Developers

developers@phpmyadmin.net

7004 discussions

Start a nNew thread

Question
by Zach 22 Mar '20

22 Mar '20

Hi there, I have a question about my database Sent from my iPhone

2 1

phpMyAdmin 4.9.5 and 5.0.2 are released
by Isaac Bennetch 21 Mar '20

21 Mar '20

Hello, The phpMyAdmin team announces the release of both 4.9.5 and 5.0.2. Both versions contain several security fixes: * PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password * PMASA-2020-3 SQL injection vulnerability relating to the search feature * PMASA-2020-4 SQL injection and XSS having to do with displaying results * Removing of the "options" field for the external transformation. We are removing the ability for users to set "options" field for the external transformation. This must now be hard coded in the plugin file directly (where the program is configured). This feature allows users to pipe output directly to an executable file, however the options field presented a security risk and we have decided to move the options to be hard coded in the transformation plugin file. For further assistance, please reach out to our support team through email or Github pull request. Version 5.0.3 also contains many bug fixes: * Fix for copying a user account * Removed SET AUTOCOMMIT=0 from SQL export * Fix for the display of table borders * Fix for ENUM radio button user interface problems * Improved the prompt for abandoning changes when no changes were made in the SQL window * Fix for inserting a primary key with "insert as new row" * Fix incorrect suggested latest available version to version 5 There are many other bugs fixes, please see the ChangeLog file included with this release for full details. Known shortcomings: Due to changes in the MySQL authentication method, PHP versions prior to 7.4 are unable to authenticate to a MySQL 8.0 or newer server (our tests show the problem actually began with MySQL 8.0.11). This relates to a PHP bug https://bugs.php.net/bug.php?id=76243. There is a workaround, that is to set your user account to use the current-style password hash method, mysql_native_password. This unfortunate lack of coordination has caused the incompatibility to affect all PHP applications, not just phpMyAdmin. For more details, you can see our bug tracker item at https://github.com/phpmyadmin/phpmyadmin/issues/14220. We suggest upgrading your PHP installation to take advantage of the authentication methods. As a reminder, phpMyAdmin 4.9 is in the long-term support phase where it will only get important security fixes and critical bug fixes. Users are suggested to migrate to version 5.0. Downloads are available now at https://phpmyadmin.net/downloads/ For the phpMyAdmin team, Isaac

1 0

phpMyAdmin security pre-release announcement
by Isaac Bennetch 19 Mar '20

19 Mar '20

Hello, The phpMyAdmin team is announcing that we are preparing a security fix which we plan to release Friday, tomorrow, approximately 30 hours from now. The attack vector requires that the attacker be authenticated through a valid MySQL/MariaDB account. Both the 4.9 and 5.0 branches will be updated. This announcement is part of our ongoing effort to announce security releases in advance, when available, and should not be interpreted as any commentary on the details of any specific vulnerability. If you have questions or concerns, you can reach me directly or contact the security team at security(a)phpmyadmin.net. Isaac for the phpMyAdmin team

1 0

GuardianKey plugin to phpMyAdmin
by James Brown 02 Mar '20

02 Mar '20

On Thu Nov 14 18:44:13 CET 2019 Gesiel Bernardes gesiel at guardiankey.io said: > HI Everyone, > > We are trying create a GuardianKey plugin to phpMyAdmin. However, we have > doubts related to the best way to do this and the best point in the code > for this integration. > > GuardianKey is a solution to protect systems against authentication > attacks. It uses Artificial Intelligence and analyses the user's behavior, > threat intelligence and psychometrics (or behavioral biometrics). The > protected system (in the concrete case, phpMyAdmin) must send an event via > REST for the GuardianKey on each login attempt. More info at > https://guardiankey.io/services/guardiankey-auth-security-lite/ <https://guardiankey.io/services/guardiankey-auth-security-lite/> . > > The best way to integrate would be on having a hook in the procedure that > process the user credentials submission in phpMyAdmin (the script that > receives the POST), something such as: > > if(POST IN AUTH FORM) { > boolean loginFailed = checkLogin(); > GuardianKeyEvent event = createEventForGuardianKey(username,loginFailed); > boolean GuardianKeyValidation = checkGuardianKeyViaREST(event); > if(GuardianKeyValidation){ > // Allow access > } else { > // Deny access > } > } > > Where is the best place to create this integration? Is there a way to > create a hook for this purpose? Should we create an extension? > > Any help is welcome. > > Thank you in advance. > > Best regards, > Gesiel I’d be very interested in using GuardianKey with PHPMyAdmin. Does anyone have any suggestions on how Gesiel should go about such an integration? Thanks, James.

1 0

Google Summer of Code 2020
by Adhil Ahamed 20 Feb '20

20 Feb '20

I am Aathil Ahamed student and a full stack web developer from Sri Lanka, I like to contribute to your organization in coming Google summer of code 2020. Can I get any guidance. Thank you -- Aathil Ahamed

1 0

Introduction
by Mohammed Rabeeh 11 Feb '20

11 Feb '20

Hello Developers, My name is Mohammed Rabeeh. I'm a sophomore at the College of Engineering Trivandrum, pursuing Bachelor of Technology (B.Tech) in Computer Science and Engineering. I would like to say hello to everyone. I've been contributing to phpMyAdmin since December 2019 and it has been a total blast. I've used pMA for a lot of my projects and it just makes everything so simple and easier for me. I'm hoping I'll be able to do my best to contribute to this awesome tool and develop this into an even better piece of work. I'm also interested in doing Google Summer of Code '20 with pMA. I would like someone to mentor me and help me along the way. Currently, I'm trying to refactor JQuery UI. It has been outdated and it needs to be replaced. I've opened up an issue about this here <https://github.com/phpmyadmin/phpmyadmin/issues/15875>. I hope I can make good contributions and be a part of this community. Thanks. Regards, -Rabeeh @rabeehrz <https://github.com/rabeehrz>

1 0

Losing Data
by Zhenrui Chen 05 Feb '20

05 Feb '20

Hello, I host my website on EC2 of Amazon, using XAMPP, I regularly lose data and I had to perform a stop/start of the instance of EC2 and restore the data manually again. The most recent occurrence of this was between today and 1/28/2020. I had the exact same setup on my local machine and I do not see any issues on my local PC. Do you have same problems happened before? Thanks. Zhenrui Chen

2 1

phpMyAdmin 4.9.4 and 5.0.1 are released
by Isaac Bennetch 08 Jan '20

08 Jan '20

The phpMyAdmin team announces the release of versions 4.9.4 and 5.0.1. As a reminder, version 4.x is in the LTS phase, where only security fixes and critical bug fixes are made. Users are suggested to migrate to version 5. These releases address two issues, a problem with two-factor authentication that was introduced with the last releases, and a fix for an SQL injection vulnerability that was reported by CSW Research Labs <https://twitter.com/cswcyberworks>. This vulnerability is assigned PMASA-2020-1 and requires that the attacker have logged in through a valid MySQL account. Known issue: the reported current release version may display incorrectly on the main page (for instance, "Version information: 5.0.1, latest stable version: 4.9.4"). This is expected to be fixed in the next routine bug fix release. Downloads are available at phpmyadmin.net. Happy new year, the phpMyAdmin team

1 0

phpMyAdmin security pre-release announcement
by Isaac Bennetch 06 Jan '20

06 Jan '20

Hello, The phpMyAdmin team is announcing that we are preparing a security fix which we plan to release tomorrow, approximately 24 hours from now. The attack vector requires that the attacker authenticate through a valid MySQL/MariaDB account. This announcement is part of our ongoing effort to announce security releases in advance, when available, and should not be interpreted as any commentary on the details of any specific vulnerability. If you have questions or concerns, you can reach me directly or contact the security team at security(a)phpmyadmin.net. Isaac for the phpMyAdmin team

1 0

phpMyAdmin 5.0.0 is released
by Isaac Bennetch 26 Dec '19

26 Dec '19

Welcome to the release of phpMyAdmin version 5.0.0. This release is occurring simultaneously with version 4.9.3; except for users with old PHP installations, version 5.0.0 is the recommended version. This release includes many new features and improvements from the 4.9 series. We expect to maintain version 4 in a security capacity to support users with older PHP installations. For full details about supported versions and end of life dates, see the "Supported versions" grid at <https://www.phpmyadmin.net/downloads/>. With this release, we are removing support of old PHP versions (5.5, 5.6, 7.0, and HHVM). These versions are outdated and are no longer supported by the PHP team. Version 5.0 includes many coding improvements that modernize the interface. Many of these changes are transparent to users, but make the code easier to maintain. Much of this refactoring work is completed by our contract developer, Maurício Meneghini Fauth. We always consider applications for new (paid) contract developers, see <https://www.phpmyadmin.net/contractor/> for program details. Some of the changes and new features include: * Enable columns names by default for CSV exports * Add Metro theme * Automatically add the index when creating an auto increment column * Improvements to exporting views * Prompt the user for confirmation before running an UPDATE query with no WHERE clause * Improvements to how errors are show to the user (including allowing easier copying of the error text to the clipboard) * Added keystrokes to clear the line (ctrl+l) and clear the entire console window (ctrl+u) * Use charset 'windows-1252' when export format is MS Excel There are several more changes, please refer to the ChangeLog file included with the release for full details. Known shortcomings: Due to changes in the MySQL authentication method, PHP versions prior to 7.4 are unable to authenticate to a MySQL 8.0 or newer server (our tests show the problem actually began with MySQL 8.0.11). This relates to a PHP bug https://bugs.php.net/bug.php?id=76243. There is a workaround, that is to set your user account to use the current-style password hash method, mysql_native_password. This unfortunate lack of coordination has caused the incompatibility to affect all PHP applications, not just phpMyAdmin. For more details, you can see our bug tracker item at https://github.com/phpmyadmin/phpmyadmin/issues/14220. We suggest upgrading your PHP installation to take advantage of the authentication methods. Downloads are available now at https://phpmyadmin.net/downloads/ Our work would not be possible without the donations of our generous sponsor, and this release in particular is brought to you thanks to the hard work of our Google Summer of Code students and many other contributors. The phpMyAdmin team

1 0

← Newer
1
2
3
4
5
6
7
8
9
...
701
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Developers