Branch: refs/heads/QA_4_6 Home: https://github.com/phpmyadmin/phpmyadmin Commit: 9dbe520e905344597554b06931bd966ce195b9dc https://github.com/phpmyadmin/phpmyadmin/commit/9dbe520e905344597554b06931bd... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M libraries/core.lib.php M libraries/plugins/auth/AuthenticationCookie.php M libraries/plugins/auth/AuthenticationHttp.php Log Message: ----------- Strip null bytes from MySQL username In old PHP versions this could lead to allow/deny rules bypass. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 2de86f02af17f49e22d6474542770d72dd4723b3 https://github.com/phpmyadmin/phpmyadmin/commit/2de86f02af17f49e22d647454277... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M libraries/ip_allow_deny.lib.php Log Message: ----------- Use hash_equals for comparing username in allow/deny rules The comparison should happen in constant time to avoid possible leak of usernames in rules. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: c83b2b0872c035d2625f631a341cb2009ceb9d22 https://github.com/phpmyadmin/phpmyadmin/commit/c83b2b0872c035d2625f631a341c... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M libraries/plugins/auth/AuthenticationCookie.php M libraries/plugins/auth/AuthenticationHttp.php Log Message: ----------- Use hash_equals for checking username This makes the comparison happen in constant time and makes it impossible to use it to guess stored usernames. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 61976131350eca8cbba74270a44ea7baa708259f https://github.com/phpmyadmin/phpmyadmin/commit/61976131350eca8cbba74270a44e... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M libraries/VersionInformation.php Log Message: ----------- Silent errors when getting remote file - both curl and fopen wrappers can emmit errors in cases where remote site is not accessible - do not pass false value to json_decode Signed-off-by: Michal Čihař <michal@cihar.com> Commit: cf83d6afbe4383e7668c1207be6d5bee0646be04 https://github.com/phpmyadmin/phpmyadmin/commit/cf83d6afbe4383e7668c1207be6d... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M libraries/export.lib.php Log Message: ----------- Remove debugging code Signed-off-by: Michal Čihař <michal@cihar.com> Commit: a0ca9394a214afd15a4b883f8953b7b32f3caf04 https://github.com/phpmyadmin/phpmyadmin/commit/a0ca9394a214afd15a4b883f8953... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M libraries/Error.php M test/classes/ErrorTest.php Log Message: ----------- Strip path even if openbasedir restrictions apply This really should not be the case here as what we get here is code executed by PHP, so it should have already passed openbasedir restrictions. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 6e3282e15856192d484f2c56a7ae83796bf2e716 https://github.com/phpmyadmin/phpmyadmin/commit/6e3282e15856192d484f2c56a7ae... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M js/microhistory.js Log Message: ----------- Store copy of hash instead of working on live object This avoids possible race conditions when doing the checks. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: b63bd9977c436f6ad564d429e663bb580bb4e730 https://github.com/phpmyadmin/phpmyadmin/commit/b63bd9977c436f6ad564d429e663... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M libraries/navigation/NavigationHeader.php Log Message: ----------- Stricter validation of NavigationLogoLink It now has to be URL including scheme. Otherwise it's not really possible to validate it for being just http/https. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 3ef6201bd6d43eed7f360bb2ead22ef7c484381e https://github.com/phpmyadmin/phpmyadmin/commit/3ef6201bd6d43eed7f360bb2ead2... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M js/config.js Log Message: ----------- Fix hash validation - use copy of hash to avoid race condition - stricter regex to match whole string Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 45e33d63a252011b02b55b74432c4a90484eaa5e https://github.com/phpmyadmin/phpmyadmin/commit/45e33d63a252011b02b55b74432c... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M libraries/DbQbe.php M libraries/SavedSearches.php Log Message: ----------- Limit maximal number of rows in QBE User would be lost in them anyway by that count and it prevents DOS. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: d62494cd8c99185077f516be76093f4cb4a32837 https://github.com/phpmyadmin/phpmyadmin/commit/d62494cd8c99185077f516be7609... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M ChangeLog M libraries/core.lib.php M po/sl.po M setup/lib/ConfigGenerator.php M show_config_errors.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: ba82f0000c7837bd3b834b24660325652ec27675 https://github.com/phpmyadmin/phpmyadmin/commit/ba82f0000c7837bd3b834b246603... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-18 (Thu, 18 Aug 2016) Changed paths: M index.php M js/functions.js M libraries/Advisor.php M libraries/Footer.php M libraries/Util.php M libraries/navigation/NavigationHeader.php M libraries/plugins/auth/AuthenticationCookie.php M test/classes/AdvisorTest.php M test/classes/FooterTest.php M themes.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: d5c6801a8580f221fc64471016b06cc4dae9ffba https://github.com/phpmyadmin/phpmyadmin/commit/d5c6801a8580f221fc64471016b0... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-24 (Wed, 24 Aug 2016) Changed paths: M ChangeLog M libraries/DisplayResults.php M libraries/navigation/NavigationHeader.php M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php M libraries/sanitizing.lib.php M libraries/special_schema_links.lib.php M po/el.po M po/ia.po M po/pa.po M po/pt_BR.po M po/sl.po M po/uk.po M test/classes/DisplayResultsTest.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: c4714b003c21948e13eb0162c5c951d5e84a1c75 https://github.com/phpmyadmin/phpmyadmin/commit/c4714b003c21948e13eb0162c5c9... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-24 (Wed, 24 Aug 2016) Changed paths: M ChangeLog M index.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 0a20356ec4110e682b5bbb219f5f08db10bc418c https://github.com/phpmyadmin/phpmyadmin/commit/0a20356ec4110e682b5bbb219f5f... Author: Michal Čihař <michal@cihar.com> Date: 2016-08-25 (Thu, 25 Aug 2016) Changed paths: M ChangeLog M js/get_image.js.php M js/get_scripts.js.php M js/whitelist.php M libraries/Config.php M libraries/Table.php M po/pt.po Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 283f5d10ce65e0656f98335bd1f2767fba3be6db https://github.com/phpmyadmin/phpmyadmin/commit/283f5d10ce65e0656f98335bd1f2... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M import.php Log Message: ----------- Fix possible DOS on too big skip value - loop only as long as long we have data to skip - convert skip parameter to integer Signed-off-by: Michal Čihař <michal@cihar.com> Commit: dcc9f8585c49ce2258d40aea511b524488bbce05 https://github.com/phpmyadmin/phpmyadmin/commit/dcc9f8585c49ce2258d40aea511b... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M .gitignore M ChangeLog M js/functions.js M js/sql.js M libraries/Advisor.php M libraries/Linter.php M libraries/Util.php M libraries/common.inc.php M libraries/dbi/DBIMysqli.php M libraries/navigation/nodes/Node.php M libraries/sanitizing.lib.php M po/pt_BR.po M templates/columns_definitions/transformation_option.phtml M test/bootstrap-dist.php M test/libraries/common/PMA_formatNumberByteDown_test.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 7ddcbc0de6283f42fc0592901d88ee53b457bee9 https://github.com/phpmyadmin/phpmyadmin/commit/7ddcbc0de6283f42fc0592901d88... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M libraries/tbl_partition_definition.inc.php Log Message: ----------- Validate (sub)partion count from request before use Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 733a5d582193d32c5435bd6324316c9da1b01678 https://github.com/phpmyadmin/phpmyadmin/commit/733a5d582193d32c5435bd632431... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M libraries/ErrorHandler.php M libraries/Message.php M libraries/plugins/AuthenticationPlugin.php Log Message: ----------- Avoid rendering BB code when showing PHP/MySQL errors Signed-off-by: Michal Čihař <michal@cihar.com> Commit: d01c078b7d48c8f7d4f0784cb4b04ae933a6d23b https://github.com/phpmyadmin/phpmyadmin/commit/d01c078b7d48c8f7d4f0784cb4b0... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M libraries/DatabaseInterface.php M libraries/Error.php M libraries/ErrorHandler.php M libraries/session.inc.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 4c34f140779711e1511c721a262028a929a81f91 https://github.com/phpmyadmin/phpmyadmin/commit/4c34f140779711e1511c721a2620... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M libraries/DatabaseInterface.php M libraries/Error.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: dac36c3cd889f87165ae776e3929fe9f946f67ad https://github.com/phpmyadmin/phpmyadmin/commit/dac36c3cd889f87165ae776e3929... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M index.php M libraries/core.lib.php M test/libraries/core/PMA_isAllowedDomain_test.php Log Message: ----------- Stricter URL validation - do not use empty() as empty('0') is true - do not lowercase the strings, use them as they are - lowercase all domains in our codebase - do not allow to specify port Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 9f0c4c37f3067abcaa7a40b9ef907e343ee62de4 https://github.com/phpmyadmin/phpmyadmin/commit/9f0c4c37f3067abcaa7a40b9ef90... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M test/classes/MessageTest.php Log Message: ----------- Fix test failures with recent changes to Message class Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 2f2e3565ba1e85072d2c1a1f0a06b84bebce8f9f https://github.com/phpmyadmin/phpmyadmin/commit/2f2e3565ba1e85072d2c1a1f0a06... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M libraries/ip_allow_deny.lib.php Log Message: ----------- Use hash_equals when comparing IPv6 allow rules Signed-off-by: Michal Čihař <michal@cihar.com> Commit: c4613745f398f0fdd8bb238ce7f02eea58d7125d https://github.com/phpmyadmin/phpmyadmin/commit/c4613745f398f0fdd8bb238ce7f0... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M po/ru.po M po/sk.po Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 3d99185919cdca3ea31caafc7421c507086bdb9c https://github.com/phpmyadmin/phpmyadmin/commit/3d99185919cdca3ea31caafc7421... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-02 (Fri, 02 Sep 2016) Changed paths: M ChangeLog M libraries/Util.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 2559dc3a62a416eba8284542303173127feeb767 https://github.com/phpmyadmin/phpmyadmin/commit/2559dc3a62a416eba82845423031... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-16 (Fri, 16 Sep 2016) Changed paths: M ChangeLog M import.php M js/config.js M js/functions.js M js/messages.php M js/tbl_structure.js M libraries/DatabaseInterface.php M libraries/VersionInformation.php M libraries/dbi/DBIDummy.php M libraries/import.lib.php M libraries/sanitizing.lib.php M libraries/server_user_groups.lib.php M libraries/sql-parser/src/Components/AlterOperation.php M libraries/sql-parser/src/Components/CreateDefinition.php M libraries/sql-parser/src/Components/IntoKeyword.php M libraries/sql-parser/src/Components/OptionsArray.php M libraries/sql-parser/src/Components/PartitionDefinition.php M libraries/sql-parser/src/Contexts/ContextMySql50000.php M libraries/sql-parser/src/Contexts/ContextMySql50100.php M libraries/sql-parser/src/Contexts/ContextMySql50500.php M libraries/sql-parser/src/Contexts/ContextMySql50600.php M libraries/sql-parser/src/Contexts/ContextMySql50700.php M libraries/sql-parser/src/Statement.php M libraries/sql-parser/src/Statements/CreateStatement.php M libraries/sql-parser/src/Statements/InsertStatement.php M libraries/sql-parser/src/Statements/ReplaceStatement.php M libraries/sql-parser/src/Statements/SetStatement.php M libraries/sql-parser/src/Utils/CLI.php M libraries/sql-parser/src/Utils/Formatter.php M libraries/sql.lib.php M po/az.po M po/hu.po M po/id.po M po/ja.po M po/sk.po M po/zh_CN.po M test/libraries/PMA_sql_test.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 161e408ab760e9be8a58bfdf7ce26881a0570798 https://github.com/phpmyadmin/phpmyadmin/commit/161e408ab760e9be8a58bfdf7ce2... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-19 (Mon, 19 Sep 2016) Changed paths: M ChangeLog M doc/setup.rst M doc/transformations.rst M js/common.js M js/export.js M js/functions.js M js/messages.php M js/rte.js M js/tbl_change.js M libraries/DatabaseInterface.php M libraries/Table.php M libraries/export.lib.php M libraries/insert_edit.lib.php M libraries/rte/rte_export.lib.php M libraries/rte/rte_list.lib.php M libraries/rte/rte_routines.lib.php M libraries/rte/rte_words.lib.php M libraries/server_privileges.lib.php M libraries/tbl_info.inc.php M po/de.po M po/nl.po M tbl_operations.php M test/classes/TableTest.php M test/libraries/PMA_export_test.php M test/libraries/PMA_insert_edit_test.php M test/libraries/PMA_server_privileges_test.php M themes/original/css/common.css.php M themes/pmahomme/css/common.css.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: fbad6b9b4d175aa82cd35972aa2dcd9ef3ec4346 https://github.com/phpmyadmin/phpmyadmin/commit/fbad6b9b4d175aa82cd35972aa2d... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-19 (Mon, 19 Sep 2016) Changed paths: M libraries/plugins/AuthenticationPlugin.php M libraries/plugins/auth/AuthenticationConfig.php M libraries/plugins/auth/AuthenticationCookie.php M libraries/plugins/auth/AuthenticationHttp.php Log Message: ----------- Verify value of access_time to avoid unwanted session extension We need to ansure the access_time parameter is in valid range to avoid possibility of remotely extending session validity. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 3df5113a8c472567308c913b8a6e68f24a6b1f57 https://github.com/phpmyadmin/phpmyadmin/commit/3df5113a8c472567308c913b8a6e... Author: Michal Čihař <michal@cihar.com> Date: 2016-09-26 (Mon, 26 Sep 2016) Changed paths: M ChangeLog M doc/config.rst M js/tbl_structure.js M libraries/Util.php M libraries/config.default.php M libraries/controllers/table/TableSearchController.php M libraries/rte/rte_routines.lib.php M libraries/sql-parser/src/Components/OptionsArray.php M libraries/sql-parser/src/Statements/CreateStatement.php M libraries/sql-parser/src/Statements/InsertStatement.php M libraries/sql-parser/src/Utils/Formatter.php M libraries/sql.lib.php M libraries/tbl_info.inc.php M po/ca.po M po/de.po M po/ja.po M po/ko.po M po/pt_BR.po M po/ru.po M po/sl.po Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: f87358dff730e7a5ada13922108151a9eee107cf https://github.com/phpmyadmin/phpmyadmin/commit/f87358dff730e7a5ada139221081... Author: Deven Bansod <devenbansod.bits@gmail.com> Date: 2016-10-02 (Sun, 02 Oct 2016) Changed paths: M prefs_manage.php Log Message: ----------- Don't assume the default arg_separator in URL Respect the value for arg_separator.input too. Signed-off-by: Deven Bansod <devenbansod.bits@gmail.com> Commit: 17b34be04f5cc2a5f83d73eba7cd41cbc3ebb7b2 https://github.com/phpmyadmin/phpmyadmin/commit/17b34be04f5cc2a5f83d73eba7cd... Author: Michal Čihař <michal@cihar.com> Date: 2016-10-04 (Tue, 04 Oct 2016) Changed paths: M libraries/core.lib.php M test/libraries/core/PMA_safeUnserialize_test.php Log Message: ----------- Correctly parse string length when checking serialized data Signed-off-by: Michal Čihař <michal@cihar.com> Commit: a7a541347b5f5037207a01a2a20a8c13076efce8 https://github.com/phpmyadmin/phpmyadmin/commit/a7a541347b5f5037207a01a2a20a... Author: Michal Čihař <michal@cihar.com> Date: 2016-10-04 (Tue, 04 Oct 2016) Changed paths: M prefs_manage.php Log Message: ----------- Merge branch 'QA_4_6-security' of github.com:phpmyadmin/phpmyadmin-security into QA_4_6-security Commit: 69951525318b246193d82ad7e101748a24a18e93 https://github.com/phpmyadmin/phpmyadmin/commit/69951525318b246193d82ad7e101... Author: Michal Čihař <michal@cihar.com> Date: 2016-10-04 (Tue, 04 Oct 2016) Changed paths: M ChangeLog M doc/config.rst M import.php M js/codemirror/addon/lint/sql-lint.js M libraries/Config.php M libraries/Util.php M libraries/server_privileges.lib.php M libraries/sql-parser/src/Component.php M libraries/sql-parser/src/Components/AlterOperation.php M libraries/sql-parser/src/Components/Array2d.php M libraries/sql-parser/src/Components/ArrayObj.php A libraries/sql-parser/src/Components/CaseExpression.php M libraries/sql-parser/src/Components/Condition.php M libraries/sql-parser/src/Components/CreateDefinition.php M libraries/sql-parser/src/Components/DataType.php M libraries/sql-parser/src/Components/Expression.php M libraries/sql-parser/src/Components/ExpressionArray.php M libraries/sql-parser/src/Components/FunctionCall.php M libraries/sql-parser/src/Components/IntoKeyword.php M libraries/sql-parser/src/Components/JoinKeyword.php M libraries/sql-parser/src/Components/Key.php M libraries/sql-parser/src/Components/Limit.php M libraries/sql-parser/src/Components/OptionsArray.php M libraries/sql-parser/src/Components/OrderKeyword.php M libraries/sql-parser/src/Components/ParameterDefinition.php M libraries/sql-parser/src/Components/PartitionDefinition.php M libraries/sql-parser/src/Components/Reference.php M libraries/sql-parser/src/Components/RenameOperation.php M libraries/sql-parser/src/Components/SetOperation.php M libraries/sql-parser/src/Components/UnionKeyword.php M libraries/sql-parser/src/Context.php M libraries/sql-parser/src/Contexts/ContextMySql50000.php M libraries/sql-parser/src/Contexts/ContextMySql50100.php M libraries/sql-parser/src/Contexts/ContextMySql50500.php M libraries/sql-parser/src/Contexts/ContextMySql50600.php M libraries/sql-parser/src/Contexts/ContextMySql50700.php M libraries/sql-parser/src/Exceptions/LexerException.php M libraries/sql-parser/src/Exceptions/ParserException.php M libraries/sql-parser/src/Lexer.php M libraries/sql-parser/src/Parser.php M libraries/sql-parser/src/Statement.php M libraries/sql-parser/src/Statements/AlterStatement.php M libraries/sql-parser/src/Statements/AnalyzeStatement.php M libraries/sql-parser/src/Statements/BackupStatement.php M libraries/sql-parser/src/Statements/CallStatement.php M libraries/sql-parser/src/Statements/CheckStatement.php M libraries/sql-parser/src/Statements/ChecksumStatement.php M libraries/sql-parser/src/Statements/CreateStatement.php M libraries/sql-parser/src/Statements/DeleteStatement.php M libraries/sql-parser/src/Statements/DropStatement.php M libraries/sql-parser/src/Statements/ExplainStatement.php M libraries/sql-parser/src/Statements/InsertStatement.php M libraries/sql-parser/src/Statements/MaintenanceStatement.php M libraries/sql-parser/src/Statements/NotImplementedStatement.php M libraries/sql-parser/src/Statements/OptimizeStatement.php M libraries/sql-parser/src/Statements/RenameStatement.php M libraries/sql-parser/src/Statements/RepairStatement.php M libraries/sql-parser/src/Statements/ReplaceStatement.php M libraries/sql-parser/src/Statements/RestoreStatement.php M libraries/sql-parser/src/Statements/SelectStatement.php M libraries/sql-parser/src/Statements/SetStatement.php M libraries/sql-parser/src/Statements/ShowStatement.php M libraries/sql-parser/src/Statements/TransactionStatement.php M libraries/sql-parser/src/Statements/TruncateStatement.php M libraries/sql-parser/src/Statements/UpdateStatement.php M libraries/sql-parser/src/Token.php M libraries/sql-parser/src/TokensList.php M libraries/sql-parser/src/UtfString.php M libraries/sql-parser/src/Utils/BufferedQuery.php M libraries/sql-parser/src/Utils/CLI.php M libraries/sql-parser/src/Utils/Error.php M libraries/sql-parser/src/Utils/Formatter.php M libraries/sql-parser/src/Utils/Misc.php M libraries/sql-parser/src/Utils/Query.php M libraries/sql-parser/src/Utils/Routine.php M libraries/sql-parser/src/Utils/Table.php M libraries/sql-parser/src/Utils/Tokens.php M libraries/sql.lib.php M po/id.po M po/mk.po M po/sk.po M po/zh_CN.po R scripts/remove_control_m.sh R scripts/revision-info M server_privileges.php M tbl_export.php M themes/original/css/common.css.php M themes/pmahomme/css/common.css.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 3b8fc504d2a3c1da692cfe703d43d6d81cdc5778 https://github.com/phpmyadmin/phpmyadmin/commit/3b8fc504d2a3c1da692cfe703d43... Author: Deven Bansod <devenbansod.bits@gmail.com> Date: 2016-10-11 (Tue, 11 Oct 2016) Changed paths: M libraries/tracking.lib.php Log Message: ----------- Manage new-lines and extra whitespaces properly Signed-off-by: Deven Bansod <devenbansod.bits@gmail.com> Commit: d74714c45ec246d179aa4b19d81c30903cdff876 https://github.com/phpmyadmin/phpmyadmin/commit/d74714c45ec246d179aa4b19d81c... Author: Deven Bansod <devenbansod.bits@gmail.com> Date: 2016-10-11 (Tue, 11 Oct 2016) Changed paths: M libraries/Tracker.php Log Message: ----------- Manage new-lines and extra whitespaces properly Signed-off-by: Deven Bansod <devenbansod.bits@gmail.com> Commit: 47078395c2aea3d63f1b72d2d26afbd85e2f12f5 https://github.com/phpmyadmin/phpmyadmin/commit/47078395c2aea3d63f1b72d2d26a... Author: Michal Čihař <michal@cihar.com> Date: 2016-10-24 (Mon, 24 Oct 2016) Changed paths: M ChangeLog M README.rst M doc/setup.rst M index.php M js/console.js M js/pmd/move.js M js/tbl_change.js M libraries/Advisor.php M libraries/Table.php M libraries/common.inc.php M libraries/config/ConfigFile.php M libraries/config/Validator.php M libraries/plugins/export/ExportSql.php M libraries/relation.lib.php M libraries/replication.inc.php M libraries/server_privileges.lib.php M libraries/sql.lib.php M po/af.po M po/ar.po M po/az.po M po/be.po M po/be@latin.po M po/bg.po M po/bn.po M po/br.po M po/brx.po M po/bs.po M po/ca.po M po/ckb.po M po/cs.po M po/cy.po M po/da.po M po/de.po M po/el.po M po/en_GB.po M po/eo.po M po/es.po M po/et.po M po/eu.po M po/fa.po M po/fi.po M po/fr.po M po/fy.po M po/gl.po M po/gu.po M po/he.po M po/hi.po M po/hr.po M po/hu.po M po/hy.po M po/ia.po M po/id.po M po/it.po M po/ja.po M po/ka.po M po/kk.po M po/km.po M po/kn.po M po/ko.po M po/ksh.po M po/ky.po M po/li.po M po/lt.po M po/lv.po M po/mk.po M po/ml.po M po/mn.po M po/ms.po M po/nb.po M po/ne.po M po/nl.po M po/pa.po M po/phpmyadmin.pot M po/pl.po M po/pt.po M po/pt_BR.po M po/ro.po M po/ru.po M po/si.po M po/sk.po M po/sl.po M po/sq.po M po/sr.po M po/sr@latin.po M po/sv.po M po/ta.po M po/te.po M po/th.po M po/tk.po M po/tr.po M po/tt.po M po/ug.po M po/uk.po M po/ur.po M po/uz.po M po/uz@latin.po M po/vi.po M po/vls.po M po/zh_CN.po M po/zh_TW.po M prefs_manage.php M server_replication.php M tbl_export.php M tbl_operations.php M test/classes/TableTest.php M test/classes/config/ConfigFileTest.php M test/classes/plugin/export/ExportSqlTest.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: b31c304459c5da18db59f55d1a2c8c77fed74d1f https://github.com/phpmyadmin/phpmyadmin/commit/b31c304459c5da18db59f55d1a2c... Author: Michal Čihař <michal@cihar.com> Date: 2016-10-25 (Tue, 25 Oct 2016) Changed paths: M ChangeLog M js/console.js M js/functions.js M js/messages.php M js/pmd/move.js M js/tbl_change.js M libraries/DisplayResults.php M libraries/Table.php M libraries/sql-parser/src/Components/CreateDefinition.php M libraries/sql-parser/src/Components/Expression.php M libraries/sql-parser/src/Components/JoinKeyword.php M libraries/sql-parser/src/Context.php M libraries/sql-parser/src/Contexts/ContextMySql50000.php M libraries/sql-parser/src/Contexts/ContextMySql50100.php M libraries/sql-parser/src/Contexts/ContextMySql50500.php M libraries/sql-parser/src/Contexts/ContextMySql50600.php M libraries/sql-parser/src/Contexts/ContextMySql50700.php M libraries/sql-parser/src/Lexer.php M libraries/sql-parser/src/Parser.php M libraries/sql-parser/src/Statements/SelectStatement.php M libraries/sql-parser/src/Token.php R phpdox.xml M po/sl.po Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 8119464150081bcc18641281d62991bdff5feff7 https://github.com/phpmyadmin/phpmyadmin/commit/8119464150081bcc18641281d629... Author: Deven Bansod <devenbansod.bits@gmail.com> Date: 2016-11-08 (Tue, 08 Nov 2016) Changed paths: M libraries/core.lib.php M test/libraries/core/PMA_sanitizeMySQLHost_test.php Log Message: ----------- Handle multiple `:p` while sanitizing MySQL hosts Signed-off-by: Deven Bansod <devenbansod.bits@gmail.com> Commit: 636a38cf8a3572219c84e893ca5061eafffad7c5 https://github.com/phpmyadmin/phpmyadmin/commit/636a38cf8a3572219c84e893ca50... Author: Michal Čihař <michal@cihar.com> Date: 2016-11-08 (Tue, 08 Nov 2016) Changed paths: M ChangeLog M doc/faq.rst M js/functions.js M js/makegrid.js M js/messages.php M js/tbl_change.js M libraries/Footer.php M libraries/Table.php M libraries/pmd_common.php M po/af.po M po/ar.po M po/az.po M po/be.po M po/be@latin.po M po/bg.po M po/bn.po M po/br.po M po/brx.po M po/bs.po M po/ca.po M po/ckb.po M po/cs.po M po/cy.po M po/da.po M po/de.po M po/el.po M po/en_GB.po M po/eo.po M po/es.po M po/et.po M po/eu.po M po/fa.po M po/fi.po M po/fr.po M po/fy.po M po/gl.po M po/gu.po M po/he.po M po/hi.po M po/hr.po M po/hu.po M po/hy.po M po/ia.po M po/id.po M po/it.po M po/ja.po M po/ka.po M po/kk.po M po/km.po M po/kn.po M po/ko.po M po/ksh.po M po/ky.po M po/li.po M po/lt.po M po/lv.po M po/mk.po M po/ml.po M po/mn.po M po/ms.po M po/nb.po M po/ne.po M po/nl.po M po/pa.po M po/phpmyadmin.pot M po/pl.po M po/pt.po M po/pt_BR.po M po/ro.po M po/ru.po M po/si.po M po/sk.po M po/sl.po M po/sq.po M po/sr.po M po/sr@latin.po M po/sv.po M po/ta.po M po/te.po M po/th.po M po/tk.po M po/tr.po M po/tt.po M po/ug.po M po/uk.po M po/ur.po M po/uz.po M po/uz@latin.po M po/vi.po M po/vls.po M po/zh_CN.po M po/zh_TW.po M templates/table/relation/common_form.phtml M templates/table/relation/foreign_key_row.phtml M test/classes/TableTest.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 970de0ac7abe8a4d81333dac3329720f4263654a https://github.com/phpmyadmin/phpmyadmin/commit/970de0ac7abe8a4d81333dac3329... Author: Michal Čihař <michal@cihar.com> Date: 2016-11-10 (Thu, 10 Nov 2016) Changed paths: M ChangeLog M browse_foreigners.php M db_operations.php M db_tracking.php M import.php M js/pmd/history.js M libraries/DatabaseInterface.php M libraries/DbSearch.php M libraries/DisplayResults.php M libraries/Menu.php M libraries/Partition.php M libraries/RecentFavoriteTable.php M libraries/SavedSearches.php M libraries/SystemDatabase.php M libraries/Table.php M libraries/Tracker.php M libraries/Util.php M libraries/bookmark.lib.php M libraries/central_columns.lib.php M libraries/common.inc.php M libraries/controllers/server/ServerVariablesController.php M libraries/controllers/table/TableSearchController.php M libraries/controllers/table/TableStructureController.php M libraries/create_addfield.lib.php M libraries/db_designer.lib.php M libraries/db_table_exists.lib.php M libraries/dbi/DBIDummy.php M libraries/dbi/DBIExtension.php M libraries/dbi/DBIMysql.php M libraries/dbi/DBIMysqli.php M libraries/display_export.lib.php M libraries/export.lib.php M libraries/import.lib.php M libraries/insert_edit.lib.php M libraries/mysql_charsets.lib.php M libraries/navigation/Navigation.php M libraries/navigation/NavigationTree.php M libraries/navigation/nodes/Node.php M libraries/navigation/nodes/NodeDatabase.php M libraries/navigation/nodes/NodeTable.php M libraries/operations.lib.php M libraries/plugins/export/ExportSql.php M libraries/plugins/export/ExportXml.php M libraries/plugins/import/ImportCsv.php M libraries/plugins/import/ImportLdi.php M libraries/plugins/schema/pdf/Pdf.php M libraries/pmd_common.php M libraries/relation.lib.php M libraries/relation_cleanup.lib.php M libraries/replication.inc.php M libraries/replication_gui.lib.php M libraries/rte/rte_events.lib.php M libraries/rte/rte_list.lib.php M libraries/rte/rte_routines.lib.php M libraries/rte/rte_triggers.lib.php M libraries/rte/rte_words.lib.php M libraries/server_privileges.lib.php M libraries/server_status_monitor.lib.php M libraries/server_user_groups.lib.php M libraries/sql-parser/src/Components/CreateDefinition.php M libraries/sql-parser/src/Parser.php M libraries/sql-parser/src/Statement.php M libraries/sql-parser/src/Utils/Query.php M libraries/sql.lib.php M libraries/tracking.lib.php M libraries/transformations.lib.php M libraries/user_preferences.lib.php M phpunit.xml.dist M po/af.po M po/ar.po M po/az.po M po/be.po M po/be@latin.po M po/bg.po M po/bn.po M po/br.po M po/brx.po M po/bs.po M po/ca.po M po/ckb.po M po/cs.po M po/cy.po M po/da.po M po/de.po M po/el.po M po/en_GB.po M po/eo.po M po/es.po M po/et.po M po/eu.po M po/fa.po M po/fi.po M po/fr.po M po/fy.po M po/gl.po M po/gu.po M po/he.po M po/hi.po M po/hr.po M po/hu.po M po/hy.po M po/ia.po M po/id.po M po/it.po M po/ja.po M po/ka.po M po/kk.po M po/km.po M po/kn.po M po/ko.po M po/ksh.po M po/ky.po M po/li.po M po/lt.po M po/lv.po M po/mk.po M po/ml.po M po/mn.po M po/ms.po M po/nb.po M po/ne.po M po/nl.po M po/pa.po M po/phpmyadmin.pot M po/pl.po M po/pt.po M po/pt_BR.po M po/ro.po M po/ru.po M po/si.po M po/sk.po M po/sl.po M po/sq.po M po/sr.po M po/sr@latin.po M po/sv.po M po/ta.po M po/te.po M po/th.po M po/tk.po M po/tr.po M po/tt.po M po/ug.po M po/uk.po M po/ur.po M po/uz.po M po/uz@latin.po M po/vi.po M po/vls.po M po/zh_CN.po M po/zh_TW.po M test/classes/DbSearchTest.php M test/classes/TableTest.php M test/classes/ThemeManagerTest.php M test/classes/TrackerTest.php M test/classes/controllers/TableSearchControllerTest.php M test/classes/navigation/NavigationTest.php M test/classes/navigation/NodeTest.php M test/classes/plugin/export/ExportHtmlwordTest.php M test/classes/plugin/export/ExportLatexTest.php M test/classes/plugin/export/ExportOdsTest.php M test/classes/plugin/export/ExportOdtTest.php M test/classes/plugin/export/ExportSqlTest.php M test/classes/plugin/export/ExportTexytextTest.php M test/classes/plugin/export/ExportXmlTest.php M test/classes/plugin/import/ImportLdiTest.php M test/classes/plugin/import/ImportOdsTest.php M test/libraries/PMA_PMD_common_test.php M test/libraries/PMA_central_columns_test.php M test/libraries/PMA_designer_test.php M test/libraries/PMA_insert_edit_test.php M test/libraries/PMA_server_privileges_test.php M test/libraries/PMA_server_user_groups_test.php M test/libraries/PMA_user_preferences_test.php M test/libraries/common/PMA_quoting_slashing_test.php M test/libraries/rte/PMA_EVN_getQueryFromRequest_test.php M test/libraries/rte/PMA_RTN_getQueryFromRequest_test.php M user_password.php Log Message: ----------- Merge branch 'QA_4_6' into QA_4_6-security Commit: 5daee71272efd87a24fe58f90303e82a5b6caf6d https://github.com/phpmyadmin/phpmyadmin/commit/5daee71272efd87a24fe58f90303... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2016-11-24 (Thu, 24 Nov 2016) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.php Log Message: ----------- 4.6.5 release and ChangeLog Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Commit: 253894e2995ae4175f4429bf5cdaedfb6a722988 https://github.com/phpmyadmin/phpmyadmin/commit/253894e2995ae4175f4429bf5cda... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2016-11-24 (Thu, 24 Nov 2016) Changed paths: M ChangeLog M README M doc/conf.py M import.php M index.php M js/config.js M js/microhistory.js M libraries/Config.php M libraries/DbQbe.php M libraries/Error.php M libraries/ErrorHandler.php M libraries/Message.php M libraries/SavedSearches.php M libraries/Tracker.php M libraries/VersionInformation.php M libraries/core.lib.php M libraries/export.lib.php M libraries/ip_allow_deny.lib.php M libraries/plugins/AuthenticationPlugin.php M libraries/plugins/auth/AuthenticationConfig.php M libraries/plugins/auth/AuthenticationCookie.php M libraries/plugins/auth/AuthenticationHttp.php M libraries/tbl_partition_definition.inc.php M libraries/tracking.lib.php M prefs_manage.php M test/classes/ErrorTest.php M test/classes/MessageTest.php M test/libraries/core/PMA_isAllowedDomain_test.php M test/libraries/core/PMA_safeUnserialize_test.php M test/libraries/core/PMA_sanitizeMySQLHost_test.php Log Message: ----------- Resolve merge conflicts with ChangeLog Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Commit: b1136b88b16ec398ab4422bb3c3d55c17f6afc45 https://github.com/phpmyadmin/phpmyadmin/commit/b1136b88b16ec398ab4422bb3c3d... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2016-11-25 (Fri, 25 Nov 2016) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.php Log Message: ----------- Prepare for 4.6.6-dev Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Compare: https://github.com/phpmyadmin/phpmyadmin/compare/637d55bb4459...b1136b88b16e