Discussion:
[PATCH ] for 2.2.4
Sergio Monteiro Basto
2005-05-15 00:15:29 UTC
Permalink
Hi,
I test this on FC3 with php 4.3.11, After trying many time.

I realize that we need in /etc/php.ini at least one of than:
variables_order = "EGPCS"
register_globals = On
register_argc_argv = On

and this patch :

Thanks,
--
Sérgio M.B.
Turbo Fredriksson
2005-05-16 07:31:14 UTC
Permalink
Post by Sergio Monteiro Basto
Hi,
I test this on FC3 with php 4.3.11, After trying many time.
variables_order = "EGPCS"
register_globals = On
register_argc_argv = On
The index.php looks correct. Thanx, fixing in CVS (pre-2.2.5).


The other file (include/pql.inc) however is wrong in more ways
than one.

The 'SERVERNAME' don't seem to exists. From what I can understand
of the PHP documentation, it should be 'SERVER_NAME'. But this
is ALSO wrong, because using that variable will only work if
you don't have phpQLAdmin installed 'at the root of the server'.
It will only contain the 'server' part (see below), not what
protocol (http, https) nor the path ('/phpQLAdmin-xxx' - see below).

Have a look at include/pql_session.inc. This file is currently
broken, but I'm trying to fix it..

The reason for this file is when having multiple instances
(i.e. different version for example) of phpQLAdmin on the
same host, the file inclusion isn't correct..

I have, for example, multiple instances of phpQLAdmin running:

https://server/phpQLAdmin-STABLE/
https://server/phpQLAdmin-HEAD/
https://server/phpQLAdmin-RELEASED/

This is where include/pql.inc in broken. There, only the _path_
in the URL differ, and to make sure phpQLAdmin find the CORRECT
file, the path must be set in the cookie and I just can't make
it work correctly.

Since the _host_ part is identical, I must be able to set
different _paths_ in the cookie, I can't use the server name.

For example, at the moment, my cookie looks like this:

----- s n i p -----
Name: PHPSESSID
Content: [...]
Host: server
Path: /
[...]
----- s n i p -----

The problem here is the 'Path' value. It _SHOULD_ say
'/phpQLAdmin-STABLE' (possibly with a trailing slash) but
this will fail at the very top of the pql_session.inc file
for some reason...

Since ALL my phpQLAdmin instances set this exact cookie,
I'll never know which file that's included/required.
Every time I switch version, I have to logout from the
current version, destroy the cookie and then load the
new version...


Previosly (very old phpQLAdmin) there was a config variable
to set for this, but I don't like hardcoding so it was
removed for something that's even worse (at the moment
anyway :).
--
arrangements counter-intelligence cryptographic Ft. Bragg security Uzi
BATF Mossad Marxist Panama Cocaine tritium Qaddafi Delta Force
congress
[See http://www.aclu.org/echelonwatch/index.html for more about this]
Turbo Fredriksson
2005-05-16 18:24:07 UTC
Permalink
Post by Sergio Monteiro Basto
register_globals = On
Could you have a look at this again. It _SHOULD_ not be needed.
If it is, it's a bug and I'd like you to report it/them at the
bug tracker...

I just did a quick check, and i can't verify that this is needed.
--
Peking nitrate nuclear munitions AK-47 747 FBI president quiche
tritium arrangements Semtex counter-intelligence domestic disruption
Mossad
[See http://www.aclu.org/echelonwatch/index.html for more about this]
Loading...