From shatha.1995 at yahoo.com Tue Sep 10 15:02:27 2019 From: shatha.1995 at yahoo.com (Shatha Abu Saloum) Date: Tue, 10 Sep 2019 13:02:27 +0000 (UTC) Subject: [phpMyAdmin Developers] MyPhpAdmin Issue References: <1889859700.3341533.1568120547342.ref@mail.yahoo.com> Message-ID: <1889859700.3341533.1568120547342@mail.yahoo.com> Hi Dears I have A proplem in my database I thinks there a change make this error can fix it from mysql or return to database before change to fix it spectraqa.com is currently unable to handle this request. HTTP ERROR 500 -------------- next part -------------- An HTML attachment was scrubbed... URL: From ashkardev at gmail.com Sun Sep 15 23:30:09 2019 From: ashkardev at gmail.com (Ashkar Dev) Date: Mon, 16 Sep 2019 00:30:09 +0300 Subject: [phpMyAdmin Developers] PHP and PhpMyAdmin Licenses Message-ID: Hi, can anyone answer my questions about PHP and PhpMyAdmin Licenses? Can I create web application with PHP and sell it and prevent buyer from reselling? is it legal? what the licenses is about? -------------- next part -------------- An HTML attachment was scrubbed... URL: From bennetch at gmail.com Mon Sep 16 19:57:50 2019 From: bennetch at gmail.com (Isaac Bennetch) Date: Mon, 16 Sep 2019 13:57:50 -0400 Subject: [phpMyAdmin Developers] PHP and PhpMyAdmin Licenses In-Reply-To: References: Message-ID: Hi Ashkar, On Sun, Sep 15, 2019 at 5:32 PM Ashkar Dev wrote: > > Hi, can anyone answer my questions about PHP and PhpMyAdmin Licenses? I can try. Note that I'm not a lawyer and my answers are, mostly, my interpretation of license terms. > Can I create web application with PHP and sell it and prevent buyer from reselling? PHP is a programming language and doesn't explicitly require anything of you or your users/customers. If you choose to use a particular library within your application, however, you'll be restricted by the terms of that license. Since this list is about the phpMyAdmin application, you may be able to get more specific answers from the developers of the libraries you use or from a general PHP interest mailing list. The phpMyAdmin program, for instance, is distributed under the GPL2 license (https://www.phpmyadmin.net/license/) which allows others (such as web hosts) to distribute the application or make modifications, but requires that the source be available and that any changes are published. Other licenses can prevent commercial use outright. > is it legal? what the licenses is about? Hope that helps, Isaac > _______________________________________________ > Developers mailing list > Developers at phpmyadmin.net > https://lists.phpmyadmin.net/mailman/listinfo/developers From lokirahul123 at gmail.com Tue Sep 17 19:12:09 2019 From: lokirahul123 at gmail.com (Loki R) Date: Tue, 17 Sep 2019 22:42:09 +0530 Subject: [phpMyAdmin Developers] Hi TEAM Message-ID: I HAVE SOME QUERIES IN PHPMYADMIN -------------- next part -------------- An HTML attachment was scrubbed... URL: From tdreed at abrimos.com Wed Sep 18 12:55:41 2019 From: tdreed at abrimos.com (Todd Reed) Date: Wed, 18 Sep 2019 06:55:41 -0400 Subject: [phpMyAdmin Developers] Bug Posted by Another User Message-ID: <861F1545-2014-4CBD-8078-26399CC116EE@abrimos.com> It “seems" it would be an easy fix. According to the original poster it says he alerted the development team. I searched the archive and maybe he private messaged a couple developers? https://www.cvedetails.com/cve/CVE-2019-12922/ https://seclists.org/fulldisclosure/2019/Sep/23 The bug would have very low probability of exploit. You would have to be logged into an existing phpmyadmin session and simultaneously trick the user to click on a link while in the setup stage. Thought I would post here that the bug is publicly posted. Thanks, Todd P.S. Enjoy phpmyadmin. Been using it off and on over a decade. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bennetch at gmail.com Thu Sep 19 13:11:38 2019 From: bennetch at gmail.com (Isaac Bennetch) Date: Thu, 19 Sep 2019 07:11:38 -0400 Subject: [phpMyAdmin Developers] Bug Posted by Another User In-Reply-To: <861F1545-2014-4CBD-8078-26399CC116EE@abrimos.com> References: <861F1545-2014-4CBD-8078-26399CC116EE@abrimos.com> Message-ID: Hi Todd, Thanks for reaching out to us. You're correct that the attack vector here is quite small, and as such when it was first reported we decided to fix it as part of our regular bugfixing process, targeting phpMyAdmin 4.9.1. The fix is actually already completed in a private way where we track security patches, just waiting for me to release 4.9.1. There was indeed a report to our private security list, so that's why you didn't see it referenced in the public archives. Thanks for the kind words, we always love hearing from our users. We also appreciate you calling our attention to this publication. Isaac On Wed, Sep 18, 2019 at 6:57 AM Todd Reed wrote: > > It “seems" it would be an easy fix. According to the original poster it says he alerted the development team. > > I searched the archive and maybe he private messaged a couple developers? > > https://www.cvedetails.com/cve/CVE-2019-12922/ > > https://seclists.org/fulldisclosure/2019/Sep/23 > > The bug would have very low probability of exploit. You would have to be logged into an existing phpmyadmin session and simultaneously trick the user to click on a link while in the setup stage. > > Thought I would post here that the bug is publicly posted. > > Thanks, > Todd > > P.S. Enjoy phpmyadmin. Been using it off and on over a decade. > > _______________________________________________ > Developers mailing list > Developers at phpmyadmin.net > https://lists.phpmyadmin.net/mailman/listinfo/developers From info at sebastianmendel.de Fri Sep 20 17:38:31 2019 From: info at sebastianmendel.de (Sebastian Mendel) Date: Fri, 20 Sep 2019 17:38:31 +0200 Subject: [phpMyAdmin Developers] Hi TEAM In-Reply-To: References: Message-ID: THAT'S FINE! Am Di., 17. Sept. 2019 um 19:12 Uhr schrieb Loki R : > I HAVE SOME QUERIES IN PHPMYADMIN > _______________________________________________ > Developers mailing list > Developers at phpmyadmin.net > https://lists.phpmyadmin.net/mailman/listinfo/developers > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bennetch at gmail.com Sat Sep 21 06:07:52 2019 From: bennetch at gmail.com (Isaac Bennetch) Date: Sat, 21 Sep 2019 00:07:52 -0400 Subject: [phpMyAdmin Developers] phpMyAdmin 4.9.1 is released Message-ID: <8758041b-6cf2-ed46-2bc2-d195b2f379ee@gmail.com> Welcome to phpMyAdmin 4.9.1, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of the team that the reported attack vector did not justify a separate release. This release includes fixes for many bugs, including: - Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 and newer - Compatibility issues with PHP 8 - Export of GIS visualization - Enhanced descriptions for several collation types - Creating a user with a single quote in the password string - Unexpected quotes during import and export on text fields - Improvements to adding new tables to Designer - Fix an issue where an authenticated user could trigger heavy traffic between the database server and web server - Fix a weakness where an attacker, under certain conditions, working at the same time as an administrator is using the setup script, could delete a server from the setup script There are many, many more bug fixes thanks to the efforts of our developers, Google Summer of Code applicants, and other contributors. The phpMyAdmin team -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: From Serena.Laing at tufts.edu Mon Sep 23 14:47:59 2019 From: Serena.Laing at tufts.edu (Laing, Serena J) Date: Mon, 23 Sep 2019 12:47:59 +0000 Subject: [phpMyAdmin Developers] 404 page not found Message-ID: I used PHPAdmin services through a domain linked to one website and have since switched servers/websites. I can no longer access it through the link that I used to and still own the domain, it just exists on a different server. I get the 404 page not found error when I try to get to it now. Does anyone know how to fix this? -------------- next part -------------- An HTML attachment was scrubbed... URL: From hector.mcneill at hectormcneill.com Mon Sep 23 17:06:11 2019 From: hector.mcneill at hectormcneill.com (hector.mcneill at hectormcneill.com) Date: Mon, 23 Sep 2019 16:06:11 +0100 Subject: [phpMyAdmin Developers] altering a data type in existing database table Message-ID: <00D56A6620904000975859EC260F4A04.MAI@navatec.com> I am new to mysql/myphoadmin but have created a table in a database and inserted data via PHP This worked OK but one of the fields is truncated. It is one I set at decimal instead of decimal(3.2) ie type 4.25; How can I use myphadmin to to alter just this item - it doesnt matter if this disturbs the data since I have emptied the table BUT I dont know how to get to the correct dialog to alter the datatype. Is there a troubleshhooting or maintenance manual somewhere which might contain this info. I realise this is pretty basic but I cant find the solution. Help very much appreciated. Heki -------------- next part -------------- An HTML attachment was scrubbed... URL: