[Phpmyadmin-devel] token mismatch with server variables
marc at infomarc.info
Tue Jul 16 16:04:47 CEST 2013
Le 2013-07-16 09:32, Isaac Bennetch a écrit :
> Hi, I just took a bug report/suggested fix from "an anonymous IRC user"
> who doesn't have a SourceForge or github account. The thing is, I can't
> reproduce it. Does anyone have any comment on this?
To be valid XHTML, we have to use & instead of & as the separator.
I cannot reproduce the problem; I wonder which browser this person is using.
> I 'm running latest 184.108.40.206 and wanted to change a server variable, but
> every time I clicked on one I got a token mismatch. Turns out, line 128
> of server_variables.php does:
> $url = htmlspecialchars('server_variables.php?' .
> The html special chars converts an '&' to & where it shouldn't. This
> effectively makes it impossible to change any server variables via
> phpMyAdmin. Changing it to:
> $url = ('server_variables.php?' . PMA_generate_common_url());
> (kill the htmlspecialchars())
> works. But I'm not certain this would be the correct fix.
More information about the Developers