[Phpmyadmin-devel] Phpmyadmin-devel Digest, Vol 87, Issue 7

Abhishek Batra batraabhishek1993 at live.com
Thu Oct 10 11:04:22 CEST 2013




Sent from my HTC

----- Reply message -----
From: phpmyadmin-devel-request at lists.sourceforge.net
To: <phpmyadmin-devel at lists.sourceforge.net>
Subject: Phpmyadmin-devel Digest, Vol 87, Issue 7
Date: Mon, Oct 7, 2013 4:45 PM




Send Phpmyadmin-devel mailing list submissions to
        phpmyadmin-devel at lists.sourceforge.net

To subscribe or unsubscribe via the World Wide Web, visit
        https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
or, via email, send a message with subject or body 'help' to
        phpmyadmin-devel-request at lists.sourceforge.net

You can reach the person managing the list at
        phpmyadmin-devel-owner at lists.sourceforge.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Phpmyadmin-devel digest..."


Today's Topics:

   1. Re: how to allow access to page without token (Michal ?iha?)
   2. Re: how to allow access to page without token (Marc Delisle)
   3. Re: phpMyAdmin 4.1.0-alpha1 is released (Marc Delisle)
   4. Re: how to allow access to page without token (Mohamed Ashraf)
   5. phpMyAdmin 4.1.0-alpha2 is released (Marc Delisle)
   6. phpMyAdmin 4.0.8 is released (Marc Delisle)
   7. phpMyAdmin joins Software Freedom Conservancy (Michal ?iha?)


----------------------------------------------------------------------

Message: 1
Date: Thu, 3 Oct 2013 15:43:47 +0200
From: Michal ?iha? <michal at cihar.com>
Subject: Re: [Phpmyadmin-devel] how to allow access to page without
        token
To: phpmyadmin-devel at lists.sourceforge.net
Message-ID: <20131003154347.3867b599 at rincewind.suse.cz>
Content-Type: text/plain; charset="utf-8"

Hi

Dne Thu, 3 Oct 2013 15:34:16 +0200
Mohamed Ashraf <mohamed.ashraf.213 at gmail.com> napsal(a):

> yes normally it is but during logout the token is reset multiple times and
> is changed after the page is loaded somewhere so when the
> get_scripts.js.php is being fetched an old and invalid token is used thus
> the page is not displayed.
>
> here is what happens:
> 1 - the logout page is requested,
> 2 - token is reset since the user is not logged in
> 3 - then the html is created to load the get_scripts file using this new
> token which is correct
> 4 - some time after this the token is reset again. I dont know where this
> happens. I output the token in the end of the response class response
> method and it is still the same.
> 5 - the request to the get_script file is made using the old token which is
> rejected

I don't see need to load anything from common.inc or do token protection
on get_script, please comment:

https://github.com/phpmyadmin/phpmyadmin/pull/729

--
        Michal ?iha? | http://cihar.com | http://blog.cihar.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available

------------------------------

Message: 2
Date: Thu, 03 Oct 2013 09:17:28 -0400
From: Marc Delisle <marc at infomarc.info>
Subject: Re: [Phpmyadmin-devel] how to allow access to page without
        token
To: phpmyadmin-devel at lists.sourceforge.net
Message-ID: <524D6E68.40003 at infomarc.info>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Mohamed Ashraf a ?crit :
> I want to allow access to the scripts page without a token and at the same
> time I want to check the current config settings. The current method I use
> to check config settings is by including common.inc.php to the script but
> the problem is that common.inc.php removes all GET params if the token is
> incorrect.
>
> Is there another way to get the config settings other than including
> common.inc.php

Did you try

require_once './libraries/Config.class.php';
$GLOBALS['PMA_Config'] = new PMA_Config(CONFIG_FILE);


--
Marc Delisle
http://infomarc.info



------------------------------

Message: 3
Date: Thu, 03 Oct 2013 07:32:20 -0400
From: Marc Delisle <marc at infomarc.info>
Subject: Re: [Phpmyadmin-devel] phpMyAdmin 4.1.0-alpha1 is released
To: phpmyadmin-devel at lists.sourceforge.net
Message-ID: <524D55C4.1040607 at infomarc.info>
Content-Type: text/plain; charset=ISO-8859-1

Le 2013-10-03 07:15, Marc Delisle a ?crit :
> Le 2013-10-03 07:12, Mohamed Ashraf a ?crit :
>>
>>
>>
>> On Tue, Oct 1, 2013 at 1:41 PM, Marc Delisle <marc at infomarc.info
>> <mailto:marc at infomarc.info>> wrote:
>>
>>     Welcome to the first alpha release for phpMyAdmin 4.1.0, containing new
>>     features and fixes.
>>
>>     Details will appear on http://phpmyadmin.net. In a hurry? you can visit
>>     https://sourceforge.net/projects/phpmyadmin/files to download.
>>
>>     Marc Delisle, for the team
>>
>> Hello Marc,
>> Which commit is actually used for this release ?
>
> Hi Mohamed,
> you mean which branch ? It's the master branch, until we reach the
> release candidate stage.
>
>
And if you want to see which commit, there is a tag
(RELEASE_4_1_0ALPHA1) that marks the exact point.

--
Marc Delisle
http://infomarc.info



------------------------------

Message: 4
Date: Thu, 3 Oct 2013 16:51:54 +0200
From: Mohamed Ashraf <mohamed.ashraf.213 at gmail.com>
Subject: Re: [Phpmyadmin-devel] how to allow access to page without
        token
To: phpmyadmin-devel at lists.sourceforge.net
Message-ID:
        <CAHreesjU0RoyYAkchs4QDFaURCHUfu7h3NF3jyRqhDjTuCJwCA at mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

On Thu, Oct 3, 2013 at 3:43 PM, Michal ?iha? <michal at cihar.com> wrote:

> Hi
>
> Dne Thu, 3 Oct 2013 15:34:16 +0200
> Mohamed Ashraf <mohamed.ashraf.213 at gmail.com> napsal(a):
>
> > yes normally it is but during logout the token is reset multiple times
> and
> > is changed after the page is loaded somewhere so when the
> > get_scripts.js.php is being fetched an old and invalid token is used thus
> > the page is not displayed.
> >
> > here is what happens:
> > 1 - the logout page is requested,
> > 2 - token is reset since the user is not logged in
> > 3 - then the html is created to load the get_scripts file using this new
> > token which is correct
> > 4 - some time after this the token is reset again. I dont know where this
> > happens. I output the token in the end of the response class response
> > method and it is still the same.
> > 5 - the request to the get_script file is made using the old token which
> is
> > rejected
>
> I don't see need to load anything from common.inc or do token protection
> on get_script, please comment:
>
> https://github.com/phpmyadmin/phpmyadmin/pull/729

I didnt realize that we removed js minification entirely. Since we actually
stopped minifying files I no longer need to access the config. This should
work perfectly

>
>
> --
>         Michal ?iha? | http://cihar.com | http://blog.cihar.com
>
>
> ------------------------------------------------------------------------------
> October Webinars: Code for Performance
> Free Intel webinars can help you accelerate application performance.
> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most
> from
> the latest Intel processors and coprocessors. See abstracts and register >
> http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
> _______________________________________________
> Phpmyadmin-devel mailing list
> Phpmyadmin-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
>
>


--
Mohamed Ashraf
-------------- next part --------------
An HTML attachment was scrubbed...

------------------------------

Message: 5
Date: Fri, 04 Oct 2013 05:52:43 -0400
From: Marc Delisle <marc at infomarc.info>
Subject: [Phpmyadmin-devel] phpMyAdmin 4.1.0-alpha2 is released
To: phpmyadmin-devel at lists.sourceforge.net,
        phpmyadmin-news at lists.sf.net
Message-ID: <524E8FEB.1050305 at infomarc.info>
Content-Type: text/plain; charset=ISO-8859-1

Welcome to the second alpha release for phpMyAdmin 4.1.0, containing new
features and fixes.

Details will appear on http://phpmyadmin.net. In a hurry? you can visit
https://sourceforge.net/projects/phpmyadmin/files to download.

Marc Delisle, for the team



------------------------------

Message: 6
Date: Sun, 06 Oct 2013 08:45:42 -0400
From: Marc Delisle <marc at infomarc.info>
Subject: [Phpmyadmin-devel] phpMyAdmin 4.0.8 is released
To: phpmyadmin-devel at lists.sourceforge.net,
        phpmyadmin-news at lists.sf.net
Message-ID: <52515B76.1090008 at infomarc.info>
Content-Type: text/plain; charset=ISO-8859-1

Welcome to phpMyAdmin 4.0.8, a bugfix version.

Details will appear on http://phpmyadmin.net. In a hurry? you can visit
https://sourceforge.net/projects/phpmyadmin/files to download.

Marc Delisle, for the team



------------------------------

Message: 7
Date: Mon, 7 Oct 2013 13:14:44 +0200
From: Michal ?iha? <michal at cihar.com>
Subject: [Phpmyadmin-devel] phpMyAdmin joins Software Freedom
        Conservancy
To: phpmyadmin-news at lists.sf.net,
        phpmyadmin-devel at lists.sourceforge.net
Message-ID: <20131007131444.4d667bad at rincewind.suse.cz>
Content-Type: text/plain; charset="utf-8"

phpMyAdmin becomes the first member project to join Conservancy in 2013.

Today, Software Freedom Conservancy welcomes the phpMyAdmin project as
its newest member. phpMyAdmin joins 28 sister member projects who all
call Conservancy their non-profit corporate home.

Conservancy is a non-profit public charity that provides a range of
financial and administrative services to member projects that
develop Free, Libre, and Open Source Software (FLOSS). Conservancy's
assistance allows software developers and documenters to focus on those
activities exclusively.

By joining Conservancy, phpMyAdmin obtains the benefits of a formal
non-profit organizational structure while keeping the project focused
on software development and documentation. Some benefits of joining
Conservancy include the ability to collect donations, hold assets on
behalf of the project, and some protection of the lead developers of
the project from personal liability when engaging in the activities of
the project. Software Freedom Conservancy, Inc. is a tax-exempt
501(c)(3) organization, incorporated in New York State.

Other FLOSS projects that seek to join Conservancy are encouraged to
apply.

phpMyAdmin

phpMyAdmin is a free and open source web interface for the MySQL,
MariaDB and Drizzle database systems. Frequently used operations
(managing databases, tables, columns, relations, indexes, users,
permissions, etc) can be performed via the user interface, while you
still have the ability to directly execute any SQL statement.

Since its first release in September 1998, phpMyAdmin has been adopted
by thousands of web host providers, and has translations underway for
more than seventy languages.

--
        Michal ?iha?, for the team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available

------------------------------

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk

------------------------------

_______________________________________________
Phpmyadmin-devel mailing list
Phpmyadmin-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel


End of Phpmyadmin-devel Digest, Vol 87, Issue 7
***********************************************


More information about the Developers mailing list