Developers

developers@phpmyadmin.net

5 participants
7032 discussions

by Isaac Bennetch

Hi, It has occurred to me that our current branches have diverged significantly from QA_4_9 and that our current system of merging any change from QA_4_9 to QA_5_1 then to master doesn't seem ideal to me any longer. This makes security merges difficult. This got messy at the point where we decided to continue supporting 4.9 for urgent fixes and security fixes, because prior to 4.9, security fixes would generally be assigned a fourth version number (such as 2.11.2.2 or 4.1.14.8). That fourth version number does not conform very well with semver and we've adapted to releasing a new "patch" release for security fixes (4.9.7, for instance). Under the older system, a branch MAINT_4_1_14 would be created for the security fixes for 4.1.14.x, because a QA_ branch would get merged ahead to newer branches but the MAINT branch was not meant to be merged. Similar changes could be git cherry-picked to future branches instead. Here's what I'm proposing: * Make a break from merging QA_4_9, remove the QA_4_9 branch and replace it with MAINT_4_9 (not MAINT_4_9_8, which would be the old way). We're really getting towards the end of wanting to support 4.9 anyway, but this will allow us to maintain 4.9 without complicated merges to the 5.x branches. It's easy to see how we got in this situation because at first we were still sort of supporting 4.9 for bug fixes and slowly switched to security only, but this is a good time to commit to doing this the right way. As a reminder, since we're releasing 5.2.0-rc1, QA_5_2 is going to be created from master, and QA_5_2 will be frozen for new features; it will become bug fix only. Once 5.2.0 is officially released, QA_5_1 will be removed. I don't believe this will cause any problems with compatibility with very old PHP versions as there should be significant overlap. Regards, Isaac

2 years, 6 months

REQUEST FOR SOLUTION TO THE PROBLEM ENCOUNTERING WHILE ACCESSING MY SITE DATABASE

by MightyVanguard Amuda

Hi PHPMyAdmin Developers, I am Rasheed. I am here to gladly solicit for your help on what and what to do about this problem I've been encountering since a month ago. I purchased a domain name - (https://thetechsalaf.com.ng) and a hosting package from (www.qservers.net). But, ever since I've purchased it, I do regret having a transaction with them because they really gave me problems. First, I paid for a domain name - (techsalaf.com.ng), they never verified my payment even after many complaints and tickets opening. Secondly, I accepted my fate and went on purchasing another domain - ( thetechsalaf.com.ng), but, ever since the purchase period, I have been unable to access my PHPMyAdmin database from cPanel. I had contacted them several times without numbers, but, all to no avail. That's why I thought of contacting you, if you might be of assistance. Thanks in advance.

2 years, 6 months

phpMyAdmin 4.9.9 is released

by Isaac Bennetch

Welcome to the release of phpMyAdmin version 4.9.9. This is a release to fix two issues with the 4.9.8 release. We apologize for the inconvenience. Fixed since phpMyAdmin 4.9.8: * Fix a syntax error preventing use with PHP 5 * An error was shown regarding the new "hide_configuration_errors" directive when a controluser is set Fixed in phpMyAdmin 4.9.8: * Fix for a user potentially being able to disable their two factor authentication (PMASA-2022-1) * Add a new configuration directive $cfg['URLQueryEncryption'] to allow encrypting sensitive information in the URL to prevent disclosure. Thanks to Rich Grimes <https://twitter.com/saltycoder> for suggesting this improvement * Add a new configuration directive $cfg['Servers'][$i]['hide_connection_errors'] to allow hiding the full error message when a log on attempt fails, which can leak hostnames or IP addresses of the target database server. Thanks to Dr. Shuzhe Yang, Manager Security Governance at GLS IT Services for suggesting this improvement Note that the 5.1.2 has two known issues, the hide_connection_errors and an issue with the navigation pane. We are preparing fixes for those and will release version 5.1.3 separately. This is a reminder that phpMyAdmin 4.9 is in the long-term support phase where it will only get important security fixes and critical bug fixes. Users are suggested to migrate to version 5.1. Downloads are available now at https://phpmyadmin.net/downloads/ For the phpMyAdmin team, Isaac

2 years, 7 months

phpMyAdmin 4.9.8, 5.1.2, and 5.2.0-rc1 are released

by Isaac Bennetch

The phpMyAdmin project announces several new releases: * 4.9.8, which fixes some security flaws * 5.1.2, which fixes some security flaws and contains many bug fixes including better PHP 8.0 and 8.1 compatibility * 5.2.0-rc1, a testing version introducing many new features ## Security fixes (affected versions as noted) A flaw was identified in how phpMyAdmin processes two factor authentication; a user could potentially manipulate their account to bypass two factor authentication in subsequent authentication sessions (PMASA-2022-1) (affects both 4.9 and 5.1). A series of weaknesses was identified allowing a malicious user to submit malicious information to present an XSS or HTML injection attack in the graphical setup page (PMASA-2022-2) (affects 5.1 only; not 4.9). In some scenarios, potentially sensitive information such as a the database name can be part of the URL. This can now be optionally encrypted. There are two new configuration directives relating to this improvement: `$cfg['URLQueryEncryption']` and `$cfg['URLQueryEncryptionSecretKey']`. This encryption can be enabled by setting URLQueryEncryption to true in your `config.inc.php`. Thanks to Rich Grimes <https://twitter.com/saltycoder> for suggesting this improvement (affects both 4.9 and 5.1). During a failed log on attempt, the error message reveals the target database server's hostname or IP address. This can reveal some information about the network infrastructure to an attacker. This information can now be suppressed through the `$cfg['Servers'][$i]['hide_connection_errors']` directive. Thanks to Dr. Shuzhe Yang, Manager Security Governance at GLS IT Services for suggesting this improvement (affects both 4.9 and 5.1). ## Bug fixes (5.1.2 and 5.2.0-rc1) * Revert a changed to $cfg['CharTextareaRows'] allow values less than 7 * Fix encoding of enum and set values on edit value * Fixed possible "Undefined index: clause_is_unique" error * Fixed some situations where a user is logged out when working with more than one server * Fixed a problem with assigning privileges to a user using the multiselect list when the database name has an underscore * Enable cookie parameter "SameSite" when the PHP version is 7.3 or newer * Correctly handle the removal of "innodb_file_format" in MariaDB and MySQL ## New features (5.2.0-rc1) * Removed support for Microsoft Internet Explorer * Requires PHP 7.2 or newer * Requires the openssl PHP extension * Improved handling of system CA bundle and cacert.pem, falling back to Mozilla CA if needed * Replace "master/slave" terms with "primary/replica" * Add "NOT LIKE %...%" operator to Table search * Add support for the Mroonga engine * Add support for account locking * Several fixes and improvements to the SQL parser library There are, of course, many more fixes and new features that you can see in the ChangeLog file included with this release or online at <https://demo.phpmyadmin.net/master-config/index.php?route=/changelog> Downloads are available now at <https://phpmyadmin.net/downloads/> Isaac and the phpMyAdmin team

2 years, 7 months

Creating new global variables in custom theme

by Andrew Keller

Hello, Apologies in advance if this is not the proper place to ask this question. Also, sorry if this is a double post. I received an email that said the mailing list was for subscribers only and it wasn't clear if my first email was rejected. I am creating a phpmyadmin theme which I hope to contribute later. I am currently targeting version 4.9.7 for now. I noticed there are certain global variables in the layout.inc.php file for the pmahomme theme. I would like to create a few versions of my theme and it would help if I created additional global variables but I am not sure if that is allowed. Can I create additional global variables or can I only use the global variables defined in the pmahomme theme? Please advise. Thank you. Best regards, Andrew

2 years, 11 months

The phpMyAdmin repo on GitHub is a Dev (uninstalled) version. Thus many files are NOT even there. How do we commit fixes to THOSE missing files?

by Angelo Grebenarov

Hi all, I have a lot of experience with PHP/MySQL but not much with Git. I figure this question should be an easy one for you but I can't figure it out and would really appreciate your answer(s). Here is my question: I've downloaded and installed phpMyAdmin from Git using the "composer update" and "yarn install --production" commands. The installation was fine and *I fixed a bug that happens to be in the \themes\pmahomme\css\theme.css file*. So far so good but when I tried "commit"-ing the change it turns out the file *theme.css* in NOT EVEN THERE on the original GitHub master repo, due to - (of course) it's NOT installed and the \themes\pmahomme\css\ folder is actually empty (no files at all there). -- How can I commit a change to theme.css if theme.css is not even there in master? -- Also: I forked the master repo to MY GitHub account and then cloned it down to my local machine. *Now do I commit DIRECTLY TO phpmyadmin/phpmyadmin -> master?* (Different places have that information differently - some do NOT mention I need to fork - but suggest cloning directly from "master" - I wanted to know ONE CORRECT WORKING WAY of the whole procedure.) I would really appreciate your answers to the (what turned out to be) 2 questions. Thank you, Angelo Grebenarov

3 years, 2 months

HELP

by Obieto Elochukwu

i always get this massage whenever i want to import my data to "MySQLdataBase" but i dont know the meaning... Error *Static analysis:* 2 errors were found during analysis. 1. Unexpected beginning of statement. (near "phpMyAdmin" at position 0) 2. Unrecognized statement type. (near "SQL" at position 11) *SQL query:* phpMyAdmin SQL Dump -- version 4.9.4 -- https://www.phpmyadmin.net/ -- -- Host: localhost:3306 -- Generation Time: Mar 07, 2021 at 06:32 AM -- Server version: 10.3.27-MariaDB-log-cll-lve -- PHP Version: 7.3.6 SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO" *MySQL said: *[image: Documentation] <https://www.forexmrk.com:2083/cpsess8669645226/3rdparty/phpMyAdmin/url.php?…> #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'phpMyAdmin SQL Dump -- version 4.9.4 -- https://www.phpmyadmin.net/ -- -- Hos...' at line 1 Error *Static analysis:* 2 errors were found during analysis. 1. Unexpected beginning of statement. (near "phpMyAdmin" at position 0) 2. Unrecognized statement type. (near "SQL" at position 11) *SQL query:* phpMyAdmin SQL Dump -- version 4.9.4 -- https://www.phpmyadmin.net/ -- -- Host: localhost:3306 -- Generation Time: Mar 07, 2021 at 06:32 AM -- Server version: 10.3.27-MariaDB-log-cll-lve -- PHP Version: 7.3.6 SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO" *MySQL said: *[image: Documentation] <https://www.forexmrk.com:2083/cpsess8669645226/3rdparty/phpMyAdmin/url.php?…> #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'phpMyAdmin SQL Dump -- version 4.9.4 -- https://www.phpmyadmin.net/ -- -- Hos...' at line 1

3 years, 2 months

phpMyAdmin 5.1.1 is released

by Isaac Bennetch

We at the phpMyAdmin project are pleased to release phpMyAdmin 5.1.1, a bugfix release. There are many new bug fixes; a few highlights include: * Fixes for several PHP errors * Fixes for "$cfg['DefaultTabDatabase']" and other related configuration directives not working properly * Fix Yaml export to quote strings even when they are numeric * Fix TCPDF open_basedir issue due to internal guessing code from TCPDF * Fix for quick search not working when using more than one configured server * Fix datetime decimals displayed (.00000) after edit * Fix new lines in text fields are doubled * Fixed URL generation by removing un-needed & escaping for & char * Improvements for working with PHP 8.1 * Improved handling of adding a new user with the Percona database server There are, of course, many more fixes you can see in the ChangeLog file included with this release or online at https://demo.phpmyadmin.net/master-config/index.php?route=/changelog Downloads are available now at https://phpmyadmin.net/downloads/ Isaac and the phpMyAdmin team

3 years, 3 months

phpMyAdmin crash with the latest version of xampp

by Alain Chappuis

Hello, I just installed the latest version of xampp php 8 phpmyadmin 5.1.0 and the last one crash: Fatal error: Uncaught TypeError: PhpMyAdmin\Url::getFromRoute(): Argument #1 ($route) must be of type string, null given, called in D:\Temps\twig\b5\b5e82689f83198c0bf9842c8e68e36b7e067a56300a9eba78c2fa4bc853b361e.php on line 47 and defined in C:\xampp\phpMyAdmin\libraries\classes\Url.php:289 Stack trace: #0 D:\Temps\twig\b5\b5e82689f83198c0bf9842c8e68e36b7e067a56300a9eba78c2fa4bc853b361e.php(47): PhpMyAdmin\Url::getFromRoute(NULL) #1 C:\xampp\phpMyAdmin\vendor\twig\twig\src\Template.php(405): __TwigTemplate_ca1c7f92e0d6c21c720f57fbb6430188a3256088b74632147eb976ae9d397cb1->doDisplay(Array, Array) #2 C:\xampp\phpMyAdmin\vendor\twig\twig\src\Template.php(378): Twig\Template->displayWithErrorHandling(Array, Array) #3 C:\xampp\phpMyAdmin\vendor\twig\twig\src\Template.php(390): Twig\Template->display(Array) #4 C:\xampp\phpMyAdmin\vendor\twig\twig\src\TemplateWrapper.php(45): Twig\Template->render(Array, Array) #5 C:\xampp\phpMyAdmin\libraries\classes\Template.php(129): Twig\TemplateWrapper->render(Array) #6 C:\xampp\phpMyAdmin\libraries\classes\Menu.php(247): PhpMyAdmin\Template->render('menu/breadcrumb...', Array) #7 C:\xampp\phpMyAdmin\libraries\classes\Menu.php(72): PhpMyAdmin\Menu->getBreadcrumbs() #8 C:\xampp\phpMyAdmin\libraries\classes\Header.php(444): PhpMyAdmin\Menu->getDisplay() #9 C:\xampp\phpMyAdmin\libraries\classes\Response.php(331): PhpMyAdmin\Header->getDisplay() #10 C:\xampp\phpMyAdmin\libraries\classes\Response.php(345): PhpMyAdmin\Response->getDisplay() #11 C:\xampp\phpMyAdmin\libraries\classes\Response.php(507): PhpMyAdmin\Response->htmlResponse() #12 [internal function]: PhpMyAdmin\Response->response() #13 {main} thrown in C:\xampp\phpMyAdmin\libraries\classes\Url.php on line 289 I asked for help in stackoverflow and got no answer! Can someone help me? Thanks in advance! Alain -- Alain Chappuis Photographe animalier et ornithologue http://naturissima.biz/ ou http://naturissima.biz/photos/ Natel: ++41 79.855.1946

3 years, 5 months

phpMyAdmin 5.1.0 is released

by Isaac Bennetch

We at the phpMyAdmin project are pleased to publish phpMyAdmin 5.1.0. There are many new features and bug fixes; a few highlights include: * Improve virtuality dropdown for MariaDB > 10.1 * Added an option to perform ALTER ONLINE (ALGORITHM=INPLACE) when editing a table structure * Added ip2long transformation * Improvements to linking to MySQL and MariaDB documentation * Add "Preview SQL" option on Index dialog box when creating a new table * Add a new vendor constant "CACHE_DIR" that defaults to "libraries/cache/" and store routing cache into this folder * Add $cfg['CaptchaSiteVerifyURL'] for Google ReCaptcha siteVerifyUrl * Add the password_hash PHP function as an option when inserting data * Improvements to editing and displaying columns of the JSON data type. * Added support for "SameSite=Strict" on cookies using configuration "$cfg['CookieSameSite']" * Fixed AWS RDS IAM authentication doesn't work because pma_password is truncated * Add config parameters to support third-party ReCaptcha v2 compatible APIs like hCaptcha * Add $cfg['MysqlSslWarningSafeHosts'] to set the red text black when ssl is not used on a private network * Export blobs as hex on JSON export * Fix leading space not shown in a CHAR column when browsing a table * Added a rename Button to use RENAME INDEX syntax of MySQL 5.7 (and MariaDB >= 10.5.2) * Fixed missing option to enter TABLE specific permissions when the database name contains an "_" (underscore) * Fixed a PHP notice "Trying to access array offset on value of type null" on Designer PDF export * Fix for several PHP 8 warnings or errors, giving this release full compatibility with PHP 8 There are, of course, many more fixes you can see in the ChangeLog file included with this release or online at https://demo.phpmyadmin.net/master-config/index.php?route=/changelog Downloads are available now at https://phpmyadmin.net/downloads/ Isaac and the phpMyAdmin team

3 years, 6 months

← Newer
1
2
3
4
5
6
7
8
9
...
704
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Developers