Hi
...resending to the list...
Dne Thu, 4 Aug 2011 21:13:16 +0300 Tyron Madlener tyronx@gmail.com napsal(a):
On Thu, Aug 4, 2011 at 8:51 PM, Michal Čihař michal@cihar.com wrote:
This is just limiting access to file_echo.php to users who are allowed to use phpMyAdmin (and thus have login to MySQL). I see no reason having publicly available echo service in phpMyAdmin.
But don't you need valid mysql credentials to get a session (and token) anyway?
Yes, though the token might be valid longer than MySQL credentials, so it's better to check both.
Since the file uploading is handled by the browser, I cannot think of a case where you can upload a file unintentionally, or in any way get it uploaded through other means than manually uploading it yourself. I'd be really curious to know how a hacker can do anything malicious in this direction.
You can easily place form on other page and redirect it to this file. This is data you receive from outside, you should never trust it.
If you don't need any HTML code inside, htmlspecialchars will help here. Also if you set content type to JSON, browser will not process it as HTML.
Ah yes, great solution :) It just didn't into my mind to actually change the http header, even though its so obvious. I'll change that today.
Okay, please base changes on current master, I've made numerous changes to that file.