April 2005 - Developers - lists.phpmyadmin.net

[Phpmyadmin-devel] PMA not Logging in on IIS4 (Bug?)
by Matthias Steinböck 29 Apr '05

29 Apr '05

Hello there! I'm totally new to this list. I don't know if I found a bug or not, so here is the description: NT4-Server IIS 4.0 PHP 4.3.11 PMA 2.6.2 (current stable) I configured PMA correctly (cookie-authentication) but logging in does not work. no error-message is shown. After spending some time on the PMA-internals i found a solution: i found out that the lifetime of "pma_cookie_password-[servernumber]"-cookie is set to 0 but this did not work with the server. so i changed this one to null. libraries/auth/cookie.auth.lib.php - line 560 method PMA_auth_set_user and everything worked. HTH? ma

2 1

[Phpmyadmin-devel] releasing phpMyAdmin 2.6.2-pl1 ?
by Marc Delisle 26 Apr '05

26 Apr '05

Hi, This bug https://sourceforge.net/tracker/index.php?func=detail&aid=1190092&group_id=… looks critical on MySQL 5.0.x. It's fixed now, and I guess we should release 2.6.2-pl1. Comments? Marc

1 0

[Phpmyadmin-devel] phpMyAdmin 2.6.2 is released
by Marc Delisle 16 Apr '05

16 Apr '05

_ __ __ _ _ _ _ __ | |__ _ __ | \/ |_ _ / \ __| |_ __ ___ (_)_ __ | "_ \| "_ \| "_ \| |\/| | | | | / _ \ / _` | "_ ` _ \| | "_ \ | |_) | | | | |_) | | | | |_| |/ ___ \ (_| | | | | | | | | | | | .__/|_| |_| .__/|_| |_|\__, /_/ \_\__,_|_| |_| |_|_|_| |_| |_| |_| |___/ 2.6.2 http://www.phpmyadmin.net phpMyAdmin 2.6.2 - April 16th, 2005 =================================== A set of PHP-scripts to administrate MySQL over the Web. -------------------------------------------------------- Announcement ------------ The phpMyAdmin Project is proud to announce the immediate availability of the first release candidate of phpMyAdmin 2.6.2. Version 2.6.2 contains improvements for better MySQL 4.1 and 5.0 support, and a fix for a new security vulnerability. phpMyAdmin is a web administration tool for MySQL databases, intended to handle a whole database server as well as a single database. Over the years, it has become the most popular GUI for MySQL and is downloaded about 6,000 times a day, according to SourceForge.net. Highlights ---------- Note: If you are using the 'cookie' authentication type, please delete in your browser's data the cookies which relate to phpMyAdmin, before your first use of phpMyAdmin 2.6.2. Thanks to Dmitry Chorine for the information. Improvements: * MySQL 4.1.x native column comments * MySQL 5.0: Basic detection mechanism for views: o Views are no longer displayed as tables in use o Ability to drop views * MySQL 5.0: Interface fixes and hardcoded virtual relations for information_schema * MySQL 4.1: Better automatic detection for available storage engines * New storage engines overview page o Plugin-like infrastructure for storage engine status monitors o Overview of startup variables and current values o MySQL 5.0 / InnoDB: Buffer pool activity monitor * MySQL 4.1.2+ TIMESTAMP options * Export: Native Microsoft Word 2000 and Excel 2000 formats * PDF schema visual editor: column names now optional * MySQL 5.0.3 new Japanese charsets support (cp932, eucjpms) * Parser: added missing date and time MySQL functions * Documentation: explain all Export options handling * Cookie paths: added / to end of path * Show database comments at more places * Better use of print styles in themes * Bookmarks: sort by label, remove the number before each label * Better protection against possible collation conflicts and out-of-sync errors in PMADB queries * Relation view: removed pmadb-style comments handling (now available just on the Structure page) * FAQ about using HTTP authentication under IIS * New editions for some language files (especially ISO-8859-15) * (rc1) English messages improvements * (final) New language: belarusian Fixes: * Detection of SELECT query to display on multiple submits * PDF schema: missing header * A failed connection was not properly detected * Problem with Japanese language under MySQL 4.1.x * Export o Various errors under mysqli extension o SQL format under Safari browser o Do not offer export modes not available in current MySQL version * Changing the type of a FLOAT unsigned column * Adding field with collation * Calendar popup and TIMESTAMP field under MySQL 4.1.x * PHP 4.1.x: wrong parameter count (mcrypt.lib.php) * Problem when SHOW DATABASES is disabled * Copy table: commands out of sync * User management o Host not changing with editing user o Escaping character removed by error * MySQL 5.0.x: "No database selected" error * Print view: displaying of indexes * Cookie auth: error when blowfish_secret is empty * MySQL 4.1.2: "Reload MySQL" link not seen * MySQL 5 server binlog compatibility * PDF pages generation: wrong documentation * Inserted row id was not always correctly reported * (rc1) Do not offer unavailable collations * (rc1) XSS vulnerability on "convcharset" * (rc1) Do not allow to drop information_schema * (rc1) Undefined offset (on the left panel) * (rc1) Problem copying InnoDB table with foreign-key constraints to a table in the same database * (final) Problem editing a user's profile * (final) Error going from Export to Insert tab Detailed list of changes since version 2.2.0 is available under http://www.phpmyadmin.net/ChangeLog.txt Availability ------------ This software is available under the GNU General Public License V2.0. You can get the newest version at http://www.phpmyadmin.net/ Available file formats are: .zip, .tar.gz and .tar.bz2. If you install phpMyAdmin on your system, it"s recommended to subscribe to the news mailing list by adding your address under http://lists.sourceforge.net/lists/listinfo/phpmyadmin-news This way, you will be informed of new updates and security fixes. It is a read only list, and traffic is not greater than a few mail every year. Support and Documentation ------------------------- The documentation is included in the software package as text and HTML file, but can also be downloaded from: http://www.phpmyadmin.net/documentation/ The software is provided as is without any express or implied warranty, but there is a bugs tracker page under: http://sourceforge.net/projects/phpmyadmin/ [click on "Bugs"] In addition, there are also a number of discussion lists related to phpMyAdmin. A list of mailing lists with archives is available at: http://sourceforge.net/mail/?group_id=23067 or http://sourceforge.net/projects/phpmyadmin/ [click on "Lists"] Finally, an users support forum is also available under: http://sourceforge.net/forum/forum.php?forum_id=72909 Known bugs ---------- - phpMyAdmin SQL parser chokes on fieldnames with certain non-ASCII characters (bugs #593598, #936161). To be informed about new releases fixing these problems, please subscribe to the news mailing list under http://lists.sourceforge.net/lists/listinfo/phpmyadmin-news or regularly check the sourceforge bugs tracker. Donations --------- The project accepts donations to help improve the product. There is a "Donations" link on http://www.phpmyadmin.net. Description ----------- phpMyAdmin is intended to handle the administration of MySQL over the Web. It can manage a whole MySQL server as well as a single database. Currently it can: - create, copy, rename and drop databases - create, copy, drop, rename and alter tables - do table maintenance - delete, edit and add fields - execute any SQL-statement, even batch-queries - manage keys on fields - load text files into tables - create and read dumps of tables - export data to CSV, XML and Latex formats - administer multiple servers - manage MySQL users and privileges - check referential integrity - using Query-by-example (QBE), create complex queries automatically connecting required tables - create PDF graphics of your Database layout - search globally in a database or a subset of it - communicate in 47 different languages Authors & Copyright ------------------- Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller..com> Copyright (C) 2001-2005 Marc Delisle <DelislMa_at_CollegeSherbrooke.qc.ca> Olivier Müller <om_at_omnis.ch> Robin Johnson <robbat2_at_users.sourceforge.net> Alexander M. Turek <me_at_derrabus.de> Michal Cihar <michal_at_cihar.com> Garvin Hicking <me_at_supergarv.de> Marcel Tschopp <ne0x_at_users.sourceforge..net> + many other people (check the CREDITS section of our documentation) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Marc Delisle/ 2005-04-16

1 0

[Phpmyadmin-devel] phpMyAdmin 2.6.2
by Marc Delisle 15 Apr '05

15 Apr '05

Hi, I had a look at the bug tracker and I feel we could release 2.6.2 this Saturday. Opinions? Marc

2 1

[Phpmyadmin-devel] favicon suggestion
by Marc Delisle 10 Apr '05

10 Apr '05

Hi, I received this "public domain" favicon for PMA. The colors seem ok to me, any objection to merge this? Marc

5 7

[Phpmyadmin-devel] ready for 2.6.2-rc1 ?
by Marc Delisle 03 Apr '05

03 Apr '05

Hi, I think we can go from 2.6.2-beta1 to 2.6.2-rc1 today. Does someone need branching now to start on 2.6.3 before the final 2.6.2? I would prefer not, since it means double work for committing last-minute fixes. Marc

2 2

[Phpmyadmin-devel] phpMyAdmin 2.6.2-rc1 is released
by Marc Delisle 03 Apr '05

03 Apr '05

_ __ __ _ _ _ _ __ | |__ _ __ | \/ |_ _ / \ __| |_ __ ___ (_)_ __ | "_ \| "_ \| "_ \| |\/| | | | | / _ \ / _` | "_ ` _ \| | "_ \ | |_) | | | | |_) | | | | |_| |/ ___ \ (_| | | | | | | | | | | | .__/|_| |_| .__/|_| |_|\__, /_/ \_\__,_|_| |_| |_|_|_| |_| |_| |_| |___/ 2.6.2-rc1 http://www.phpmyadmin.net phpMyAdmin 2.6.2-rc1 - April 3rd, 2005 ====================================== A set of PHP-scripts to administrate MySQL over the Web. -------------------------------------------------------- Announcement ------------ The phpMyAdmin Project is proud to announce the immediate availability of the first release candidate of phpMyAdmin 2.6.2. Version 2.6.2 contains improvements for better MySQL 4.1 and 5.0 support, and a fix for a new security vulnerability. phpMyAdmin is a web administration tool for MySQL databases, intended to handle a whole database server as well as a single database. Over the years, it has become the most popular GUI for MySQL and is downloaded about 6,000 times a day, according to SourceForge.net. The highlights of this release in detail: Highlights ---------- Improvements: * MySQL 4.1.x native column comments * MySQL 5.0: Basic detection mechanism for views: o Views are no longer displayed as tables in use o Ability to drop views * MySQL 5.0: Interface fixes and hardcoded virtual relations for information_schema * MySQL 4.1: Better automatic detection for available storage engines * New storage engines overview page o Plugin-like infrastructure for storage engine status monitors o Overview of startup variables and current values o MySQL 5.0 / InnoDB: Buffer pool activity monitor * MySQL 4.1.2+ TIMESTAMP options * Export: Native Microsoft Word 2000 and Excel 2000 formats * PDF schema visual editor: column names now optional * MySQL 5.0.3 new Japanese charsets support (cp932, eucjpms) * Parser: added missing date and time MySQL functions * Documentation: explain all Export options handling * Cookie paths: added / to end of path * Show database comments at more places * Better use of print styles in themes * Bookmarks: sort by label, remove the number before each label * Better protection against possible collation conflicts and out-of-sync errors in PMADB queries * Relation view: removed pmadb-style comments handling (now available just on the Structure page) * FAQ about using HTTP authentication under IIS * New editions for some language files (especially ISO-8859-15) * (rc1) English messages improvements Fixes: * Detection of SELECT query to display on multiple submits * PDF schema: missing header * A failed connection was not properly detected * Problem with Japanese language under MySQL 4.1.x * Export o Various errors under mysqli extension o SQL format under Safari browser o Do not offer export modes not available in current MySQL version * Changing the type of a FLOAT unsigned column * Adding field with collation * Calendar popup and TIMESTAMP field under MySQL 4.1.x * PHP 4.1.x: wrong parameter count (mcrypt.lib.php) * Problem when SHOW DATABASES is disabled * Copy table: commands out of sync * User management o Host not changing with editing user o Escaping character removed by error * MySQL 5.0.x: "No database selected" error * Print view: displaying of indexes * Cookie auth: error when blowfish_secret is empty * MySQL 4.1.2: "Reload MySQL" link not seen * MySQL 5 server binlog compatibility * PDF pages generation: wrong documentation * Inserted row id was not always correctly reported * (rc1) Do not offer unavailable collations * (rc1) XSS vulnerability on "convcharset" * (rc1) Do not allow to drop information_schema * (rc1) Undefined offset (on the left panel) * (rc1) Problem copying InnoDB table with foreign-key constraints to a table in the same database Detailed list of changes since version 2.2.0 is available under http://www.phpmyadmin.net/ChangeLog.txt Availability ------------ This software is available under the GNU General Public License V2.0. You can get the newest version at http://www.phpmyadmin.net/ Available file formats are: .zip, .tar.gz and .tar.bz2. If you install phpMyAdmin on your system, it"s recommended to subscribe to the news mailing list by adding your address under http://lists.sourceforge.net/lists/listinfo/phpmyadmin-news This way, you will be informed of new updates and security fixes. It is a read only list, and traffic is not greater than a few mail every year. Support and Documentation ------------------------- The documentation is included in the software package as text and HTML file, but can also be downloaded from: http://www.phpmyadmin.net/documentation/ The software is provided as is without any express or implied warranty, but there is a bugs tracker page under: http://sourceforge.net/projects/phpmyadmin/ [click on "Bugs"] In addition, there are also a number of discussion lists related to phpMyAdmin. A list of mailing lists with archives is available at: http://sourceforge.net/mail/?group_id=23067 or http://sourceforge.net/projects/phpmyadmin/ [click on "Lists"] Finally, an users support forum is also available under: http://sourceforge.net/forum/forum.php?forum_id=72909 Known bugs ---------- - phpMyAdmin SQL parser chokes on fieldnames with certain non-ASCII characters (bugs #593598, #936161). To be informed about new releases fixing these problems, please subscribe to the news mailing list under http://lists.sourceforge.net/lists/listinfo/phpmyadmin-news or regularly check the sourceforge bugs tracker. Donations --------- The project accepts donations to help improve the product. There is a "Donations" link on http://www.phpmyadmin.net. Description ----------- phpMyAdmin is intended to handle the administration of MySQL over the Web. It can manage a whole MySQL server as well as a single database. Currently it can: - create, copy, rename and drop databases - create, copy, drop, rename and alter tables - do table maintenance - delete, edit and add fields - execute any SQL-statement, even batch-queries - manage keys on fields - load text files into tables - create and read dumps of tables - export data to CSV, XML and Latex formats - administer multiple servers - manage MySQL users and privileges - check referential integrity - using Query-by-example (QBE), create complex queries automatically connecting required tables - create PDF graphics of your Database layout - search globally in a database or a subset of it - communicate in 47 different languages Authors & Copyright ------------------- Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller..com> Copyright (C) 2001-2005 Marc Delisle <DelislMa_at_CollegeSherbrooke.qc.ca> Olivier Müller <om_at_omnis.ch> Robin Johnson <robbat2_at_users.sourceforge.net> Alexander M. Turek <me_at_derrabus.de> Michal Cihar <michal_at_cihar.com> Garvin Hicking <me_at_supergarv.de> Marcel Tschopp <ne0x_at_users.sourceforge..net> + many other people (check the CREDITS section of our documentation) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Marc Delisle/ 2005-04-03

1 0

[Phpmyadmin-devel] phpMyAdmin security alert PMASA-2005-3
by Marc Delisle 03 Apr '05

03 Apr '05

phpMyAdmin security announcement PMASA-2005-3 Announcement-ID: PMASA-2005-3 Date: 2005-04-03 Summary: Cross-Site Scripting vulnerability Description: We received a security advisory from Oriol Torrent Santiago and we wish to thank him for his work and report. The convcharset parameter was not correctly validated, opening the door to a XSS attack. Severity: We consider this vulnerability to be serious. Affected versions: Probably all phpMyAdmin versions before 2.6.2-rc1. Solution: Upgrade to phpMyAdmin 2.6.2-rc1 or newer. References: http://www.arrelnet.com/advisories/adv20050403.html For further information and in case of questions, please contact the phpMyAdmin team. Our website is http://www.phpmyadmin.net/.

1 0