Hi again!
Some time ago, Dan Allen suggested a light patch that allows to define
the socket phpMyAdmin should use in this list. Does anybody already
tried to merge it into the current version or not?
Loïc
______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif
Hi Olivier & all!
[About user administration pages]
>Would it be possible to make it work also without javascript ?
>For example the "Go" button on "add user" is not a standard submit
>button, and this user administration page would be quite practical
>on sysadmin work, on console+lynx... :)
This MUST be done... but rewritting this script in a convenient format with
such requirements is at least a one full day work. And I don't have so many
free times now :(
>Other small anoying thing: on file upload, the whole file (even if 2MB big)
>is displayed in the "Your SQL-query has been executed successfully"
>box and in the "Run SQL query/queries on database ____" textarea.
>...
>For example on file upload, only display "File uploaded successfully, xxx
>rows loaded" + mysql message if any, and keep the textarea empty ?
Nice idea :)
Loïc
______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif
I am not happy with this phrase:
"MySQL passwords cannot be decrypted easily, so there's no chance
for a normal user to look at other users' plaintext passwords."
This phrase could make someone believe that with phpMyAdmin in advanced auth, normal users can have
a look at encrypted passwords, which is not true.
If config.inc.php3 is properly protected (as explained in the doc), users can't even see the stduser
password.
Maybe we should remove this phrase, and add something telling the sysadmin to put PHP in safe mode
after:
"Your config.inc.php3 file should be chmod 660"
Marc
Ok, looking under 'Support Requests' (#447076) there is a note about using
ereg instead of preg, so i went back to convert my lone instance of a preg
in the code.
But try as hard as I might, I can't manage to use eregi_replace to do the
same thing as my bit of code.
lib.inc.php3 - line 694
$sql = preg_replace(
'/\W'.$data[1].'\./i',
' '.$data[0].'.',
$sql);
Could somebody else make a suggestion about the query I can use?
my best conversion of the pcre was "[!a-zA-Z0-9_]".$data[1]."\." but that
doesn't work :-(.
I have also realized that my code adds a nasty little bug.
this is the SQL i was using to test the above:
SELECT c.id, s.id FROM classes c, staff s WHERE c.staff = s.id ORDER BY
s.id
now if i change the fields section at the start just slightly, and the
where clause by taking out some of the white space:
SELECT c.id,s.id FROM classes c, staff s WHERE c.staff=s.id ORDER BY s.id
then the ',' in the fields gets replaced with a space, and your perfectly
valid query is now invalid. The same thing happens with the '=' in the
where clause. We need to find a way to preserve the other character that
matched the \W in the pcre as well as add a space after it. I had the \W
in there so that trying to match 's.' would not match 'foods.' . Any
suggestions on this one?
--
Robin Hugh Johnson
QTOD: "I used to be an idealist, but I got mugged by reality."
E-Mail : robbat2(a)orbis-terrarum.net
ICQ# : 30269588 or 41961639
Home Page : http://www.orbis-terrarum.net/
Time Zone : Pacific Daylight (GMT - 8)
-----BEGIN GEEK CODE-----
geekcode.comebb.org/ungeek
GCS/M/IT d-(+) s+:- a--- C++++
U++++ L++++ P--(+) W++ K++ PS+
N++ w--- O E---- M-(+) V-- Y++
PE++ PGP++ t-- 5 X+ R tv- b+++
D++ G++ e(*) h! r-- !y+
------END GEEK CODE------
-----PGP INFO----
Key ID:0x7E20DFA1
FingerPrint:
5447C73A 30FB144C 89521B69 2D6A615E 7E20DFA1
----PGP INFO-----
Olivier, there were some problems with your fix for file upload. I've fixed
them.
Loïc
______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif
Bonsoir, Hi!
>Do you think we will manage to fix all the current bugs
>in the 10 next days ?
Nope but I agree with Marc: the "zero-bug-target" will just mean to never
release a plain new revision.
>What are the most important show-stoppers for the moment ?
I can't imagine a way to trully fix the bug with binary fields as I've
already wrote
in my previous mail. So it's not a show-stoppers IMHO, as soon as we achive
a work-around in the case when cfgProtectBlob is TRUE.
The bug #448223 (Dump hangs) is really annoying. I'm not sure it's trully a
bug (maybe only a set_time_limit problem) but I don't have big enough
databases to face it.
Maybe we should also have a look at this suggestion:
https://sourceforge.net/forum/forum.php?thread_id=127981&forum_id=72908
It's a really nice improvement that should not require too much work.
I'm currently working on the bug #450255 (new javascript error with
netscape3) and then will work on the second bug from bug report #449817
(2 bug in db_details.php). Witha bit of luck, these ones would be fixed
within
a few days.
One thing that may be done before releasing: when you submit a query from a
query box, the script always returns to 'db_details.php3' even if this query
box
were in 'tbl_properties.php3'. Not so nice and maybe easy to fix.
This also means to return back to 'db_details.php3' if the current table has
been dropped and to 'main.php3' if the current database has been dropped
(I've already done this stuff and am testing it).
Another similiar problem I've faced today: in advanced mode, if one db that
do not exist is associated to the user, this db name is nevertheless set
into
the $dblib array (see lib.inc.php3, lines 194-197: nowhere the existence of
the db is tested) and then this cause many problems all over the scripts.
But the main show-stoppers is the user administration pages: I can't find
enough contigous time to rewrite it according to our standards, take care
of the js validity and remove the htmlspecialchars problems :(
>Suggestion for the release plan / tasks list:
>[ ] every developper tests so many things as possible, and
> in both modes (adv auth and std), especially file upload
> things, and every new features.
...and with magic_quote_gpc set to 'on' and 'off' ;)
Regards from a rainy day at Versailles :(
Loïc
______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif
Hi Robin & all!
>I was going through the entire list of bugs, trying to see about getting
>the number down, and it struck me that several have resolutions that would
>indicate they are ready to be closed. Would the relevant people please
>close off their bugs if they are done with them?
Nope because if we close them now (before the next rc or plain version is
released) some user will re-create them. Setting their priority to 1 is a
way
to let users know they are known bugs and, for us, to know they have been
fixed till last rc.
>In addition, we could maybe move this to a feature reqeust?
>Resolution: 'Later'
You're right for this one.
Loïc
______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif
I was going through the entire list of bugs, trying to see about getting
the number down, and it struck me that several have resolutions that would
indicate they are ready to be closed. Would the relevant people please
close off their bugs if they are done with them?
Resolution: 'Fixed'
[ #444354 ] Various backslash problems
[ #446982 ] Dump files ignored with Windows server
[ #449430 ] (RC4) Quote/Select bug
[ #450906 ] Disappearing + in data | 2.2.0rc4
[ #451085 ] (RC4) Can't assign NULL value to char(1)
Resolution: 'Works for Me'
[ #443499 ] Unable to "Insert textfile into table"
In addition, we could maybe move this to a feature reqeust?
Resolution: 'Later'
[ #429945 ] After logout, can't login with same user
--
Robin Hugh Johnson
QTOD: "I used to be an idealist, but I got mugged by reality."
E-Mail : robbat2(a)orbis-terrarum.net
ICQ# : 30269588 or 41961639
Home Page : http://www.orbis-terrarum.net/
Time Zone : Pacific Daylight (GMT - 8)
-----BEGIN GEEK CODE-----
geekcode.comebb.org/ungeek
GCS/M/IT d-(+) s+:- a--- C++++
U++++ L++++ P--(+) W++ K++ PS+
N++ w--- O E---- M-(+) V-- Y++
PE++ PGP++ t-- 5 X+ R tv- b+++
D++ G++ e(*) h! r-- !y+
------END GEEK CODE------
-----PGP INFO----
Key ID:0x7E20DFA1
FingerPrint:
5447C73A 30FB144C 89521B69 2D6A615E 7E20DFA1
----PGP INFO-----
Hi all!
Sorry but I don't use any of these soft.
Loïc
______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif
