nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bug #1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin

Browse Source
This commit is contained in:
Sebastian Mendel
2007-12-18 08:02:41 +00:00
parent 2d8046d94e
commit de356ffb79
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -17,6 +17,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
- bug #1848889 [export] export trigger should use DROP TRIGGER IF EXISTS - bug #1848889 [export] export trigger should use DROP TRIGGER IF EXISTS
- bug #1851833 [display] Sorting forgets an explicit LIMIT - bug #1851833 [display] Sorting forgets an explicit LIMIT
(fix for sorting on column headers) (fix for sorting on column headers)
- bug #1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin
2.11.3.0 (2007-12-08) 2.11.3.0 (2007-12-08)
- patch #1818389 to remove a notice (failed to flush buffer), thanks to - patch #1818389 to remove a notice (failed to flush buffer), thanks to

5
libraries/mcrypt.lib.php
View File

@@ -11,12 +11,11 @@
* further decryption. I don't think necessary to have one iv * further decryption. I don't think necessary to have one iv
* per server so I don't put the server number in the cookie name. * per server so I don't put the server number in the cookie name.
*/ */
if (!isset($_COOKIE['pma_mcrypt_iv'])) { if (empty($_COOKIE['pma_mcrypt_iv'])
|| false === ($iv = base64_decode($_COOKIE['pma_mcrypt_iv']))) {
srand((double) microtime() * 1000000); srand((double) microtime() * 1000000);
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC), MCRYPT_RAND); $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC), MCRYPT_RAND);
PMA_setCookie('pma_mcrypt_iv', base64_encode($iv)); PMA_setCookie('pma_mcrypt_iv', base64_encode($iv));
} else {
$iv = base64_decode($_COOKIE['pma_mcrypt_iv']);
} }
/** /**