nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bug #1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin

Browse Source
This commit is contained in:
Sebastian Mendel
2007-12-18 08:02:41 +00:00
parent 1e015a8214
commit c7cf86e3cf
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -41,6 +41,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
- bug #1848889 [export] export trigger should use DROP TRIGGER IF EXISTS
- bug #1851833 [display] Sorting forgets an explicit LIMIT
(fix for sorting on column headers)
- bug #1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin
2.11.3.0 (2007-12-08)
- patch #1818389 to remove a notice (failed to flush buffer), thanks to

5
libraries/auth/cookie.auth.lib.php
View File

@@ -25,12 +25,11 @@ if (function_exists('mcrypt_encrypt') || PMA_dl('mcrypt')) {
* further decryption. I don't think necessary to have one iv
* per server so I don't put the server number in the cookie name.
*/
if (!isset($_COOKIE['pma_mcrypt_iv'])) {
if (empty($_COOKIE['pma_mcrypt_iv'])
|| false === ($iv = base64_decode($_COOKIE['pma_mcrypt_iv'], true))) {
srand((double) microtime() * 1000000);
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC), MCRYPT_RAND);
PMA_setCookie('pma_mcrypt_iv', base64_encode($iv));
} else {
$iv = base64_decode($_COOKIE['pma_mcrypt_iv']);
}
/**