nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security fix

Browse Source
This commit is contained in:
Marc Delisle
2005-10-21 02:47:47 +00:00
parent 429b629125
commit 8fdd30964e
3 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -7,6 +7,7 @@ $Source$
2005-10-20 Marc Delisle <lem9@users.sourceforge.net> 2005-10-20 Marc Delisle <lem9@users.sourceforge.net>
* server_databases.php: security fix * server_databases.php: security fix
* libraries/common.lib.php, /grab_globals.lib.php: security fix
2005-10-20 Alexander M. Turek <me@derrabus.de> 2005-10-20 Alexander M. Turek <me@derrabus.de>
* libraries/mysql_charsets.lib.php: * libraries/mysql_charsets.lib.php:

4
libraries/common.lib.php
View File

@@ -47,6 +47,10 @@
* - other functions, respecting dependencies * - other functions, respecting dependencies
*/ */
// grab_globals.lib.php should really go before common.lib.php
// TODO: remove direct calling from elsewhere
require_once('./libraries/grab_globals.lib.php');
/** /**
* Minimum inclusion? (i.e. for the stylesheet builder) * Minimum inclusion? (i.e. for the stylesheet builder)
*/ */

6
libraries/grab_globals.lib.php
View File

@@ -11,6 +11,12 @@
* *
* loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+ * loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
*/ */
// protect against older PHP versions' bug about GLOBALS overwrite
// (no need to translate this one :) )
if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) {
die("GLOBALS overwrite attempt");
}
require_once './libraries/session.inc.php'; require_once './libraries/session.inc.php';