[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-tracker] [bug #23949] header/config passwords containing q
From: |
Olivier Berger |
Subject: |
[Phpgroupware-tracker] [bug #23949] header/config passwords containing quotes badly managed when magic_quotes |
Date: |
Mon, 28 Jul 2008 13:12:50 +0000 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071618 Iceweasel/3.0.1 (Debian-3.0.1-1) |
URL:
<http://savannah.gnu.org/bugs/?23949>
Summary: header/config passwords containing quotes badly
managed when magic_quotes
Project: phpGroupWare
Submitted by: olberger
Submitted on: lundi 28.07.2008 à 15:12
Item Group: 0.9.16.012
Category: API - Setup
Severity: 3 - Normal
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Component Version: DEB
Operating System: GNU/Linux - Debian
Reproducibility: None
Planned Release: None
Fixed Release:
_______________________________________________________
Details:
Hi.
If I'm not mistaken, whenever one is using PHP5 with magic_quotes (which is
the default ?), and header or config password is set to a value where it
contains single or double quotes, it's impossible to login in the setup to
access the header or config dialogs.
I think that the following code should be changed from :
if($FormPW ==
stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
to :
if(stripslashes($FormPW) ==
stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
Hope this helps,
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?23949>
_______________________________________________
Message posté via/par Savannah
http://savannah.gnu.org/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-tracker] [bug #23949] header/config passwords containing quotes badly managed when magic_quotes,
Olivier Berger <=