Skip to content

Commit fa6dab5

Browse files
committed
Merge branch 'QA_5_2'
2 parents bf8b404 + 2061774 commit fa6dab5

6 files changed

Lines changed: 17 additions & 14 deletions

File tree

ChangeLog

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@ phpMyAdmin - ChangeLog
3333
5.1.4 (not yet released)
3434
- issue #17287 Fixed sorting the database list with "statistics" enabled on "Data" column creates a PHP type error
3535
- issue #17368 Fix for invalid cache when losing access to config storage after it being cached
36+
- issue #17387 Fix session cookie not respecting the CookieSameSite configuration directive in PHP 7.2
3637

3738
5.1.3 (2022-02-10)
3839
- issue #17308 Fix broken pagination links in the navigation sidebar

libraries/classes/Config.php

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -927,8 +927,6 @@ public function setCookie(
927927
?int $validity = null,
928928
bool $httponly = true
929929
): bool {
930-
global $cfg;
931-
932930
if (strlen($value) > 0 && $default !== null && $value === $default) {
933931
// default value is used
934932
if ($this->issetCookie($cookie)) {
@@ -965,12 +963,15 @@ public function setCookie(
965963
return true;
966964
}
967965

966+
/** @psalm-var 'Lax'|'Strict'|'None' $cookieSameSite */
967+
$cookieSameSite = $this->get('CookieSameSite');
968+
968969
if (PHP_VERSION_ID < 70300) {
969970
return setcookie(
970971
$httpCookieName,
971972
$value,
972973
$validity,
973-
$this->getRootPath() . '; samesite=' . $cfg['CookieSameSite'],
974+
$this->getRootPath() . '; SameSite=' . $cookieSameSite,
974975
'',
975976
$this->isHttps(),
976977
$httponly
@@ -983,7 +984,7 @@ public function setCookie(
983984
'domain' => '',
984985
'secure' => $this->isHttps(),
985986
'httponly' => $httponly,
986-
'samesite' => $cfg['CookieSameSite'],
987+
'samesite' => $cookieSameSite,
987988
];
988989

989990
return setcookie($httpCookieName, $value, $optionalParams);

libraries/classes/Session.php

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -139,10 +139,17 @@ public static function setUp(Config $config, ErrorHandler $errorHandler): void
139139
}
140140
}
141141

142+
/** @psalm-var 'Lax'|'Strict'|'None' $cookieSameSite */
143+
$cookieSameSite = $config->get('CookieSameSite') ?? 'Strict';
144+
$cookiePath = $config->getRootPath();
145+
if (PHP_VERSION_ID < 70300) {
146+
$cookiePath .= '; SameSite=' . $cookieSameSite;
147+
}
148+
142149
// session cookie settings
143150
session_set_cookie_params(
144151
0,
145-
$config->getRootPath(),
152+
$cookiePath,
146153
'',
147154
$config->isHttps(),
148155
true
@@ -169,7 +176,7 @@ public static function setUp(Config $config, ErrorHandler $errorHandler): void
169176
ini_set('session.cookie_httponly', '1');
170177
if (PHP_VERSION_ID >= 70300) {
171178
// add SameSite to the session cookie
172-
ini_set('session.cookie_samesite', $config->get('CookieSameSite') ?? '');
179+
ini_set('session.cookie_samesite', $cookieSameSite);
173180
}
174181

175182
// do not force transparent session ids

phpstan-baseline.neon

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7685,11 +7685,6 @@ parameters:
76857685
count: 1
76867686
path: libraries/classes/Session.php
76877687

7688-
-
7689-
message: "#^Parameter \\#2 \\$newvalue of function ini_set expects string, mixed given\\.$#"
7690-
count: 1
7691-
path: libraries/classes/Session.php
7692-
76937688
-
76947689
message: "#^Method PhpMyAdmin\\\\Setup\\\\ConfigGenerator\\:\\:exportZeroBasedArray\\(\\) has parameter \\$array with no value type specified in iterable type array\\.$#"
76957690
count: 1

psalm-baseline.xml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12555,8 +12555,7 @@
1255512555
</UndefinedDocblockClass>
1255612556
</file>
1255712557
<file src="libraries/classes/Session.php">
12558-
<MixedArgument occurrences="4">
12559-
<code>$config-&gt;get('CookieSameSite') ?? ''</code>
12558+
<MixedArgument occurrences="3">
1256012559
<code>$config-&gt;getCookie('phpMyAdmin')</code>
1256112560
<code>$error-&gt;getMessage()</code>
1256212561
<code>$path</code>

test/selenium/Table/OperationsTest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -155,7 +155,7 @@ public function testCopyTable(): void
155155
$this->waitUntilElementIsVisible('cssSelector', 'form#copyTable', 30);
156156
$this->byCssSelector("form#copyTable input[name='new_name']")->sendKeys('2');
157157
$this->byCssSelector('label[for="whatRadio2"]')->click();
158-
$this->byCssSelector("form#copyTable input[type='submit']")->click();
158+
$this->waitForElement('cssSelector', 'form#copyTable input[type=\'submit\']')->click();
159159
$this->waitAjax();
160160

161161
$this->waitForElement(

0 commit comments

Comments
 (0)