From 9d23336e0cf3f923336cf038f860628e7291e62e Mon Sep 17 00:00:00 2001 From: Benjamin Sonntag Date: Fri, 6 Oct 2017 16:00:34 +0200 Subject: [PATCH] =?UTF-8?q?[fix]=C2=A0adding=20csrf=20table=20at=20INSTALL?= =?UTF-8?q?=20time,=20not=20only=20at=20UPGRADE=20time?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- install/mysql.sql | 10 ++++++++++ install/upgrades/3.4.6.sql | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/install/mysql.sql b/install/mysql.sql index 037ca611..ed1cd219 100644 --- a/install/mysql.sql +++ b/install/mysql.sql @@ -749,3 +749,13 @@ DELETE FROM alternc_status WHERE name='alternc_version'; INSERT INTO alternc_status SET name='alternc_version',value='3.4.7.php'; + +CREATE TABLE IF NOT EXISTS `csrf` ( + `cookie` char(32) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, + `token` char(32) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, + `created` datetime NOT NULL, + `used` tinyint(3) unsigned NOT NULL DEFAULT '0' +) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='csrf tokens for AlternC forms'; + +ALTER TABLE `csrf` ADD PRIMARY KEY (`cookie`,`token`), ADD KEY `created` (`created`); + diff --git a/install/upgrades/3.4.6.sql b/install/upgrades/3.4.6.sql index fb29b904..0fef148b 100644 --- a/install/upgrades/3.4.6.sql +++ b/install/upgrades/3.4.6.sql @@ -36,6 +36,6 @@ ALTER TABLE `tld` ENGINE InnoDB; ALTER TABLE `variable` ENGINE InnoDB; ALTER TABLE `vm_history` ENGINE InnoDB; --- Should lthe default_subdomains table already exists, prevent the following INSERT INTO to double the entries +-- If the default_subdomains table already exists, prevent the following INSERT INTO to double the entries ALTER TABLE `default_subdomains` ADD UNIQUE KEY `unique_row` (`sub`,`domain_type`,`domain_type_parameter`,`concerned`);