Ticket #578 (closed defect: fixed)
Magic Quotes prevents ImageManager backend security check from working
|Reported by:||mike@…||Owned by:||yermol|
While working on a plugin for Xinha on Wordpress, I had trouble with the backend_config for ImageManager. I kept getting hash mismatch security errors and I finally figured out why.
Using the recommended client side code to build the hash, I was using the jsaddslashes routine:
xinha_config.ImageManager.backend_config = '<?php echo (jsaddslashes($IMConfig)); ?>'; xinha_config.ImageManager.backend_config_hash = '<?php echo sha1($IMConfig . $_SESSIONXinha:ImageManager?); ?>'; xinha_config.ImageManager.backend_secret_key_location = 'Xinha:ImageManager';
However, even if I took the jsaddslashes routine out, debug stmts in config.inc.php showed $_REQUESTbackend_config? with encoded slashes still. Since the hash was computed WITHOUT slashes in the serialized array, the hashes would never match during the security checks since the slashes still existed in when teh hash was built in config.inc.php.
If I disabled the security check, the array could not be unserialized since the slashes were still there. I finally realized that I have magic_quotes enabled for PHP, thus the strings are being slash encoded already.
I solved this problem by adding this line under session_start in ImageManager/config.inc.php (Line 209 in the version of Xinha I'm using)
Once I did this, all the security checks and syntax checks/unserialization worked fine.
This was on PHP 4.3.8