Developers April 2006

developers@phpmyadmin.net

7 participants
26 discussions

by Sebastian Mendel

Hi, token does not work if cookies are disabled of course the whole session thing does not work if cookies disabled, but till now this was not a problem as the session was just re-init with every request if the session could not be continued. so phpMyAdmin now requires cookies enabled in browser. -- Sebastian Mendel www.sebastianmendel.de

17 years, 11 months

[Phpmyadmin-devel] Public report-back about MySQLUC 2006

by Robin H. Johnson

Hi guys, This is the public portion of my report back on MySQL UC 2006. Thanks to: - MySQL/O'Reilly for inviting us. - Seb Le Tuan, one of the CouchSurfing.com founders, for letting me stay in his spare bedroom. - Seb's mother, for inviting us for dinner one night. - The rest of you guys, for offering me the chance to go to Silicon Valley. Saturday (before leaving): - Prepared and printed 11"x17" phpMyAdmin posters. - Prepared and printed PMA business cards with our logo, my name, my email, our website, and my PGP key. - I'll upload the template/datafiles for the posters and cards for anybody else that wants them - you'll need Adobe Illustrator CS2 and InDesign CS2 to edit them, so I'll put up PDFs as well. Sunday: - Left home early, all of check-in, US security, and US immigration took me a record 23 minutes. There was nobody in line for check-in, and only one person in front of me for security. I'd allocated 2 hours for all of this process, as that's close to what it's taken before. - No free wireless in Vancouver, read a book instead. - Arrived Portland, airport now has public free wireless. Waited for next flight and read more. - Arrived San Jose on time, met with Seb, had dinner. Monday: - Got a ride with Seb as far as his office, and took transit from there. - Arrived conference centre just before noon after going around on transit - it really isn't a transit city - you really need to be on the main transit lines or have a car in future. The DotOrg area was not yet ready for any setup stuff, so had lunch instead, and sat coding for a bit. - Set up booth with posters, see photos. - Rode the light rail transit (very similar to the Karlsruhe trams), and saw downown Mountain View (see more photos, but I didn't find Google). - Was invited to dinner with Seb's mother and stepfather. Tuesday: - Early start, Seb dropped me off at the convention centre first thing, and I got everything else ready, including my demo of PMA 2.8.0.3. Tuesday/Wednesdayi common things: - The HP booth was across the aisle from our booth, and one of their guys came over to talk to me - he's from HP Beijing, and offers us many thanks for making phpMyAdmin - and he gave me/us a set of chopsticks from HP Beijing as a token of thanks. - Visitors to the exhibit area mainly came between the sessions (thanks to the free snacks from IBM and MySQL), but there were also a number of exhibits only folk, coming all the time. - During quiet periods, I took a walk around and saw some of the other booths. There is a lot of focus on commercial clustering/replication, followed by MySQL support, business inteligence/reporting and then backup solutions and other things. - I had at least 10 inquiries about how to help support the project, one of which will probably be donated code, and the rest were primarily wondering how to give us some money back - since they make such large use of our work. I pointed out the SF donation page, and said to email us if they wanted to do large amounts or something different. - A lot of big names bundle/use PMA with their offerings: HP, IBM, Novell/SuSE, Rackspace, SugarCRM, SCO, Sun, UniSys, Google and more. They were glad to see us there, and noted a few general things: Their customers sometimes hit a blank page and have a hard time tracing it down - mainly due to us turnings errors off. They would like errors turned back on, to help them trace things. The IE/Gzip bug is not involved, as many of them turn off gzip to avoid it. It might be nice to detect Internet explorer and disable obzip when we have $cfg['OBGzip'] = 'auto'; - Also met some users from big places that use PMA - Los Alamos National Lab, Livermore Lab, US DoD, etc. One of the Los Alamos guys said if we were passing thru and the lab was in a low-security time (no classified projects going on), he'd give us a tour. - Similar to the previous item, I had a few users bring their laptops, with reproduced bugs to show me - mainly configuration errors compounded by the new system (old config files reused), and user error. Turning on error display would help us a lot. - There was one very interesting real bug - the user had a replicated database. Using 'DROP TABLE' on the master via the commandline, replicated fine. Doing the same on the master via PMA didn't replicate. - I took a quick survey of all GUI tools that were represented at the conference, or that any of the MySQL folk could think of. PMA was the oldest, having started in 1998. The next competitor emerged shortly before we started on SourceForge in 2001. Navicat and Webyog Wednesday: - Spoke to Monty in the afternoon, and picked his brain about the oldest GUI, he also believes it was PMA, but he said he'd check the collected archives of MySQL email to be sure. He also mentioned something lacking in PMA, and other apps in general at the moment - lack of a good form builder tool for web interfaces, that is capable of hooking up the form to the database directly - there's too much manual work involved still. - Packed up my booth stuff, as the exhibit portion was only Tues/Weds. - The O'Reilly folk say that we're welcome at OSCON in Portland, end of July 2006. I may be able to make it there, not certain, as I'm getting married 3 weeks after that ;-). - One of the PMA users asked if I had dinner plans, as I didn't we had dinner and discussed PMA/MySQL stuff. Thursday: - Did some sight-seeing around Silicon Valley, having never been down here before, I can recommend 'The Tech' museum in downtown San Jose. - Cooked a thanks dinner for Seb, incl. my family secret chocolate sauce recipe to put on the desert. Friday: - Up early for travelling, security wasn't too bad again, 45 minutes processing time in at San Jose, almost entirely waiting for security. - Flight from Portland to Vancouver was delayed due to maintenance problems with the plane, arrived an hour late. -- Robin Hugh Johnson E-Mail : robbat2(a)users.sourceforge.net GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85

18 years

[Phpmyadmin-devel] high source logo for banners

by Robin H. Johnson

Hi, I was trying to get a decent banner together for MySQL UC, but the logos aren't coming out nicely. Do we have a nice high resolution version or even better, a vector art version somewhere? -- Robin Hugh Johnson E-Mail : robbat2(a)users.sourceforge.net GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85

18 years

[Phpmyadmin-devel] Doku/Developer Wiki

by Sebastian Mendel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, some time ago we already discussed this wiki-thing, the result was that running a wiki on sf.net is not secure or there was no time to set it up? i could set up this wiki, whether on my own space, or somewhere on sf.net. (i have already set up and maintaining one wiki (phpbar.de)) ... i came across this again by the previous post of marc about sql query should always escaped (obviously that this is clear) there is no developer docu where this is written ... or? ... and some other things that are difficult to document in the source. - -- Sebastian Mendel www.sebastianmendel.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) iD8DBQFER0CtX/0lClpZDr4RAsiNAJ9XxMl07THmcPAbuLRqUfcZgRZhuwCfd2ya I2iB2n7IE2cyIE6beSW7Nf0= =hwCv -----END PGP SIGNATURE-----

18 years

[Phpmyadmin-devel] Anonymous CVS out of sync

by Michal Čihař

Hi probably most of you noticed this, but just to make sure everybody knows it: Anonymous CVS is not being updated since CVS breakage at the end of March. This situation will stay at least till end of April, see sf.net status page [1] for details. This also means that snapshots and online demos are not on current versions, so do not tell users to test on those something you've recently fixed. 1. https://sourceforge.net/docs/A04/ -- Michal Čihař | http://cihar.com

18 years

[Phpmyadmin-devel] MySQL Forge

by Sebastian Mendel

http://forge.mysql.com/projects/view.php?id=3 -- Sebastian Mendel www.sebastianmendel.de

18 years

[Phpmyadmin-devel] why $*_font_family in lang files?

by Sebastian Mendel

Hi, what is/was the reason for putting this $*_font_family variables into the language files? is this still needed? shouldn't the browser has the right font to use for displaying the language requested by the user? (f.e. i use 'Arial Unicode MS', which works best with all languages) -- Sebastian Mendel www.sebastianmendel.de

18 years

[Phpmyadmin-devel] replacing 10px with 8pt in DarkBlue_Orange?

by Sebastian Mendel

Hi, is there a problem with replacing font-size 10px with f. e. 8pt in darkblue orange theme? i have absolutely no problem with leaving it at 10px! just a question! font size of 10 px gives me an absolute hight of X with about 1.3 mm and absolut height of x about 0.9mm - nearly unreadable! (my sytem is running at 144 DPI) font size 8 pt should appear with about the same size as 10px on 72 DPI displays (the default on most systems) and has the right size on any other dpi settings! -- Sebastian Mendel www.sebastianmendel.de

18 years

[Phpmyadmin-devel] Scientific Survey: Working Conditions in Open Source Projects

by Dirk Jendroska

We like to invite you to a survey about the working conditions in Free/Open-Source Software development. This survey is conducted by the Open-Source Research Group of the University of Würzburg (Germany). We will compare work design in open source and proprietary software development. Our findings should be used to adjust the working conditions of software development to the needs of the developers. The results will be published under the Creative Commons License. To start the survey, please follow the link: http://www.unipark.de/uc/open-source-task/ If you have any questions don't hesitate to contact us! Dirk Jendroska http://www.psychologie.uni-wuerzburg.de/ao/staff/jendroska.php?lang=en

18 years

[Phpmyadmin-devel] Re: phpMyAdmin 'sql_query' Cross-Site Scripting and SQL Code Execution

by Sebastian Mendel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michal ?iha? schrieb: > On Thu, 20 Apr 2006 14:50:55 +0200 > Michal ?iha? <michal(a)cihar.com> wrote: > >> Both is quite simple (see attached patch). Only problem is when to >> check whether token is correct. For now I added check to import.php and >> sql.php, are there any other dangerous places? > > Problematic places are many :-(. Eg. dropping users using URL: > > http://localhost/pma-2.8.0/server_privileges.php?selected_usr%5B%5D=aaa%1B%… > > It will be quite hard to spot all such places. Any better idea how to > protect against such XSS? token can be checked globaly in common.lib.php if token is wrong empty all $_REQUEST/GET/POST - -- Sebastian Mendel www.sebastianmendel.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) iD8DBQFER5M9X/0lClpZDr4RAlQnAKCjjsLJgf1NVBSjgUF/kLCUEqh/WACgsdF6 r/rINW+W5Gu57iPUzqp9eUc= =O+JN -----END PGP SIGNATURE-----

18 years

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Developers April 2006