1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
From: William Desportes <williamdes@wdes.fr>
Date: Tue, 31 Dec 2024 18:21:27 +0100
Subject: Fix deprecation for the Serialization of SensitiveParameterValue
Uncaught Exception: Serialization of 'SensitiveParameterValue' is not allowed in /usr/share/phpldapadmin/lib/functions.php:645
Origin: vendor
Forwarded: no
---
lib/functions.php | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/lib/functions.php b/lib/functions.php
index 293df6b..1fdda23 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -642,8 +642,17 @@ function error($msg,$type='note',$redirect=null,$fatal=false,$backtrace=false) {
_('Function'),$line['function']);
if (isset($line['args'])) {
- $display = strlen(serialize($line['args'])) < 50 ? htmlspecialchars(serialize($line['args'])) : htmlspecialchars(substr(serialize($line['args']),0,50)).'...<TRUNCATED>';
- $_SESSION['backtrace'][$error]['args'] = $line['args'];
+ $args = $line['args'];
+ // Filter out SensitiveParameterValue objects
+ $args = array_map(function ($arg) {
+ if ($arg instanceof \SensitiveParameterValue) {
+ return '**SENSITIVE**';
+ }
+ return $arg;
+ }, $args);
+
+ $display = strlen(serialize($args)) < 50 ? htmlspecialchars(serialize($args)) : htmlspecialchars(substr(serialize($args),0,50)).'...<TRUNCATED>';
+ $_SESSION['backtrace'][$error]['args'] = $args;
if (file_exists(LIBDIR.'../tools/unserialize.php'))
$body .= sprintf(' (<a href="%s?index=%s" onclick="target=\'backtrace\';">%s</a>)',
'../tools/unserialize.php',$error,$display);
|
