Hi, I just took a bug report/suggested fix from "an anonymous IRC user" who doesn't have a SourceForge or github account. The thing is, I can't reproduce it. Does anyone have any comment on this?
I 'm running latest 4.0.4.1 and wanted to change a server variable, but every time I clicked on one I got a token mismatch. Turns out, line 128 of server_variables.php does:
$url = htmlspecialchars('server_variables.php?' . PMA_generate_common_url());
The html special chars converts an '&' to & where it shouldn't. This effectively makes it impossible to change any server variables via phpMyAdmin. Changing it to:
$url = ('server_variables.php?' . PMA_generate_common_url());
(kill the htmlspecialchars())
works. But I'm not certain this would be the correct fix.
Le 2013-07-16 09:32, Isaac Bennetch a écrit :
Hi, I just took a bug report/suggested fix from "an anonymous IRC user" who doesn't have a SourceForge or github account. The thing is, I can't reproduce it. Does anyone have any comment on this?
To be valid XHTML, we have to use & instead of & as the separator.
I cannot reproduce the problem; I wonder which browser this person is using.
I 'm running latest 4.0.4.1 and wanted to change a server variable, but every time I clicked on one I got a token mismatch. Turns out, line 128 of server_variables.php does:
$url = htmlspecialchars('server_variables.php?' . PMA_generate_common_url());
The html special chars converts an '&' to & where it shouldn't. This effectively makes it impossible to change any server variables via phpMyAdmin. Changing it to:
$url = ('server_variables.php?' . PMA_generate_common_url());
(kill the htmlspecialchars())
works. But I'm not certain this would be the correct fix.
Le 2013-07-16 09:32, Isaac Bennetch a écrit :
Hi, I just took a bug report/suggested fix from "an anonymous IRC user" who doesn't have a SourceForge or github account. The thing is, I can't reproduce it. Does anyone have any comment on this?
To be valid XHTML, we have to use & instead of & as the separator.
I cannot reproduce the problem; I wonder which browser this person is using.
I 'm running latest 4.0.4.1 and wanted to change a server variable, but every time I clicked on one I got a token mismatch. Turns out, line 128 of server_variables.php does:
$url = htmlspecialchars('server_variables.php?' . PMA_generate_common_url());
The html special chars converts an '&' to & where it shouldn't. This effectively makes it impossible to change any server variables via phpMyAdmin. Changing it to:
$url = ('server_variables.php?' . PMA_generate_common_url());
(kill the htmlspecialchars())
works. But I'm not certain this would be the correct fix.
I can't reproduce it from my side too. Chrome..
thanks
-------------- Bin Zu
On Tue, Jul 16, 2013 at 10:04 AM, Marc Delisle marc@infomarc.info wrote:
Le 2013-07-16 09:32, Isaac Bennetch a écrit :
Hi, I just took a bug report/suggested fix from "an anonymous IRC user" who doesn't have a SourceForge or github account. The thing is, I can't reproduce it. Does anyone have any comment on this?
To be valid XHTML, we have to use & instead of & as the separator.
That's what I thought.
I cannot reproduce the problem; I wonder which browser this person is using.
IIS 7.5 / PHP 5.2.17 / Firefox 22
My own Firefox is version 22.0, but I don't have an IIS install handy and my PHP version is 5.3.3. A quick Google search doesn't find anything odd about the & entity and IIS, so I'm at a bit of a loss at the moment.
I 'm running latest 4.0.4.1 and wanted to change a server variable, but every time I clicked on one I got a token mismatch. Turns out, line 128 of server_variables.php does:
$url = htmlspecialchars('server_variables.php?' . PMA_generate_common_url());
The html special chars converts an '&' to & where it shouldn't. This effectively makes it impossible to change any server variables via phpMyAdmin. Changing it to:
$url = ('server_variables.php?' . PMA_generate_common_url());
(kill the htmlspecialchars())
works. But I'm not certain this would be the correct fix.
-- Marc Delisle http://infomarc.info
See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clk... _______________________________________________ Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
Le 2013-07-16 10:49, Isaac Bennetch a écrit :
On Tue, Jul 16, 2013 at 10:04 AM, Marc Delisle marc@infomarc.info wrote:
Le 2013-07-16 09:32, Isaac Bennetch a écrit :
Hi, I just took a bug report/suggested fix from "an anonymous IRC user" who doesn't have a SourceForge or github account. The thing is, I can't reproduce it. Does anyone have any comment on this?
To be valid XHTML, we have to use & instead of & as the separator.
That's what I thought.
I cannot reproduce the problem; I wonder which browser this person is using.
IIS 7.5 / PHP 5.2.17 / Firefox 22
My own Firefox is version 22.0, but I don't have an IIS install handy and my PHP version is 5.3.3. A quick Google search doesn't find anything odd about the & entity and IIS, so I'm at a bit of a loss at the moment.
Please open a bug ticket about this, with "IIS 7.5" somewhere in the title. Maybe we'll gather more info from other IIS users.
I 'm running latest 4.0.4.1 and wanted to change a server variable, but every time I clicked on one I got a token mismatch. Turns out, line 128 of server_variables.php does:
$url = htmlspecialchars('server_variables.php?' . PMA_generate_common_url());
The html special chars converts an '&' to & where it shouldn't. This effectively makes it impossible to change any server variables via phpMyAdmin. Changing it to:
$url = ('server_variables.php?' . PMA_generate_common_url());
(kill the htmlspecialchars())
works. But I'm not certain this would be the correct fix.
-
Bin Zu -
Isaac Bennetch -
Marc Delisle