nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

patch #1817529 [auth] Incorrect login via URL when AllowArbitraryServer is true, thanks to Juergen Wind

Browse Source
This commit is contained in:
Marc Delisle
2007-10-22 16:47:52 +00:00
parent c3884dcd2d
commit c0017d0f42
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@@ -31,6 +31,8 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
set focus to the textarea set focus to the textarea
- bug #1814463 [display] Wrong database size - bug #1814463 [display] Wrong database size
- bug #1811527 [display] Problem with links to the MySQL manual - bug #1811527 [display] Problem with links to the MySQL manual
- patch #1817529 [auth] Incorrect login via URL when AllowArbitraryServer
is true, thanks to Juergen Wind
2.11.1.2 (2007-10-17) 2.11.1.2 (2007-10-17)
- fixed XSS in server_status.php, thanks to Omer Singer, The DigiTrust Group - fixed XSS in server_status.php, thanks to Omer Singer, The DigiTrust Group

2
libraries/auth/cookie.auth.lib.php
View File

@@ -377,7 +377,7 @@ function PMA_auth_check()
// The user just logged in // The user just logged in
$GLOBALS['PHP_AUTH_USER'] = $_REQUEST['pma_username']; $GLOBALS['PHP_AUTH_USER'] = $_REQUEST['pma_username'];
$GLOBALS['PHP_AUTH_PW'] = empty($_REQUEST['pma_password']) ? '' : $_REQUEST['pma_password']; $GLOBALS['PHP_AUTH_PW'] = empty($_REQUEST['pma_password']) ? '' : $_REQUEST['pma_password'];
if ($GLOBALS['cfg']['AllowArbitraryServer']) { if ($GLOBALS['cfg']['AllowArbitraryServer'] && isset($_REQUEST['pma_servername'])) {
$GLOBALS['pma_auth_server'] = $_REQUEST['pma_servername']; $GLOBALS['pma_auth_server'] = $_REQUEST['pma_servername'];
} }
return true; return true;