Menu

#4546 signon auth with use_trans_sid results in damaged json

4.2.9
open
nobody
session (4)
Normal
2015-02-15
2014-10-01
Stefan Frömken
No

If you use phpMyAdmin with session.use_trans_sid = 1 in php.ini and auth_type="signon" you can't fold out the list of databases in the left menu.

Error in red box:
Error in Processing Request
Error code: 200
Error text: OK

Yes...the JSON will be generated, but there will be also inserted a part for "phpMyAdmin" and the sessionId (col 136) and its quotes (") are NOT escaped. That's why the status is 200 and "OK", but the JSON itself is broken.

I think you should implement a special check for this server configuration and inform the user about it. Further I have deactivates the use of Ajax in phpMyAdmin...but that doesn't work, too.

Stefan

Discussion

  • Marc Delisle

    Marc Delisle - 2014-10-13
    • summary: singon with use_trans_sid results in damaged json --> signon auth with use_trans_sid results in damaged json
     

  • Ann + J.M.

    Ann + J.M. - 2014-10-17

    f350e7703f5cc043ca148fa62e5d1e02589aa8f3 is the first bad commit
    commit f350e7703f5cc043ca148fa62e5d1e02589aa8f3
    Author: Michal Čihař mcihar@suse.cz
    Date: Thu Sep 12 09:46:45 2013 +0200

    bug #3997 Error handling in case MySQL extension is missing

We can not work with Response object before loading DBI as it uses it.
     

  • Ann + J.M.

    Ann + J.M. - 2014-10-17

    session.use_trans_sid causes PHP to incorrectly modify hrefs in AJAX requests.

     
MongoDB Logo MongoDB