Menu

#4546 signon auth with use_trans_sid results in damaged json

4.2.9
open
nobody
session (4)
Normal
2015-02-15
2014-10-01
Stefan Frömken
No

If you use phpMyAdmin with session.use_trans_sid = 1 in php.ini and auth_type="signon" you can't fold out the list of databases in the left menu.

Error in red box:
Error in Processing Request
Error code: 200
Error text: OK

Yes...the JSON will be generated, but there will be also inserted a part for "phpMyAdmin" and the sessionId (col 136) and its quotes (") are NOT escaped. That's why the status is 200 and "OK", but the JSON itself is broken.

I think you should implement a special check for this server configuration and inform the user about it. Further I have deactivates the use of Ajax in phpMyAdmin...but that doesn't work, too.

Stefan

Discussion

  • Marc Delisle

    Marc Delisle - 2014-10-13
    • summary: singon with use_trans_sid results in damaged json --> signon auth with use_trans_sid results in damaged json
     

  • Ann + J.M.

    Ann + J.M. - 2014-10-17

    f350e7703f5cc043ca148fa62e5d1e02589aa8f3 is the first bad commit
    commit f350e7703f5cc043ca148fa62e5d1e02589aa8f3
    Author: Michal Čihař mcihar@suse.cz
    Date: Thu Sep 12 09:46:45 2013 +0200

    bug #3997 Error handling in case MySQL extension is missing

We can not work with Response object before loading DBI as it uses it.
     

  • Ann + J.M.

    Ann + J.M. - 2014-10-17

    session.use_trans_sid causes PHP to incorrectly modify hrefs in AJAX requests.

     
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.