New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

single-sign-on: mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given #13758

Closed
stanislavvv opened this Issue Oct 18, 2017 · 4 comments

Comments

Projects
None yet
3 participants
@stanislavvv

stanislavvv commented Oct 18, 2017

Steps to reproduce

  1. set up mariadb 10.0 + LAMP on Debian 8
  2. unpack PMA from https://files.phpmyadmin.net/phpMyAdmin/4.7.4/phpMyAdmin-4.7.4-all-languages.zip and config it to use examples/signon.php as described in https://docs.phpmyadmin.net/en/latest/config.html#example-signon
  3. enter login/pass to form of singon

Expected behaviour

Show available databases

Actual behaviour

Get redirect to $cfg['Servers'][$i]['SignonURL'] with error text only in body

Server configuration

Operating system: Debian 8.9

Web server: apache 2.4.10

Database: mariadb 10.0.32

PHP version: PHP 5.6.30

phpMyAdmin version: 4.7.4

Client configuration

Browser: Google Chrome, Mozilla Firefox ESR, Opera 12, links2

Operating system: linux

Backtrace from body of redirect:

Warning in ./libraries/dbi/DBIMysqli.php#574
mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given

Backtrace

./libraries/dbi/DBIMysqli.php#574: mysqli_real_escape_string(
boolean false,
string '_',
)
./libraries/DatabaseInterface.php#2735: PMA\libraries\dbi\DBIMysqli->escapeString(
boolean false,
string '_',
)
./libraries/navigation/nodes/Node.php#437: PMA\libraries\DatabaseInterface->escapeString(string '_')
./libraries/navigation/NavigationTree.php#289: PMA\libraries\navigation\nodes\Node->getData(
string 'databases',
integer 0,
string '',
)
./libraries/navigation/NavigationTree.php#847: PMA\libraries\navigation\NavigationTree->_buildPath()
./libraries/navigation/Navigation.php#45: PMA\libraries\navigation\NavigationTree->renderState()
./libraries/Header.php#425: PMA\libraries\navigation\Navigation->getDisplay()
./libraries/Response.php#260: PMA\libraries\Header->getDisplay()
./libraries/Response.php#273: PMA\libraries\Response->_getDisplay()
./libraries/Response.php#432: PMA\libraries\Response->_htmlResponse()
PMA\libraries\Response->response()
Warning in ./libraries/dbi/DBIMysqli.php#574
mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given

Backtrace

./libraries/dbi/DBIMysqli.php#574: mysqli_real_escape_string(
boolean false,
string '_',
)
./libraries/DatabaseInterface.php#2735: PMA\libraries\dbi\DBIMysqli->escapeString(
boolean false,
string '_',
)
./libraries/navigation/nodes/Node.php#447: PMA\libraries\DatabaseInterface->escapeString(string '_')
./libraries/navigation/NavigationTree.php#289: PMA\libraries\navigation\nodes\Node->getData(
string 'databases',
integer 0,
string '',
)
./libraries/navigation/NavigationTree.php#847: PMA\libraries\navigation\NavigationTree->_buildPath()
./libraries/navigation/Navigation.php#45: PMA\libraries\navigation\NavigationTree->renderState()
./libraries/Header.php#425: PMA\libraries\navigation\Navigation->getDisplay()
./libraries/Response.php#260: PMA\libraries\Header->getDisplay()
./libraries/Response.php#273: PMA\libraries\Response->_getDisplay()
./libraries/Response.php#432: PMA\libraries\Response->_htmlResponse()
PMA\libraries\Response->response()
Warning in ./libraries/dbi/DBIMysqli.php#574
mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given

Backtrace

./libraries/dbi/DBIMysqli.php#574: mysqli_real_escape_string(
boolean false,
string '_',
)
./libraries/DatabaseInterface.php#2735: PMA\libraries\dbi\DBIMysqli->escapeString(
boolean false,
string '_',
)
./libraries/navigation/nodes/Node.php#449: PMA\libraries\DatabaseInterface->escapeString(string '_')
./libraries/navigation/NavigationTree.php#289: PMA\libraries\navigation\nodes\Node->getData(
string 'databases',
integer 0,
string '',
)
./libraries/navigation/NavigationTree.php#847: PMA\libraries\navigation\NavigationTree->_buildPath()
./libraries/navigation/Navigation.php#45: PMA\libraries\navigation\NavigationTree->renderState()
./libraries/Header.php#425: PMA\libraries\navigation\Navigation->getDisplay()
./libraries/Response.php#260: PMA\libraries\Header->getDisplay()
./libraries/Response.php#273: PMA\libraries\Response->_getDisplay()
./libraries/Response.php#432: PMA\libraries\Response->_htmlResponse()
PMA\libraries\Response->response()
@stanislavvv

This comment has been minimized.

Show comment
Hide comment
@stanislavvv

stanislavvv Oct 19, 2017

also in 4.7+snapshot and 4.8+snapshot (date in archives - 05 sep 2017)

stanislavvv commented Oct 19, 2017

also in 4.7+snapshot and 4.8+snapshot (date in archives - 05 sep 2017)

@stanislavvv

This comment has been minimized.

Show comment
Hide comment
@stanislavvv

stanislavvv Oct 19, 2017

version 4.6.2 work as expected

stanislavvv commented Oct 19, 2017

version 4.6.2 work as expected

@nijel nijel added the bug label Oct 19, 2017

@nijel nijel self-assigned this Oct 20, 2017

@nijel nijel closed this in f2dcdff Oct 20, 2017

@nijel nijel added this to the 4.7.5 milestone Oct 20, 2017

@rolf303

This comment has been minimized.

Show comment
Hide comment
@rolf303

rolf303 Dec 28, 2017

Hi Stanislavvv,

You had recently upgraded your phpMyAdmin from an early version and the old version worked well so far?

You may check phpMyAdmin-login from an other virtual domain on the same server. Is that working and in config-file "config.inc.php" the auth type is set to cookie, like follow

$cfg['Servers'][$i]['auth_type'] = 'cookie';

i assume:

phpMyAdmin could not get a supported pma_collation_connection value from the stored browser cookie.
(because for some reason the pma_collation_connection value was messed up in my case)

As result i got "Failed to set configured collation connection!"

After clearing all browsers cache and delete the cookie for that domain phpMyAdmin it is working as expected again.

Thus, for more security it makes absolutely sense to check ALLWAYS what you get out from the internet... And if it does not match the servers possibility throw away the suspect cookie.
;-)
Steps to reproduce
You may check that by manipulate the stored cookie

rolf303 commented Dec 28, 2017

Hi Stanislavvv,

You had recently upgraded your phpMyAdmin from an early version and the old version worked well so far?

You may check phpMyAdmin-login from an other virtual domain on the same server. Is that working and in config-file "config.inc.php" the auth type is set to cookie, like follow

$cfg['Servers'][$i]['auth_type'] = 'cookie';

i assume:

phpMyAdmin could not get a supported pma_collation_connection value from the stored browser cookie.
(because for some reason the pma_collation_connection value was messed up in my case)

As result i got "Failed to set configured collation connection!"

After clearing all browsers cache and delete the cookie for that domain phpMyAdmin it is working as expected again.

Thus, for more security it makes absolutely sense to check ALLWAYS what you get out from the internet... And if it does not match the servers possibility throw away the suspect cookie.
;-)
Steps to reproduce
You may check that by manipulate the stored cookie

@nijel

This comment has been minimized.

Show comment
Hide comment
@nijel

nijel Jan 8, 2018

Member

Thanks @rolf303 , now I can finally reproduce and fix this :-).

Member

nijel commented Jan 8, 2018

Thanks @rolf303 , now I can finally reproduce and fix this :-).

@nijel nijel reopened this Jan 8, 2018

@nijel nijel modified the milestones: 4.7.5, 4.7.8 Jan 8, 2018

@nijel nijel closed this in d2ea090 Jan 8, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment