[Phpmyadmin-devel] token mismatch with server variables

Isaac Bennetch bennetch at gmail.com
Tue Jul 16 15:32:54 CEST 2013

Hi, I just took a bug report/suggested fix from "an anonymous IRC user" 
who doesn't have a SourceForge or github account. The thing is, I can't 
reproduce it. Does anyone have any comment on this?

I 'm running latest and wanted to change a server variable, but 
every time I clicked on one I got a token mismatch. Turns out, line 128 
of server_variables.php does:

$url = htmlspecialchars('server_variables.php?' . 

The html special chars converts an '&' to & where it shouldn't. This 
effectively makes it impossible to change any server variables via 
phpMyAdmin. Changing it to:

$url = ('server_variables.php?' . PMA_generate_common_url());

(kill the htmlspecialchars())

works. But I'm not certain this would be the correct fix.

More information about the Developers mailing list