security fix against $_REQUEST['cfg'] exploits

ChangeLog

@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
 $Id$
 $Source$
 
+2004-06-30 Alexander M. Turek  <me@derrabus.de>
+    * libraries/common.lib.php: Fix against $_REQUEST['cfg'] exploits.
+
 2004-06-29 Michal Čihař  <michal@cihar.com>
     * lang/check_lang.sh: Checks for diffstat presence.
 

libraries/common.lib.php

@@ -65,6 +65,12 @@ if (!isset($pos)) {
     $pos              = 0;
 }
 
+/**
+ * 2004-06-30 rabus: Ensure, that $cfg variables are not set somwhere else
+ * before including the config file.
+ */
+unset($cfg);
+
 /**
  * Detects the config file we want to load
  */