[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_3_7-10532-gb9fe8fc

Piotr Przybylski crackpl at users.sourceforge.net
Tue Oct 5 14:01:13 CEST 2010 

The branch, master has been updated
       via  b9fe8fc6f8fa583ce6b88d8e059b0912c1f7b676 (commit)
       via  9a3120d185442e1389c642798253b10e32fc0d4d (commit)
       via  48c9d0a8eec66b0140c9c926bf4710f751e16402 (commit)
       via  da0039bb445406a957dbe96d9d9f20798bb2f3c4 (commit)
      from  bbe9bb7a76f297277dbb042e8cd7b2849620f045 (commit)


- Log -----------------------------------------------------------------
commit b9fe8fc6f8fa583ce6b88d8e059b0912c1f7b676
Author: Crack <piotrprz at gmail.com>
Date:   Tue Oct 5 13:53:56 2010 +0200

    Warn if LoginCookieStore < LoginCookieValidity

commit 9a3120d185442e1389c642798253b10e32fc0d4d
Merge: 48c9d0a8eec66b0140c9c926bf4710f751e16402 bbe9bb7a76f297277dbb042e8cd7b2849620f045
Author: Crack <piotrprz at gmail.com>
Date:   Tue Oct 5 13:43:50 2010 +0200

    Merge branch 'master' of ssh://phpmyadmin.git.sourceforge.net/gitroot/phpmyadmin/phpmyadmin

commit 48c9d0a8eec66b0140c9c926bf4710f751e16402
Merge: da0039bb445406a957dbe96d9d9f20798bb2f3c4 2fef94a4e50d5f7d3e0e7cc608f65bbf72d8689d
Author: Crack <piotrprz at gmail.com>
Date:   Tue Sep 21 15:47:20 2010 +0200

    Merge branch 'master' of ssh://phpmyadmin.git.sourceforge.net/gitroot/phpmyadmin/phpmyadmin

commit da0039bb445406a957dbe96d9d9f20798bb2f3c4
Author: Crack <piotrprz at gmail.com>
Date:   Tue Sep 21 14:09:57 2010 +0200

    fix message

-----------------------------------------------------------------------

Summary of changes:
 main.php                |    7 +++++++
 setup/lib/index.lib.php |    2 +-
 2 files changed, 8 insertions(+), 1 deletions(-)

diff --git a/main.php b/main.php
index dbf1da3..0cd46f5 100644
--- a/main.php
+++ b/main.php
@@ -271,6 +271,13 @@ if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
 }
 
 /**
+ * Check whether LoginCookieValidity is limited by LoginCookieStore.
+ */
+if ($GLOBALS['cfg']['LoginCookieStore'] != 0 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']) {
+    trigger_error(PMA_Message::decodeBB(__('Login cookie store is lower that cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.')), E_USER_WARNING);
+}
+
+/**
  * Check if user does not have defined blowfish secret and it is being used.
  */
 if (!empty($_SESSION['auto_blowfish_secret']) &&
diff --git a/setup/lib/index.lib.php b/setup/lib/index.lib.php
index b5df478..c8e7fbb 100644
--- a/setup/lib/index.lib.php
+++ b/setup/lib/index.lib.php
@@ -261,7 +261,7 @@ function perform_config_checks()
     $strLoginCookieValidityWarning = sprintf($strLoginCookieValidityWarning, '[a@?page=form&formset=Features#tab_Security]', '[/a]', '[a at http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime]', '[/a]', ini_get('session.gc_maxlifetime'));
     $strLoginCookieValidityWarning2 = __('%sLogin cookie validity%s should be set to 1800 seconds (30 minutes) at most. Values larger than 1800 may pose a security risk such as impersonation.');
     $strLoginCookieValidityWarning2 = sprintf($strLoginCookieValidityWarning2, '[a@?page=form&formset=Features#tab_Security]', '[/a]');
-    $strLoginCookieValidityWarning3 = __('%sLogin cookie validity%s must be set to a value less or equal to %sLogin cookie store%s.');
+    $strLoginCookieValidityWarning3 = __('If using cookie authentication and %sLogin cookie store%s is not 0, %sLogin cookie validity%s must be set to a value less or equal to it.');
     $strLoginCookieValidityWarning3 = sprintf($strLoginCookieValidityWarning3, '[a@?page=form&formset=Features#tab_Security]', '[/a]', '[a@?page=form&formset=Features#tab_Security]', '[/a]');
     $strSecurityInfoMsg = __('If you feel this is necessary, use additional protection settings - %shost authentication%s settings and %strusted proxies list%s. However, IP-based protection may not be reliable if your IP belongs to an ISP where thousands of users, including you, are connected to.');
     $strSecurityInfoMsg = sprintf($strSecurityInfoMsg, '[a@?page=servers&mode=edit&id=%1$d#tab_Server_config]', '[/a]', '[a@?page=form&formset=Features#tab_Security]', '%s');


hooks/post-receive
-- 
phpMyAdmin

More information about the Git mailing list