[Phpmyadmin-devel] token mismatch with server variables
Bin Zu
xmujay at gmail.com
Tue Jul 16 16:27:37 CEST 2013
>Le 2013-07-16 09:32, Isaac Bennetch a écrit :
>> Hi, I just took a bug report/suggested fix from "an anonymous IRC user"
>> who doesn't have a SourceForge or github account. The thing is, I can't
>> reproduce it. Does anyone have any comment on this?
>
>To be valid XHTML, we have to use & instead of & as the separator.
>
>I cannot reproduce the problem; I wonder which browser this person is using.
>
>>
>> I 'm running latest 4.0.4.1 and wanted to change a server variable, but
>> every time I clicked on one I got a token mismatch. Turns out, line 128
>> of server_variables.php does:
>>
>> $url = htmlspecialchars('server_variables.php?' .
>> PMA_generate_common_url());
>>
>> The html special chars converts an '&' to & where it shouldn't. This
>> effectively makes it impossible to change any server variables via
>> phpMyAdmin. Changing it to:
>>
>> $url = ('server_variables.php?' . PMA_generate_common_url());
>>
>> (kill the htmlspecialchars())
>>
>> works. But I'm not certain this would be the correct fix.
>
>
>
I can't reproduce it from my side too. Chrome..
thanks
--------------
Bin Zu
More information about the Developers
mailing list