Use stricter regexp in URL

2026-01-01 05:10:53 +01:00 · 2013-07-03 10:34:19 -07:00
parent 9bfc2a311c
commit 1aa3144d05
3 changed files with 4 additions and 4 deletions
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -44,7 +44,7 @@ if ($auth) {
 			set_session($key, null);
 		}
 		unset_permanent();
-		redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
+		redirect(substr(preg_replace('~\b(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
 	}
 	
 } elseif ($permanent && !$_SESSION["pwds"]) {