nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[core] Force generating of new session on login

Browse Source 
This improves security because session ID and token are generated fresh
for each user.
This commit is contained in:
Michal Čihař
2010-09-16 15:19:46 +02:00
parent 08b31439b3
commit f47e0933c3
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -112,6 +112,7 @@
- bug #3042665 [parser] Add workaround for MySQL way of handling backtick. - bug #3042665 [parser] Add workaround for MySQL way of handling backtick.
- bug #3056610 [interface] Removed modification options for information_schema - bug #3056610 [interface] Removed modification options for information_schema
+ patch #3055886 [config] Add Left frame table filter visibility config option, thanks to eesau + patch #3055886 [config] Add Left frame table filter visibility config option, thanks to eesau
- [core] Force generating of new session on login
3.3.8.0 (not yet released) 3.3.8.0 (not yet released)
- bug #3059311 [import] BIGINT field type added to table analysis - bug #3059311 [import] BIGINT field type added to table analysis

2
libraries/common.inc.php
View File

@@ -814,6 +814,8 @@ if (! defined('PMA_MINIMUM_COMMON')) {
*/ */
require_once './libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php'; require_once './libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php';
if (!PMA_auth_check()) { if (!PMA_auth_check()) {
/* Force generating of new session on login */
PMA_secureSession();
PMA_auth(); PMA_auth();
} else { } else {
PMA_auth_set_user(); PMA_auth_set_user();