Branch: refs/heads/master
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: cd4d54395b13e612d351363b72550a36306ed4fa
https://github.com/phpmyadmin/phpmyadmin/commit/cd4d54395b13e612d351363b725…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Remove another reference to Blowfish
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 5f3b69908af021c20e8f5c8520a7b90f58ea67dd
https://github.com/phpmyadmin/phpmyadmin/commit/5f3b69908af021c20e8f5c8520a…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M doc/config.rst
Log Message:
-----------
Document that we are using AES for encryption
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 5e51f178dd57e64e2cdad25b0e7f2f240c5227be
https://github.com/phpmyadmin/phpmyadmin/commit/5e51f178dd57e64e2cdad25b0e7…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Remove some blowfish mentions
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: da047efbd14a95ba20973efd829c73df5f9d2650
https://github.com/phpmyadmin/phpmyadmin/commit/da047efbd14a95ba20973efd829…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Use random per session key for encrypting password
This makes it impossible to decrypt cookies later if the key would be
compromised.
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: e433d8189bb9cf00a17602cf183334bbf8684fc9
https://github.com/phpmyadmin/phpmyadmin/commit/e433d8189bb9cf00a17602cf183…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Use phpseclib for generating session encryption key
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 51d4d514f988f5d1461e03e6da6fd249b8354742
https://github.com/phpmyadmin/phpmyadmin/commit/51d4d514f988f5d1461e03e6da6…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M index.php
M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php
Log Message:
-----------
Adjust tests to new encryption
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 234cfbf73f23027617c1c9764c61da9f118532d4
https://github.com/phpmyadmin/phpmyadmin/commit/234cfbf73f23027617c1c9764c6…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M doc/setup.rst
M libraries/config.default.php
Log Message:
-----------
Document AES usage
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 92a10d09683ffc9e3874ad5c1ed8298f73ec620e
https://github.com/phpmyadmin/phpmyadmin/commit/92a10d09683ffc9e3874ad5c1ed…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Factor out cookie storing to separate methods
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 209390c3f213558847bc88b93245f55a5d334016
https://github.com/phpmyadmin/phpmyadmin/commit/209390c3f213558847bc88b9324…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M user_password.php
Log Message:
-----------
Properly store password in cookie when changing it
Use auth plugin method to do that, otherwise it could not work properly
with autogenerated blowfish_secret.
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: bd4cccc03913111f1d0502ae1366ad00da4be275
https://github.com/phpmyadmin/phpmyadmin/commit/bd4cccc03913111f1d0502ae136…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/AuthenticationPlugin.class.php
M libraries/plugins/auth/AuthenticationCookie.class.php
M libraries/plugins/auth/AuthenticationHttp.class.php
M user_password.php
Log Message:
-----------
Move password change handling to authenticaton plugins
We should not care about plugin type while changing password, we should
just notify it and the plugin should be responsible for anything needed.
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: a7bc3a73a3375e58df0f263bd44c4f4ad6db767b
https://github.com/phpmyadmin/phpmyadmin/commit/a7bc3a73a3375e58df0f263bd44…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M user_password.php
Log Message:
-----------
Do not pas arround empty $_url_params variable
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/ceb77ce6d4fc...a7bc3a73a337
Branch: refs/heads/master
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: 98034ba148b0d9fe2abcb7519c5fbc695a19c594
https://github.com/phpmyadmin/phpmyadmin/commit/98034ba148b0d9fe2abcb7519c5…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M import.php
M libraries/bookmark.lib.php
M libraries/sql.lib.php
M libraries/sql_query_form.lib.php
Log Message:
-----------
Remove $GLOBALS['cfg']['Bookmark'] variable
It makes it impossible to include bookmark library at any time as when
it is included before configuration is loaded it caches false result for
bookmarks support.
And anyway, using superglobals is always bad idea.
Signed-off-by: Michal Čihař <michal(a)cihar.com>