diff --git a/ChangeLog b/ChangeLog
index 26b33bb05..8c4aeebee 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
 $Id$
 $Source$
 
+2005-02-23 Alexander M. Turek  <me@derrabus.de>
+    * libraries/grab_globals.lib.php: More hotfixes against bug #1149381.
+
 2005-02-22 Alexander M. Turek  <me@derrabus.de>
     * libraries/grab_globals.lib.php: Hotfix against bug #1149381 and parts
       of bug #1149383.
diff --git a/libraries/grab_globals.lib.php b/libraries/grab_globals.lib.php
index c4301add9..a74657c78 100644
--- a/libraries/grab_globals.lib.php
+++ b/libraries/grab_globals.lib.php
@@ -25,12 +25,15 @@ function PMA_gpc_extract($array, &$target) {
          * parameters.
          *
          * Currently, the following variable names are rejected when found in
-         * $_GET or $_POST: cfg and str*
+         * $_GET or $_POST: cfg, GLOBALS, str* and _*
          *
          * Warning: this also affects array keys:
          * Variables like $_GET['harmless']['cfg'] will also be rejected!
          */
-        if ($key == 'cfg' || substr($key, 0, 3) == 'str') {
+        if ($key == 'cfg'
+            || $key == 'GLOBALS'
+            || substr($key, 0, 3) == 'str'
+            || $key{0} == '_') {
             continue;
         }