The branch, QA_2_11 has been updated via 373a6626ade37c0fee1dfc7c757ca55c7652874b (commit) via 60bdae640377ed32c717e6f863b77359f04a7bb5 (commit) via 3f9fd2594076bd8ee0825b59f7caf55be102ce4f (commit) via b01a58118f973f98ab99a4bb28d340af49fa251f (commit) via 61d9e561580ccb4a07d6d0c5695c839a22cc3b78 (commit) via a6e79391b92a48ffef307fa107ce1a61965e4244 (commit) via 21f624a26574fd45c043ddd27bf5a190b80c2757 (commit) via e1f4901ffc400b6d2df15eac0ba5015fe48a27c4 (commit) from 68213538d7b53e3c97b8730a2e6a0e897b8b5ce9 (commit)

- Log ----------------------------------------------------------------- commit 373a6626ade37c0fee1dfc7c757ca55c7652874b Author: Michal Čihař mcihar@novell.com Date: Thu Jan 6 09:57:13 2011 +0100

Do not load common with PMA_MINIMUM_COMMON

Defining PMA_MINIMUM_COMMON skips authentication, what should not be done for this file.

commit 60bdae640377ed32c717e6f863b77359f04a7bb5 Author: Michal Čihař mcihar@novell.com Date: Thu Jan 6 09:53:11 2011 +0100

Add .gitignore from master.

commit 3f9fd2594076bd8ee0825b59f7caf55be102ce4f Merge: b01a58118f973f98ab99a4bb28d340af49fa251f 61d9e561580ccb4a07d6d0c5695c839a22cc3b78 Author: Michal Čihař mcihar@novell.com Date: Thu Jan 6 09:49:31 2011 +0100

Merge remote branch 'origin/MAINT_2_11_11' into QA_2_11

commit b01a58118f973f98ab99a4bb28d340af49fa251f Author: Michal Čihař mcihar@novell.com Date: Thu Jan 6 09:39:23 2011 +0100

Remove error.php

Redirecting to other script introduces possibility of inject custom messages to it. Though there is no clear security issue in this, it might confuse users and mistake them to go to external site as it allows to include links.

Conflicts:

error.php libraries/core.lib.php

-----------------------------------------------------------------------

Summary of changes: .gitignore | 31 ++++++++++++++++ ChangeLog | 4 +- error.php | 87 ---------------------------------------------- libraries/common.inc.php | 1 - libraries/core.lib.php | 12 +++--- libraries/error.inc.php | 57 ++++++++++++++++++++++++++++++ phpinfo.php | 1 - themes/.gitignore | 29 +++++++++++++++ 8 files changed, 125 insertions(+), 97 deletions(-) create mode 100644 .gitignore delete mode 100644 error.php create mode 100644 libraries/error.inc.php create mode 100644 themes/.gitignore

diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a773f8e --- /dev/null +++ b/.gitignore @@ -0,0 +1,31 @@ +# Directory for creating releases +release +# Configuration files +config.inc.php +config.header.inc.php +config.footer.inc.php +# Upload/save dirs +upload +save +# For setup script +config +# ctags +tags +# Editor files +phpmyadmin.wpj +.projectOptions +.vimrc +.project +.settings +.buildpath +.cache +.idea +*.sw[op] +# Locales +locale +# Backups +*~ +# Javascript sources +sources +# API documentation +apidoc diff --git a/ChangeLog b/ChangeLog index a98d172..b0663e1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,8 +7,8 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA

2.11.12.0 (not yet released)

-2.11.11.1 (2010-11-26) -- bug #3115519 (private) [security] XSS on db search +2.11.11.1 (2010-11-29) +- bug #3115519 (private) [security] XSS on db search, see PMASA-2010-8

2.11.11.0 (2010-09-07) - [core] Fix broken cleanup of $_GET diff --git a/error.php b/error.php deleted file mode 100644 index 750ac60..0000000 --- a/error.php +++ /dev/null @@ -1,87 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * phpMyAdmin fatal error display page - * - * @version $Id$ - */ - -/* Input sanitizing */ -require_once './libraries/sanitizing.lib.php'; - -/* Get variables */ -if (! empty($_REQUEST['lang']) && is_string($_REQUEST['lang'])) { - $lang = htmlspecialchars($_REQUEST['lang']); -} else { - $lang = 'en'; -} - -if (! empty($_REQUEST['dir']) && is_string($_REQUEST['dir'])) { - $dir = htmlspecialchars($_REQUEST['dir']); -} else { - $dir = 'ltr'; -} - -if (! empty($_REQUEST['type']) && is_string($_REQUEST['type'])) { - $type = htmlspecialchars($_REQUEST['type']); -} else { - $type = 'error'; -} - -// force utf-8 to avoid XSS with crafted URL and utf-7 in charset parameter -$charset = 'utf-8'; - -header('Content-Type: text/html; charset=' . $charset); -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $lang; ?>" dir="<?php echo $dir; ?>"> -<head> - <link rel="icon" href="./favicon.ico" type="image/x-icon" /> - <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" /> - <title>phpMyAdmin</title> - <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $charset; ?>" /> - <style type="text/css"> - <!-- - html { - padding: 0; - margin: 0; - } - body { - font-family: sans-serif; - font-size: small; - color: #000000; - background-color: #F5F5F5; - margin: 1em; - } - h1 { - margin: 0; - padding: 0.3em; - font-size: 1.4em; - font-weight: bold; - color: #ffffff; - background-color: #ff0000; - } - p { - margin: 0; - padding: 0.5em; - border: 0.1em solid red; - background-color: #ffeeee; - } - //--> - </style> -</head> -<body> -<h1>phpMyAdmin - <?php echo $type; ?></h1> -<p><?php -if (!empty($_REQUEST['error'])) { - if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { - echo PMA_sanitize(stripslashes($_REQUEST['error'])); - } else { - echo PMA_sanitize($_REQUEST['error']); - } -} else { - echo 'No error message!'; -} -?></p> -</body> -</html> diff --git a/libraries/common.inc.php b/libraries/common.inc.php index 4cb4692..ea9f2d8 100644 --- a/libraries/common.inc.php +++ b/libraries/common.inc.php @@ -305,7 +305,6 @@ $goto_whitelist = array( 'db_printview.php', 'db_search.php', //'Documentation.html', - //'error.php', 'export.php', 'import.php', //'index.php', diff --git a/libraries/core.lib.php b/libraries/core.lib.php index 669efec..a84e056 100644 --- a/libraries/core.lib.php +++ b/libraries/core.lib.php @@ -241,18 +241,18 @@ function PMA_fatalError($error_message, $message_args = null) $error_message = strtr($error_message, array('<br />' => '[br]'));

// Displays the error message - // (do not use &amp; for parameters sent by header) - header('Location: ' . (defined('PMA_SETUP') ? '../' : '') . 'error.php' - . '?lang=' . urlencode($GLOBALS['available_languages'][$GLOBALS['lang']][2]) - . '&dir=' . urlencode($GLOBALS['text_dir']) - . '&type=' . urlencode($GLOBALS['strError']) - . '&error=' . urlencode($error_message)); + $lang = $GLOBALS['available_languages'][$GLOBALS['lang']][2]; + $dir = $GLOBALS['text_dir']; + $type = $GLOBALS['strError']; + $error = $error_message;

// on fatal errors it cannot hurt to always delete the current session if (isset($GLOBALS['session_name']) && isset($_COOKIE[$GLOBALS['session_name']])) { PMA_removeCookie($GLOBALS['session_name']); }

+ require('./libraries/error.inc.php'); + exit; }

diff --git a/libraries/error.inc.php b/libraries/error.inc.php new file mode 100644 index 0000000..95d8847 --- /dev/null +++ b/libraries/error.inc.php @@ -0,0 +1,57 @@ +<?php +/* vim: set expandtab sw=4 ts=4 sts=4: */ +/** + * phpMyAdmin fatal error display page + * + * @package phpMyAdmin + */ + +if (! defined('PHPMYADMIN')) { + exit; +} + +header('Content-Type: text/html; charset=utf-8'); +?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $lang; ?>" dir="<?php echo $dir; ?>"> +<head> + <link rel="icon" href="./favicon.ico" type="image/x-icon" /> + <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" /> + <title>phpMyAdmin</title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> + <style type="text/css"> + <!-- + html { + padding: 0; + margin: 0; + } + body { + font-family: sans-serif; + font-size: small; + color: #000000; + background-color: #F5F5F5; + margin: 1em; + } + h1 { + margin: 0; + padding: 0.3em; + font-size: 1.4em; + font-weight: bold; + color: #ffffff; + background-color: #ff0000; + } + p { + margin: 0; + padding: 0.5em; + border: 0.1em solid red; + background-color: #ffeeee; + } + //--> + </style> +</head> +<body> +<h1>phpMyAdmin - <?php echo $error_header; ?></h1> +<p><?php echo PMA_sanitize($error_message); ?></p> +</body> +</html> + diff --git a/phpinfo.php b/phpinfo.php index 56a4c9c..02c6138 100644 --- a/phpinfo.php +++ b/phpinfo.php @@ -8,7 +8,6 @@ /** * Gets core libraries and defines some variables */ -define('PMA_MINIMUM_COMMON', true); require_once './libraries/common.inc.php';

diff --git a/themes/.gitignore b/themes/.gitignore new file mode 100644 index 0000000..55144c0 --- /dev/null +++ b/themes/.gitignore @@ -0,0 +1,29 @@ +aqua +aqua_brushed +arctic_ocean +cactica_blues +clearview3 +crimson_gray +dark_lime +darkblue_gray +garvblue +graphivore +green_orange +grid +hillside +openphpnuke +original_small +paradice +pixeline +pmahomme +silk +silkline +smooth_yellow +very_small +xampp +xp_basic +xp_blue +xp_dirty +xp_green +xp_silver +programmersdarkside

hooks/post-receive