Git
Threads by month
- ----- 2025 -----
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- 11 participants
- 38616 discussions
[Phpmyadmin-git] [SCM] phpMyAdmin annotated tag, RELEASE_3_3_5_1, created. RELEASE_3_3_5_1
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The annotated tag, RELEASE_3_3_5_1 has been created
at e6112b8db126558dcca7695b6ca04e8d46fad53e (tag)
tagging 5a0fec9b3c6327bf8d4be31190f0a780a0071e2c (commit)
replaces RELEASE_3_3_5
tagged by Michal Čihař
on Fri Aug 20 13:55:43 2010 +0200
- Log -----------------------------------------------------------------
Released 3.3.5.1
Herman van Rink (1):
Fix XSS on error with very long query.
Marc Delisle (2):
Fix XSS on delimiter in db_sql.php.
Limit list of correct values for sort order.
Michal Čihař (21):
Fix XSS on field_str in db_search.php.
Fix XSS on delimiter in tbl_sql.php.
Secure handling of sort_by and sort_order in server_databases.php.
Fix handling of unknown sort order.
Add option to escape PMA_sanitize output.
Escape html chars in form values.
Document PMA_sanitize.
Fix XSS on checkprivs.
Fix XSS on dbname.
Fix XSS on tablename and pred_tablename.
Fix XSS on username.
Fix XSS on hostname.
Properly check validity of sort parameter.
Do not assume that DefaultLang is escaped.
Revert "Do not assume that DefaultLang is escaped."
Fix XSS with $cfg['SQP']['fmtType'] = 'text'.
Fix possible XSS on IIS redirect page.
Avoid information disclossure on error.
Escape error message coming from MySQL to avoid XSS on bad parameters.
Changelog.
Set version to 3.3.5.1.
-----------------------------------------------------------------------
hooks/post-receive
--
phpMyAdmin
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin branch, MAINT_3_3_5, updated. RELEASE_3_3_5_1
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The branch, MAINT_3_3_5 has been updated
via 5a0fec9b3c6327bf8d4be31190f0a780a0071e2c (commit)
via d128f806057e752db082272fd5e5c2f7244821b9 (commit)
via 59b3b4916b31fa44f31b1e2d243ca7dda012ba37 (commit)
via 782b8b46be4f06c695ab713eeefbd75970358e2f (commit)
via bf60ec82e948450ae18b9e66c48d27da55ebe860 (commit)
via f273e6cbf6e2eea7367f7ef9c63c97ea55b92ca0 (commit)
via d2e0e09e0d402555a6223f0b683fdbfa97821a63 (commit)
via b337f45a0a1ba8ff28e3d13f194f137e9aa85e8e (commit)
via 05ca00e0a20d0eb4848d69bf7a1365df5bba872d (commit)
via 48e909660032ddcbc13172830761e363e7a64d72 (commit)
via be0f47a93141e2950ad400b8d22a2a98512825c2 (commit)
via cd205cc55a46e3dc0f8883966f5c854f842e1000 (commit)
via 7dc6cea06522b2d4af50934c983f3967540a4918 (commit)
via 6028221d97efa2a7d56a61ab4c5750d1b2343619 (commit)
via 2a1233b69ccc6c64819c2840ca5277c2dde0b9e0 (commit)
via 25ac7de38c125d8067f42bab24212891389ac1e3 (commit)
via fa30188dde357426d339d0d7e29a3969f88d188a (commit)
via 00add5c43f594f80dab6304a5bb35d2e50540d2d (commit)
via c75e41d5d8cdd9bbc745c8cbe2c16998fda1de0c (commit)
via 533e10213590e7ccd83b98a5cd19ba1c3be119dd (commit)
via ea3b718fc379c15e773cc2f18ea4c8ccfa9af57b (commit)
via 7f266483b827fb05a4be11663003418c2ef1c878 (commit)
via 5bcd95a42c8ba924d389eafee4d7be80bd4039a3 (commit)
via 6d548f7d449b7d4b796949d10a503484f63eaf82 (commit)
from f3f073a0ba8fe8e3857d98a84627bda53d50dc5e (commit)
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 3 +++
Documentation.html | 4 ++--
README | 4 ++--
db_search.php | 2 +-
db_sql.php | 2 +-
error.php | 10 +++++++---
libraries/Config.class.php | 2 +-
libraries/common.lib.php | 9 +++++----
libraries/database_interface.lib.php | 4 ++++
libraries/db_info.inc.php | 3 ++-
libraries/dbi/mysql.dbi.lib.php | 2 ++
libraries/dbi/mysqli.dbi.lib.php | 2 ++
libraries/sanitizing.lib.php | 17 +++++++++++++++--
libraries/sqlparser.lib.php | 2 +-
server_databases.php | 22 ++++++++++++++++++----
server_privileges.php | 30 +++++++++++++++---------------
sql.php | 14 +++++++-------
tbl_sql.php | 2 +-
translators.html | 4 ++--
19 files changed, 91 insertions(+), 47 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 53adf96..4183ff5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - ChangeLog
$Id$
$HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/… $
+3.3.5.1 (2010-10-20)
+- [core] Fixed various XSS issues, see PMASA-2010-5 for more details.
+
3.3.5.0 (2010-07-26)
- patch #2932113 [information_schema] Slow export when having lots of
databases, thanks to Stéphane Pontier - shadow_walker
diff --git a/Documentation.html b/Documentation.html
index 100b9ae..289d02a 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -10,7 +10,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
<link rel="icon" href="./favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>phpMyAdmin 3.3.5 - Documentation</title>
+ <title>phpMyAdmin 3.3.5.1 - Documentation</title>
<link rel="stylesheet" type="text/css" href="docs.css" />
</head>
@@ -18,7 +18,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
<div id="header">
<h1>
<a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a>
- 3.3.5
+ 3.3.5.1
Documentation
</h1>
</div>
diff --git a/README b/README
index 279f66f..072d0d9 100644
--- a/README
+++ b/README
@@ -5,8 +5,8 @@ phpMyAdmin - Readme
A set of PHP-scripts to manage MySQL over the web.
- Version 3.3.5
- -------------
+ Version 3.3.5.1
+ ---------------
http://www.phpmyadmin.net/
Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller.com>
diff --git a/db_search.php b/db_search.php
index 751675d..455aa61 100644
--- a/db_search.php
+++ b/db_search.php
@@ -355,7 +355,7 @@ $alter_select =
<tr><td align="right">
<?php echo $GLOBALS['strSearchInField']; ?></td>
<td><input type="text" name="field_str" size="60"
- value="<?php echo ! empty($field_str) ? $field_str : ''; ?>" /></td>
+ value="<?php echo ! empty($field_str) ? htmlspecialchars($field_str) : ''; ?>" /></td>
</tr>
</table>
</fieldset>
diff --git a/db_sql.php b/db_sql.php
index 2ac198b..420561e 100644
--- a/db_sql.php
+++ b/db_sql.php
@@ -37,7 +37,7 @@ if ($num_tables == 0 && empty($db_query_force)) {
/**
* Query box, bookmark, insert data from textfile
*/
-PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? $_REQUEST['delimiter'] : ';');
+PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? htmlspecialchars($_REQUEST['delimiter']) : ';');
/**
* Displays the footer
diff --git a/error.php b/error.php
index 674d08e..7e86ffb 100644
--- a/error.php
+++ b/error.php
@@ -76,10 +76,14 @@ header('Content-Type: text/html; charset=' . $charset);
<body>
<h1>phpMyAdmin - <?php echo $type; ?></h1>
<p><?php
-if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
- echo PMA_sanitize(stripslashes($_REQUEST['error']));
+if (!empty($_REQUEST['error'])) {
+ if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
+ echo PMA_sanitize(stripslashes($_REQUEST['error']));
+ } else {
+ echo PMA_sanitize($_REQUEST['error']);
+ }
} else {
- echo PMA_sanitize($_REQUEST['error']);
+ echo 'No error message!';
}
?></p>
</body>
diff --git a/libraries/Config.class.php b/libraries/Config.class.php
index e73de8b..0ac18b2 100644
--- a/libraries/Config.class.php
+++ b/libraries/Config.class.php
@@ -92,7 +92,7 @@ class PMA_Config
*/
function checkSystem()
{
- $this->set('PMA_VERSION', '3.3.5');
+ $this->set('PMA_VERSION', '3.3.5.1');
/**
* @deprecated
*/
diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index c62d518..4a9c789 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -575,7 +575,7 @@ function PMA_mysqlDie($error_message = '', $the_query = '',
$formatted_sql = '';
} else {
if (strlen($the_query) > $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) {
- $formatted_sql = substr($the_query, 0, $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) . '[...]';
+ $formatted_sql = htmlspecialchars(substr($the_query, 0, $GLOBALS['cfg']['MaxCharactersInDisplayedSQL'])) . '[...]';
} else {
$formatted_sql = PMA_formatSql(PMA_SQP_parse($the_query), $the_query);
}
@@ -705,22 +705,23 @@ function PMA_mysqlDie($error_message = '', $the_query = '',
function PMA_sendHeaderLocation($uri)
{
if (PMA_IS_IIS && strlen($uri) > 600) {
+ require_once './libraries/js_escape.lib.php';
echo '<html><head><title>- - -</title>' . "\n";
echo '<meta http-equiv="expires" content="0">' . "\n";
echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
- echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n";
+ echo '<meta http-equiv="Refresh" content="0;url=' . htmlspecialchars($uri) . '">' . "\n";
echo '<script type="text/javascript">' . "\n";
echo '//<![CDATA[' . "\n";
- echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n";
+ echo 'setTimeout("window.location = unescape(\'"' . PMA_escapeJsString($uri) . '"\')", 2000);' . "\n";
echo '//]]>' . "\n";
echo '</script>' . "\n";
echo '</head>' . "\n";
echo '<body>' . "\n";
echo '<script type="text/javascript">' . "\n";
echo '//<![CDATA[' . "\n";
- echo 'document.write(\'<p><a href="' . $uri . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
+ echo 'document.write(\'<p><a href="' . htmlspecialchars($uri) . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
echo '//]]>' . "\n";
echo '</script></body></html>' . "\n";
diff --git a/libraries/database_interface.lib.php b/libraries/database_interface.lib.php
index a7d9e72..3c0408d 100644
--- a/libraries/database_interface.lib.php
+++ b/libraries/database_interface.lib.php
@@ -205,6 +205,10 @@ function PMA_usort_comparison_callback($a, $b)
} else {
$sorter = 'strcasecmp';
}
+ /* No sorting when key is not present */
+ if (!isset($a[$GLOBALS['callback_sort_by']]) || ! isset($b[$GLOBALS['callback_sort_by']])) {
+ return 0;
+ }
// produces f.e.:
// return -1 * strnatcasecmp($a["SCHEMA_TABLES"], $b["SCHEMA_TABLES"])
return ($GLOBALS['callback_sort_order'] == 'ASC' ? 1 : -1) * $sorter($a[$GLOBALS['callback_sort_by']], $b[$GLOBALS['callback_sort_by']]);
diff --git a/libraries/db_info.inc.php b/libraries/db_info.inc.php
index 4f59baa..1e5b401 100644
--- a/libraries/db_info.inc.php
+++ b/libraries/db_info.inc.php
@@ -213,7 +213,8 @@ if (! isset($sot_ready)) {
);
// Make sure the sort type is implemented
- if ($sort = $sortable_name_mappings[$_REQUEST['sort']]) {
+ if (isset($sortable_name_mappings[$_REQUEST['sort']])) {
+ $sort = $sortable_name_mappings[$_REQUEST['sort']];
if ($_REQUEST['sort_order'] == 'DESC') {
$sort_order = 'DESC';
}
diff --git a/libraries/dbi/mysql.dbi.lib.php b/libraries/dbi/mysql.dbi.lib.php
index 2754588..4750ee2 100644
--- a/libraries/dbi/mysql.dbi.lib.php
+++ b/libraries/dbi/mysql.dbi.lib.php
@@ -348,6 +348,8 @@ function PMA_DBI_getError($link = null)
$error_message = PMA_DBI_convert_message($error_message);
}
+ $error_message = htmlspecialchars($error_message);
+
// Some errors messages cannot be obtained by mysql_error()
if ($error_number == 2002) {
$error = '#' . ((string) $error_number) . ' - ' . $GLOBALS['strServerNotResponding'] . ' ' . $GLOBALS['strSocketProblem'];
diff --git a/libraries/dbi/mysqli.dbi.lib.php b/libraries/dbi/mysqli.dbi.lib.php
index 913bce6..52f7601 100644
--- a/libraries/dbi/mysqli.dbi.lib.php
+++ b/libraries/dbi/mysqli.dbi.lib.php
@@ -406,6 +406,8 @@ function PMA_DBI_getError($link = null)
$error_message = PMA_DBI_convert_message($error_message);
}
+ $error_message = htmlspecialchars($error_message);
+
if ($error_number == 2002) {
$error = '#' . ((string) $error_number) . ' - ' . $GLOBALS['strServerNotResponding'] . ' ' . $GLOBALS['strSocketProblem'];
} else {
diff --git a/libraries/sanitizing.lib.php b/libraries/sanitizing.lib.php
index 2b54bf1..d17fc50 100644
--- a/libraries/sanitizing.lib.php
+++ b/libraries/sanitizing.lib.php
@@ -9,17 +9,26 @@
/**
* Sanitizes $message, taking into account our special codes
- * for formatting
+ * for formatting.
+ *
+ * If you want to include result in element attribute, you should escape it.
+ *
+ * Examples:
+ *
+ * <p><?php echo PMA_sanitize($foo); ?></p>
+ *
+ * <a title="<?php echo PMA_sanitize($foo, true); ?>">bar</a>
*
* @uses preg_replace()
* @uses strtr()
* @param string the message
+ * @param boolean whether to escape html in result
*
* @return string the sanitized message
*
* @access public
*/
-function PMA_sanitize($message)
+function PMA_sanitize($message, $escape = false)
{
$replace_pairs = array(
'<' => '<',
@@ -67,6 +76,10 @@ function PMA_sanitize($message)
$message = preg_replace($pattern, '<a href="\1" target="\2">', $message);
}
+ if ($escape) {
+ $message = htmlspecialchars($message);
+ }
+
return $message;
}
?>
diff --git a/libraries/sqlparser.lib.php b/libraries/sqlparser.lib.php
index 53f239a..f844e23 100644
--- a/libraries/sqlparser.lib.php
+++ b/libraries/sqlparser.lib.php
@@ -2456,7 +2456,7 @@ if (! defined('PMA_MINIMUM_COMMON')) {
}
$after .= "\n";
*/
- $str .= $before . ($mode=='color' ? PMA_SQP_formatHTML_colorize($arr[$i]) : $arr[$i]['data']). $after;
+ $str .= $before . ($mode=='color' ? PMA_SQP_formatHTML_colorize($arr[$i]) : htmlspecialchars($arr[$i]['data'])). $after;
} // end for
if ($mode=='color') {
$str .= '</span>';
diff --git a/server_databases.php b/server_databases.php
index 47037cc..5e6d0ec 100644
--- a/server_databases.php
+++ b/server_databases.php
@@ -22,7 +22,21 @@ require './libraries/replication.inc.php';
if (empty($_REQUEST['sort_by'])) {
$sort_by = 'SCHEMA_NAME';
} else {
- $sort_by = PMA_sanitize($_REQUEST['sort_by']);
+ $sort_by_whitelist = array(
+ 'SCHEMA_NAME',
+ 'DEFAULT_COLLATION_NAME',
+ 'SCHEMA_TABLES',
+ 'SCHEMA_TABLE_ROWS',
+ 'SCHEMA_DATA_LENGTH',
+ 'SCHEMA_INDEX_LENGTH',
+ 'SCHEMA_LENGTH',
+ 'SCHEMA_DATA_FREE'
+ );
+ if (in_array($_REQUEST['sort_by'], $sort_by_whitelist)) {
+ $sort_by = $_REQUEST['sort_by'];
+ } else {
+ $sort_by = 'SCHEMA_NAME';
+ }
}
if (isset($_REQUEST['sort_order'])
@@ -342,11 +356,11 @@ if ($databases_count > 0) {
unset($column_order, $stat_name, $stat, $databases, $table_columns);
if ($is_superuser || $cfg['AllowUserDropDatabase']) {
- $common_url_query = PMA_generate_common_url() . '&sort_by=' . $sort_by . '&sort_order=' . $sort_order . '&dbstats=' . $dbstats;
+ $common_url_query = PMA_generate_common_url(array('sort_by' => $sort_by, 'sort_order' => $sort_order, 'dbstats' => $dbstats));
echo '<img class="selectallarrow" src="' . $pmaThemeImage . 'arrow_' . $text_dir . '.png" width="38" height="22" alt="' . $strWithChecked . '" />' . "\n"
- . '<a href="./server_databases.php?' . $common_url_query . '&checkall=1" onclick="if (markAllRows(\'tabledatabases\')) return false;">' . "\n"
+ . '<a href="./server_databases.php' . $common_url_query . '&checkall=1" onclick="if (markAllRows(\'tabledatabases\')) return false;">' . "\n"
. ' ' . $strCheckAll . '</a> / ' . "\n"
- . '<a href="./server_databases.php?' . $common_url_query . '" onclick="if (unMarkAllRows(\'tabledatabases\')) return false;">' . "\n"
+ . '<a href="./server_databases.php' . $common_url_query . '" onclick="if (unMarkAllRows(\'tabledatabases\')) return false;">' . "\n"
. ' ' . $strUncheckAll . '</a>' . "\n"
. '<i>' . $strWithChecked . '</i>' . "\n";
PMA_buttonOrImage('drop_selected_dbs', 'mult_submit', 'drop_selected_dbs', $strDrop, 'b_deltbl.png');
diff --git a/server_privileges.php b/server_privileges.php
index fd2796f..d43896b 100644
--- a/server_privileges.php
+++ b/server_privileges.php
@@ -1151,7 +1151,7 @@ if (!empty($update_privs)) {
}
$sql_query = $sql_query0 . ' ' . $sql_query1 . ' ' . $sql_query2;
$message = PMA_Message::success('strUpdatePrivMessage');
- $message->addParam('\'' . $username . '\'@\'' . $hostname . '\'');
+ $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
}
@@ -1175,7 +1175,7 @@ if (isset($_REQUEST['revokeall'])) {
}
$sql_query = $sql_query0 . ' ' . $sql_query1;
$message = PMA_Message::success('strRevokeMessage');
- $message->addParam('\'' . $username . '\'@\'' . $hostname . '\'');
+ $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
if (! isset($tablename)) {
unset($dbname);
} else {
@@ -1211,7 +1211,7 @@ if (isset($_REQUEST['change_pw'])) {
PMA_DBI_try_query($local_query)
or PMA_mysqlDie(PMA_DBI_getError(), $sql_query, FALSE, $err_url);
$message = PMA_Message::success('strPasswordChanged');
- $message->addParam('\'' . $username . '\'@\'' . $hostname . '\'');
+ $message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
}
}
@@ -1590,8 +1590,8 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
if (isset($dbname)) {
echo ' <i><a href="server_privileges.php?'
- . $GLOBALS['url_query'] . '&username=' . urlencode($username)
- . '&hostname=' . urlencode($hostname) . '&dbname=&tablename=">\''
+ . $GLOBALS['url_query'] . '&username=' . htmlspecialchars(urlencode($username))
+ . '&hostname=' . htmlspecialchars(urlencode($hostname)) . '&dbname=&tablename=">\''
. htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname)
. '\'</a></i>' . "\n";
$url_dbname = urlencode(str_replace(array('\_', '\%'), array('_', '%'), $dbname));
@@ -1599,8 +1599,8 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
echo ' - ' . ($dbname_is_wildcard ? $GLOBALS['strDatabases'] : $GLOBALS['strDatabase'] );
if (isset($tablename)) {
echo ' <i><a href="server_privileges.php?' . $GLOBALS['url_query']
- . '&username=' . urlencode($username) . '&hostname=' . urlencode($hostname)
- . '&dbname=' . $url_dbname . '&tablename=">' . htmlspecialchars($dbname) . '</a></i>';
+ . '&username=' . htmlspecialchars(urlencode($username)) . '&hostname=' . htmlspecialchars(urlencode($hostname))
+ . '&dbname=' . htmlspecialchars($url_dbname) . '&tablename=">' . htmlspecialchars($dbname) . '</a></i>';
echo ' - ' . $GLOBALS['strTable'] . ' <i>' . htmlspecialchars($tablename) . '</i>';
} else {
echo ' <i>' . htmlspecialchars($dbname) . '</i>';
@@ -1834,16 +1834,16 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
}
echo '</td>' . "\n"
. ' <td>';
- printf($link_edit, urlencode($username),
- urlencode($hostname),
- urlencode((! isset($dbname)) ? $row['Db'] : $dbname),
+ printf($link_edit, htmlspecialchars(urlencode($username)),
+ urlencode(htmlspecialchars($hostname)),
+ urlencode((! isset($dbname)) ? $row['Db'] : htmlspecialchars($dbname)),
urlencode((! isset($dbname)) ? '' : $row['Table_name']));
echo '</td>' . "\n"
. ' <td>';
if (! empty($row['can_delete']) || isset($row['Table_name']) && strlen($row['Table_name'])) {
- printf($link_revoke, urlencode($username),
- urlencode($hostname),
- urlencode((! isset($dbname)) ? $row['Db'] : $dbname),
+ printf($link_revoke, htmlspecialchars(urlencode($username)),
+ urlencode(htmlspecialchars($hostname)),
+ urlencode((! isset($dbname)) ? $row['Db'] : htmlspecialchars($dbname)),
urlencode((! isset($dbname)) ? '' : $row['Table_name']));
}
echo '</td>' . "\n"
@@ -1923,7 +1923,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
if (isset($tablename)) {
echo ' [ ' . $GLOBALS['strTable'] . ' <a href="'
. $GLOBALS['cfg']['DefaultTabTable'] . '?' . $GLOBALS['url_query']
- . '&db=' . $url_dbname . '&table=' . urlencode($tablename)
+ . '&db=' . $url_dbname . '&table=' . htmlspecialchars(urlencode($tablename))
. '&reload=1">' . htmlspecialchars($tablename) . ': '
. PMA_getTitleForTarget($GLOBALS['cfg']['DefaultTabTable'])
. "</a> ]\n";
@@ -2150,7 +2150,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
// Offer to create a new user for the current database
echo '<fieldset id="fieldset_add_user">' . "\n"
- . ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1&dbname=' . $checkprivs .'">' . "\n"
+ . ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1&dbname=' . htmlspecialchars($checkprivs) .'">' . "\n"
. PMA_getIcon('b_usradd.png')
. ' ' . $GLOBALS['strAddUser'] . '</a>' . "\n"
. '</fieldset>' . "\n";
diff --git a/sql.php b/sql.php
index 4898860..15b1beb 100644
--- a/sql.php
+++ b/sql.php
@@ -175,14 +175,14 @@ if ($do_confirm) {
.PMA_generate_common_hidden_inputs($db, $table);
?>
<input type="hidden" name="sql_query" value="<?php echo htmlspecialchars($sql_query); ?>" />
- <input type="hidden" name="zero_rows" value="<?php echo isset($zero_rows) ? PMA_sanitize($zero_rows) : ''; ?>" />
+ <input type="hidden" name="zero_rows" value="<?php echo isset($zero_rows) ? PMA_sanitize($zero_rows, true) : ''; ?>" />
<input type="hidden" name="goto" value="<?php echo $goto; ?>" />
- <input type="hidden" name="back" value="<?php echo isset($back) ? PMA_sanitize($back) : ''; ?>" />
- <input type="hidden" name="reload" value="<?php echo isset($reload) ? PMA_sanitize($reload) : 0; ?>" />
- <input type="hidden" name="purge" value="<?php echo isset($purge) ? PMA_sanitize($purge) : ''; ?>" />
- <input type="hidden" name="cpurge" value="<?php echo isset($cpurge) ? PMA_sanitize($cpurge) : ''; ?>" />
- <input type="hidden" name="purgekey" value="<?php echo isset($purgekey) ? PMA_sanitize($purgekey) : ''; ?>" />
- <input type="hidden" name="show_query" value="<?php echo isset($show_query) ? PMA_sanitize($show_query) : ''; ?>" />
+ <input type="hidden" name="back" value="<?php echo isset($back) ? PMA_sanitize($back, true) : ''; ?>" />
+ <input type="hidden" name="reload" value="<?php echo isset($reload) ? PMA_sanitize($reload, true) : 0; ?>" />
+ <input type="hidden" name="purge" value="<?php echo isset($purge) ? PMA_sanitize($purge, true) : ''; ?>" />
+ <input type="hidden" name="cpurge" value="<?php echo isset($cpurge) ? PMA_sanitize($cpurge, true) : ''; ?>" />
+ <input type="hidden" name="purgekey" value="<?php echo isset($purgekey) ? PMA_sanitize($purgekey, true) : ''; ?>" />
+ <input type="hidden" name="show_query" value="<?php echo isset($show_query) ? PMA_sanitize($show_query, true) : ''; ?>" />
<?php
echo '<fieldset class="confirmation">' . "\n"
.' <legend>' . $strDoYouReally . '</legend>'
diff --git a/tbl_sql.php b/tbl_sql.php
index 5565d92..f3c3aac 100644
--- a/tbl_sql.php
+++ b/tbl_sql.php
@@ -38,7 +38,7 @@ require_once './libraries/tbl_links.inc.php';
/**
* Query box, bookmark, insert data from textfile
*/
-PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? $_REQUEST['delimiter'] : ';');
+PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? htmlspecialchars($_REQUEST['delimiter']) : ';');
/**
* Displays the footer
diff --git a/translators.html b/translators.html
index d847a9e..eb8c6ff 100644
--- a/translators.html
+++ b/translators.html
@@ -11,7 +11,7 @@
<link rel="icon" href="./favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>phpMyAdmin 3.3.5 - Official translators</title>
+ <title>phpMyAdmin 3.3.5.1 - Official translators</title>
<link rel="stylesheet" type="text/css" href="docs.css" />
</head>
@@ -19,7 +19,7 @@
<div id="header">
<h1>
<a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a>
- 3.3.5
+ 3.3.5.1
official translators list
</h1>
</div>
hooks/post-receive
--
phpMyAdmin
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin annotated tag, RELEASE_2_11_10_1, created. RELEASE_2_11_10_1
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The annotated tag, RELEASE_2_11_10_1 has been created
at acb28084b99d21da7f6a49cbac70097d51e897e7 (tag)
tagging b1cb5590eefd2977bdb3a6e45796d5a4189e95ad (commit)
replaces RELEASE_2_11_10
tagged by Michal Čihař
on Fri Aug 20 13:47:26 2010 +0200
- Log -----------------------------------------------------------------
Released 2.11.10.1
Herman van Rink (1):
Fix XSS on error with very long query.
Marc Delisle (1):
Fix XSS on delimiter in db_sql.php.
Michal Čihař (17):
Fix XSS on delimiter in tbl_sql.php.
Secure handling of sort_by and sort_order in server_databases.php.
Fix handling of unknown sort order.
Add option to escape PMA_sanitize output.
Escape html chars in form values.
Document PMA_sanitize.
Fix XSS on dbname.
Fix XSS on tablename and pred_tablename.
Fix XSS on username.
Fix XSS on hostname.
Properly escape key name when generating config file.
Fix XSS with $cfg['SQP']['fmtType'] = 'text'.
Fix possible XSS on IIS redirect page.
Avoid information disclossure on error.
Escape error message coming from MySQL to avoid XSS on bad parameters.
Changelog.
Set version to 2.11.10.1.
-----------------------------------------------------------------------
hooks/post-receive
--
phpMyAdmin
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin branch, MAINT_2_11_10, updated. RELEASE_2_11_10-19-gb1cb559
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The branch, MAINT_2_11_10 has been updated
via b1cb5590eefd2977bdb3a6e45796d5a4189e95ad (commit)
via 437e00ef2eec5fbc743f652c93d90b3853dcf825 (commit)
via a88dbaf305a44107ffb557e9d93512792744af84 (commit)
via e7d10a6d53582abcf20455ad0051048a991023af (commit)
via 2051a861f8a968dafc297650036cc7e640a18887 (commit)
via 0fd0512c9b7344abad60ab9effb7b7537b2b5d08 (commit)
via 4a50055d52cb1d6ba125b743b0eb422d5549b9c9 (commit)
via 30c83acddb58d3bbf940b5f9ec28abf5b235f4d2 (commit)
via a7c004d8d4069ca3c7d1c221f37b9cab39e36aaf (commit)
via 8b7f07cd954221f276ab11e2c3d98f18deb2f551 (commit)
via 1fe1aa6c0e2d85bed1343f4be21d672368e0a9c1 (commit)
via 8b8ce64792bb981cefc37a19f29f28f112df1c16 (commit)
via 0fe30236fac3c00ff123b9d48cc0b4b2ff6a7746 (commit)
via a4a54da173440d4c5097aececef56c28c14dc52e (commit)
via c69fca50ee81ff74cda860aad339d4185d32e194 (commit)
via c910f4c9ec9af876675d96df3fa65d7fc4551cc6 (commit)
via 08e27b89077df26a0f7f0390322bbe80e0437aa1 (commit)
via 110c44a7a3117b94b065742606cc6f7bc05f8cd5 (commit)
via 4951fd1c854d88e22935fd55d342fcb1670dc8e4 (commit)
from 8535d48ae9c8ea554393802db68dbc9ec571b864 (commit)
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 5 +++++
Documentation.html | 4 ++--
README | 4 ++--
db_sql.php | 2 +-
error.php | 10 +++++++---
libraries/Config.class.php | 2 +-
libraries/common.lib.php | 9 +++++----
libraries/database_interface.lib.php | 4 ++++
libraries/dbi/mysql.dbi.lib.php | 2 ++
libraries/dbi/mysqli.dbi.lib.php | 2 ++
libraries/sanitizing.lib.php | 17 +++++++++++++++--
libraries/sqlparser.lib.php | 2 +-
scripts/setup.php | 1 +
server_databases.php | 6 +++---
server_privileges.php | 32 ++++++++++++++++----------------
sql.php | 14 +++++++-------
tbl_sql.php | 2 +-
translators.html | 4 ++--
18 files changed, 77 insertions(+), 45 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 8c3a59a..e20be30 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,11 @@ phpMyAdmin - ChangeLog
$Id$
$HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/… $
+2.11.10.1 (2010-08-20)
+- [setup] Fixed output sanitizing in setup script, see PMASA-2010-4 for
+ more details.
+- [core] Fixed various XSS issues, see PMASA-2010-5 for more details.
+
2.11.10.0 (2009-12-07)
- [core] safer handling of temporary files with open_basedir (thanks to Thijs
Kinkhorst)
diff --git a/Documentation.html b/Documentation.html
index 8998b08..85b6715 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -11,7 +11,7 @@
<link rel="icon" href="./favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
- <title>phpMyAdmin 2.11.10 - Documentation</title>
+ <title>phpMyAdmin 2.11.10.1 - Documentation</title>
<link rel="stylesheet" type="text/css" href="docs.css" />
</head>
@@ -33,7 +33,7 @@
<li><a href="#glossary">Glossary</a></li>
</ul>
-<h1>phpMyAdmin 2.11.10 Documentation</h1>
+<h1>phpMyAdmin 2.11.10.1 Documentation</h1>
<ul><li><a href="http://www.phpmyadmin.net/">
phpMyAdmin homepage</a></li>
diff --git a/README b/README
index a6b34c8..9480f6a 100644
--- a/README
+++ b/README
@@ -5,8 +5,8 @@ phpMyAdmin - Readme
A set of PHP-scripts to manage MySQL over the web.
- Version 2.11.10
- ---------------
+ Version 2.11.10.1
+ -----------------
http://www.phpmyadmin.net/
Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller.com>
diff --git a/db_sql.php b/db_sql.php
index 6c582c3..32d30e4 100644
--- a/db_sql.php
+++ b/db_sql.php
@@ -36,7 +36,7 @@ if ($num_tables == 0 && empty($db_query_force)) {
/**
* Query box, bookmark, insert data from textfile
*/
-PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? $_REQUEST['delimiter'] : ';');
+PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? htmlspecialchars($_REQUEST['delimiter']) : ';');
/**
* Displays the footer
diff --git a/error.php b/error.php
index e0abb44..750ac60 100644
--- a/error.php
+++ b/error.php
@@ -73,10 +73,14 @@ header('Content-Type: text/html; charset=' . $charset);
<body>
<h1>phpMyAdmin - <?php echo $type; ?></h1>
<p><?php
-if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
- echo PMA_sanitize(stripslashes($_REQUEST['error']));
+if (!empty($_REQUEST['error'])) {
+ if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
+ echo PMA_sanitize(stripslashes($_REQUEST['error']));
+ } else {
+ echo PMA_sanitize($_REQUEST['error']);
+ }
} else {
- echo PMA_sanitize($_REQUEST['error']);
+ echo 'No error message!';
}
?></p>
</body>
diff --git a/libraries/Config.class.php b/libraries/Config.class.php
index 05bd2e1..6029a03 100644
--- a/libraries/Config.class.php
+++ b/libraries/Config.class.php
@@ -85,7 +85,7 @@ class PMA_Config
*/
function checkSystem()
{
- $this->set('PMA_VERSION', '2.11.10');
+ $this->set('PMA_VERSION', '2.11.10.1');
/**
* @deprecated
*/
diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index 626bbe3..716af94 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -473,7 +473,7 @@ function PMA_mysqlDie($error_message = '', $the_query = '',
$formatted_sql = '';
} else {
if (strlen($the_query) > $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) {
- $formatted_sql = substr($the_query, 0, $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) . '[...]';
+ $formatted_sql = htmlspecialchars(substr($the_query, 0, $GLOBALS['cfg']['MaxCharactersInDisplayedSQL'])) . '[...]';
} else {
$formatted_sql = PMA_formatSql(PMA_SQP_parse($the_query), $the_query);
}
@@ -622,22 +622,23 @@ function PMA_convert_using($string, $mode='unquoted', $force_utf8 = false)
function PMA_sendHeaderLocation($uri)
{
if (PMA_IS_IIS && strlen($uri) > 600) {
+ require_once './libraries/js_escape.lib.php';
echo '<html><head><title>- - -</title>' . "\n";
echo '<meta http-equiv="expires" content="0">' . "\n";
echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
- echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n";
+ echo '<meta http-equiv="Refresh" content="0;url=' . htmlspecialchars($uri) . '">' . "\n";
echo '<script type="text/javascript">' . "\n";
echo '//<![CDATA[' . "\n";
- echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n";
+ echo 'setTimeout("window.location = unescape(\'"' . PMA_escapeJsString($uri) . '"\')", 2000);' . "\n";
echo '//]]>' . "\n";
echo '</script>' . "\n";
echo '</head>' . "\n";
echo '<body>' . "\n";
echo '<script type="text/javascript">' . "\n";
echo '//<![CDATA[' . "\n";
- echo 'document.write(\'<p><a href="' . $uri . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
+ echo 'document.write(\'<p><a href="' . htmlspecialchars($uri) . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
echo '//]]>' . "\n";
echo '</script></body></html>' . "\n";
diff --git a/libraries/database_interface.lib.php b/libraries/database_interface.lib.php
index 9a40c55..b7d122c 100644
--- a/libraries/database_interface.lib.php
+++ b/libraries/database_interface.lib.php
@@ -208,6 +208,10 @@ function PMA_usort_comparison_callback($a, $b)
} else {
$sorter = 'strcasecmp';
}
+ /* No sorting when key is not present */
+ if (!isset($a[$GLOBALS['callback_sort_by']]) || ! isset($b[$GLOBALS['callback_sort_by']])) {
+ return 0;
+ }
// produces f.e.:
// return -1 * strnatcasecmp($a["SCHEMA_TABLES"], $b["SCHEMA_TABLES"])
return ($GLOBALS['callback_sort_order'] == 'ASC' ? 1 : -1) * $sorter($a[$GLOBALS['callback_sort_by']], $b[$GLOBALS['callback_sort_by']]);
diff --git a/libraries/dbi/mysql.dbi.lib.php b/libraries/dbi/mysql.dbi.lib.php
index 3ae84b8..b0275b1 100644
--- a/libraries/dbi/mysql.dbi.lib.php
+++ b/libraries/dbi/mysql.dbi.lib.php
@@ -300,6 +300,8 @@ function PMA_DBI_getError($link = null)
$error_message = PMA_DBI_convert_message($error_message);
}
+ $error_message = htmlspecialchars($error_message);
+
// Some errors messages cannot be obtained by mysql_error()
if ($error_number == 2002) {
$error = '#' . ((string) $error_number) . ' - ' . $GLOBALS['strServerNotResponding'] . ' ' . $GLOBALS['strSocketProblem'];
diff --git a/libraries/dbi/mysqli.dbi.lib.php b/libraries/dbi/mysqli.dbi.lib.php
index 705477e..13b3eaf 100644
--- a/libraries/dbi/mysqli.dbi.lib.php
+++ b/libraries/dbi/mysqli.dbi.lib.php
@@ -417,6 +417,8 @@ function PMA_DBI_getError($link = null)
$error_message = PMA_DBI_convert_message($error_message);
}
+ $error_message = htmlspecialchars($error_message);
+
if ($error_number == 2002) {
$error = '#' . ((string) $error_number) . ' - ' . $GLOBALS['strServerNotResponding'] . ' ' . $GLOBALS['strSocketProblem'];
} elseif (defined('PMA_MYSQL_INT_VERSION') && PMA_MYSQL_INT_VERSION >= 40100) {
diff --git a/libraries/sanitizing.lib.php b/libraries/sanitizing.lib.php
index 388ca13..3ba7224 100644
--- a/libraries/sanitizing.lib.php
+++ b/libraries/sanitizing.lib.php
@@ -7,17 +7,26 @@
/**
* Sanitizes $message, taking into account our special codes
- * for formatting
+ * for formatting.
+ *
+ * If you want to include result in element attribute, you should escape it.
+ *
+ * Examples:
+ *
+ * <p><?php echo PMA_sanitize($foo); ?></p>
+ *
+ * <a title="<?php echo PMA_sanitize($foo, true); ?>">bar</a>
*
* @uses preg_replace()
* @uses strtr()
* @param string the message
+ * @param boolean whether to escape html in result
*
* @return string the sanitized message
*
* @access public
*/
-function PMA_sanitize($message)
+function PMA_sanitize($message, $escape = false)
{
$replace_pairs = array(
'<' => '<',
@@ -65,6 +74,10 @@ function PMA_sanitize($message)
$message = preg_replace($pattern, '<a href="\1" target="\2">', $message);
}
+ if ($escape) {
+ $message = htmlspecialchars($message);
+ }
+
return $message;
}
?>
diff --git a/libraries/sqlparser.lib.php b/libraries/sqlparser.lib.php
index 488cde2..753f94c 100644
--- a/libraries/sqlparser.lib.php
+++ b/libraries/sqlparser.lib.php
@@ -2425,7 +2425,7 @@ if (! defined('PMA_MINIMUM_COMMON')) {
}
$after .= "\n";
*/
- $str .= $before . ($mode=='color' ? PMA_SQP_formatHTML_colorize($arr[$i]) : $arr[$i]['data']). $after;
+ $str .= $before . ($mode=='color' ? PMA_SQP_formatHTML_colorize($arr[$i]) : htmlspecialchars($arr[$i]['data'])). $after;
} // end for
if ($mode=='color') {
$str .= '</span>';
diff --git a/scripts/setup.php b/scripts/setup.php
index 2f3d09d..49dd67b 100644
--- a/scripts/setup.php
+++ b/scripts/setup.php
@@ -518,6 +518,7 @@ function get_cfg_val($name, $val) {
}
}
if ($type == 'string') {
+ $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k);
$ret .= get_cfg_val($name . "['$k']", $v);
} elseif ($type == 'int') {
$ret .= ' ' . PMA_var_export($v) . ',' . $crlf;
diff --git a/server_databases.php b/server_databases.php
index b9b8898..2b3e0a5 100644
--- a/server_databases.php
+++ b/server_databases.php
@@ -287,11 +287,11 @@ if ($databases_count > 0) {
unset($column_order, $stat_name, $stat, $databases, $table_columns);
if ($is_superuser || $cfg['AllowUserDropDatabase']) {
- $common_url_query = PMA_generate_common_url() . '&sort_by=' . $sort_by . '&sort_order=' . $sort_order . '&dbstats=' . $dbstats;
+ $common_url_query = PMA_generate_common_url(array('sort_by' => $sort_by, 'sort_order' => $sort_order, 'dbstats' => $dbstats));
echo '<img class="selectallarrow" src="' . $pmaThemeImage . 'arrow_' . $text_dir . '.png" width="38" height="22" alt="' . $strWithChecked . '" />' . "\n"
- . '<a href="./server_databases.php?' . $common_url_query . '&checkall=1" onclick="if (markAllRows(\'tabledatabases\')) return false;">' . "\n"
+ . '<a href="./server_databases.php' . $common_url_query . '&checkall=1" onclick="if (markAllRows(\'tabledatabases\')) return false;">' . "\n"
. ' ' . $strCheckAll . '</a> / ' . "\n"
- . '<a href="./server_databases.php?' . $common_url_query . '" onclick="if (unMarkAllRows(\'tabledatabases\')) return false;">' . "\n"
+ . '<a href="./server_databases.php' . $common_url_query . '" onclick="if (unMarkAllRows(\'tabledatabases\')) return false;">' . "\n"
. ' ' . $strUncheckAll . '</a>' . "\n"
. '<i>' . $strWithChecked . '</i>' . "\n";
PMA_buttonOrImage('drop_selected_dbs', 'mult_submit', 'drop_selected_dbs', $strDrop, 'b_deltbl.png');
diff --git a/server_privileges.php b/server_privileges.php
index 23d174b..a030c56 100644
--- a/server_privileges.php
+++ b/server_privileges.php
@@ -602,7 +602,7 @@ function PMA_displayLoginInformationFields($mode = 'new', $indent = 0) {
. $spaces . ' <option value="userdefined"' . ((!isset($GLOBALS['pred_username']) || $GLOBALS['pred_username'] == 'userdefined') ? ' selected="selected"' : '') . '>' . $GLOBALS['strUseTextField'] . ':</option>' . "\n"
. $spaces . ' </select>' . "\n"
. $spaces . '</span>' . "\n"
- . $spaces . '<input type="text" name="username" maxlength="' . $username_length . '" title="' . $GLOBALS['strUserName'] . '"' . (empty($GLOBALS['username']) ? '' : ' value="' . (isset($GLOBALS['new_username']) ? $GLOBALS['new_username'] : $GLOBALS['username']) . '"') . ' onchange="pred_username.value = \'userdefined\';" />' . "\n"
+ . $spaces . '<input type="text" name="username" maxlength="' . $username_length . '" title="' . $GLOBALS['strUserName'] . '"' . (empty($GLOBALS['username']) ? '' : ' value="' . htmlspecialchars(isset($GLOBALS['new_username']) ? $GLOBALS['new_username'] : $GLOBALS['username']) . '"') . ' onchange="pred_username.value = \'userdefined\';" />' . "\n"
. $spaces . '</div>' . "\n"
. $spaces . '<div class="item">' . "\n"
. $spaces . '<label for="select_pred_hostname">' . "\n"
@@ -650,7 +650,7 @@ function PMA_displayLoginInformationFields($mode = 'new', $indent = 0) {
. $spaces . ' <option value="userdefined"' . ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'userdefined') ? ' selected="selected"' : '') . '>' . $GLOBALS['strUseTextField'] . ':</option>' . "\n"
. $spaces . ' </select>' . "\n"
. $spaces . '</span>' . "\n"
- . $spaces . '<input type="text" name="hostname" maxlength="' . $hostname_length . '" value="' . (isset($GLOBALS['hostname']) ? $GLOBALS['hostname'] : '') . '" title="' . $GLOBALS['strHost'] . '" onchange="pred_hostname.value = \'userdefined\';" />' . "\n"
+ . $spaces . '<input type="text" name="hostname" maxlength="' . $hostname_length . '" value="' . htmlspecialchars(isset($GLOBALS['hostname']) ? $GLOBALS['hostname'] : '') . '" title="' . $GLOBALS['strHost'] . '" onchange="pred_hostname.value = \'userdefined\';" />' . "\n"
. $spaces . '</div>' . "\n"
. $spaces . '<div class="item">' . "\n"
. $spaces . '<label for="select_pred_password">' . "\n"
@@ -757,14 +757,14 @@ if (!empty($adduser_submit) || !empty($change_copy)) {
if (PMA_DBI_num_rows($res) == 1) {
PMA_DBI_free_result($res);
- $message = sprintf($GLOBALS['strUserAlreadyExists'], '[i]\'' . $username . '\'@\'' . $hostname . '\'[/i]');
+ $message = sprintf($GLOBALS['strUserAlreadyExists'], '[i]\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'[/i]');
$adduser = 1;
} else {
PMA_DBI_free_result($res);
if (50002 <= PMA_MYSQL_INT_VERSION) {
// MySQL 5 requires CREATE USER before any GRANT on this user can done
- $create_user_real = 'CREATE USER \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\'';
+ $create_user_real = 'CREATE USER \'' . PMA_sqlAddslashes($username) . '\'@\'' . htmlspecialchars($hostname) . '\'';
}
$real_sql_query =
@@ -1048,7 +1048,7 @@ if (!empty($update_privs)) {
$sql_query = (isset($sql_query0) ? $sql_query0 . ' ' : '')
. (isset($sql_query1) ? $sql_query1 . ' ' : '')
. $sql_query2;
- $message = sprintf($GLOBALS['strUpdatePrivMessage'], '\'' . $username . '\'@\'' . $hostname . '\'');
+ $message = sprintf($GLOBALS['strUpdatePrivMessage'], '\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
}
@@ -1080,7 +1080,7 @@ if (!empty($revokeall)) {
unset($sql_query1);
}
$sql_query = $sql_query0 . (isset($sql_query1) ? ' ' . $sql_query1 : '');
- $message = sprintf($GLOBALS['strRevokeMessage'], '\'' . $username . '\'@\'' . $hostname . '\'');
+ $message = sprintf($GLOBALS['strRevokeMessage'], '\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
if (! isset($tablename) || ! strlen($tablename)) {
unset($dbname);
} else {
@@ -1115,7 +1115,7 @@ if (!empty($change_pw)) {
$sql_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = ' . (($pma_pw == '') ? '\'\'' : $hashing_function . '(\'' . preg_replace('@.@s', '*', $pma_pw) . '\')');
$local_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = ' . (($pma_pw == '') ? '\'\'' : $hashing_function . '(\'' . PMA_sqlAddslashes($pma_pw) . '\')');
PMA_DBI_try_query($local_query) or PMA_mysqlDie(PMA_DBI_getError(), $sql_query, FALSE, $err_url);
- $message = sprintf($GLOBALS['strPasswordChanged'], '\'' . $username . '\'@\'' . $hostname . '\'');
+ $message = sprintf($GLOBALS['strPasswordChanged'], '\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
}
}
@@ -1588,17 +1588,17 @@ if (empty($adduser) && (! isset($checkprivs) || ! strlen($checkprivs))) {
echo '<h2>' . "\n"
. ($GLOBALS['cfg']['PropertiesIconic'] ? '<img class="icon" src="' . $pmaThemeImage . 'b_usredit.png" width="16" height="16" alt="" />' : '')
- . $GLOBALS['strUser'] . ' <i><a href="server_privileges.php?' . $GLOBALS['url_query'] . '&username=' . urlencode($username) . '&hostname=' . urlencode($hostname) . '">\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'</a></i>' . "\n";
+ . $GLOBALS['strUser'] . ' <i><a href="server_privileges.php?' . $GLOBALS['url_query'] . '&username=' . htmlspecialchars(urlencode($username)) . '&hostname=' . htmlspecialchars(urlencode($hostname)) . '">\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'</a></i>' . "\n";
if (isset($dbname) && strlen($dbname)) {
if ($dbname_is_wildcard) {
echo ' - ' . $GLOBALS['strDatabases'];
} else {
echo ' - ' . $GLOBALS['strDatabase'];
}
- $url_dbname = urlencode(str_replace('\_', '_', $dbname));
+ $url_dbname = htmlspecialchars(urlencode(str_replace('\_', '_', $dbname)));
echo ' <i><a href="' . $GLOBALS['cfg']['DefaultTabDatabase'] . '?' . $GLOBALS['url_query'] . '&db=' . $url_dbname . '&reload=1">' . htmlspecialchars($dbname) . '</a></i>' . "\n";
if (isset($tablename) && strlen($tablename)) {
- echo ' - ' . $GLOBALS['strTable'] . ' <i><a href="' . $GLOBALS['cfg']['DefaultTabTable'] . '?' . $GLOBALS['url_query'] . '&db=' . $url_dbname . '&table=' . urlencode($tablename) . '&reload=1">' . htmlspecialchars($tablename) . '</a></i>' . "\n";
+ echo ' - ' . $GLOBALS['strTable'] . ' <i><a href="' . $GLOBALS['cfg']['DefaultTabTable'] . '?' . $GLOBALS['url_query'] . '&db=' . $url_dbname . '&table=' . htmlspecialchars(urlencode($tablename)) . '&reload=1">' . htmlspecialchars($tablename) . '</a></i>' . "\n";
}
unset($url_dbname);
}
@@ -1839,16 +1839,16 @@ if (empty($adduser) && (! isset($checkprivs) || ! strlen($checkprivs))) {
}
echo '</td>' . "\n"
. ' <td>';
- printf($link_edit, urlencode($username),
- urlencode($hostname),
- urlencode((! isset($dbname) || ! strlen($dbname)) ? $row['Db'] : $dbname),
+ printf($link_edit, htmlspecialchars(urlencode($username)),
+ htmlspecialchars(urlencode($hostname)),
+ htmlspecialchars(urlencode((! isset($dbname) || ! strlen($dbname)) ? $row['Db'] : $dbname)),
urlencode((! isset($dbname) || ! strlen($dbname)) ? '' : $row['Table_name']));
echo '</td>' . "\n"
. ' <td>';
if (! empty($row['can_delete']) || isset($row['Table_name']) && strlen($row['Table_name'])) {
- printf($link_revoke, urlencode($username),
- urlencode($hostname),
- urlencode((! isset($dbname) || ! strlen($dbname)) ? $row['Db'] : $dbname),
+ printf($link_revoke, htmlspecialchars(urlencode($username)),
+ htmlspecialchars(urlencode($hostname)),
+ htmlspecialchars(urlencode((! isset($dbname) || ! strlen($dbname)) ? $row['Db'] : $dbname)),
urlencode((! isset($dbname) || ! strlen($dbname)) ? '' : $row['Table_name']));
}
echo '</td>' . "\n"
diff --git a/sql.php b/sql.php
index 35bdab5..2a744c5 100644
--- a/sql.php
+++ b/sql.php
@@ -175,14 +175,14 @@ if ($do_confirm) {
.PMA_generate_common_hidden_inputs($db, $table);
?>
<input type="hidden" name="sql_query" value="<?php echo htmlspecialchars($sql_query); ?>" />
- <input type="hidden" name="zero_rows" value="<?php echo isset($zero_rows) ? PMA_sanitize($zero_rows) : ''; ?>" />
+ <input type="hidden" name="zero_rows" value="<?php echo isset($zero_rows) ? PMA_sanitize($zero_rows, true) : ''; ?>" />
<input type="hidden" name="goto" value="<?php echo $goto; ?>" />
- <input type="hidden" name="back" value="<?php echo isset($back) ? PMA_sanitize($back) : ''; ?>" />
- <input type="hidden" name="reload" value="<?php echo isset($reload) ? PMA_sanitize($reload) : 0; ?>" />
- <input type="hidden" name="purge" value="<?php echo isset($purge) ? PMA_sanitize($purge) : ''; ?>" />
- <input type="hidden" name="cpurge" value="<?php echo isset($cpurge) ? PMA_sanitize($cpurge) : ''; ?>" />
- <input type="hidden" name="purgekey" value="<?php echo isset($purgekey) ? PMA_sanitize($purgekey) : ''; ?>" />
- <input type="hidden" name="show_query" value="<?php echo isset($show_query) ? PMA_sanitize($show_query) : ''; ?>" />
+ <input type="hidden" name="back" value="<?php echo isset($back) ? PMA_sanitize($back, true) : ''; ?>" />
+ <input type="hidden" name="reload" value="<?php echo isset($reload) ? PMA_sanitize($reload, true) : 0; ?>" />
+ <input type="hidden" name="purge" value="<?php echo isset($purge) ? PMA_sanitize($purge, true) : ''; ?>" />
+ <input type="hidden" name="cpurge" value="<?php echo isset($cpurge) ? PMA_sanitize($cpurge, true) : ''; ?>" />
+ <input type="hidden" name="purgekey" value="<?php echo isset($purgekey) ? PMA_sanitize($purgekey, true) : ''; ?>" />
+ <input type="hidden" name="show_query" value="<?php echo isset($show_query) ? PMA_sanitize($show_query, true) : ''; ?>" />
<?php
echo '<fieldset class="confirmation">' . "\n"
.' <legend>' . $strDoYouReally . '</legend>'
diff --git a/tbl_sql.php b/tbl_sql.php
index f27a3b9..f9c71d8 100644
--- a/tbl_sql.php
+++ b/tbl_sql.php
@@ -37,7 +37,7 @@ require_once './libraries/tbl_links.inc.php';
/**
* Query box, bookmark, insert data from textfile
*/
-PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? $_REQUEST['delimiter'] : ';');
+PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? htmlspecialchars($_REQUEST['delimiter']) : ';');
/**
* Displays the footer
diff --git a/translators.html b/translators.html
index 2fb69de..b271c13 100644
--- a/translators.html
+++ b/translators.html
@@ -8,7 +8,7 @@
<link rel="icon" href="./favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
- <title>phpMyAdmin 2.11.10 - Official translators</title>
+ <title>phpMyAdmin 2.11.10.1 - Official translators</title>
<link rel="stylesheet" type="text/css" href="docs.css" />
</head>
@@ -31,7 +31,7 @@
<li><a href="Documentation.html#glossary">Glossary</a></li>
</ul>
-<h1>phpMyAdmin 2.11.10 official translators list</h1>
+<h1>phpMyAdmin 2.11.10.1 official translators list</h1>
<p> Here is the list of the "official translators" of
phpMyAdmin.</p>
hooks/post-receive
--
phpMyAdmin
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin website branch, master, updated. a20fe8aefed968b4ce51ac258197e5fa61fbc6a7
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The branch, master has been updated
via a20fe8aefed968b4ce51ac258197e5fa61fbc6a7 (commit)
from 6f2e601a4540541517e2f44286c4debb69fd48bb (commit)
- Log -----------------------------------------------------------------
commit a20fe8aefed968b4ce51ac258197e5fa61fbc6a7
Author: Michal Čihař <mcihar(a)novell.com>
Date: Fri Aug 20 14:03:17 2010 +0200
Add security announcements.
-----------------------------------------------------------------------
Summary of changes:
templates/security/{PMASA-2009-3 => PMASA-2010-4} | 30 ++++---
templates/security/PMASA-2010-5 | 87 +++++++++++++++++++++
2 files changed, 105 insertions(+), 12 deletions(-)
copy templates/security/{PMASA-2009-3 => PMASA-2010-4} (51%)
create mode 100644 templates/security/PMASA-2010-5
diff --git a/templates/security/PMASA-2009-3 b/templates/security/PMASA-2010-4
similarity index 51%
copy from templates/security/PMASA-2009-3
copy to templates/security/PMASA-2010-4
index 218cb14..0dd4a22 100644
--- a/templates/security/PMASA-2009-3
+++ b/templates/security/PMASA-2010-4
@@ -1,11 +1,11 @@
<html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude" py:strip="">
<py:def function="announcement_id">
-PMASA-2009-3
+PMASA-2010-4
</py:def>
<py:def function="announcement_date">
-2009-03-24
+2010-08-20
</py:def>
<py:def function="announcement_summary">
@@ -14,9 +14,9 @@ Insufficient output sanitizing when generating configuration file.
<py:def function="announcement_description">
-Setup script used to generate configuration can be fooled using a crafted POST
+The setup script used to generate configuration can be fooled using a crafted POST
request to include arbitrary PHP code in generated configuration file.
-Combined with ability to save files on server, this can allow unauthenticated
+Combined with the ability to save files on the server, this can allow unauthenticated
users to execute arbitrary PHP code.
</py:def>
@@ -27,28 +27,34 @@ We consider this vulnerability to be critical.
<py:def function="announcement_mitigation">
Additional steps from administrator are required to actually exploit this
-issue (web server writable config directory has to be created).
+issue (a web server writable config directory has to be created).
</py:def>
<py:def function="announcement_affected">
-For 2.11.x: versions before 2.11.9.5.<br />
-For 3.x: versions before 3.1.3.1.<br />
+For 2.11.x: versions before 2.11.10.1.
+</py:def>
+
+<py:def function="announcement_unaffected">
+Branch 3.x is not affected by this.
</py:def>
<py:def function="announcement_solution">
-Upgrade to phpMyAdmin 2.11.9.5 or 3.1.3.1 or apply patch listed below.
+Upgrade to phpMyAdmin 2.11.10.1 or apply the patch listed below.
</py:def>
-<py:def function="announcement_patches">
-<a href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revisi…">Revision 12301</a> was applied on all branches.
+<py:def function="announcement_commits_2_11">
+30c83acddb58d3bbf940b5f9ec28abf5b235f4d2
</py:def>
<py:def function="announcement_references">
-Thanks to Greg Ose (Neohapsis), who has discovered this issue and reported it to us.
+Thanks to Takeshi Terada of Mitsui Bussan Secure Directions, Inc., who has
+discovered this issue and reported it to us. See the <a
+href="https://sourceforge.net/tracker/?func=detail&aid=3045132&group_id=2…">reported
+bug</a> for more details.
</py:def>
-<py:def function="announcement_cve">CVE-2009-1151</py:def>
+<py:def function="announcement_cve">CVE-2010-3055</py:def>
<xi:include href="_page.tpl" />
</html>
diff --git a/templates/security/PMASA-2010-5 b/templates/security/PMASA-2010-5
new file mode 100644
index 0000000..cb7b2bb
--- /dev/null
+++ b/templates/security/PMASA-2010-5
@@ -0,0 +1,87 @@
+<html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude" py:strip="">
+
+<py:def function="announcement_id">
+PMASA-2010-5
+</py:def>
+
+<py:def function="announcement_date">
+2010-08-20
+</py:def>
+
+<py:def function="announcement_summary">
+Several XSS vulnerabilities were found in the code.
+</py:def>
+
+<py:def function="announcement_description">
+It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages.
+</py:def>
+
+<py:def function="announcement_severity">
+We consider this vulnerability to be serious.
+</py:def>
+
+<py:def function="announcement_mitigation">
+If the auth_type directive is set to 'config' and the directory is not protected,
+these attacks are more likely to succeed; otherwise, an attacker would need to obtain a
+valid token via another flaw on the server to be able to exploit these vulnerabilities.
+</py:def>
+
+<py:def function="announcement_affected">
+For 2.11.x: versions before 2.11.10.1 are affected.<br />
+For 3.x: versions before 3.3.5.1 are affected.
+</py:def>
+
+<py:def function="announcement_solution">
+Upgrade to phpMyAdmin 3.3.5.1 or 2.11.10.1 or newer or apply patch listed below.
+</py:def>
+
+<py:def function="announcement_references">
+Thanks to Aung Khant from <a href="http://yehg.net">YGN Ethical Hacker Group,
+Myanmar</a> for reporting this issue. See <a
+href="http://yehg.net/lab/pr0js/advisories/phpmyadmin/%5Bphpmyadmin-3.3.5%5D_cros…">their
+advisory</a> for more details. After this report the team did audit the code as well
+and discovered more issues which are fixed as well.
+</py:def>
+
+<py:def function="announcement_cve">CVE-2010-3056</py:def>
+
+<py:def function="announcement_commits">
+48e909660032ddcbc13172830761e363e7a64d72
+be0f47a93141e2950ad400b8d22a2a98512825c2
+cd205cc55a46e3dc0f8883966f5c854f842e1000
+7dc6cea06522b2d4af50934c983f3967540a4918
+6028221d97efa2a7d56a61ab4c5750d1b2343619
+2a1233b69ccc6c64819c2840ca5277c2dde0b9e0
+fa30188dde357426d339d0d7e29a3969f88d188a
+00add5c43f594f80dab6304a5bb35d2e50540d2d
+c75e41d5d8cdd9bbc745c8cbe2c16998fda1de0c
+533e10213590e7ccd83b98a5cd19ba1c3be119dd
+ea3b718fc379c15e773cc2f18ea4c8ccfa9af57b
+7f266483b827fb05a4be11663003418c2ef1c878
+5bcd95a42c8ba924d389eafee4d7be80bd4039a3
+6d548f7d449b7d4b796949d10a503484f63eaf82
+d2e0e09e0d402555a6223f0b683fdbfa97821a63
+f273e6cbf6e2eea7367f7ef9c63c97ea55b92ca0
+bf60ec82e948450ae18b9e66c48d27da55ebe860
+59b3b4916b31fa44f31b1e2d243ca7dda012ba37
+</py:def>
+
+<py:def function="announcement_commits_2_11">
+a7c004d8d4069ca3c7d1c221f37b9cab39e36aaf
+8b7f07cd954221f276ab11e2c3d98f18deb2f551
+1fe1aa6c0e2d85bed1343f4be21d672368e0a9c1
+8b8ce64792bb981cefc37a19f29f28f112df1c16
+a4a54da173440d4c5097aececef56c28c14dc52e
+c69fca50ee81ff74cda860aad339d4185d32e194
+c910f4c9ec9af876675d96df3fa65d7fc4551cc6
+08e27b89077df26a0f7f0390322bbe80e0437aa1
+110c44a7a3117b94b065742606cc6f7bc05f8cd5
+4951fd1c854d88e22935fd55d342fcb1670dc8e4
+4a50055d52cb1d6ba125b743b0eb422d5549b9c9
+0fd0512c9b7344abad60ab9effb7b7537b2b5d08
+2051a861f8a968dafc297650036cc7e640a18887
+a88dbaf305a44107ffb557e9d93512792744af84
+</py:def>
+
+<xi:include href="_page.tpl" />
+</html>
hooks/post-receive
--
phpMyAdmin website
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_3_5-7125-g7b1c018
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The branch, master has been updated
via 7b1c0187cfae8bd02d1fe1233aea57cef46b348f (commit)
via 8277a89471c0b08b69977aa8c07aa6c77ff024b2 (commit)
via 5ed7b73561c1878e689c0bceada862fb20bef90f (commit)
via 9cf00efb0fc40d382512bec942b453ee3a95bec8 (commit)
via 780fdbd61638f552ce487874ddc0c72a18a46952 (commit)
via 445be4c63c2540f312021dbc5980ab69843ba187 (commit)
via b489c3d3cd6fc344e7dae0890cd066c518ee5ee4 (commit)
via b07916c28aa637374e5402c45e160fe0e3d0470d (commit)
via e5d531ef71c410aa0a2c6b9259460f1714ed995d (commit)
via 58ba2c0b6489d0bb335b5593dc8434a1fb56f4d2 (commit)
via 514075daf1e1d6a0969dbea41962d90c1b0a32c5 (commit)
via 0b5de42e31f4db7ee1aef9ff88456ee3cefddb9b (commit)
via 8ffb2e5978877b018208b63a2a4745945636544d (commit)
via 3ba4ff2ff396516a8129e94cb11b43a7b4307ff6 (commit)
via c7a2d1287f6c6f6164cb936c9e8892fd17817a45 (commit)
via 9ee295927dad3259c95e8f9d432845644ba62d8a (commit)
via 40723397c21ae060133ca7b462563fdf10e540c0 (commit)
via bda87b9a3d97ba79a7b84d1aa288f47f7bfd81ae (commit)
via 57b48a722c31529cb9a7c495343cd79b025835f7 (commit)
via 5a3ad0757fe6ce3596e0e377e6c414ea5a8695b1 (commit)
via 052be343ded33fae462ce952efd30ee3ee91958e (commit)
via b3fa1d39297e46d9eee0616bafc8b711388242e8 (commit)
via 0ef89f72b9f3415a413fc2bf0782a9ea1361b99a (commit)
via e19ec590eab12a19086c617c49e5fd84b6c5ec4b (commit)
via f0ed78a8cfb6d94770f13747a65ec7c9f1287de8 (commit)
via 9e74eedfa219407ecb7c48f15b5d0f801735581d (commit)
via 8a795ed42ecbeaa16224541c6aac9756de494395 (commit)
via dea23585e04bd1d03bd477608bbe9ee5abb2db59 (commit)
via e6a50516cb65004bb757c392d28fa568d2abd58e (commit)
via 0f043e09df18852694d5f1fa7a53082aac20c531 (commit)
via 1056e8442d0b95d6b1a550815d93fb8a7475185c (commit)
via 9b3e9746dafd332a1b6dd6a6236b024decd73a11 (commit)
via fc2aab0a11389893833181482f61290c3084957b (commit)
via b3b22034d854c2f12b2610df9e957e9f58fea638 (commit)
via c960f04438e438ffc5594f500a2b1c5ae335a884 (commit)
via 3a9b9e94a4f2f2a63ab0a35754d55ada42b076b1 (commit)
via 715d6f2522b16028dde6ba4c8f8f7c7e5a2948c0 (commit)
via 385c0c0d92354bd30239b7ef52750794d9ed00c5 (commit)
via dae808f949932acb0bd2ea849f7a9b084f75d3f9 (commit)
via ca66d36aca1153b3cfb68e7342acde4102e9d839 (commit)
via a1ce6e058f1895fe1cefbd99c90659a793e1a6ce (commit)
via e3ac9af257a2eb8c76df79b81bd1809abcdd0a56 (commit)
via f422ce543c6663fd42da367856c041dada499643 (commit)
via 4538b5efe82ed9c27546cd147cc23955d589a6e1 (commit)
via 8ab5ab936e26f3237f806948c71620f0ee310922 (commit)
via 0a349d29f27b5d2ccc2a6e318d2719b6b46ce3fb (commit)
via 32c4712c5c5c4020d322438a9f364842f5ca8461 (commit)
via 1e5b570119c724f3f0f4bfebf9715d19bcbcc23b (commit)
via 3662b031d33931a90f063a55acf9572246cb24cd (commit)
via 702048b77219b46ace022a0ef1c9860c773af3ce (commit)
via a0b4f7130e07bd73314dfc5287044872c684f3bc (commit)
via c291c0c62349e344445ff2d1c4c9d125c83d71c2 (commit)
via c870daae6c2dcdad78897027225b102eef134137 (commit)
via 824dacad0443d26d596d20aed9b89517015fdb78 (commit)
via 098ad599bd93e1482df345a636f27333a6d3d707 (commit)
via 0ac05bbef718c2acf7f26bfda84f6fb69ac4307b (commit)
via 9b6ed369a031536da05138f6f52193c7af25468b (commit)
via 33ce35148d69afd7175f587f3fee3b7bac0ca322 (commit)
via 71d6548f95fb3284e9387205abc804862ae587ef (commit)
via 5a5b94aa7dd74b8991eb14ad4fc938e7c04cdcc4 (commit)
via 33ae4e0cae8063e0676f4caa0b07b6be75f1cd44 (commit)
via ee3772ea14b32c1735e1bf9251e6dfaeedf0d5fa (commit)
via 36ebb804917ad0a2495bf23a5818e1a511f61c6d (commit)
via a18457295154f14af9feb150b75f85a4e8c97fe7 (commit)
via 02cc6a89d98e77c6357b462dce0d1592b9b77473 (commit)
via 50adcba5bcfa30ada8153e07e9b3ffb286133a6c (commit)
via c713059ec2b7ad08908b22306e5f663156b66b7f (commit)
via 4a2ba080f471f56184b9cb0570a13eb184a4ad8c (commit)
via 1bbbcffa457446f931977d18dd3d10b8c6b656e4 (commit)
via 2cb0bc4448fe86228680df52d8a344d787e2150a (commit)
via 8b321d95d34fd324b84809c6c0ddd7ef0e27b220 (commit)
via d703bc8ec0949265d7444eba610f212833ebc18b (commit)
via 8c83b194b7b7be2784d0d805b541ace8b72e2c69 (commit)
via efd5a52539badfcfbe60e1ecf7e2949257836890 (commit)
via b43517f34dfb68f63b7cbdc85efd71510d829e2a (commit)
via 062920b053e7cf70e6908bcaf0f6da3fb0276864 (commit)
via d0186afc6cabefb0dfa08b18572bd7e5fabcdf3e (commit)
from 5128563d076407fea7a60b0c8d4e6d648f592ead (commit)
- Log -----------------------------------------------------------------
commit 7b1c0187cfae8bd02d1fe1233aea57cef46b348f
Merge: 8277a89471c0b08b69977aa8c07aa6c77ff024b2 5128563d076407fea7a60b0c8d4e6d648f592ead
Author: Pootle server <pootle(a)cihar.com>
Date: Fri Aug 20 12:40:29 2010 +0200
Merge remote branch 'origin/master'
commit 8277a89471c0b08b69977aa8c07aa6c77ff024b2
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:23:01 2010 +0200
Translation update done using Pootle.
commit 5ed7b73561c1878e689c0bceada862fb20bef90f
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:22:41 2010 +0200
Translation update done using Pootle.
commit 9cf00efb0fc40d382512bec942b453ee3a95bec8
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:22:33 2010 +0200
Translation update done using Pootle.
commit 780fdbd61638f552ce487874ddc0c72a18a46952
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:21:33 2010 +0200
Translation update done using Pootle.
commit 445be4c63c2540f312021dbc5980ab69843ba187
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:20:49 2010 +0200
Translation update done using Pootle.
commit b489c3d3cd6fc344e7dae0890cd066c518ee5ee4
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:20:41 2010 +0200
Translation update done using Pootle.
commit b07916c28aa637374e5402c45e160fe0e3d0470d
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:20:15 2010 +0200
Translation update done using Pootle.
commit e5d531ef71c410aa0a2c6b9259460f1714ed995d
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:20:06 2010 +0200
Translation update done using Pootle.
commit 58ba2c0b6489d0bb335b5593dc8434a1fb56f4d2
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:19:49 2010 +0200
Translation update done using Pootle.
commit 514075daf1e1d6a0969dbea41962d90c1b0a32c5
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:19:42 2010 +0200
Translation update done using Pootle.
commit 0b5de42e31f4db7ee1aef9ff88456ee3cefddb9b
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:19:31 2010 +0200
Translation update done using Pootle.
commit 8ffb2e5978877b018208b63a2a4745945636544d
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:19:12 2010 +0200
Translation update done using Pootle.
commit 3ba4ff2ff396516a8129e94cb11b43a7b4307ff6
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:16:49 2010 +0200
Translation update done using Pootle.
commit c7a2d1287f6c6f6164cb936c9e8892fd17817a45
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:15:45 2010 +0200
Translation update done using Pootle.
commit 9ee295927dad3259c95e8f9d432845644ba62d8a
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:13:47 2010 +0200
Translation update done using Pootle.
commit 40723397c21ae060133ca7b462563fdf10e540c0
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:13:21 2010 +0200
Translation update done using Pootle.
commit bda87b9a3d97ba79a7b84d1aa288f47f7bfd81ae
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:12:43 2010 +0200
Translation update done using Pootle.
commit 57b48a722c31529cb9a7c495343cd79b025835f7
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:11:34 2010 +0200
Translation update done using Pootle.
commit 5a3ad0757fe6ce3596e0e377e6c414ea5a8695b1
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:11:27 2010 +0200
Translation update done using Pootle.
commit 052be343ded33fae462ce952efd30ee3ee91958e
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:11:19 2010 +0200
Translation update done using Pootle.
commit b3fa1d39297e46d9eee0616bafc8b711388242e8
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:11:02 2010 +0200
Translation update done using Pootle.
commit 0ef89f72b9f3415a413fc2bf0782a9ea1361b99a
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:08:38 2010 +0200
Translation update done using Pootle.
commit e19ec590eab12a19086c617c49e5fd84b6c5ec4b
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:08:13 2010 +0200
Translation update done using Pootle.
commit f0ed78a8cfb6d94770f13747a65ec7c9f1287de8
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:06:31 2010 +0200
Translation update done using Pootle.
commit 9e74eedfa219407ecb7c48f15b5d0f801735581d
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:05:18 2010 +0200
Translation update done using Pootle.
commit 8a795ed42ecbeaa16224541c6aac9756de494395
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:04:47 2010 +0200
Translation update done using Pootle.
commit dea23585e04bd1d03bd477608bbe9ee5abb2db59
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:04:12 2010 +0200
Translation update done using Pootle.
commit e6a50516cb65004bb757c392d28fa568d2abd58e
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:03:48 2010 +0200
Translation update done using Pootle.
commit 0f043e09df18852694d5f1fa7a53082aac20c531
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:03:03 2010 +0200
Translation update done using Pootle.
commit 1056e8442d0b95d6b1a550815d93fb8a7475185c
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:02:40 2010 +0200
Translation update done using Pootle.
commit 9b3e9746dafd332a1b6dd6a6236b024decd73a11
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:02:06 2010 +0200
Translation update done using Pootle.
commit fc2aab0a11389893833181482f61290c3084957b
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:01:43 2010 +0200
Translation update done using Pootle.
commit b3b22034d854c2f12b2610df9e957e9f58fea638
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 11:01:22 2010 +0200
Translation update done using Pootle.
commit c960f04438e438ffc5594f500a2b1c5ae335a884
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:56:32 2010 +0200
Translation update done using Pootle.
commit 3a9b9e94a4f2f2a63ab0a35754d55ada42b076b1
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:55:49 2010 +0200
Translation update done using Pootle.
commit 715d6f2522b16028dde6ba4c8f8f7c7e5a2948c0
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:55:18 2010 +0200
Translation update done using Pootle.
commit 385c0c0d92354bd30239b7ef52750794d9ed00c5
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:54:00 2010 +0200
Translation update done using Pootle.
commit dae808f949932acb0bd2ea849f7a9b084f75d3f9
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:52:57 2010 +0200
Translation update done using Pootle.
commit ca66d36aca1153b3cfb68e7342acde4102e9d839
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:52:12 2010 +0200
Translation update done using Pootle.
commit a1ce6e058f1895fe1cefbd99c90659a793e1a6ce
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:50:58 2010 +0200
Translation update done using Pootle.
commit e3ac9af257a2eb8c76df79b81bd1809abcdd0a56
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:50:25 2010 +0200
Translation update done using Pootle.
commit f422ce543c6663fd42da367856c041dada499643
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:50:09 2010 +0200
Translation update done using Pootle.
commit 4538b5efe82ed9c27546cd147cc23955d589a6e1
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:49:43 2010 +0200
Translation update done using Pootle.
commit 8ab5ab936e26f3237f806948c71620f0ee310922
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:49:32 2010 +0200
Translation update done using Pootle.
commit 0a349d29f27b5d2ccc2a6e318d2719b6b46ce3fb
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:49:24 2010 +0200
Translation update done using Pootle.
commit 32c4712c5c5c4020d322438a9f364842f5ca8461
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:49:02 2010 +0200
Translation update done using Pootle.
commit 1e5b570119c724f3f0f4bfebf9715d19bcbcc23b
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:47:45 2010 +0200
Translation update done using Pootle.
commit 3662b031d33931a90f063a55acf9572246cb24cd
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:46:51 2010 +0200
Translation update done using Pootle.
commit 702048b77219b46ace022a0ef1c9860c773af3ce
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:46:38 2010 +0200
Translation update done using Pootle.
commit a0b4f7130e07bd73314dfc5287044872c684f3bc
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:46:04 2010 +0200
Translation update done using Pootle.
commit c291c0c62349e344445ff2d1c4c9d125c83d71c2
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:45:49 2010 +0200
Translation update done using Pootle.
commit c870daae6c2dcdad78897027225b102eef134137
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:45:30 2010 +0200
Translation update done using Pootle.
commit 824dacad0443d26d596d20aed9b89517015fdb78
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:45:15 2010 +0200
Translation update done using Pootle.
commit 098ad599bd93e1482df345a636f27333a6d3d707
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:44:42 2010 +0200
Translation update done using Pootle.
commit 0ac05bbef718c2acf7f26bfda84f6fb69ac4307b
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:44:08 2010 +0200
Translation update done using Pootle.
commit 9b6ed369a031536da05138f6f52193c7af25468b
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:43:51 2010 +0200
Translation update done using Pootle.
commit 33ce35148d69afd7175f587f3fee3b7bac0ca322
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:43:29 2010 +0200
Translation update done using Pootle.
commit 71d6548f95fb3284e9387205abc804862ae587ef
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:43:17 2010 +0200
Translation update done using Pootle.
commit 5a5b94aa7dd74b8991eb14ad4fc938e7c04cdcc4
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:41:08 2010 +0200
Translation update done using Pootle.
commit 33ae4e0cae8063e0676f4caa0b07b6be75f1cd44
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:39:10 2010 +0200
Translation update done using Pootle.
commit ee3772ea14b32c1735e1bf9251e6dfaeedf0d5fa
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:38:24 2010 +0200
Translation update done using Pootle.
commit 36ebb804917ad0a2495bf23a5818e1a511f61c6d
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:38:09 2010 +0200
Translation update done using Pootle.
commit a18457295154f14af9feb150b75f85a4e8c97fe7
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:37:50 2010 +0200
Translation update done using Pootle.
commit 02cc6a89d98e77c6357b462dce0d1592b9b77473
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:37:11 2010 +0200
Translation update done using Pootle.
commit 50adcba5bcfa30ada8153e07e9b3ffb286133a6c
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:37:01 2010 +0200
Translation update done using Pootle.
commit c713059ec2b7ad08908b22306e5f663156b66b7f
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:36:30 2010 +0200
Translation update done using Pootle.
commit 4a2ba080f471f56184b9cb0570a13eb184a4ad8c
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:36:25 2010 +0200
Translation update done using Pootle.
commit 1bbbcffa457446f931977d18dd3d10b8c6b656e4
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:36:17 2010 +0200
Translation update done using Pootle.
commit 2cb0bc4448fe86228680df52d8a344d787e2150a
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:36:02 2010 +0200
Translation update done using Pootle.
commit 8b321d95d34fd324b84809c6c0ddd7ef0e27b220
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:35:12 2010 +0200
Translation update done using Pootle.
commit d703bc8ec0949265d7444eba610f212833ebc18b
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:34:47 2010 +0200
Translation update done using Pootle.
commit 8c83b194b7b7be2784d0d805b541ace8b72e2c69
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:34:25 2010 +0200
Translation update done using Pootle.
commit efd5a52539badfcfbe60e1ecf7e2949257836890
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:34:10 2010 +0200
Translation update done using Pootle.
commit b43517f34dfb68f63b7cbdc85efd71510d829e2a
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:32:54 2010 +0200
Translation update done using Pootle.
commit 062920b053e7cf70e6908bcaf0f6da3fb0276864
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:32:42 2010 +0200
Translation update done using Pootle.
commit d0186afc6cabefb0dfa08b18572bd7e5fabcdf3e
Author: Kęstutis <forkik(a)gmail.com>
Date: Fri Aug 20 10:31:49 2010 +0200
Translation update done using Pootle.
-----------------------------------------------------------------------
Summary of changes:
po/lt.po | 151 ++++++++++++++++++++++++++++----------------------------------
1 files changed, 68 insertions(+), 83 deletions(-)
diff --git a/po/lt.po b/po/lt.po
index 4775750..89dfcd8 100644
--- a/po/lt.po
+++ b/po/lt.po
@@ -4,7 +4,7 @@ msgstr ""
"Project-Id-Version: phpMyAdmin 3.4.0-dev\n"
"Report-Msgid-Bugs-To: phpmyadmin-devel(a)lists.sourceforge.net\n"
"POT-Creation-Date: 2010-08-19 14:18+0200\n"
-"PO-Revision-Date: 2010-08-20 10:29+0200\n"
+"PO-Revision-Date: 2010-08-20 11:23+0200\n"
"Last-Translator: Kęstutis <forkik(a)gmail.com>\n"
"Language-Team: lithuanian <lt(a)li.org>\n"
"Language: lt\n"
@@ -4578,10 +4578,12 @@ msgid ""
"Server running with Suhosin. Please refer to %sdocumentation%s for possible "
"issues."
msgstr ""
+"Serveris veikia su Suhosin. Prašome perskaityti %sdokumentaciją%s dėl galimų "
+"problemų."
#: navigation.php:60 navigation.php:61 navigation.php:64
msgid "Reload navigation frame"
-msgstr ""
+msgstr "Atsiųsti iš naujo navigacijos rėmelį"
#: navigation.php:203 server_databases.php:368 server_synchronize.php:1189
msgid "No databases"
@@ -4597,7 +4599,6 @@ msgid "Clear"
msgstr "Išvalyti"
#: navigation.php:324 navigation.php:325
-#, fuzzy
#| msgid "Create table"
msgctxt "short form"
msgid "Create table"
@@ -4627,10 +4628,9 @@ msgid "Page name"
msgstr "Puslapis:"
#: pdf_pages.php:312
-#, fuzzy
#| msgid "Automatic layout"
msgid "Automatic layout based on"
-msgstr "Automatinis išdėstymas"
+msgstr "Automatinis išdėstymas paremtas"
#: pdf_pages.php:314
msgid "Internal relations"
@@ -4653,10 +4653,10 @@ msgstr ""
"pašalinti šias nuorodas?"
#: pdf_schema.php:634
-#, fuzzy, php-format
+#, php-format
#| msgid "The \"%s\" table doesn't exist!"
msgid "The %s table doesn't exist!"
-msgstr "Lentelė \"%s\" neegzistuoja!"
+msgstr "Lentelė %s neegzistuoja!"
#: pdf_schema.php:670
#, php-format
@@ -4664,14 +4664,14 @@ msgid "Please configure the coordinates for table %s"
msgstr "Nustatykite lentelės %s koordinates"
#: pdf_schema.php:993
-#, fuzzy, php-format
+#, php-format
#| msgid "Schema of the \"%s\" database - Page %s"
msgid "Schema of the %s database - Page %s"
-msgstr "Duombazės \"%s\" schema - %s puslapis"
+msgstr "Duombazės %s schema - %s puslapis"
#: pdf_schema.php:1011
msgid "No tables"
-msgstr "No tables"
+msgstr "Jokių lentelių"
#: pdf_schema.php:1030 pdf_schema.php:1139
msgid "Relational schema"
@@ -4688,7 +4688,7 @@ msgstr "Papildomai"
#: pmd_general.php:63
msgid "Show/Hide left menu"
-msgstr ""
+msgstr "Rodyti/slėpti kairį meniu"
#: pmd_general.php:67
msgid "Save position"
@@ -4699,45 +4699,45 @@ msgid "Create table"
msgstr "Sukurti lentelę"
#: pmd_general.php:73 pmd_general.php:305
-#, fuzzy
msgid "Create relation"
-msgstr "Paskutinė versija"
+msgstr "Sukurti sąryšį"
#: pmd_general.php:79
msgid "Reload"
-msgstr "Perkrauti"
+msgstr "Įkrauti iš naujo"
#: pmd_general.php:82
msgid "Help"
msgstr "Pagalba"
#: pmd_general.php:86
+#, fuzzy
msgid "Angular links"
-msgstr ""
+msgstr "Kampuotos (angular) nuorodos"
#: pmd_general.php:86
msgid "Direct links"
-msgstr ""
+msgstr "Tiesioginės nuorodos"
#: pmd_general.php:90
msgid "Snap to grid"
-msgstr ""
+msgstr "Pritraukti prie tinklelio"
#: pmd_general.php:94
msgid "Small/Big All"
-msgstr ""
+msgstr "Mažinti/didinti visus"
#: pmd_general.php:98
msgid "Toggle small/big"
-msgstr ""
+msgstr "Suskleisti/Išskleisti"
#: pmd_general.php:103
msgid "Import/Export coordinates for PDF schema"
-msgstr ""
+msgstr "Importuoti/eksportuoti koordinates PDF schemai"
#: pmd_general.php:107
msgid "Move Menu"
-msgstr ""
+msgstr "Perkelti meniu"
#: pmd_general.php:119
msgid "Hide/Show all"
@@ -4745,7 +4745,7 @@ msgstr "Paslėpti/rodyti visus"
#: pmd_general.php:123
msgid "Hide/Show Tables with no relation"
-msgstr ""
+msgstr "Slėpti/rodyti lenteles be sąryšių"
#: pmd_general.php:163
msgid "Number of tables"
@@ -4753,11 +4753,11 @@ msgstr "Lentelių skaičius"
#: pmd_general.php:371
msgid "Delete relation"
-msgstr ""
+msgstr "Ištrinti sąryšį"
#: pmd_help.php:26
msgid "To select relation, click :"
-msgstr ""
+msgstr "Sąryšio pasirinkimui, paspauskite:"
#: pmd_help.php:28
msgid ""
@@ -4767,13 +4767,12 @@ msgid ""
msgstr ""
#: pmd_pdf.php:60
-#, fuzzy
msgid "Page has been created"
-msgstr "Duomenų bazė %1$s sukurta."
+msgstr "Puslapis sukurtas"
#: pmd_pdf.php:62
msgid "Page creation failed"
-msgstr ""
+msgstr "Puslapio kūrimas nepavyko"
#: pmd_pdf.php:82
msgid "Export/Import to scale"
@@ -4781,11 +4780,11 @@ msgstr ""
#: pmd_pdf.php:86
msgid "recommended"
-msgstr ""
+msgstr "rekomenduojame"
#: pmd_pdf.php:91
msgid "to/from page"
-msgstr ""
+msgstr "į/iš puslapio"
#: querywindow.php:93
msgid "Import files"
@@ -4797,7 +4796,7 @@ msgstr "Viską"
#: server_binlog.php:106
msgid "Select binary log to view"
-msgstr "Pasirinkite binarinį logą peržiūrai"
+msgstr "Pasirinkti dvejetainį logą peržiūrai"
#: server_binlog.php:122
msgid "Files"
@@ -4852,36 +4851,31 @@ msgstr "Duombazių statistika"
#: server_databases.php:192 server_replication.php:179
#: server_replication.php:207
-#, fuzzy
msgid "Master replication"
-msgstr "Serverio nustatymai"
+msgstr "Pagrindinio serverio dauginimas (master replication)"
#: server_databases.php:194 server_replication.php:246
-#, fuzzy
msgid "Slave replication"
-msgstr "Serverio nustatymai"
+msgstr "Pavaldžiojo serverio dauginimas (slave replication)"
#: server_databases.php:227
-#, fuzzy
#| msgid "Go to database"
msgid "Jump to database"
-msgstr "Eiti į duomenų bazę"
+msgstr "Eiti į duombazę"
#: server_databases.php:264
-#, fuzzy
msgid "Not replicated"
-msgstr "Serverio nustatymai"
+msgstr "Nepadaugintas"
#: server_databases.php:270
-#, fuzzy
#| msgid "Replication"
msgid "Replicated"
-msgstr "Replikacija"
+msgstr "Padaugintas"
#: server_databases.php:286
#, php-format
msgid "Check privileges for database "%s"."
-msgstr "Patikrinti duombazės "%s" privilegijas."
+msgstr "Patikrinti duombazės „%s“ privilegijas."
#: server_databases.php:290 server_databases.php:291
msgid "Check Privileges"
@@ -4909,7 +4903,7 @@ msgstr "Saugojimo varikliai"
#: server_export.php:20
msgid "View dump (schema) of databases"
-msgstr "Peržiūrėti duombazių išrašą"
+msgstr "Peržiūrėti duombazių išrašą (schemą)"
#: server_privileges.php:23 server_privileges.php:265
msgid "Includes all privileges except GRANT."
@@ -4922,9 +4916,8 @@ msgstr "Leisti keisti jau egzistuojančių lenetelių struktūrą."
#: server_privileges.php:25 server_privileges.php:207
#: server_privileges.php:520
-#, fuzzy
msgid "Allows altering and dropping stored routines."
-msgstr "Leisti įterpti ir modifikuoti indeksus."
+msgstr "Leisti keisti pašalinti saugimas programas (stored routines)."
#: server_privileges.php:26 server_privileges.php:183
#: server_privileges.php:513
@@ -4933,9 +4926,8 @@ msgstr "Leisti kurti naujas duombazes ir lenteles."
#: server_privileges.php:27 server_privileges.php:206
#: server_privileges.php:519
-#, fuzzy
msgid "Allows creating stored routines."
-msgstr "Leidžia sukurti naujus view'us."
+msgstr "Leidžia sukurti naujas saugomas programas (stored routines)."
#: server_privileges.php:28 server_privileges.php:513
msgid "Allows creating new tables."
@@ -4955,7 +4947,7 @@ msgstr "Leidžia kurti, šalinti ir pervadinti vartotojus."
#: server_privileges.php:202 server_privileges.php:525
#: server_privileges.php:529
msgid "Allows creating new views."
-msgstr "Leidžia sukurti naujus view'us."
+msgstr "Leidžia sukurti naujus rodinius (view)."
#: server_privileges.php:32 server_privileges.php:182
#: server_privileges.php:505
@@ -4974,13 +4966,12 @@ msgstr "Leisti šalinti lenteles."
#: server_privileges.php:35 server_privileges.php:199
#: server_privileges.php:533
msgid "Allows to set up events for the event scheduler"
-msgstr ""
+msgstr "Leisti nustatyti įvykius įvykių planuoklėje (scheduler)"
#: server_privileges.php:36 server_privileges.php:209
#: server_privileges.php:521
-#, fuzzy
msgid "Allows executing stored routines."
-msgstr "Leidžia sukurti naujus view'us."
+msgstr "Leisti įvykdyti saugomas programas (stored routines)."
#: server_privileges.php:37 server_privileges.php:188
#: server_privileges.php:508
@@ -5028,27 +5019,29 @@ msgstr ""
"Riboti komandų (kurios vienaip ar kitaip modifikuoja lenteles ar duombazes) "
"kiekį per valandą."
+# gal labiau kartu vykstančių
#: server_privileges.php:45 server_privileges.php:651
#: server_privileges.php:653
#, fuzzy
msgid "Limits the number of simultaneous connections the user may have."
-msgstr "Riboti prisijungimų kiekį per valandą."
+msgstr "Riboti prisijungimų kiekį per valandą (kartu vykstančių)."
#: server_privileges.php:46 server_privileges.php:187
#: server_privileges.php:543
msgid "Allows viewing processes of all users"
-msgstr ""
+msgstr "Leisti peržiūrėti procesus visiems naudotojams"
#: server_privileges.php:47 server_privileges.php:189
#: server_privileges.php:447 server_privileges.php:549
msgid "Has no effect in this MySQL version."
-msgstr " Negalioja šioje MySQL versijoje."
+msgstr "Negalioja šioje MySQL versijoje."
#: server_privileges.php:48 server_privileges.php:185
#: server_privileges.php:544
msgid "Allows reloading server settings and flushing the server's caches."
msgstr ""
-"Leisti perkrauti darbinę stotį, bei išvalyti laikinąją atmintį (cache)."
+"Leisti perkrauti serverio nustatymus, bei išvalyti laikinąją atmintį "
+"(cache)."
#: server_privileges.php:49 server_privileges.php:197
#: server_privileges.php:551
@@ -5058,6 +5051,7 @@ msgstr ""
#: server_privileges.php:50 server_privileges.php:196
#: server_privileges.php:552
+#, fuzzy
msgid "Needed for the replication slaves."
msgstr "Reikalinga atstatyti slave darbinei stočiai"
@@ -5094,9 +5088,8 @@ msgstr ""
#: server_privileges.php:56 server_privileges.php:200
#: server_privileges.php:534
-#, fuzzy
msgid "Allows creating and dropping triggers"
-msgstr "Leisti įterpti ir modifikuoti indeksus."
+msgstr "Leisti įterpti ir pašalinti trigerius."
#: server_privileges.php:57 server_privileges.php:181
#: server_privileges.php:444 server_privileges.php:504
@@ -5108,7 +5101,6 @@ msgid "No privileges."
msgstr "Be teisių."
#: server_privileges.php:301 server_privileges.php:302
-#, fuzzy
#| msgid "None"
msgctxt "None privileges"
msgid "None"
@@ -5153,10 +5145,9 @@ msgid "Do not change the password"
msgstr "Nekeisti slaptažodžio"
#: server_privileges.php:834 server_privileges.php:2201
-#, fuzzy
#| msgid "No user(s) found."
msgid "No user found."
-msgstr "Nerasta vartotojo(ų)."
+msgstr "Nerasta jokių naudotojų."
#: server_privileges.php:878
#, php-format
@@ -5170,7 +5161,7 @@ msgstr "Jūs sukūrėte naują vartotoją."
#: server_privileges.php:1184
#, php-format
msgid "You have updated the privileges for %s."
-msgstr "Jūs pakeitėte privilegijas %s."
+msgstr "Jūs pakeitėte privilegijas %s."
#: server_privileges.php:1208
#, php-format
@@ -5270,7 +5261,7 @@ msgstr "Sukurti privilegijas šiai duombazei"
#: server_privileges.php:1939
msgid "Wildcards % and _ should be escaped with a \\ to use them literally"
-msgstr "Norint naudoti _ ir % simblius, juos reikėtų eskeipinti su \\"
+msgstr "Norint naudoti _ ir % simblius, prieš juos prirašykite \\"
#: server_privileges.php:1942
msgid "Add privileges on the following table"
@@ -5308,32 +5299,31 @@ msgstr ""
#: server_privileges.php:2029
msgid "Database for user"
-msgstr ""
+msgstr "Naudotojo duombazė(s)"
#: server_privileges.php:2033
-#, fuzzy
#| msgid "None"
msgctxt "Create none database for user"
msgid "None"
-msgstr "Nėra"
+msgstr "Be"
#: server_privileges.php:2034
msgid "Create database with same name and grant all privileges"
-msgstr ""
+msgstr "Sukurti duombazę su tokiu pat vardu ir jai suteikti visas privilegijas"
#: server_privileges.php:2035
msgid "Grant all privileges on wildcard name (username\\_%)"
-msgstr ""
+msgstr "Suteikti visas privilegijas pakaitos vardui (username\\_%)"
#: server_privileges.php:2038
-#, fuzzy, php-format
+#, php-format
msgid "Grant all privileges on database "%s""
-msgstr "Patikrinti duombazės "%s" privilegijas."
+msgstr "Suteikti visas privilegijas duombazei „%s“"
#: server_privileges.php:2061
#, php-format
msgid "Users having access to "%s""
-msgstr "Vartotojai turintys priėjimą prie "%s""
+msgstr "Vartotojai turintys priėjimą prie „%s“"
#: server_privileges.php:2169
msgid "global"
@@ -5350,7 +5340,7 @@ msgstr "pakaitos simbolis"
#: server_processlist.php:21
#, php-format
msgid "Thread %s was successfully killed."
-msgstr "%s buvo sėkmingai išjungtas."
+msgstr "Gija %s buvo sėkmingai išjungta."
#: server_processlist.php:23
#, php-format
@@ -5370,7 +5360,7 @@ msgstr "Nežinoma klaida"
#: server_replication.php:56
#, php-format
msgid "Unable to connect to master %s."
-msgstr ""
+msgstr "Nepavyko prisijungti prie pagrindinio (master) serverio %s."
#: server_replication.php:63
msgid ""
@@ -5428,9 +5418,8 @@ msgid "Ignore all databases; Replicate:"
msgstr ""
#: server_replication.php:223
-#, fuzzy
msgid "Please select databases:"
-msgstr "Pasirinkite duombazę"
+msgstr "Prašome pasirinkti duombazę:"
#: server_replication.php:226
msgid ""
@@ -5463,37 +5452,33 @@ msgid "See slave status table"
msgstr ""
#: server_replication.php:309
-#, fuzzy
msgid "Synchronize databases with master"
-msgstr "Sinchronizuoti duomenų bazes"
+msgstr "Sinchronizuoti duombazes su pagrindiniu serveriu (master)"
#: server_replication.php:320
msgid "Control slave:"
msgstr ""
#: server_replication.php:323
-#, fuzzy
msgid "Full start"
-msgstr "Fulltext"
+msgstr "Pilnas paleidimas"
#: server_replication.php:323
-#, fuzzy
msgid "Full stop"
-msgstr "Fulltext"
+msgstr "Pilnas išjungimas"
#: server_replication.php:324
msgid "Reset slave"
-msgstr ""
+msgstr "Paleisti iš naujo pavaldųjį serverį (reset slave)"
#: server_replication.php:325
#, php-format
msgid "SQL Thread %s only"
-msgstr ""
+msgstr "Tik SQL gija %s"
#: server_replication.php:325 server_replication.php:326
-#, fuzzy
msgid "Start"
-msgstr "Šeštadienis"
+msgstr "Paleisti"
#: server_replication.php:325 server_replication.php:326
msgid "Stop"
hooks/post-receive
--
phpMyAdmin
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin website branch, master, updated. 6f2e601a4540541517e2f44286c4debb69fd48bb
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The branch, master has been updated
via 6f2e601a4540541517e2f44286c4debb69fd48bb (commit)
from e8746e3b67e8db3d9cf9edd4498cc0542c7372ef (commit)
- Log -----------------------------------------------------------------
commit 6f2e601a4540541517e2f44286c4debb69fd48bb
Author: Michal Čihař <mcihar(a)novell.com>
Date: Fri Aug 20 12:11:54 2010 +0200
Fix link.
-----------------------------------------------------------------------
Summary of changes:
templates/downloads.tpl | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/templates/downloads.tpl b/templates/downloads.tpl
index 9caf150..1c0b330 100644
--- a/templates/downloads.tpl
+++ b/templates/downloads.tpl
@@ -71,7 +71,7 @@
<h2>Older Releases</h2>
<p>
You can find some older releases on <a
- href="https://sourceforge.net/project/showfiles.php?group_id=23067&package_id…">SourceForge
+ href="https://sourceforge.net/projects/phpmyadmin/files/">SourceForge
files page</a>. Releases which had security issues are removed from this
download location, if you want to see them, you need to get them from our
Subversion repository (check <a href="${base_url}improve.${file_ext}#devel">developer information</a> for instructions).
hooks/post-receive
--
phpMyAdmin website
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_3_5-7048-g5128563
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The branch, master has been updated
via 5128563d076407fea7a60b0c8d4e6d648f592ead (commit)
via 893abac3e516b3f6143925a5f24c8bc463639167 (commit)
from 5f837f08c982eff232c52ab8f38e53f5d9a83e90 (commit)
- Log -----------------------------------------------------------------
commit 5128563d076407fea7a60b0c8d4e6d648f592ead
Merge: 5f837f08c982eff232c52ab8f38e53f5d9a83e90 893abac3e516b3f6143925a5f24c8bc463639167
Author: Michal Čihař <mcihar(a)novell.com>
Date: Fri Aug 20 11:11:27 2010 +0200
Merge branch 'QA_3_3'
Conflicts:
libraries/common.lib.php
libraries/core.lib.php
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 1 +
libraries/common.lib.php | 73 +---------------------------------------------
libraries/core.lib.php | 71 ++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 73 insertions(+), 72 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 03d58c4..3a1d00b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -117,6 +117,7 @@ $Id$
- bug [doc] Withdraw or edit FAQ entries related to older MySQL or PHP
- bug #3042706 [pmadb] Relations, bookmarks, etc deleted after table drop
- bug #3044189 [doc] Cleared documentation for hide_db.
+- bug #3042495 [core] Move PMA_sendHeaderLocation to core.lib.php.
3.3.5.0 (2010-07-26)
- patch #2932113 [information_schema] Slow export when having lots of
diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index d1648a4..a1c3c7b 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -675,77 +675,6 @@ function PMA_mysqlDie($error_message = '', $the_query = '',
} // end of the 'PMA_mysqlDie()' function
/**
- * Send HTTP header, taking IIS limits into account (600 seems ok)
- *
- * @uses PMA_IS_IIS
- * @uses PMA_COMING_FROM_COOKIE_LOGIN
- * @uses PMA_get_arg_separator()
- * @uses SID
- * @uses strlen()
- * @uses strpos()
- * @uses header()
- * @uses session_write_close()
- * @uses headers_sent()
- * @uses function_exists()
- * @uses debug_print_backtrace()
- * @uses trigger_error()
- * @uses defined()
- * @param string $uri the header to send
- * @return boolean always true
- */
-function PMA_sendHeaderLocation($uri)
-{
- if (PMA_IS_IIS && strlen($uri) > 600) {
-
- echo '<html><head><title>- - -</title>' . "\n";
- echo '<meta http-equiv="expires" content="0">' . "\n";
- echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
- echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
- echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n";
- echo '<script type="text/javascript">' . "\n";
- echo '//<![CDATA[' . "\n";
- echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n";
- echo '//]]>' . "\n";
- echo '</script>' . "\n";
- echo '</head>' . "\n";
- echo '<body>' . "\n";
- echo '<script type="text/javascript">' . "\n";
- echo '//<![CDATA[' . "\n";
- echo 'document.write(\'<p><a href="' . $uri . '">' . __('Go') . '</a></p>\');' . "\n";
- echo '//]]>' . "\n";
- echo '</script></body></html>' . "\n";
-
- } else {
- if (SID) {
- if (strpos($uri, '?') === false) {
- header('Location: ' . $uri . '?' . SID);
- } else {
- $separator = PMA_get_arg_separator();
- header('Location: ' . $uri . $separator . SID);
- }
- } else {
- session_write_close();
- if (headers_sent()) {
- if (function_exists('debug_print_backtrace')) {
- echo '<pre>';
- debug_print_backtrace();
- echo '</pre>';
- }
- trigger_error('PMA_sendHeaderLocation called when headers are already sent!', E_USER_ERROR);
- }
- // bug #1523784: IE6 does not like 'Refresh: 0', it
- // results in a blank page
- // but we need it when coming from the cookie login panel)
- if (PMA_IS_IIS && defined('PMA_COMING_FROM_COOKIE_LOGIN')) {
- header('Refresh: 0; ' . $uri);
- } else {
- header('Location: ' . $uri);
- }
- }
- }
-}
-
-/**
* returns array with tables of given db with extended information and grouped
*
* @uses $cfg['LeftFrameTableSeparator']
@@ -2956,4 +2885,4 @@ function PMA_selectUploadFile($import_list, $uploaddir) {
echo '<i>There are no files to upload</i>';
}
}
-?>
\ No newline at end of file
+?>
diff --git a/libraries/core.lib.php b/libraries/core.lib.php
index d98320f..2355651 100644
--- a/libraries/core.lib.php
+++ b/libraries/core.lib.php
@@ -502,4 +502,75 @@ function PMA_getenv($var_name) {
return '';
}
+
+/**
+ * Send HTTP header, taking IIS limits into account (600 seems ok)
+ *
+ * @uses PMA_IS_IIS
+ * @uses PMA_COMING_FROM_COOKIE_LOGIN
+ * @uses PMA_get_arg_separator()
+ * @uses SID
+ * @uses strlen()
+ * @uses strpos()
+ * @uses header()
+ * @uses session_write_close()
+ * @uses headers_sent()
+ * @uses function_exists()
+ * @uses debug_print_backtrace()
+ * @uses trigger_error()
+ * @uses defined()
+ * @param string $uri the header to send
+ * @return boolean always true
+ */
+function PMA_sendHeaderLocation($uri)
+{
+ if (PMA_IS_IIS && strlen($uri) > 600) {
+
+ echo '<html><head><title>- - -</title>' . "\n";
+ echo '<meta http-equiv="expires" content="0">' . "\n";
+ echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
+ echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
+ echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n";
+ echo '<script type="text/javascript">' . "\n";
+ echo '//<![CDATA[' . "\n";
+ echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n";
+ echo '//]]>' . "\n";
+ echo '</script>' . "\n";
+ echo '</head>' . "\n";
+ echo '<body>' . "\n";
+ echo '<script type="text/javascript">' . "\n";
+ echo '//<![CDATA[' . "\n";
+ echo 'document.write(\'<p><a href="' . $uri . '">' . __('Go') . '</a></p>\');' . "\n";
+ echo '//]]>' . "\n";
+ echo '</script></body></html>' . "\n";
+
+ } else {
+ if (SID) {
+ if (strpos($uri, '?') === false) {
+ header('Location: ' . $uri . '?' . SID);
+ } else {
+ $separator = PMA_get_arg_separator();
+ header('Location: ' . $uri . $separator . SID);
+ }
+ } else {
+ session_write_close();
+ if (headers_sent()) {
+ if (function_exists('debug_print_backtrace')) {
+ echo '<pre>';
+ debug_print_backtrace();
+ echo '</pre>';
+ }
+ trigger_error('PMA_sendHeaderLocation called when headers are already sent!', E_USER_ERROR);
+ }
+ // bug #1523784: IE6 does not like 'Refresh: 0', it
+ // results in a blank page
+ // but we need it when coming from the cookie login panel)
+ if (PMA_IS_IIS && defined('PMA_COMING_FROM_COOKIE_LOGIN')) {
+ header('Refresh: 0; ' . $uri);
+ } else {
+ header('Location: ' . $uri);
+ }
+ }
+ }
+}
?>
hooks/post-receive
--
phpMyAdmin
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_3, updated. RELEASE_3_3_5-22-g893abac
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The branch, QA_3_3 has been updated
via 893abac3e516b3f6143925a5f24c8bc463639167 (commit)
from a29323a1a6d1a3d4e65d80f0719b4199c18c3f4a (commit)
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 1 +
libraries/common.lib.php | 71 ----------------------------------------------
libraries/core.lib.php | 71 ++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 72 insertions(+), 71 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 8079e70..f53c063 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,6 +17,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
- bug [doc] Withdraw or edit FAQ entries related to older MySQL or PHP
- bug #3042706 [pmadb] Relations, bookmarks, etc deleted after table drop
- bug #3044189 [doc] Cleared documentation for hide_db.
+- bug #3042495 [core] Move PMA_sendHeaderLocation to core.lib.php.
3.3.5.0 (2010-07-26)
- patch #2932113 [information_schema] Slow export when having lots of
diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index 8118598..1a62769 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -684,77 +684,6 @@ function PMA_mysqlDie($error_message = '', $the_query = '',
} // end of the 'PMA_mysqlDie()' function
/**
- * Send HTTP header, taking IIS limits into account (600 seems ok)
- *
- * @uses PMA_IS_IIS
- * @uses PMA_COMING_FROM_COOKIE_LOGIN
- * @uses PMA_get_arg_separator()
- * @uses SID
- * @uses strlen()
- * @uses strpos()
- * @uses header()
- * @uses session_write_close()
- * @uses headers_sent()
- * @uses function_exists()
- * @uses debug_print_backtrace()
- * @uses trigger_error()
- * @uses defined()
- * @param string $uri the header to send
- * @return boolean always true
- */
-function PMA_sendHeaderLocation($uri)
-{
- if (PMA_IS_IIS && strlen($uri) > 600) {
-
- echo '<html><head><title>- - -</title>' . "\n";
- echo '<meta http-equiv="expires" content="0">' . "\n";
- echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
- echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
- echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n";
- echo '<script type="text/javascript">' . "\n";
- echo '//<![CDATA[' . "\n";
- echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n";
- echo '//]]>' . "\n";
- echo '</script>' . "\n";
- echo '</head>' . "\n";
- echo '<body>' . "\n";
- echo '<script type="text/javascript">' . "\n";
- echo '//<![CDATA[' . "\n";
- echo 'document.write(\'<p><a href="' . $uri . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
- echo '//]]>' . "\n";
- echo '</script></body></html>' . "\n";
-
- } else {
- if (SID) {
- if (strpos($uri, '?') === false) {
- header('Location: ' . $uri . '?' . SID);
- } else {
- $separator = PMA_get_arg_separator();
- header('Location: ' . $uri . $separator . SID);
- }
- } else {
- session_write_close();
- if (headers_sent()) {
- if (function_exists('debug_print_backtrace')) {
- echo '<pre>';
- debug_print_backtrace();
- echo '</pre>';
- }
- trigger_error('PMA_sendHeaderLocation called when headers are already sent!', E_USER_ERROR);
- }
- // bug #1523784: IE6 does not like 'Refresh: 0', it
- // results in a blank page
- // but we need it when coming from the cookie login panel)
- if (PMA_IS_IIS && defined('PMA_COMING_FROM_COOKIE_LOGIN')) {
- header('Refresh: 0; ' . $uri);
- } else {
- header('Location: ' . $uri);
- }
- }
- }
-}
-
-/**
* returns array with tables of given db with extended information and grouped
*
* @uses $cfg['LeftFrameTableSeparator']
diff --git a/libraries/core.lib.php b/libraries/core.lib.php
index a449710..3e6cc00 100644
--- a/libraries/core.lib.php
+++ b/libraries/core.lib.php
@@ -591,4 +591,75 @@ function PMA_setCookie($cookie, $value, $default = null, $validity = null, $http
// cookie has already $value as value
return true;
}
+
+/**
+ * Send HTTP header, taking IIS limits into account (600 seems ok)
+ *
+ * @uses PMA_IS_IIS
+ * @uses PMA_COMING_FROM_COOKIE_LOGIN
+ * @uses PMA_get_arg_separator()
+ * @uses SID
+ * @uses strlen()
+ * @uses strpos()
+ * @uses header()
+ * @uses session_write_close()
+ * @uses headers_sent()
+ * @uses function_exists()
+ * @uses debug_print_backtrace()
+ * @uses trigger_error()
+ * @uses defined()
+ * @param string $uri the header to send
+ * @return boolean always true
+ */
+function PMA_sendHeaderLocation($uri)
+{
+ if (PMA_IS_IIS && strlen($uri) > 600) {
+
+ echo '<html><head><title>- - -</title>' . "\n";
+ echo '<meta http-equiv="expires" content="0">' . "\n";
+ echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
+ echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
+ echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n";
+ echo '<script type="text/javascript">' . "\n";
+ echo '//<![CDATA[' . "\n";
+ echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n";
+ echo '//]]>' . "\n";
+ echo '</script>' . "\n";
+ echo '</head>' . "\n";
+ echo '<body>' . "\n";
+ echo '<script type="text/javascript">' . "\n";
+ echo '//<![CDATA[' . "\n";
+ echo 'document.write(\'<p><a href="' . $uri . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
+ echo '//]]>' . "\n";
+ echo '</script></body></html>' . "\n";
+
+ } else {
+ if (SID) {
+ if (strpos($uri, '?') === false) {
+ header('Location: ' . $uri . '?' . SID);
+ } else {
+ $separator = PMA_get_arg_separator();
+ header('Location: ' . $uri . $separator . SID);
+ }
+ } else {
+ session_write_close();
+ if (headers_sent()) {
+ if (function_exists('debug_print_backtrace')) {
+ echo '<pre>';
+ debug_print_backtrace();
+ echo '</pre>';
+ }
+ trigger_error('PMA_sendHeaderLocation called when headers are already sent!', E_USER_ERROR);
+ }
+ // bug #1523784: IE6 does not like 'Refresh: 0', it
+ // results in a blank page
+ // but we need it when coming from the cookie login panel)
+ if (PMA_IS_IIS && defined('PMA_COMING_FROM_COOKIE_LOGIN')) {
+ header('Refresh: 0; ' . $uri);
+ } else {
+ header('Location: ' . $uri);
+ }
+ }
+ }
+}
?>
hooks/post-receive
--
phpMyAdmin
1
0
[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_3_5-7046-g5f837f0
by Michal Čihař 20 Aug '10
by Michal Čihař 20 Aug '10
20 Aug '10
The branch, master has been updated
via 5f837f08c982eff232c52ab8f38e53f5d9a83e90 (commit)
via a29323a1a6d1a3d4e65d80f0719b4199c18c3f4a (commit)
from 0dbb216682fbf7cd6bc42a001ff17c5fde4a82eb (commit)
- Log -----------------------------------------------------------------
commit 5f837f08c982eff232c52ab8f38e53f5d9a83e90
Merge: 0dbb216682fbf7cd6bc42a001ff17c5fde4a82eb a29323a1a6d1a3d4e65d80f0719b4199c18c3f4a
Author: Michal Čihař <mcihar(a)novell.com>
Date: Fri Aug 20 11:02:50 2010 +0200
Merge branch 'QA_3_3'
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 1 +
Documentation.html | 2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 4b6bda7..03d58c4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -116,6 +116,7 @@ $Id$
- bug #3040226 [XHTML] LockFromUpdate checkbox not checked by default
- bug [doc] Withdraw or edit FAQ entries related to older MySQL or PHP
- bug #3042706 [pmadb] Relations, bookmarks, etc deleted after table drop
+- bug #3044189 [doc] Cleared documentation for hide_db.
3.3.5.0 (2010-07-26)
- patch #2932113 [information_schema] Slow export when having lots of
diff --git a/Documentation.html b/Documentation.html
index 2238acf..a782847 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -849,7 +849,7 @@ since this link provides funding for phpMyAdmin.
For example, to hide all databases starting with the letter "a", use<br />
<pre>$cfg['Servers'][$i]['hide_db'] = '^a';</pre>
and to hide both "db1" and "db2" use <br />
- <pre>$cfg['Servers'][$i]['hide_db'] = '(db1|db2)';</pre>
+ <pre>$cfg['Servers'][$i]['hide_db'] = '^(db1|db2)$';</pre>
More information on regular expressions can be found in the
<a href="http://php.net/manual/en/reference.pcre.pattern.syntax.php">
PCRE pattern syntax</a> portion of the PHP reference manual.
hooks/post-receive
--
phpMyAdmin
1
0