From: Tomas V.V.Cox <cox@php.net>
Date: Fri, 1 Feb 2002 16:36:32 +0000 (+0000)
Subject: Fix remote security risk, pointed out by Wolfram Kriesing
X-Git-Tag: PRE_ISSET_PATCH~27
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=22aee18f0bc4d7d316811cfcf9ddb808440a4df1;p=php

Fix remote security risk, pointed out by Wolfram Kriesing
---

diff --git a/pear/DB.php b/pear/DB.php
index 05c871f701..cd89cf75d0 100644
--- a/pear/DB.php
+++ b/pear/DB.php
@@ -534,7 +534,9 @@ class DB
                 }
                 foreach ($opts as $opt) {
                     list($key, $value) = explode('=', $opt);
-                    $parsed[$key] = urldecode($value);
+                    if (!isset($parsed[$key])) { // don't allow params overwrite
+                        $parsed[$key] = urldecode($value);
+                    }
                 }
             }
         }