From c57b39bed91f06d574a95d8a5a091e5e59492d69 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Sat, 23 Feb 2008 21:16:42 +0000 Subject: [PATCH] bug [core] Remove cookies from $_REQUEST for better coexistence with other applications --- ChangeLog | 2 ++ libraries/common.inc.php | 7 +++++++ 2 files changed, 9 insertions(+) diff --git a/ChangeLog b/ChangeLog index 71768599c..8c2949f13 100644 --- a/ChangeLog +++ b/ChangeLog @@ -26,6 +26,8 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA thanks to Jürgen Wind - windkiel - bug [GUI] Do not display the database name used by the previous user, thanks to Ronny Görner +- bug [core] Remove cookies from $_REQUEST for better coexistence with + other applications, thanks to Richard Cunningham 2.11.4.0 (2008-01-12) - bug #1843428 [GUI] Space issue with DROP/DELETE/ALTER TABLE diff --git a/libraries/common.inc.php b/libraries/common.inc.php index cd1758d88..b5bec73bc 100644 --- a/libraries/common.inc.php +++ b/libraries/common.inc.php @@ -211,6 +211,13 @@ if (isset($_POST['usesubform'])) { unset($_POST['redirect']); } unset($subform_id, $subform); +} else { + // Note: here we overwrite $_REQUEST so that it does not contain cookies, + // because another application for the same domain could have set + // a cookie (with a compatible path) that overrides a variable + // we expect from GET or POST. + // We'll refer to cookies explicitly with the $_COOKIE syntax. + $_REQUEST = array_merge($_GET, $_POST); } // end check if a subform is submitted