($A?$A:".").'">'.$zb[DRIVER].'</a> » ';$A=substr(preg_replace('~\b(db|ns)=[^&]*&~','',ME),0,-1);$O=$b->serverName(SERVER);$O=($O!=""?$O:'Server');if($Ba===false)echo"$O\n";else{echo"<a href='".h($A)."' accesskey='1' title='Alt+Shift+1'>$O</a> » ";if($_GET["ns"]!=""||(DB!=""&&is_array($Ba)))echo'<a href="'.h($A."&db=".urlencode(DB).(support("scheme")?"&ns=":"")).'">'.h(DB).'</a> » ';if(is_array($Ba)){if($_GET["ns"]!="")echo'<a href="'.h(substr(ME,0,-1)).'">'.h($_GET["ns"]).'</a> » ';foreach($Ba
|
||||
as$z=>$X){$sb=(is_array($X)?$X[1]:h($X));if($sb!="")echo"<a href='".h(ME."$z=").urlencode(is_array($X)?$X[0]:$X)."'>$sb</a> » ";}}echo"$mg\n";}}echo"<h2>$og</h2>\n","<div id='ajaxstatus' class='jsonly hidden'></div>\n";restart_session();page_messages($l);$i=&get_session("dbs");if(DB!=""&&$i&&!in_array(DB,$i,true))$i=null;stop_session();define("PAGE_HEADER",1);}function
|
||||
page_headers(){global$b;header("Content-Type: text/html; charset=utf-8");header("Cache-Control: no-cache");header("X-Frame-Options: deny");header("X-XSS-Protection: 0");header("X-Content-Type-Options: nosniff");header("Referrer-Policy: origin-when-cross-origin");foreach($b->csp()as$db){$Dc=array();foreach($db
|
||||
page_headers(){global$b;header("Content-Type: text/html; charset=utf-8");header("Cache-Control: no-cache");header("X-Frame-Options: SAMEORIGIN");header("X-XSS-Protection: 0");header("X-Content-Type-Options: nosniff");header("Referrer-Policy: origin-when-cross-origin");foreach($b->csp()as$db){$Dc=array();foreach($db
|
||||
as$z=>$X)$Dc[]="$z $X";header("Content-Security-Policy: ".implode("; ",$Dc));}$b->headers();}function
|
||||
csp(){return
|
||||
array(array("script-src"=>"'self' 'unsafe-inline' 'nonce-".get_nonce()."' 'strict-dynamic'","connect-src"=>"'self'","frame-src"=>"https://www.adminer.org","object-src"=>"'none'","base-uri"=>"'none'","form-action"=>"'self'",),);}function
|
||||
|
||||
@@ -639,7 +639,7 @@ var thousandsSeparator = \'',js_escape(','),'\';
|
||||
<div id="content">
|
||||
';if($Ba!==null){$A=substr(preg_replace('~\b(username|db|ns)=[^&]*&~','',ME),0,-1);echo'<p id="breadcrumb"><a href="'.h($A?$A:".").'">'.$zb[DRIVER].'</a> » ';$A=substr(preg_replace('~\b(db|ns)=[^&]*&~','',ME),0,-1);$O=$b->serverName(SERVER);$O=($O!=""?$O:'Serveur');if($Ba===false)echo"$O\n";else{echo"<a href='".h($A)."' accesskey='1' title='Alt+Shift+1'>$O</a> » ";if($_GET["ns"]!=""||(DB!=""&&is_array($Ba)))echo'<a href="'.h($A."&db=".urlencode(DB).(support("scheme")?"&ns=":"")).'">'.h(DB).'</a> » ';if(is_array($Ba)){if($_GET["ns"]!="")echo'<a href="'.h(substr(ME,0,-1)).'">'.h($_GET["ns"]).'</a> » ';foreach($Ba
|
||||
as$z=>$X){$sb=(is_array($X)?$X[1]:h($X));if($sb!="")echo"<a href='".h(ME."$z=").urlencode(is_array($X)?$X[0]:$X)."'>$sb</a> » ";}}echo"$mg\n";}}echo"<h2>$og</h2>\n","<div id='ajaxstatus' class='jsonly hidden'></div>\n";restart_session();page_messages($l);$i=&get_session("dbs");if(DB!=""&&$i&&!in_array(DB,$i,true))$i=null;stop_session();define("PAGE_HEADER",1);}function
|
||||
page_headers(){global$b;header("Content-Type: text/html; charset=utf-8");header("Cache-Control: no-cache");header("X-Frame-Options: deny");header("X-XSS-Protection: 0");header("X-Content-Type-Options: nosniff");header("Referrer-Policy: origin-when-cross-origin");foreach($b->csp()as$db){$Dc=array();foreach($db
|
||||
page_headers(){global$b;header("Content-Type: text/html; charset=utf-8");header("Cache-Control: no-cache");header("X-Frame-Options: SAMEORIGIN");header("X-XSS-Protection: 0");header("X-Content-Type-Options: nosniff");header("Referrer-Policy: origin-when-cross-origin");foreach($b->csp()as$db){$Dc=array();foreach($db
|
||||
as$z=>$X)$Dc[]="$z $X";header("Content-Security-Policy: ".implode("; ",$Dc));}$b->headers();}function
|
||||
csp(){return
|
||||
array(array("script-src"=>"'self' 'unsafe-inline' 'nonce-".get_nonce()."' 'strict-dynamic'","connect-src"=>"'self'","frame-src"=>"https://www.adminer.org","object-src"=>"'none'","base-uri"=>"'none'","form-action"=>"'self'",),);}function
|
||||
|
||||
+2
-1
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
echo '<a href="'.$_SERVER['PHP_SELF'].'" target="_blank">Open in new page</a>';
|
||||
/** Adminer - Compact database management
|
||||
* @link https://www.adminer.org/
|
||||
* @author Jakub Vrana, https://www.vrana.cz/
|
||||
@@ -639,7 +640,7 @@ var thousandsSeparator = \'',js_escape(','),'\';
|
||||
<div id="content">
|
||||
';if($Ba!==null){$A=substr(preg_replace('~\b(username|db|ns)=[^&]*&~','',ME),0,-1);echo'<p id="breadcrumb"><a href="'.h($A?$A:".").'">'.$zb[DRIVER].'</a> » ';$A=substr(preg_replace('~\b(db|ns)=[^&]*&~','',ME),0,-1);$O=$b->serverName(SERVER);$O=($O!=""?$O:'Server');if($Ba===false)echo"$O\n";else{echo"<a href='".h($A)."' accesskey='1' title='Alt+Shift+1'>$O</a> » ";if($_GET["ns"]!=""||(DB!=""&&is_array($Ba)))echo'<a href="'.h($A."&db=".urlencode(DB).(support("scheme")?"&ns=":"")).'">'.h(DB).'</a> » ';if(is_array($Ba)){if($_GET["ns"]!="")echo'<a href="'.h(substr(ME,0,-1)).'">'.h($_GET["ns"]).'</a> » ';foreach($Ba
|
||||
as$z=>$X){$sb=(is_array($X)?$X[1]:h($X));if($sb!="")echo"<a href='".h(ME."$z=").urlencode(is_array($X)?$X[0]:$X)."'>$sb</a> » ";}}echo"$mg\n";}}echo"<h2>$og</h2>\n","<div id='ajaxstatus' class='jsonly hidden'></div>\n";restart_session();page_messages($l);$i=&get_session("dbs");if(DB!=""&&$i&&!in_array(DB,$i,true))$i=null;stop_session();define("PAGE_HEADER",1);}function
|
||||
page_headers(){global$b;header("Content-Type: text/html; charset=utf-8");header("Cache-Control: no-cache");header("X-Frame-Options: deny");header("X-XSS-Protection: 0");header("X-Content-Type-Options: nosniff");header("Referrer-Policy: origin-when-cross-origin");foreach($b->csp()as$db){$Dc=array();foreach($db
|
||||
page_headers(){global$b;header("Content-Type: text/html; charset=utf-8");header("Cache-Control: no-cache");header("X-Frame-Options: SAMEORIGIN");header("X-XSS-Protection: 0");header("X-Content-Type-Options: nosniff");header("Referrer-Policy: origin-when-cross-origin");foreach($b->csp()as$db){$Dc=array();foreach($db
|
||||
as$z=>$X)$Dc[]="$z $X";header("Content-Security-Policy: ".implode("; ",$Dc));}$b->headers();}function
|
||||
csp(){return
|
||||
array(array("script-src"=>"'self' 'unsafe-inline' 'nonce-".get_nonce()."' 'strict-dynamic'","connect-src"=>"'self'","frame-src"=>"https://www.adminer.org","object-src"=>"'none'","base-uri"=>"'none'","form-action"=>"'self'",),);}function
|
||||
|
||||
Reference in New Issue
Block a user