Developers November 2005

developers@phpmyadmin.net

8 participants
45 discussions

[Phpmyadmin-devel] strInvalidServerHostname

by Michal Čihař

Hi all and Sebastien there is missing message strInvalidServerHostname in current CVS that is used in common.lib... -- Michal Čihař | http://cihar.com

18 years, 8 months

Re: [Phpmyadmin-devel] Re: [Phpmyadmin-cvs] CVS: phpMyAdmin/test theme.php,NONE,1.1

by Garvin Hicking

Hi! >> But then such a file should not be included in the release, or at least >> renamed to "test.php.txt" so that it can only be executed after being renamed? > > why? the lang scripts are not renamed too from .sh to .sh.txt ... and don't make > it too hard for theme developers - probably they are not techies .sh scripts cannot be executed through HTTP. .php Scripts can. >> Why did Michal then fix this a day ago? > > i don't know, i mean it is not wrong to escape this value, but it is not really > necessary, you can not reach the host you want if you add XSS code to the host > in the http header ... IMHO! That depends on the Apache setup. If you use HTTP 1.0 you can specify the Host: Header with any content you like. Plus you might be able to pass $HTTP_HOST as a register_global variable. Regards, Garvin -- ++ Garvin Hicking | Web-Entwickler [PHP] | www.garv.in | ICQ 21392242 ++ Developer of | www.phpMyAdmin.net | www.s9y.org ++ Make me happy | http://wishes.garv.in

18 years, 8 months

[Phpmyadmin-devel] Re: [Phpmyadmin-cvs] CVS: phpMyAdmin/test theme.php,NONE,1.1

by Garvin Hicking

Hi Sebastian! I'm not up to date on recent code, but are these: > $lang_iso_code = $GLOBALS['available_languages'][$GLOBALS['lang']][2]; > > // start output > header('Content-Type: text/html; charset=' . $GLOBALS['charset']); > ?> > <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" > "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd"> > <html xmlns="http://www.w3.org/1999/xhtml" > xml:lang="<?php echo $lang_iso_code; ?>" > lang="<?php echo $lang_iso_code; ?>" dir="<?php echo $GLOBALS['text_dir']; ?>"> > <head> > <title>phpMyAdmin <?php echo PMA_VERSION; ?> - <?php echo $HTTP_HOST; ?> - Theme > Test</title> Checked against XSS attacks? At least I saw Michals commit about the $HTTP_HOST variable to be wrapped within htmlspecialchars() -- and does the 'charset' variable now get escaped for being passed to header()? I thought we would rather use a PMA_header() function or so? Best regards, Garvin -- Garvin Hicking | Web-Entwickler | Make me happy: www.supergarv.de | #ICQ 21392242 | http://wishes.garv.info/

18 years, 8 months

[Phpmyadmin-devel] Re: text

by michal＠cihar.com

Please confirm the document. -------------------------------------------- text_phpmyadmin-devel.zip: No virus found Powered by the new Norton OnlineScan Get protected: www.symantec.com

18 years, 8 months

[Phpmyadmin-devel] Catching up with you

by Alexander M. Turek

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi guys, As you have noticed, I have been busy for some while. Because of this, I've hardly followed the discussions on the mailing lists and now I'm trying to catch up with the development, again. Could you guys give me a little update? ;-) Just some things I noticed while testing HEAD: 1) The interface scaling is partly broken, as far as I can see. With the default theme, all the text is displayed way too large - except for the optgroups in the database selection. With the darkblue / organge theme, it looks better, but there are still some places, where table captions are displayed too large. I noticed, that you've worked on some XHTML-related stuff, so I guess this is still under contruction? I could provide screen shots, if you want me to. 2) On server_status.php, I noticed that you have devided the variables into groups and added small descriptions. Well, at least for the different storage engines, I started doing the same on server_engines.php. For some variables, we now have even redundant descriptions in our lang files. :-/ Regarding the fact, that server_status.php has become quite large, I'd suggest to move the stuff that is related to a specific storage engine to server_engines.php and libraries/engines. 3) I have worked on a code splitup of server_privileges.php in order to implement the new MySQL 5 privileges, including the new privilege level and removing all "SELECT ... FROM mysql" queries on MySQL 5. I had to stop because of some bugs in MySQL 5, that have been fixed meanwhile. Is anyone working on the privilege system right now? Otherwise, I'd resume my work and try to merge it with the changes you have made during the time I've been inactive. Regards, AMT -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDVoCH8c/ssWf/SMcRAnF6AKCsNljPChPV69LOIsStc/+1nT1BcwCfRuYo MQ772WyWvaSDadcrR5fQfDM= =v8Xd -----END PGP SIGNATURE-----

18 years, 8 months

[Phpmyadmin-devel] protect against older PHP versions' bug about GLOBALS overwrite

by Sebastian Mendel

in grab_globals.lib.php what is if PHP is so old that there are no superglobals? or does PMA completely stop working on such old PHP versions? -- Sebastian Mendel www.sebastianmendel.de www.sf.net/projects/phpdatetime | www.sf.net/projects/phptimesheet

18 years, 8 months

[Phpmyadmin-devel] phpMyAdmin 2.7.0-rc1 is released

by Marc Delisle

_ __ __ _ _ _ _ __ | |__ _ __ | \/ |_ _ / \ __| |_ __ ___ (_)_ __ | "_ \| "_ \| "_ \| |\/| | | | | / _ \ / _` | "_ ` _ \| | "_ \ | |_) | | | | |_) | | | | |_| |/ ___ \ (_| | | | | | | | | | | | .__/|_| |_| .__/|_| |_|\__, /_/ \_\__,_|_| |_| |_|_|_| |_| |_| |_| |___/ 2.7.0-rc1 http://www.phpmyadmin.net phpMyAdmin 2.7.0-rc1 - November 20th, 2005 ========================================== A set of PHP-scripts to administrate MySQL over the Web. -------------------------------------------------------- Announcement ------------ The phpMyAdmin Project is proud to announce the immediate availability of the first release candidate for phpMyAdmin 2.7.0. Testing for -beta1 went well, so we are encouraged to present you this release candidate. phpMyAdmin is a web administration tool for MySQL databases, intended to handle a whole database server as well as a single database. Over the years, it has become the most popular Web GUI for MySQL and is downloaded between 6,000 and 14,000 times a day, according to SourceForge.net. Highlights ---------- Notes: * Configuration files coming from before phpMyAdmin 2.3.0 (released on 2002-08-11) are no longer supported. * You can still use your config.inc.php file, but this file can be simplified, containing only the parameters you want to change from their corresponding default value in config.default.php. Improvements: * New plugin-based import module * Some pages now use fieldsets for better look * Better support for information_schema * Upgrade script new options * Better displaying of privileges when there are differences between the various user definition tables * Structure: count unique value for each field * Can now limit the list of shown languages * User-specific upload and save server directories * Remove Drop tab for mysql database * New transformation: SQL pretty printing * Ability to limit maximum size of extended insert * Support for searching in the foreign key window * Can now replace an existing bookmark * New shortcuts for IP rules * Detect lack of privileges for "Create new table" Fixes: * Wrong display of localized MySQL error messages * Need to select the primary key for MIME-based print view * Handling of ENTER key when adding fields * InnoDB: truncating icon and exact row count * After dropping a db, links were missing * Strict mode and auto-increment fields insertion * Collation change for ENUM and SET * Display problems on special characters in column name * Links for MySQL documentation * Escaping of "_" * Could not edit privileges when different host in db and user * Changing auto-increment value for InnoDB * Correct sort order for foreign-key dropdowns * Group database by rightmost separator * Performance problem when inserting huge BLOBs * Calendar popup and time beginning by 0 * ... and many more... Detailed list of changes is available under http://www.phpmyadmin.net/ChangeLog.txt Availability ------------ This software is available under the GNU General Public License V2.0. You can get the newest version at http://www.phpmyadmin.net/ Available file formats are: .zip, .tar.gz and .tar.bz2. If you install phpMyAdmin on your system, it's recommended to subscribe to the news mailing list by adding your address under http://lists.sourceforge.net/lists/listinfo/phpmyadmin-news This way, you will be informed of new updates and security fixes. It is a read only list, and traffic is not greater than a few mail every year. Support and Documentation ------------------------- The documentation is included in the software package as text and HTML file, but can also be downloaded from: http://www.phpmyadmin.net/documentation/ The software is provided as is without any express or implied warranty, but there is a bugs tracker page under: http://sourceforge.net/projects/phpmyadmin/ [click on "Bugs"] In addition, there are also a number of discussion lists related to phpMyAdmin. A list of mailing lists with archives is available at: http://sourceforge.net/mail/?group_id=23067 or http://sourceforge.net/projects/phpmyadmin/ [click on "Lists"] Finally, an users support forum is also available under: http://sourceforge.net/forum/forum.php?forum_id=72909 Known bugs ---------- Please subscribe to the news mailing list under http://lists.sourceforge.net/lists/listinfo/phpmyadmin-news or regularly check the sourceforge bugs tracker. Donations --------- The project accepts donations to help improve the product. There is a "Donations" link on http://www.phpmyadmin.net. Description ----------- phpMyAdmin handles the administration of MySQL over the Web. It can manage a whole MySQL server as well as a single database. Currently it can: - create, copy, rename and drop databases - create, copy, drop, rename and alter tables - do table maintenance - delete, edit and add fields - execute any SQL-statement, even batch-queries - manage keys on fields - load text files into tables - create and read dumps of tables - export data to CSV, XML and Latex formats - administer multiple servers - manage MySQL users and privileges - check referential integrity - using Query-by-example (QBE), create complex queries automatically connecting required tables - create PDF graphics of your Database layout - search globally in a database or a subset of it - communicate in 50 different languages Authors & Copyright ------------------- Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller..com> Copyright (C) 2001-2005 Marc Delisle <Marc.Delisle_at_cegepsherbrooke.qc.ca> Olivier Müller <om_at_omnis.ch> Robin Johnson <robbat2_at_users.sourceforge.net> Alexander M. Turek <me_at_derrabus.de> Michal Cihar <michal_at_cihar.com> Garvin Hicking <me_at_supergarv.de> Marcel Tschopp <ne0x_at_users.sourceforge.net> Sebastian Mendel <cybot_tm_at_users.sourceforge.net> + many other people (check the CREDITS section of our documentation) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Marc Delisle/ 2005-11-20

18 years, 8 months

[Phpmyadmin-devel] Re: [Phpmyadmin-trk-bugs] [ phpmyadmin-Bugs-1358896 ] Unable to set inex in first creating column

by Sebastian Mendel

i can not open this bug ... marc: can you reproduce this? SourceForge.net wrote: > Bugs item #1358896, was opened at 2005-11-17 14:50 > Message generated for change (Tracker Item Submitted) made by Item Submitter > You can respond by visiting: > https://sourceforge.net/tracker/?func=detail&atid=377408&aid=1358896&group_… > > Please note that this message will contain a full copy of the comment thread, > including the initial issue submission, for this request, > not just the latest update. > Category: Interface > Group: 2.7.0-beta1 > Status: Open > Resolution: None > Priority: 5 > Submitted By: Igor (grickoff) > Assigned to: Nobody/Anonymous (nobody) > Summary: Unable to set inex in first creating column > > Initial Comment: > it is impossible to establish radio for type index on > the first column at creation of the table > Opera 8.5, IE6.0 > > ---------------------------------------------------------------------- > > You can respond by visiting: > https://sourceforge.net/tracker/?func=detail&atid=377408&aid=1358896&group_… > > > ------------------------------------------------------- > This SF.Net email is sponsored by the JBoss Inc. Get Certified Today > Register for a JBoss Training Course. Free Certification Exam > for All Training Attendees Through End of 2005. For more info visit: > http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click > _______________________________________________ > Phpmyadmin-trk-bugs mailing list > Phpmyadmin-trk-bugs(a)lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/phpmyadmin-trk-bugs > -- Sebastian Mendel www.sebastianmendel.de www.sf.net/projects/phpdatetime | www.sf.net/projects/phptimesheet

18 years, 8 months

[Phpmyadmin-devel] HEAD and extra cookies

by Marc Delisle

Hi, between 2.7.0-beta1 and now, something has changed. I now have 2 extra cookies: pma_cookie_password-1 pma_cookie_username-1 Their path is my PMA directory /css. I also have those cookies with the path set to my normal PMA directory. Marc

18 years, 8 months

[Phpmyadmin-devel] 2.7.0-rc1

by Marc Delisle

I propose to release it this week-end, start QA_2_7_0, and move development to HEAD, away from 2.7.0. Then, only critical fixes would go to QA_2_7_0. Marc

18 years, 8 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Developers November 2005