Hi,
I'm new to this list so let me introduce myself.
I'm working for a company that designed a secure a low cost USB
authentication dongle.
This dongle can be authenticated by any web site using only a few lines of
PHP and Java Script.
I'm also using PMA for a while, and knowing how critical the security is
for PMA users I tryed to integrate our solution to add hardware
authentication support to PMA.
So I downloaded the latest stable release and I added some lines of code in
libraries/auth/cookie.auth.lib.php and it worked...
Now if I add the Ids of the authorized USB authentication dongle in a
configuration file I can access the login page only if the dongle is
plugged on my PC. And as soon as I unplugged it I'm automatically logouted.
Nobody can administrate my mysql server without my USB dongle.
So my questions are:
1) Is the integration of a commercial (hardware) product compatible with the
PMA's project policy ?
2) Are you interested by hardware authentication for PMA.
3) What is the process to commit changes in the trunk ? Who will review the
code ?
Thanks for you reply,
Luc
It took me a couple of day enter your code
The product is almost ready for market and his targeted
Hello to everyone!
Just thought I'd introduce myself :)
I'm Raj Kissu Rajandran, and I hail from Malaysia.
I'll be working on adding BLOB streaming support to phpMyAdmin, as part of
my GSoC proposal - under the tutelage of Marc Delisle.
PS: this will be my first contribution to open source; I'll do my best not
to let you guys down!
Regards,
Raj
Hi,
There is a problem with the behavior of this new dropdown. If I add a
field of type INT and let this dropdown to its default value
"User-defined" but forget to enter a value, I get an error. I suspect
many people will get annoyed by this.
Of course, it all depends on what the majority of users usually do: set
a default value or not.
For a VARCHAR, this results in setting a default value of ''.
Marc
The SourceForge.net 2008 Community Choice Awards program has started and
is awaiting your nominations! All happy phpMyAdmin users should nominate
us :)
On http://www.phpmyadmin.net there is a button that links directly to
the page on which you can nominate our project for one or more
categories (you can click "nominate this project again" to choose
another category). If we are picked as a finalist, we'll tell you about
the final voting phase. Thanks!
Marc Delisle, for the team
Hi,
recent changes in trunk require the SPL which is "available and compiled
by default in PHP 5.0.x". However, compiled by default does not mean
that each distro has compiled it (or that the sysadmin has installed the
required package).
Starting with 5.3.0 this extension can no longer be disabled.
So, do we want to impose this dependency? I'm not sure but if yes, we
should clearly state it in our doc and maybe add a warning about it in
the code.
Marc
Try this: in libraries/tbl_triggers.lib.php, replace
$triggers = PMA_DBI_get_triggers($db, $table);
by
$triggers = false;
-----Original Message-----
From: Rekrutacja <rekrutacja119(a)gmail.com>
To: phpMyAdmin Developer <phpmyadmin-devel(a)lists.sourceforge.net>
Date: Fri, 09 May 2008 02:55:33 +0200
Subject: Re: [Phpmyadmin-cvs] [Phpmyadmin-devel] DisableIS in
any ideas how to remove it maybe ?
-------- Original Message --------
Subject: Re: [Phpmyadmin-cvs] [Phpmyadmin-devel] DisableIS in
Date: Wed, 07 May 2008 03:16:45 +0200
From: Rekrutacja <rekrutacja119(a)gmail.com>
CC: phpmyadmin-devel(a)lists.sourceforge.net
References: <1210114234.67ad30bcMarc.Delisle(a)cegepsherbrooke.qc.ca>
i don't. what part do i need to change to disable it? i thought it would
need a lot of changes to get rid of it.
Marc Delisle wrote:
> Yes, there are security issues, see our security page on phpmyadmin.net.
>
> The full date for implementing this is unknown.
> By the way, do you have triggers? If not you could just disable this part of the code to avoid this query.
>
> -----Original Message-----
> From: Rekrutacja <rekrutacja119(a)gmail.com>
> To: phpmyadmin-cvs(a)lists.sourceforge.net
> Date: Tue, 06 May 2008 14:55:32 +0200
> Subject: Re: [Phpmyadmin-cvs] [Phpmyadmin-devel] DisableIS in
>
> yes, but you said 'so I merged the change and the doc reference' , and
> then asked me if it is faster now, so i assumed you changed something.
>
> anyways, it didn't help, and yes, i have many many databases.
>
> i'm using latest 2.6 pma branch now to avoid it, is there any security
> issues with this old pma?
>
> does DisableIS is going to be implemented fully soon?
>
>
> Marc Delisle wrote:
>> I think Sebastian answered previously that the DisableIS setting is not fully implemented. Also, please provide more information: do you have a large number of databases/tables?
>>
>> -----Original Message-----
>> From: Rekrutacja <rekrutacja119(a)gmail.com>
>> To: phpmyadmin-cvs(a)lists.sourceforge.net
>> Date: Mon, 05 May 2008 16:29:48 +0200
>> Subject: Re: [Phpmyadmin-cvs] [Phpmyadmin-devel] DisableIS in
>>
>>>>>> The EVENT_OBJECT_SCHEMA seems to always have the same content as
>>>>>> TRIGGER_SCHEMA, but I just noticed that in the MySQL manual they
>>>>>> suggest using TRIGGER_SCHEMA in the WHERE clause as you suggested,
>>>>>> so I merged the change and the doc reference (for version 2.11.7)
>>>>>>
>>>>>> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/ph…
>>>>>>
>>>>>> Rekrutacja, is it faster this way on your server?
>>>>> i've tried latest 3.0-dev version, from svn (did checkout just few
>>>>> minutes ago), and it is still slow.
>>>>>
>>>>> Query | 30 | checking permissions | SELECT TRIGGER_SCHEMA,
>>>>> TRIGGER_NAME, EVENT_MANIPULATION, ACTION_TIMING, ACTION_STATEMENT,
>>>>> EVENT_OBJECT_SCHEMA, EVENT_OBJECT_TABLE FROM information_schema.TRIGGERS
>>>>> WHERE TRIGGER_SCHEMA= 'test99' and EVENT_OBJECT_TABLE = 'phpbb2_confirm'
>>>> whats your MySQL server version?
>>>>
>>>>
>>> 5.0.51a-3 , from debian package
>>>
>>>
>> so, any news? my server is still affected, i've tried latest 3.0
>> version, snapshot from 5th may, and it is still happening.
>>
>> got this for example:
>>
>> Query | 37 | checking permissions | SELECT TRIGGER_SCHEMA,
>> TRIGGER_NAME, EVENT_MANIPULATION, ACTION_TIMING, ACTION_STATEMENT,
>> EVENT_OBJECT_SCHEMA, EVENT_OBJECT_TABLE FROM information_schema.TRIGGERS
>> WHERE TRIGGER_SCHEMA= 'test99' and EVENT_OBJECT_TABLE =
>> 'phpbb_poll_options' |
>>
>>
>> i suppose it's turned on, the only place i see this options is
>> libraries/config.default.php
>>
>> # grep DisableIS libraries/config.default.php
>> $cfg['Servers'][$i]['DisableIS'] = true;
>> #
>>
>> so i suppose it's enough.
>>
>> why it's not working?
>>
>> -------------------------------------------------------------------------
>> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
>> Don't miss this year's exciting event. There's still time to save $100.
>> Use priority code J8TL2D2.
>> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/java…
>> _______________________________________________
>> Phpmyadmin-cvs mailing list
>> Phpmyadmin-cvs(a)lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/phpmyadmin-cvs
>>
>>
>>
>>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
> Don't miss this year's exciting event. There's still time to save $100.
> Use priority code J8TL2D2.
> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/java…
> _______________________________________________
> Phpmyadmin-cvs mailing list
> Phpmyadmin-cvs(a)lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/phpmyadmin-cvs
>
>
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/java…
_______________________________________________
Phpmyadmin-cvs mailing list
Phpmyadmin-cvs(a)lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-cvs
Por-favor entre em contato!!!.
--------------------------------------------
Sandra!!_phpmyadmin-devel.exe: Nao Tem Virus!
Norton AntiVirus Procura Progressiva
Mais detalhes: www.symantec.com
