From 5157f558620d946bf99f7eb700a481a3a63a1f31 Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Thu, 2 Oct 2003 18:08:33 +0000
Subject: [PATCH] bug 807047

---
 ChangeLog                       | 4 ++++
 libraries/grab_globals.lib.php3 | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index d53eed0a3..9860e5a48 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,10 @@ phpMyAdmin - Changelog
 $Id$
 $Source$
 
+2003-10-02 Marc Delisle  <lem9@users.sourceforge.net>
+    * libraries/grab_globals.lib.php3: bug 807047, protect POST variables
+      against cookies of the same name
+
 2003-10-01 Marc Delisle  <lem9@users.sourceforge.net>
     * lang/slovenian update, thanks to Kositer Uros
     * lang/norwegian:  Updated, thanks to Sven-Erik Andersen (sven-erik).
diff --git a/libraries/grab_globals.lib.php3 b/libraries/grab_globals.lib.php3
index aa58aa89f..09a1af2db 100644
--- a/libraries/grab_globals.lib.php3
+++ b/libraries/grab_globals.lib.php3
@@ -21,6 +21,10 @@ if (!defined('PMA_GRAB_GLOBALS_INCLUDED')) {
         reset($array);
         while (list($key, $value) = each($array)) {
             if (is_array($value)) {
+                // there could be a variable coming from a cookie of
+                // another application, with the same name as this array
+                unset($GLOBALS[$key]);
+
                 PMA_gpc_extract($value, $target[$key]);
             } else if ($is_magic_quotes) {
                 $target[$key] = stripslashes($value);