Send Phpmyadmin-devel mailing list submissions to
phpmyadmin-devel@lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
or, via email, send a message with subject or body 'help' to
phpmyadmin-devel-request@lists.sourceforge.net
You can reach the person managing the list at
phpmyadmin-devel-owner@lists.sourceforge.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Phpmyadmin-devel digest..."
Today's Topics:
1. Re: guidelines for avoiding security pitfalls (Marc Delisle)
2. phpMyAdmin at Percona MySQL Live Conference & Expo 2012
(Michal ?iha?)
3. phpMyAdmin 3.4.10.2 is released (Marc Delisle)
4. Re: Automated Testing - GSoC Project Idea 2012
(yasitha pandithawatta)
From: Marc Delisle <marc@infomarc.info>
Subject: Re: [Phpmyadmin-devel] guidelines for avoiding security pitfalls
Date: March 28, 2012 5:37:54 AM PDT
To: phpmyadmin-devel@lists.sourceforge.net
Reply-To: phpmyadmin-devel@lists.sourceforge.net
Le 2012-03-28 04:53, Michal Čihař a écrit :
Hi
Dne Tue, 27 Mar 2012 22:01:05 +0200
Dieter Adriaenssens <dieter.adriaenssens@gmail.com> napsal(a):
As discussed on the team meeting in February, I started creating a
wiki page with some guidelines for avoiding security bugs [0].
The page is not finished yet, I just set out some ideas, that I will
work out in the next few days. Feel free to comment, improve or add
guidelines as you see fit.
[0] http://wiki.phpmyadmin.net/pma/Security_pitfalls
Thanks, looks great so far!
Yes, thanks. I'm wondering, are there places where we really use
htmlentities() for protection?
Also I think we should talk about PMA_sanitize().
--
Marc Delisle
http://infomarc.info
From: Michal Čihař <michal@cihar.com>
Subject: [Phpmyadmin-devel] phpMyAdmin at Percona MySQL Live Conference & Expo 2012
Date: March 28, 2012 6:44:57 AM PDT
To: phpmyadmin-devel@lists.sourceforge.net, phpmyadmin-users@lists.sf.net, phpmyadmin-news@lists.sf.net
Reply-To: phpmyadmin-devel@lists.sourceforge.net
Hi,
phpMyAdmin will be participating in the Percona MySQL Live Conference &
Expo, April 10-12, 2012, in Santa Clara, California.
Be sure to stop by and visit us at the Dot Org Pavilion!
Need a discount code? "PHP-PL12" will save you 10%.
For more information see
http://www.percona.com/live/mysql-conference-2012/
--
Michal Čihař for the phpMyAdmin team
From: Marc Delisle <marc@infomarc.info>
Subject: [Phpmyadmin-devel] phpMyAdmin 3.4.10.2 is released
Date: March 28, 2012 9:58:46 AM PDT
To: phpmyadmin-news@lists.sf.net, phpmyadmin-users@lists.sf.net, phpmyadmin-devel@lists.sf.net
Reply-To: phpmyadmin-devel@lists.sourceforge.net
Welcome to phpMyAdmin 3.4.10.2, a minor security release.
Please refer to the upcoming PMASA-2012-2 announcement on
http://www.phpmyadmin.net/home_page/security.
Details will appear on http://phpmyadmin.net. In a hurry? you can visit
http://sourceforge.net/projects/phpmyadmin to download.
Marc Delisle, for the team
From: yasitha pandithawatta <yasitha4@gmail.com>
Subject: Re: [Phpmyadmin-devel] Automated Testing - GSoC Project Idea 2012
Date: March 28, 2012 12:29:34 PM PDT
To: phpmyadmin-devel@lists.sourceforge.net
Reply-To: phpmyadmin-devel@lists.sourceforge.net
2012/3/21 yasitha pandithawatta
<yasitha4@gmail.com>
2012/3/17 yasitha pandithawatta
<yasitha4@gmail.com>
On Wed, Mar 14, 2012 at 11:04 PM, yasitha pandithawatta
<yasitha4@gmail.com> wrote:
Le 2012-03-12 15:23, Michal Čihař a écrit :
> Hi
>
> Dne Tue, 6 Mar 2012 08:53:13 +0530
> yasitha pandithawatta <
yasitha4@gmail.com> napsal(a):
>
>> I have set up the the testing environment. I tried to run some test suits.
>> I have found most of the test suits have some fatal errors. Test classes
>> under test/libraries/ are working fine.
>> I went through the AllTest.php. The required paths have some conflicts with
>> the real paths.
>>
>> Most of the cases I'll getting the following fatal error.
>>
>> PHP Fatal error: require_once(): Failed opening required
>> './test/PMA_get_real_size_test.php'
>> (include_path='.:/usr/share/php:/usr/share/pear:') in
>> /var/www/phpmyadmin-dev/test/AllTests.php on line 32
>> (File path for an example)
>>
>> And required require_once './test/FailTest.php' is not found in the package.
>>
>> What can I do for these issues?
>
> Well AllTests.php is not really used for testing. To run complete
> testsuite, running phpunit in phpMyAdmin's directory should do the job.
> I think AllTests.php is pretty much outdated and probably should be
> rather dropped...
Done, along with AllSeleniumTests.php.
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
Hi,
I went through the AllSeleniumTests.php and found the tests are outdated. I started to re write the PmaSeleniumTestCase.php and I updated the PmaSeleniumLoginTest.php. I just add the login test to the AllSeleniumTest suit. If I can get a feed back I can write the test cases for the remaining two suits. Patch was attached to the source forge patch tracker.[1]
Add a README file under /test/selenium which contains testing configuration guide.
Regards,
--
Yasitha Pandithawatta
Undergraduate
Computer Science and Engineering Department
University of Moratuwa
Sri Lanka
Hi Michal,
I wrote some selenium test cases for login. I updated the AllSeleniumTests.php and add I add a Helper class and TestConfig class which can be use when writing other test cases. I attached the changes as patch in source forge patch tracker.[1] Meanwhile Mark has removed the AllTests.php along with AllSeleniumTests.php. Since AllSeleniumTests.php class is no longer there patch will give some errors. He suggested some one familiar with selenium should involved with this. ch willCan you look for this. Adding old AllSeleniumTests.php and merge my patch will do the job.
Regards,
--
Yasitha Pandithawatta
Undergraduate
Computer Science and Engineering Department
University of Moratuwa
Sri Lanka
Hi,
I updated the patch and attached to the patch traker. [1]. It can be directly merged into the current master branch.
Regards,
--
Yasitha Pandithawatta
Undergraduate
Computer Science and Engineering Department
University of Moratuwa
Sri Lanka
Hi,
I fixed the PmaSeleniumPrivilegesTest and PmaSeleniumXssTest classes as well. I attached the patch in the source forge patch tracker.[0]
In PmaSeleniumXssTest class I added a method testQueryTabWithNullValue() to test the processing a null query. But there should be another method to handle the query with xss scripts. For this I need to call selenium.type() on the respective textarea.
But in the latest version the textarea is replaced with codemirror object. It doesn't have an id and cannot access via Xpath. Can you give any suggestion for this?
Regards,
--
Yasitha Pandithawatta
Undergraduate
Computer Science and Engineering Department
University of Moratuwa
Sri Lanka
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure_______________________________________________
Phpmyadmin-devel mailing list
Phpmyadmin-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel