diff options
Diffstat (limited to 'includes/database')
| -rw-r--r-- | includes/database/database.inc | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/includes/database/database.inc b/includes/database/database.inc index 69f84a446..c18aec2f5 100644 --- a/includes/database/database.inc +++ b/includes/database/database.inc @@ -1347,9 +1347,10 @@ abstract class Database { } // We need to pass around the simpletest database prefix in the request - // and we put that in the user_agent header. - if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/^simpletest\d+$/", $_SERVER['HTTP_USER_AGENT'])) { - $db_prefix .= $_SERVER['HTTP_USER_AGENT']; + // and we put that in the user_agent header. The header HMAC was already + // validated in bootstrap.inc. + if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/^(simpletest\d+);/", $_SERVER['HTTP_USER_AGENT'], $matches)) { + $db_prefix .= $matches[1]; } return $new_connection; } |