Developers

developers@phpmyadmin.net

5 participants
7032 discussions

by Kordován Szabolcs

Hi, I had a problem with secure connection to sql server. I use mysqli extension, I configured server['ssl'] = true. I have a user 'szabolcs' in sql who needs ssl. First I received 'mysqli_real_connect(): (HY000/1045): Access denied for user 'szabolcs'@'localhost' (using password: YES)'. That was why PMA doesn't use MYSQLI_CLIENT_SSL. I should add it to $client_flags. After this I got the following error:'mysqli_query(): SSL operation failed with code 1. OpenSSL Error messages: error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length'. PMA uses openssel functions to encrypt values in cookie if openssl functions exist, other case PMA uses Crypt\AES. With Crypt\AES PMA works fine. I don't know the exact source of this problem. I think openssl functions have a bug. Because the mysqli connection with ssl is successful After connection in common.inc.php $auth_plugin->storeUserCredentials() is called. This function stores the username and password and other parameters into cookie. To encrypt: openssl_encrypt( $data, 'AES-128-CBC', $secret, 0, $this->_cookie_iv ); I think the problem is that openssl_encrypt change the cipher to AES-128-CBC globally. It means the cipher of mysqli connection is also modified. This is why mysqli_query failed after encryption. Here is my solution: diff -ruN original/libraries/dbi/DBIMysqli.php working/libraries/dbi/DBIMysqli.php --- original/libraries/dbi/DBIMysqli.php 2016-05-25 19:07:44.000000000 +0200 +++ working/libraries/dbi/DBIMysqli.php 2016-05-26 15:55:49.000000000 +0200 @@ -152,6 +152,7 @@ /* Optionally enable SSL */ if ($cfg['Server']['ssl']) { + $client_flags |= MYSQLI_CLIENT_SSL; mysqli_ssl_set( $link, $cfg['Server']['ssl_key'], diff -ruN original/libraries/plugins/auth/AuthenticationCookie.php working/libraries/plugins/auth/AuthenticationCookie.php --- original/libraries/plugins/auth/AuthenticationCookie.php 2016-05-25 19:07:44.000000000 +0200 +++ working/libraries/plugins/auth/AuthenticationCookie.php 2016-05-26 15:56:27.000000000 +0200 @@ -661,6 +661,7 @@ */ public static function useOpenSSL() { + return false; return ( function_exists('openssl_encrypt') && function_exists('openssl_decrypt') diff -ruN original/RELEASE-DATE-4.6.1 working/RELEASE-DATE-4.6.1 --- original/RELEASE-DATE-4.6.1 1970-01-01 01:00:00.000000000 +0100 +++ working/RELEASE-DATE-4.6.1 2016-05-02 17:24:00.000000000 +0200 @@ -0,0 +1 @@ +Mon May 2 21:23:35 UTC 2016 Regards, Szabolcs

8 years, 3 months

Build failed in Jenkins: documentation #51

by Jenkins Daemon

8 years, 3 months

Build failed in Jenkins: documentation #49

by Jenkins Daemon

8 years, 3 months

Blank main section for Import and Export screen

by Isaac Bennetch

Hi, a user on Stackoverflow is reporting that their Import and Export links don't show the main page; he/she sees the navigation pane, menu bar, and console but no content in the main pane. Any thoughts about what could cause that behavior? Report and screenshot at http://stackoverflow.com/q/36877554/2385479

8 years, 3 months

Github "rebase" feature when merging

by Isaac Bennetch

You may have already noticed, but a few weeks ago Github rolled out a new feature where you can select what type of merge to perform when merging a pull request. It appears you can now squash and rebase commits by clicking the confirmation dropdown, rather than performing an actual merge commit. This seems like a helpful feature. Isaac

8 years, 3 months

Jenkins build is back to normal : website #427

by Jenkins Daemon

See <https://ci.phpmyadmin.net/job/website/427/>

8 years, 3 months

Build failed in Jenkins: documentation #43

by Jenkins Daemon

See <https://ci.phpmyadmin.net/job/documentation/43/changes> Changes: [weblate] Translated using Weblate (Finnish) [weblate] Translated using Weblate (Norwegian Bokmål) [weblate] Translated using Weblate (Spanish) [Michal Čihař] Fix locking issues when importing SQL [Michal Čihař] Avoid not needed urlencode/urldecode for bookmarked SQL query [Michal Čihař] Avoid not neeedded urlencode/urldecode steps in multi submits [Michal Čihař] Ensure links from setup go through url.php [Michal Čihař] Avoid confusing warning when mysql extension is missing [Michal Čihař] Fix test to not depend on variables set elsewhere [Michal Čihař] Ignore args in the debug backtrace [Michal Čihař] Remove need for having define for test [Michal Čihař] Split test cases to avoid huge test methods [Michal Čihař] Improve handling of logout [Michal Čihař] Avoid double redirects in signon auth on logout [Michal Čihař] Do not remove globals on parameters cleanup [Michal Čihař] Safer handling of sessions during authentication [Michal Čihař] Add missing requie once for testsuite [Michal Čihař] Do not include vendor strings in po files [Michal Čihař] Update po files [Michal Čihař] Update po files [weblate] Translated using Weblate (Greek) [weblate] Translated using Weblate (Estonian) [Michal Čihař] Do not try to secure session in testsuite [weblate] Translated using Weblate (Interlingua) [Michal Čihař] Do not try to sync favorite tables without server [weblate] Translated using Weblate (Turkish) [weblate] Translated using Weblate (Interlingua) [weblate] Translated using Weblate (Interlingua) [Michal Čihař] Remove unused code [Michal Čihař] Avoid storing full error data in session [Michal Čihař] Fixed export of ARCHIVE tables with keys [Michal Čihař] Add session reload for config authentication [weblate] Translated using Weblate (Italian) [Michal Čihař] Add support for export user settings as config.inc.php snippet [weblate] Translated using Weblate (Italian) [Michal Čihař] Document cookie exipiry times [Michal Čihař] Do not fail on errors stored in session [Michal Čihař] Better report errors while generating SQL exports [Michal Čihař] Fix class namespace [weblate] Translated using Weblate (Dutch) [weblate] Translated using Weblate (Dutch) [weblate] Translated using Weblate (Bulgarian) [weblate] Translated using Weblate (Bulgarian) ------------------------------------------ Started by timer [EnvInject] - Loading node environment variables. Building in workspace <https://ci.phpmyadmin.net/job/documentation/ws/> > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url https://github.com/phpmyadmin/phpmyadmin.git # timeout=10 Fetching upstream changes from https://github.com/phpmyadmin/phpmyadmin.git > git --version # timeout=10 > git -c core.askpass=true fetch --tags --progress https://github.com/phpmyadmin/phpmyadmin.git +refs/heads/*:refs/remotes/origin/* > git rev-parse origin/master^{commit} # timeout=10 Checking out Revision c438069de1f82f39d9237f0bcb570c6caa0161e6 (origin/master) > git config core.sparsecheckout # timeout=10 > git checkout -f c438069de1f82f39d9237f0bcb570c6caa0161e6 > git rev-list 499be8eca1613b9805d56d3256015b960657dfd3 # timeout=10 [workspace] $ /bin/sh -xe /tmp/hudson5131126188274889667.sh + make -C doc linkcheck make: Entering directory '<https://ci.phpmyadmin.net/job/documentation/ws/doc'> sphinx-build -b linkcheck -d ./doctrees . ./linkcheck Running Sphinx v1.2.3 loading pickled environment... done building [linkcheck]: targets for 19 source files that are out of date updating environment: 0 added, 0 changed, 0 removed looking for now-outdated files... none found preparing documents... done writing output... [ 5%] bookmarks writing output... [ 10%] charts (line 25) ok http://www.jqplot.com/ writing output... [ 15%] config (line 1109) ok https://dev.mysql.com/doc/refman/5.7/en/time-zone-support.html (line 764) ok https://dev.mysql.com/doc/refman/5.7/en/grant.html (line 1382) redirect https://php.net/manual/en/features.persistent-connections.php - permanently to https://secure.php.net/manual/en/features.persistent-connections.php (line 1386) redirect https://php.net/manual/en/function.mysql-pconnect.php - permanently to https://secure.php.net/manual/en/function.mysql-pconnect.php (line 567) redirect https://php.net/manual/en/reference.pcre.pattern.syntax.php - permanently to https://secure.php.net/manual/en/reference.pcre.pattern.syntax.php (line 1637) ok http://www.google.com/recaptcha/intro/ (line 1627) ok http://www.google.com/recaptcha/intro/ (line 1388) redirect https://php.net/manual/en/mysqli.persistconns.php - permanently to https://secure.php.net/manual/en/mysqli.persistconns.php (line 1425) redirect https://php.net/session_save_path - permanently to https://secure.php.net/session_save_path (line 2978) ok https://www.phpmyadmin.net/try (line 2292) ok https://dev.mysql.com/doc/refman/5.7/en/charset-charsets.html (line 1570) redirect https://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifet… - permanently to https://secure.php.net/manual/en/session.configuration.php#ini.session.gc-m… (line 2339) redirect http://www.gnu.org/software/libiconv/documentation/libiconv/iconv_open.3.ht… - with Found to http://www.gnu.org/savannah-checkouts/gnu/libiconv/documentation/libiconv-1… writing output... [ 21%] copyright (line 28) ok http://www.gnu.org/licenses/ writing output... [ 26%] credits (line 183) ok http://www.fpdf.org/ (line 183) ok http://www.tcpdf.org/ (line 208) ok http://www.tcpdf.org (line 183) ok https://acko.net/blog/ufpdf-unicode-utf-8-extension-for-fpdf/ (line 141) ok https://sourceforge.net/projects/phpmysqlformgen/ writing output... [ 31%] developers (line 10) ok https://www.phpmyadmin.net/contribute/ writing output... [ 36%] faq (line 6) ok https://www.phpmyadmin.net/docs/ (line 192) ok https://www.phpmyadmin.net/downloads/ (line 192) ok http://www.mysql.com/ (line 175) ok http://www.ozerov.de/bigdump/ (line 46) ok https://bugs.php.net/bug.php?id=12061 (line 131) ok https://dev.mysql.com/doc/refman/5.7/en/resetting-permissions.html (line 196) ok http://mariadb.org/ (line 203) ok https://dev.mysql.com/doc/refman/5.7/en/old-client.html (line 460) ok http://httpd.apache.org (line 362) ok https://bugs.php.net/bug.php?id=21079 (line 323) ok https://dev.mysql.com/doc/refman/5.7/en/identifier-case-sensitivity.html (line 541) ok https://suhosin.org/stories/configuration.html#suhosin-post-max-vars (line 539) ok https://suhosin.org/stories/configuration.html#suhosin-request-max-vars (line 543) ok https://suhosin.org/stories/configuration.html#suhosin-request-max-array-in… (line 203) redirect https://php.net/mysqli - permanently to https://secure.php.net/mysqli (line 545) ok https://suhosin.org/stories/configuration.html#suhosin-post-max-array-index… (line 549) ok https://suhosin.org/stories/configuration.html#suhosin-post-max-totalname-l… (line 551) ok https://suhosin.org/stories/configuration.html#suhosin-get-max-value-length (line 547) ok https://suhosin.org/stories/configuration.html#suhosin-request-max-totalnam… (line 573) ok http://httpd.apache.org/docs/2.4/mod/mod_ssl.html (line 602) ok http://httpd.apache.org/docs/2.2/mod/mod_proxy.html (line 553) ok https://suhosin.org/stories/configuration.html#suhosin-sql-bailout-on-error (line 829) ok https://suhosin.org/stories/index.html (line 555) ok https://suhosin.org/stories/configuration.html#logging-configuration (line 829) ok https://suhosin.org/stories/faq.html (line 448) redirect http://tools.ietf.org/html/rfc2616.html - permanently to https://tools.ietf.org/html/rfc2616.html (line 840) ok http://php.net/manual/en/book.apc.php (line 820) ok https://bugs.php.net/bug.php?id=31134 (line 840) ok http://pecl.php.net/package/uploadprogress (line 831) ok https://bugs.php.net/bug.php?id=39842 (line 734) ok https://dev.mysql.com/doc/refman/5.7/en/can-not-connect-to-server.html (line 960) ok https://dev.mysql.com/doc/refman/5.7/en/sql-mode.html (line 853) redirect http://tools.ietf.org/html/rfc1867.html - permanently to https://tools.ietf.org/html/rfc1867.html (line 886) ok https://bugs.mysql.com/bug.php?id=21704 (line 960) ok https://sourceforge.net/p/phpmyadmin/bugs/1013/ (line 1256) ok https://bugzilla.mozilla.org/ (line 1550) ok https://dev.mysql.com/doc/refman/5.7/en/silent-column-changes.html (line 1578) ok https://dev.mysql.com/doc/refman/5.7/en/drop-table.html (line 1599) ok https://dev.mysql.com/doc/refman/5.7/en/insert-delayed.html (line 1601) ok https://dev.mysql.com/doc/refman/5.7/en/insert.html (line 1817) ok http://wiki.phpmyadmin.net/pma/Charts (line 1695) ok https://bugs.mysql.com/bug.php?id=179 (line 2114) ok https://www.phpmyadmin.net/translate/ (line 2105) ok https://www.phpmyadmin.net/security (line 2114) ok https://hosted.weblate.org/projects/phpmyadmin/ (line 2142) ok https://www.phpmyadmin.net/security/ (line 2105) ok https://github.com/phpmyadmin/phpmyadmin/issues (line 2192) ok https://sites.google.com/site/bughunteruniversity/nonvuln/csv-excel-formula… (line 1763) redirect https://php.net/strftime - permanently to https://secure.php.net/strftime writing output... [ 42%] glossary (line 26) ok https://en.wikipedia.org/wiki/Web_browser (line 21) ok https://en.wikipedia.org/wiki/Blowfish_(cipher) (line 31) ok https://en.wikipedia.org/wiki/Bzip2 (line 38) ok https://en.wikipedia.org/wiki/CGI (line 13) ok https://en.wikipedia.org/wiki/.htaccess (line 48) ok https://en.wikipedia.org/wiki/Client_(computing) (line 53) ok https://en.wikipedia.org/wiki/Column_(database) (line 63) ok https://en.wikipedia.org/wiki/Comma-separated_values (line 43) ok https://en.wikipedia.org/wiki/Changelog (line 58) ok https://en.wikipedia.org/wiki/HTTP_cookie (line 71) ok https://en.wikipedia.org/wiki/Database (line 85) ok https://en.wikipedia.org/wiki/FAQ (line 97) ok https://en.wikipedia.org/wiki/Foreign_key (line 90) ok https://en.wikipedia.org/wiki/Field_(computer_science) (line 107) ok https://en.wikipedia.org/wiki/GD_Graphics_Library (line 120) ok https://en.wikipedia.org/wiki/Host (line 115) ok https://en.wikipedia.org/wiki/Gzip (line 125) ok https://en.wikipedia.org/wiki/Hostname (line 145) ok https://en.wikipedia.org/wiki/Internet_Information_Services (line 79) ok https://en.wikipedia.org/wiki/Software_extension (line 150) ok https://en.wikipedia.org/wiki/Index_(database) (line 157) ok https://en.wikipedia.org/wiki/Internet_Protocol (line 169) ok https://en.wikipedia.org/wiki/IPv6 (line 162) ok https://en.wikipedia.org/wiki/IP_Address (line 174) ok https://en.wikipedia.org/wiki/ISAPI (line 180) ok https://en.wikipedia.org/wiki/ISP (line 188) ok https://en.wikipedia.org/wiki/JPEG (line 131) ok https://en.wikipedia.org/wiki/HyperText_Transfer_Protocol (line 199) ok https://en.wikipedia.org/wiki/LaTeX (line 209) ok https://en.wikipedia.org/wiki/Mac_OS_X (line 204) ok https://en.wikipedia.org/wiki/Mac (line 225) ok https://en.wikipedia.org/wiki/MIME (line 230) ok https://en.wikipedia.org/wiki/Apache_HTTP_Server (line 214) ok https://en.wikipedia.org/wiki/MCrypt (line 136) ok https://en.wikipedia.org/wiki/Https:_URI_scheme (line 239) ok https://en.wikipedia.org/wiki/MySQL (line 254) ok https://en.wikipedia.org/wiki/OpenDocument (line 259) ok https://en.wikipedia.org/wiki/OS_X (line 266) ok https://en.wikipedia.org/wiki/Portable_Document_Format (line 271) ok http://pear.php.net/ (line 285) ok https://en.wikipedia.org/wiki/PHP (line 290) ok https://en.wikipedia.org/wiki/Port_(computing) (line 297) ok https://en.wikipedia.org/wiki/Request_for_Comments (line 219) redirect https://php.net/mcrypt - permanently to https://secure.php.net/mcrypt (line 307) ok https://en.wikipedia.org/wiki/Row_(database) (line 244) redirect https://php.net/manual/en/book.mysqli.php - permanently to https://secure.php.net/manual/en/book.mysqli.php (line 249) redirect https://php.net/manual/en/book.mysql.php - permanently to https://secure.php.net/manual/en/book.mysql.php (line 312) ok https://en.wikipedia.org/wiki/Server_(computing) (line 322) ok https://en.wikipedia.org/wiki/Unix_domain_socket (line 328) ok https://en.wikipedia.org/wiki/Secure_Sockets_Layer (line 333) ok https://en.wikipedia.org/wiki/Stored_procedure (line 277) redirect https://php.net/pcre - permanently to https://secure.php.net/pcre (line 338) ok https://en.wikipedia.org/wiki/SQL (line 346) ok https://en.wikipedia.org/wiki/Table_(database) (line 351) ok https://en.wikipedia.org/wiki/Tar_(file_format) (line 357) ok https://en.wikipedia.org/wiki/TCP (line 367) ok https://en.wikipedia.org/wiki/Database_trigger (line 379) ok https://en.wikipedia.org/wiki/URL (line 384) ok https://en.wikipedia.org/wiki/Webserver (line 391) ok https://en.wikipedia.org/wiki/XML (line 401) ok https://en.wikipedia.org/wiki/Zlib (line 396) ok https://en.wikipedia.org/wiki/ZIP_(file_format) (line 302) redirect http://tools.ietf.org/html/rfc1952.html - permanently to https://tools.ietf.org/html/rfc1952.html (line 317) ok https://dev.mysql.com/doc/refman/5.7/en/storage-engines.html writing output... [ 47%] import_export (line 125) ok https://en.wikipedia.org/wiki/NHibernate (line 200) ok http://odf-converter.sourceforge.net/ (line 160) ok https://www.ctan.org/tex/ (line 160) ok https://www.ctan.org/ (line 258) ok https://texy.info/en/try/4q5we (line 258) ok https://texy.info/ (line 237) ok https://dev.mysql.com/doc/refman/5.7/en/packet-too-large.html (line 273) ok http://www.yaml.org (line 253) ok http://www.scriptalicious.com/blog/2009/04/complete-inserts-or-extended-ins… writing output... [ 52%] index writing output... [ 57%] intro (line 47) ok https://www.phpmyadmin.net/translations/ writing output... [ 63%] other (line 16) ok http://wiki.phpmyadmin.net/pma/Articles writing output... [ 68%] privileges writing output... [ 73%] relations writing output... [ 78%] require (line 58) ok https://jquery.com/browser-support/ (line 31) redirect https://php.net/openssl - permanently to https://secure.php.net/openssl (line 34) redirect https://php.net/curl - permanently to https://secure.php.net/curl (line 28) redirect https://php.net/libxml - permanently to https://secure.php.net/libxml (line 23) redirect https://php.net/openssl - permanently to https://secure.php.net/openssl writing output... [ 84%] setup (line 53) ok https://launchpad.net/~nijel/+archive/ubuntu/phpmyadmin (line 85) ok http://fedoraproject.org/wiki/EPEL (line 102) ok https://en.wikipedia.org/wiki/List_of_AMP_packages (line 114) ok https://getcomposer.org/ (line 85) ok http://fedoraproject.org/wiki/EPEL/FAQ#howtouse (line 131) ok https://packagist.org/ (line 98) ok https://www.apachefriends.org/index.html (line 135) ok https://www.phpmyadmin.net/packages.json (line 408) ok https://www.phpmyadmin.net/ (line 408) ok https://demo.phpmyadmin.net/master/setup/ (line 225) ok https://github.com/phpmyadmin/docker (line 436) ok https://keybase.io/ibennetch (line 427) ok https://keybase.io/lem9 (line 454) ok https://files.phpmyadmin.net/phpmyadmin.keyring (line 485) ok https://www.gnupg.org/gph/en/manual.html#AEN335 (line 485) ok http://pgp.cs.uu.nl/mk_path.cgi?FROM=00411886&TO=8259BD92 (line 145) ok https://hub.docker.com/r/phpmyadmin/phpmyadmin/ (line 47) ok http://software.opensuse.org/package/phpMyAdmin (line 865) ok https://github.com/phpmyadmin/phpmyadmin/issues/11922 (line 871) ok https://github.com/phpmyadmin/phpmyadmin/issues/11898 (line 812) redirect https://php.net/manual/en/errorfunc.configuration.php#ini.display-errors - permanently to https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-er… (line 41) broken http://anonscm.debian.org/cgit/collab-maint/phpmyadmin.git/tree/debian/READ… - timed out writing output... [ 89%] transformations (line 134) redirect https://php.net/mysql_fetch_field - permanently to https://secure.php.net/mysql_fetch_field (line 134) redirect https://php.net/mysql_fetch_field - permanently to https://secure.php.net/mysql_fetch_field writing output... [ 94%] user writing output... [100%] vendors build finished with problems. Makefile:179: recipe for target 'linkcheck' failed make: *** [linkcheck] Error 1 make: Leaving directory '<https://ci.phpmyadmin.net/job/documentation/ws/doc'> Build step 'Execute shell' marked build as failure [WARNINGS] Skipping publisher since build result is FAILURE

8 years, 3 months

Jenkins build is back to normal : phpMyAdmin-continuous #11979

by Jenkins Daemon

See <https://ci.phpmyadmin.net/job/phpMyAdmin-continuous/11979/changes>

8 years, 3 months

creating MAINT branches for each release

by Isaac Bennetch

Currently, the release instructions prompt me to create a MAINT branch for each release. That way, if we have a security fix for 4.6.2 we can go to MAINT_4_6_2 and perform the work there. I think this is overkill -- for instance, we haven't done a patch-level security release on 4.6.0 or 4.6.1. If we need to do a security release, we can create the MAINT branch later: git checkout RELEASE_4_6_2 git checkout -b MAINT_4_6_2 I'm proposing that we stop creating MAINT branches for each release. This isn't something I feel particularly strongly about, so I could be convinced to withdraw my proposal, but I don't see much value in maintaining MAINT branches we aren't using. A side-effect of this is that currently, the demo server has STABLE, QA_4_6, and MAINT_4_6_2 [1]; QA_4_6 will change until our next release and STABLE and MAINT_4_6_2 will remain the same unless we need to release a 4.6.2.1, in which case both would be updated. For the demo server, I may be missing a scenario but don't see how the current MAINT and STABLE would differ, meaning we can remove MAINT from there as well. 1 - technically, the demo server currently has MAINT_4_6_1, but based on response to this thread I'll update it soon.

8 years, 3 months

Slight bug at least in original theme

by Alec Teal

Hello there, I constructed a minimum example: Create a table (I called mine "Stuff") - first column, integer, unsigned, primary key. Second column, integer, unsigned, unique index. Create. The icon shown is a slightly less saturated primary index icon, NOT the unique one (which has a red U) Alec

8 years, 3 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Developers