<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>I recently contributed a bit of code in a message to this list. It created a new transformation "Append" that just appended the specified text to a field for display. </div><div><br></div><div>I don't know if any developer actually captured my contribution for incorporation into the code base. I'm not a serious developer and have no wish to become one. In fact I plan to unsubscribe from this list soon. </div><div><br></div><div>If anybody wants to pursue this, let me know. </div><div><br></div><br><div><div>On Mar 28, 2012, at 12:29 PM, <a href="mailto:phpmyadmin-devel-request@lists.sourceforge.net">phpmyadmin-devel-request@lists.sourceforge.net</a> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">Send Phpmyadmin-devel mailing list submissions to<br><span class="Apple-tab-span" style="white-space:pre"> </span><a href="mailto:phpmyadmin-devel@lists.sourceforge.net">phpmyadmin-devel@lists.sourceforge.net</a><br><br>To subscribe or unsubscribe via the World Wide Web, visit<br><span class="Apple-tab-span" style="white-space:pre"> </span>https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel<br>or, via email, send a message with subject or body 'help' to<br><span class="Apple-tab-span" style="white-space:pre"> </span>phpmyadmin-devel-request@lists.sourceforge.net<br><br>You can reach the person managing the list at<br><span class="Apple-tab-span" style="white-space:pre"> </span>phpmyadmin-devel-owner@lists.sourceforge.net<br><br>When replying, please edit your Subject line so it is more specific<br>than "Re: Contents of Phpmyadmin-devel digest..."<br>Today's Topics:<br><br> 1. Re: guidelines for avoiding security pitfalls (Marc Delisle)<br> 2. phpMyAdmin at Percona MySQL Live Conference &<span class="Apple-tab-span" style="white-space:pre"> </span>Expo 2012<br> (Michal ?iha?)<br> 3. phpMyAdmin 3.4.10.2 is released (Marc Delisle)<br> 4. Re: Automated Testing - GSoC Project Idea 2012<br> (yasitha pandithawatta)<br><br><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>From: </b></span><span style="font-family:'Helvetica'; font-size:medium;">Marc Delisle <marc@infomarc.info><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>Re: [Phpmyadmin-devel] guidelines for avoiding security pitfalls</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">March 28, 2012 5:37:54 AM PDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">phpmyadmin-devel@lists.sourceforge.net<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Reply-To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">phpmyadmin-devel@lists.sourceforge.net<br></span></div><br><br>Le 2012-03-28 04:53, Michal Čihař a écrit :<br><blockquote type="cite">Hi<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">Dne Tue, 27 Mar 2012 22:01:05 +0200<br></blockquote><blockquote type="cite">Dieter Adriaenssens <dieter.adriaenssens@gmail.com> napsal(a):<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite"><blockquote type="cite">As discussed on the team meeting in February, I started creating a<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">wiki page with some guidelines for avoiding security bugs [0].<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">The page is not finished yet, I just set out some ideas, that I will<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">work out in the next few days. Feel free to comment, improve or add<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">guidelines as you see fit.<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">[0] http://wiki.phpmyadmin.net/pma/Security_pitfalls<br></blockquote></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">Thanks, looks great so far!<br></blockquote><br>Yes, thanks. I'm wondering, are there places where we really use<br>htmlentities() for protection?<br><br>Also I think we should talk about PMA_sanitize().<br><br>-- <br>Marc Delisle<br>http://infomarc.info<br><br><br><br><br><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>From: </b></span><span style="font-family:'Helvetica'; font-size:medium;">Michal Čihař <michal@cihar.com><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>[Phpmyadmin-devel] phpMyAdmin at Percona MySQL Live Conference & Expo 2012</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">March 28, 2012 6:44:57 AM PDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">phpmyadmin-devel@lists.sourceforge.net, phpmyadmin-users@lists.sf.net, phpmyadmin-news@lists.sf.net<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Reply-To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">phpmyadmin-devel@lists.sourceforge.net<br></span></div><br><br>Hi,<br><br>phpMyAdmin will be participating in the Percona MySQL Live Conference &<br>Expo, April 10-12, 2012, in Santa Clara, California.<br><br>Be sure to stop by and visit us at the Dot Org Pavilion!<br><br>Need a discount code? "PHP-PL12" will save you 10%.<br><br>For more information see<br>http://www.percona.com/live/mysql-conference-2012/<br><br>-- <br><span class="Apple-tab-span" style="white-space:pre"> </span>Michal Čihař for the phpMyAdmin team<br><br><br><br><br><br><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>From: </b></span><span style="font-family:'Helvetica'; font-size:medium;">Marc Delisle <marc@infomarc.info><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>[Phpmyadmin-devel] phpMyAdmin 3.4.10.2 is released</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">March 28, 2012 9:58:46 AM PDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">phpmyadmin-news@lists.sf.net, phpmyadmin-users@lists.sf.net, phpmyadmin-devel@lists.sf.net<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Reply-To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">phpmyadmin-devel@lists.sourceforge.net<br></span></div><br><br>Welcome to phpMyAdmin 3.4.10.2, a minor security release.<br><br>Please refer to the upcoming PMASA-2012-2 announcement on<br>http://www.phpmyadmin.net/home_page/security.<br><br>Details will appear on http://phpmyadmin.net. In a hurry? you can visit<br>http://sourceforge.net/projects/phpmyadmin to download.<br><br>Marc Delisle, for the team<br><br><br><br><br><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>From: </b></span><span style="font-family:'Helvetica'; font-size:medium;">yasitha pandithawatta <yasitha4@gmail.com><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>Re: [Phpmyadmin-devel] Automated Testing - GSoC Project Idea 2012</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">March 28, 2012 12:29:34 PM PDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">phpmyadmin-devel@lists.sourceforge.net<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Reply-To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">phpmyadmin-devel@lists.sourceforge.net<br></span></div><br><br><br><br><div class="gmail_quote">2012/3/21 yasitha pandithawatta <span dir="ltr"><<a href="mailto:yasitha4@gmail.com">yasitha4@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb"><div class="h5"><br><br><div class="gmail_quote">2012/3/17 yasitha pandithawatta <span dir="ltr"><<a href="mailto:yasitha4@gmail.com" target="_blank">yasitha4@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div><br><div class="gmail_quote">On Wed, Mar 14, 2012 at 11:04 PM, yasitha pandithawatta <span dir="ltr"><<a href="mailto:yasitha4@gmail.com" target="_blank">yasitha4@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br><br><div class="gmail_quote"><div><div>On Tue, Mar 13, 2012 at 2:22 AM, Marc Delisle <span dir="ltr"><<a href="mailto:marc@infomarc.info" target="_blank">marc@infomarc.info</a>></span> wrote:<br></div>
</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div>
Le 2012-03-12 15:23, Michal Čihař a écrit :<br>
<div><div>> Hi<br>
><br>
> Dne Tue, 6 Mar 2012 08:53:13 +0530<br>
> yasitha pandithawatta <<a href="mailto:yasitha4@gmail.com" target="_blank">yasitha4@gmail.com</a>> napsal(a):<br>
><br>
>> I have set up the the testing environment. I tried to run some test suits.<br>
>> I have found most of the test suits have some fatal errors. Test classes<br>
>> under test/libraries/ are working fine.<br>
>> I went through the AllTest.php. The required paths have some conflicts with<br>
>> the real paths.<br>
>><br>
>> Most of the cases I'll getting the following fatal error.<br>
>><br>
>> PHP Fatal error: require_once(): Failed opening required<br>
>> './test/PMA_get_real_size_test.php'<br>
>> (include_path='.:/usr/share/php:/usr/share/pear:') in<br>
>> /var/www/phpmyadmin-dev/test/AllTests.php on line 32<br>
>> (File path for an example)<br>
>><br>
>> And required require_once './test/FailTest.php' is not found in the package.<br>
>><br>
>> What can I do for these issues?<br>
><br>
> Well AllTests.php is not really used for testing. To run complete<br>
> testsuite, running phpunit in phpMyAdmin's directory should do the job.<br>
> I think AllTests.php is pretty much outdated and probably should be<br>
> rather dropped...<br>
<br>
</div></div>Done, along with AllSeleniumTests.php.<br>
<div><div><br>
--<br>
Marc Delisle<br>
<a href="http://infomarc.info/" target="_blank">http://infomarc.info</a><br>
<br>
</div></div><br></div></div>------------------------------------------------------------------------------<br>
Try before you buy = See our experts in action!<br>
The most comprehensive online learning library for Microsoft developers<br>
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,<br>
Metro Style Apps, more. Free future releases when you subscribe now!<br>
<a href="http://p.sf.net/sfu/learndevnow-dev2" target="_blank">http://p.sf.net/sfu/learndevnow-dev2</a><div><br>_______________________________________________<br>
Phpmyadmin-devel mailing list<br>
<a href="mailto:Phpmyadmin-devel@lists.sourceforge.net" target="_blank">Phpmyadmin-devel@lists.sourceforge.net</a><br>
<a href="https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel" target="_blank">https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel</a><br>
<br></div></blockquote></div><br>Hi,<div><br></div><div>I went through the AllSeleniumTests.php and found the tests are outdated. I started to re write the PmaSeleniumTestCase.php and I updated the PmaSeleniumLoginTest.php. I just add the login test to the AllSeleniumTest suit. If I can get a feed back I can write the test cases for the remaining two suits. Patch was attached to the source forge patch tracker.[1]</div>
<div>Add a README file under /test/selenium which contains testing configuration guide.</div><div><br></div><div>Regards,<div><br>-- <br><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)">Yasitha Pandithawatta <br>
Undergraduate<br>Computer Science and Engineering Department<br>University of Moratuwa<br>Sri Lanka</span><br>
</div></div><div><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)">[1] - </span><a href="https://sourceforge.net/tracker/?func=detail&aid=3504536&group_id=23067&atid=377410" target="_blank">https://sourceforge.net/tracker/?func=detail&aid=3504536&group_id=23067&atid=377410</a></div>
</blockquote></div><br></div></div>Hi Michal,<div><br></div><div>I wrote some selenium test cases for login. I updated the AllSeleniumTests.php and add I add a Helper class and TestConfig class which can be use when writing other test cases. I attached the changes as patch in source forge patch tracker.[1] Meanwhile Mark has removed the AllTests.php along with AllSeleniumTests.php. Since AllSeleniumTests.php class is no longer there patch will give some errors. He suggested some one familiar with selenium should involved with this. ch willCan you look for this. Adding old AllSeleniumTests.php and merge my patch will do the job.</div>
<div><div>
<div><br></div><div>Regards,<br>-- <br><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)">Yasitha Pandithawatta <br>Undergraduate<br>Computer Science and Engineering Department<br>
University of Moratuwa<br>Sri Lanka</span><br>
</div><div><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)"><span style="font-size:13.2px;border-collapse:collapse">[1] - </span><a href="https://sourceforge.net/tracker/?func=detail&aid=3504536&group_id=23067&atid=377410" style="font-family:arial;font-size:small" target="_blank">https://sourceforge.net/tracker/?func=detail&aid=3504536&group_id=23067&atid=377410</a> <br>
</span></div>
</div></div></blockquote></div><br><br clear="all"></div></div><div>Hi,</div><div><br></div><div>I updated the patch and attached to the patch traker. [1]. It can be directly merged into the current master branch.</div><div class="HOEnZb">
<div class="h5"><div><br></div>
<div>Regards,</div>-- <br><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)">Yasitha Pandithawatta <br>Undergraduate<br>Computer Science and Engineering Department<br>
University of Moratuwa<br>
Sri Lanka</span><br>
<div><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)"><span style="font-size:13.2px;border-collapse:collapse">[1] - </span><a href="https://sourceforge.net/tracker/?func=detail&aid=3504536&group_id=23067&atid=377410" style="font-family:arial;font-size:small" target="_blank">https://sourceforge.net/tracker/?func=detail&aid=3504536&group_id=23067&atid=377410</a></span></div>
</div></div></blockquote></div><br>Hi,<div><br></div><div>I fixed the PmaSeleniumPrivilegesTest and PmaSeleniumXssTest classes as well. I attached the patch in the source forge patch tracker.[0]</div><div>In PmaSeleniumXssTest class I added a method testQueryTabWithNullValue() to test the processing a null query. But there should be another method to handle the query with xss scripts. For this I need to call selenium.type() on the respective textarea. </div>
<div>But in the latest version the textarea is replaced with codemirror object. It doesn't have an id and cannot access via Xpath. Can you give any suggestion for this?</div><div><br></div><div>Regards,</div><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta http-equiv="content-type" content="text/html; charset=utf-8"><div>
<div><br></div>-- <br><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)">Yasitha Pandithawatta <br>Undergraduate<br>Computer Science and Engineering Department<br>University of Moratuwa<br>
Sri Lanka</span><br>
</div><div><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13.2px;border-collapse:collapse;color:rgb(136,136,136)">[1] - </span><a href="https://sourceforge.net/tracker/?func=detail&aid=3512509&group_id=23067&atid=377410">https://sourceforge.net/tracker/?func=detail&aid=3512509&group_id=23067&atid=377410</a></div>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<br><br>------------------------------------------------------------------------------<br>This SF email is sponsosred by:<br>Try Windows Azure free for 90 days Click Here <br>http://p.sf.net/sfu/sfd2d-msazure_______________________________________________<br>Phpmyadmin-devel mailing list<br>Phpmyadmin-devel@lists.sourceforge.net<br>https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel<br></blockquote></div><br></body></html>