[phpMyAdmin Git] [phpmyadmin/phpmyadmin] 9f3823: Sent CSP headers for phpinfo
Michal Čihař
michal at cihar.com
Wed Aug 17 08:53:05 CEST 2016
Branch: refs/heads/master
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: 9f3823a6bc986e911b52b41338881ff35dccc37c
https://github.com/phpmyadmin/phpmyadmin/commit/9f3823a6bc986e911b52b41338881ff35dccc37c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-06-30 (Thu, 30 Jun 2016)
Changed paths:
M phpinfo.php
Log Message:
-----------
Sent CSP headers for phpinfo
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 4183bab696c68ef8ee5cb2d58cb8fb2795b0e802
https://github.com/phpmyadmin/phpmyadmin/commit/4183bab696c68ef8ee5cb2d58cb8fb2795b0e802
Author: Michal Čihař <michal at cihar.com>
Date: 2016-06-30 (Thu, 30 Jun 2016)
Changed paths:
M changelog.php
Log Message:
-----------
Send CSP headers on changelog
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 5491d67fb545ef9878b59e05a10f814f7a92a7ad
https://github.com/phpmyadmin/phpmyadmin/commit/5491d67fb545ef9878b59e05a10f814f7a92a7ad
Author: Michal Čihař <michal at cihar.com>
Date: 2016-06-30 (Thu, 30 Jun 2016)
Changed paths:
M libraries/Util.php
Log Message:
-----------
Avoid possible path traversal using MySQL username
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: a82835cf09c20b381b9c8a7bfe337a11ab904ab2
https://github.com/phpmyadmin/phpmyadmin/commit/a82835cf09c20b381b9c8a7bfe337a11ab904ab2
Author: Michal Čihař <michal at cihar.com>
Date: 2016-06-30 (Thu, 30 Jun 2016)
Changed paths:
M libraries/plugins/export/ExportPhparray.php
Log Message:
-----------
Generate valid PHP code even when table/database name contains PHP markup
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 2b5915ce7b061df005373b3ebf5affe7345ef141
https://github.com/phpmyadmin/phpmyadmin/commit/2b5915ce7b061df005373b3ebf5affe7345ef141
Author: Michal Čihař <michal at cihar.com>
Date: 2016-06-30 (Thu, 30 Jun 2016)
Changed paths:
M libraries/plugins/export/ExportPhparray.php
Log Message:
-----------
Use phpMyAdmin version in PHP export header
Using fixed 0.2b really makes no sense.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 99d7407aa2817cd9852bf7f4ed03a28d8aac293e
https://github.com/phpmyadmin/phpmyadmin/commit/99d7407aa2817cd9852bf7f4ed03a28d8aac293e
Author: Michal Čihař <michal at cihar.com>
Date: 2016-06-30 (Thu, 30 Jun 2016)
Changed paths:
M test/classes/plugin/export/ExportPhparrayTest.php
Log Message:
-----------
Fix PHP export tests
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: bd2080c40aa05b883109fbf9739ffb4c674af698
https://github.com/phpmyadmin/phpmyadmin/commit/bd2080c40aa05b883109fbf9739ffb4c674af698
Author: Michal Čihař <michal at cihar.com>
Date: 2016-06-30 (Thu, 30 Jun 2016)
Changed paths:
M test/classes/plugin/export/ExportXmlTest.php
Log Message:
-----------
Adjust test to not use HTML escaping layer
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 7de139b90ca6926d9ec06c2684ef8877a01b5ed7
https://github.com/phpmyadmin/phpmyadmin/commit/7de139b90ca6926d9ec06c2684ef8877a01b5ed7
Author: Michal Čihař <michal at cihar.com>
Date: 2016-06-30 (Thu, 30 Jun 2016)
Changed paths:
M libraries/plugins/export/ExportXml.php
M test/classes/plugin/export/ExportXmlTest.php
Log Message:
-----------
Properly escape generated XML export
Many fields could contain XML markup, so we need to ensure the generated
XML is valid.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: a97be3a604cb9a56074b76905792479251e744a7
https://github.com/phpmyadmin/phpmyadmin/commit/a97be3a604cb9a56074b76905792479251e744a7
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-08 (Fri, 08 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Improve cookie encryption
- use MAC to validate content before decryption
- create unique IV for every cookie
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: c0b2d56ac0a94c371004f25a5ae3d0ec247516f5
https://github.com/phpmyadmin/phpmyadmin/commit/c0b2d56ac0a94c371004f25a5ae3d0ec247516f5
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-09 (Sat, 09 Jul 2016)
Changed paths:
M doc/other.rst
M js/tbl_structure.js
M libraries/import.lib.php
M libraries/plugins/import/README
M po/az.po
M po/bg.po
M po/bn.po
M po/ca.po
M po/cs.po
M po/da.po
M po/de.po
M po/el.po
M po/en_GB.po
M po/es.po
M po/et.po
M po/fi.po
M po/fr.po
M po/gl.po
M po/hi.po
M po/hu.po
M po/ia.po
M po/id.po
M po/it.po
M po/ja.po
M po/ko.po
M po/lt.po
M po/nb.po
M po/nl.po
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/ro.po
M po/ru.po
M po/si.po
M po/sk.po
M po/sl.po
M po/sq.po
M po/sv.po
M po/th.po
M po/tr.po
M po/uk.po
M po/ur.po
M po/uz.po
M po/uz at latin.po
M po/vi.po
M po/zh_CN.po
M po/zh_TW.po
M scripts/create-release.sh
M test/libraries/core/PMA_getLinks_test.php
Log Message:
-----------
Use https for wiki links
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 6f75f8a26116e9afb365d2d7489bfc2971939820
https://github.com/phpmyadmin/phpmyadmin/commit/6f75f8a26116e9afb365d2d7489bfc2971939820
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-09 (Sat, 09 Jul 2016)
Changed paths:
M changelog.php
M js/tbl_structure.js
M libraries/Util.php
M libraries/import.lib.php
M libraries/plugins/auth/AuthenticationCookie.php
M libraries/plugins/export/ExportPhparray.php
M libraries/plugins/export/ExportXml.php
M libraries/plugins/import/README
M phpinfo.php
M po/az.po
M po/bg.po
M po/bn.po
M po/ca.po
M po/cs.po
M po/da.po
M po/de.po
M po/el.po
M po/en_GB.po
M po/es.po
M po/et.po
M po/fi.po
M po/fr.po
M po/gl.po
M po/hi.po
M po/hu.po
M po/ia.po
M po/id.po
M po/it.po
M po/ja.po
M po/ko.po
M po/lt.po
M po/nb.po
M po/nl.po
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/ro.po
M po/ru.po
M po/si.po
M po/sk.po
M po/sl.po
M po/sq.po
M po/sv.po
M po/th.po
M po/tr.po
M po/uk.po
M po/ur.po
M po/uz.po
M po/uz at latin.po
M po/vi.po
M po/zh_CN.po
M po/zh_TW.po
M scripts/create-release.sh
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/export/ExportPhparrayTest.php
M test/classes/plugin/export/ExportXmlTest.php
M test/libraries/core/PMA_getLinks_test.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 57dd8e6f9951524ca1c93d38c0b6f76d3927eed0
https://github.com/phpmyadmin/phpmyadmin/commit/57dd8e6f9951524ca1c93d38c0b6f76d3927eed0
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-09 (Sat, 09 Jul 2016)
Changed paths:
M doc/faq.rst
Log Message:
-----------
Use https for wiki links
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 1ed4007689ebbb6b6a08a242025382d0f8d347b1
https://github.com/phpmyadmin/phpmyadmin/commit/1ed4007689ebbb6b6a08a242025382d0f8d347b1
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-10 (Sun, 10 Jul 2016)
Changed paths:
M libraries/replication_gui.lib.php
M libraries/server_status_variables.lib.php
Log Message:
-----------
Properly escape MySQL status variables
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: c4a595357f8393915f8a2258f8997b5d1ba6f1f0
https://github.com/phpmyadmin/phpmyadmin/commit/c4a595357f8393915f8a2258f8997b5d1ba6f1f0
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2016-07-10 (Sun, 10 Jul 2016)
Changed paths:
M examples/openid.php
M examples/signon.php
Log Message:
-----------
Add Secure and HttpOnly flags for session cookie setup in examples
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 6aacd7dcfef8a04898393009dea11ddd07a3891d
https://github.com/phpmyadmin/phpmyadmin/commit/6aacd7dcfef8a04898393009dea11ddd07a3891d
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M libraries/ip_allow_deny.lib.php
M test/libraries/PMA_ip_allow_deny_test.php
Log Message:
-----------
Make proxy IP parsing aware of multiple proxies
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 8f93d41d64a88c2578c0d2adc665fd25d7e442bf
https://github.com/phpmyadmin/phpmyadmin/commit/8f93d41d64a88c2578c0d2adc665fd25d7e442bf
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M examples/openid.php
M examples/signon.php
M libraries/ip_allow_deny.lib.php
M libraries/replication_gui.lib.php
M libraries/server_status_variables.lib.php
M test/libraries/PMA_ip_allow_deny_test.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 08864ebc8c66f2e1971342472b7527985bc52794
https://github.com/phpmyadmin/phpmyadmin/commit/08864ebc8c66f2e1971342472b7527985bc52794
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M test/libraries/PMA_ip_allow_deny_test.php
Log Message:
-----------
Remove not needed include
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 23c011df36c6cc9c977beba3faf3b3f665159319
https://github.com/phpmyadmin/phpmyadmin/commit/23c011df36c6cc9c977beba3faf3b3f665159319
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M libraries/core.lib.php
M libraries/ip_allow_deny.lib.php
Log Message:
-----------
Move PMA_getIp to core
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 2b59fa3bf9692f59eff802c6e761bdd22f5db86f
https://github.com/phpmyadmin/phpmyadmin/commit/2b59fa3bf9692f59eff802c6e761bdd22f5db86f
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M libraries/Logging.php
M libraries/plugins/auth/AuthenticationCookie.php
Log Message:
-----------
Use PMA_getIp instead of REMOTE_ADDR to get user address
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: fc6ef261eb4469f764d1e305a4ac617d26ca1864
https://github.com/phpmyadmin/phpmyadmin/commit/fc6ef261eb4469f764d1e305a4ac617d26ca1864
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M .scrutinizer.yml
M build.xml
M config.sample.inc.php
M doc/config.rst
M doc/setup.rst
R examples/swekey.sample.conf
M libraries/config.default.php
M libraries/config/messages.inc.php
M libraries/config/setup.forms.php
M libraries/plugins/auth/AuthenticationCookie.php
R libraries/plugins/auth/swekey/authentication.inc.php
R libraries/plugins/auth/swekey/musbe-ca.crt
R libraries/plugins/auth/swekey/swekey.auth.lib.php
R libraries/plugins/auth/swekey/swekey.php
M phpunit.xml.dist
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Remove Swekey support
It is buggy and their servers are no longer working.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 0f23cac3537eb1e1072845f470be580ec37eaa68
https://github.com/phpmyadmin/phpmyadmin/commit/0f23cac3537eb1e1072845f470be580ec37eaa68
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: de3181277e747a94fb0b0213f3d11576458b72cd
https://github.com/phpmyadmin/phpmyadmin/commit/de3181277e747a94fb0b0213f3d11576458b72cd
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M libraries/Error.php
Log Message:
-----------
Include only relative path in backtrace
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 660e3a177f4933018c94ba1270a61b2437aa1163
https://github.com/phpmyadmin/phpmyadmin/commit/660e3a177f4933018c94ba1270a61b2437aa1163
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M libraries/core.lib.php
Log Message:
-----------
Remove debugging code
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 152386627ad749925195b88d409fe72090183294
https://github.com/phpmyadmin/phpmyadmin/commit/152386627ad749925195b88d409fe72090183294
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-11 (Mon, 11 Jul 2016)
Changed paths:
M libraries/Error.php
M libraries/core.lib.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: cc7d01daa7fe3c525718c7ef19f82d13e51cc080
https://github.com/phpmyadmin/phpmyadmin/commit/cc7d01daa7fe3c525718c7ef19f82d13e51cc080
Author: Madhura Jayaratne <madhura.cj at gmail.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M templates/table/gis_visualization/gis_visualization.phtml
Log Message:
-----------
Fix XSS in tbl_gis_visualization.php
Signed-off-by: Madhura Jayaratne <madhura.cj at gmail.com>
Commit: cbba4f4fdb18ad071e3d515a0e96067939d3352b
https://github.com/phpmyadmin/phpmyadmin/commit/cbba4f4fdb18ad071e3d515a0e96067939d3352b
Author: Madhura Jayaratne <madhura.cj at gmail.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/replication_gui.lib.php
Log Message:
-----------
Fix XSS in server_replication.php
Signed-off-by: Madhura Jayaratne <madhura.cj at gmail.com>
Commit: 5873af7d75b123b9aa0d137cba2bb209e2bdd21f
https://github.com/phpmyadmin/phpmyadmin/commit/5873af7d75b123b9aa0d137cba2bb209e2bdd21f
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M ChangeLog
M libraries/Header.php
M po/es.po
M po/ko.po
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/sq.po
M po/th.po
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: a49948797464fcb36525b48366d4f235688ede5c
https://github.com/phpmyadmin/phpmyadmin/commit/a49948797464fcb36525b48366d4f235688ede5c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M ChangeLog
M libraries/Header.php
M po/es.po
M po/fr.po
M po/ko.po
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/sq.po
M po/th.po
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 0bf21ebf720a552c8e727a6cca1c653e20c3160a
https://github.com/phpmyadmin/phpmyadmin/commit/0bf21ebf720a552c8e727a6cca1c653e20c3160a
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
Log Message:
-----------
Use whitelist rather than blacklist for URL filtering
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3434c70a5159648e62bb208ae1bc235089193a2f
https://github.com/phpmyadmin/phpmyadmin/commit/3434c70a5159648e62bb208ae1bc235089193a2f
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
M libraries/replication_gui.lib.php
M po/es.po
M po/ko.po
M po/sq.po
M templates/table/gis_visualization/gis_visualization.phtml
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 8b5cafc9f3d199d419d8f0e0ce9f3b5bb51d5d2b
https://github.com/phpmyadmin/phpmyadmin/commit/8b5cafc9f3d199d419d8f0e0ce9f3b5bb51d5d2b
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M po/sq.po
Log Message:
-----------
Fix wrong merge resolution
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 27b8005fa0835d6bc7122fb2f7dd09b7b2e1dea7
https://github.com/phpmyadmin/phpmyadmin/commit/27b8005fa0835d6bc7122fb2f7dd09b7b2e1dea7
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 2090eb57aaada8a2fc1c6e34ceaae657ef2ec404
https://github.com/phpmyadmin/phpmyadmin/commit/2090eb57aaada8a2fc1c6e34ceaae657ef2ec404
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M .travis.yml
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 36ba6d9aba3bc17d125b87761d4cde60ae9e9ef4
https://github.com/phpmyadmin/phpmyadmin/commit/36ba6d9aba3bc17d125b87761d4cde60ae9e9ef4
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Log Message:
-----------
Merge branch 'master' into master-security
Commit: bd472d51449ed2792f249ccf3e18000bf2e14b40
https://github.com/phpmyadmin/phpmyadmin/commit/bd472d51449ed2792f249ccf3e18000bf2e14b40
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 1412fc14d12f532ba9cd6f5fbc00b4479ef0c3fb
https://github.com/phpmyadmin/phpmyadmin/commit/1412fc14d12f532ba9cd6f5fbc00b4479ef0c3fb
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M doc/credits.rst
M doc/faq.rst
M doc/glossary.rst
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 3c06eede3fda803fb2b931598e26d61563a4502b
https://github.com/phpmyadmin/phpmyadmin/commit/3c06eede3fda803fb2b931598e26d61563a4502b
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M changelog.php
M libraries/display_git_revision.lib.php
M libraries/engines/Pbxt.php
M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/sanitizing.lib.php
M templates/list/item.phtml
M themes.php
Log Message:
-----------
Add rel="noopener noreferrer" to all target="_blank" links
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3b0115a32159608a930e03a4d3a8830cb3520c54
https://github.com/phpmyadmin/phpmyadmin/commit/3b0115a32159608a930e03a4d3a8830cb3520c54
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M test/classes/DisplayResultsTest.php
M test/classes/engines/PbxtTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
Log Message:
-----------
Adjust tests to recent changes
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: fb1884295f7d08256387b94b6efc7a8d474bfcda
https://github.com/phpmyadmin/phpmyadmin/commit/fb1884295f7d08256387b94b6efc7a8d474bfcda
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M changelog.php
M libraries/Sanitize.php
M libraries/display_git_revision.lib.php
M libraries/engines/Pbxt.php
M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M templates/list/item.phtml
M test/classes/DisplayResultsTest.php
M test/classes/engines/PbxtTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
M themes.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 2ea0b722d7cb7affbfa3f02c9442f0b6f0833306
https://github.com/phpmyadmin/phpmyadmin/commit/2ea0b722d7cb7affbfa3f02c9442f0b6f0833306
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/ImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
Log Message:
-----------
Use _blank target instead of invalid _new
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 065b876c1a906246cda1fee6f690c4d85c022a79
https://github.com/phpmyadmin/phpmyadmin/commit/065b876c1a906246cda1fee6f690c4d85c022a79
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/ImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 6da13e2a1cbcd204617ab140ab70e08258473e33
https://github.com/phpmyadmin/phpmyadmin/commit/6da13e2a1cbcd204617ab140ab70e08258473e33
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/plugins/export/ExportMediawiki.php
Log Message:
-----------
Escape HTML in Mediawiki comments
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 303ace23b5d177569ac0754c1de4c043336891bc
https://github.com/phpmyadmin/phpmyadmin/commit/303ace23b5d177569ac0754c1de4c043336891bc
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/plugins/export/ExportMediawiki.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 78bed3c4441bc8ea1b4bf380eb51d100e39841ca
https://github.com/phpmyadmin/phpmyadmin/commit/78bed3c4441bc8ea1b4bf380eb51d100e39841ca
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/tracking.lib.php
Log Message:
-----------
Ensure last version is numeric
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 8095b837faec8508201e500b7c7ff25fe2269fbf
https://github.com/phpmyadmin/phpmyadmin/commit/8095b837faec8508201e500b7c7ff25fe2269fbf
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M examples/openid.php
M examples/signon.php
Log Message:
-----------
Hide session error messages to avoid FPD
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 0d57c09bd582f6f138bb4583374a83b673520fa7
https://github.com/phpmyadmin/phpmyadmin/commit/0d57c09bd582f6f138bb4583374a83b673520fa7
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M import.php
M libraries/File.php
M libraries/file_listing.lib.php
Log Message:
-----------
Do not allow symlinks in UploadDir
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: c3401ec878abea4a5c0436816e81d414a8aab1ce
https://github.com/phpmyadmin/phpmyadmin/commit/c3401ec878abea4a5c0436816e81d414a8aab1ce
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M examples/openid.php
M examples/signon.php
M import.php
M libraries/File.php
M libraries/file_listing.lib.php
M libraries/tracking.lib.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 2f79bacefab46fc43cedd70917c50800caaa417a
https://github.com/phpmyadmin/phpmyadmin/commit/2f79bacefab46fc43cedd70917c50800caaa417a
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/config/ServerConfigChecks.php
Log Message:
-----------
Use phpseclib's Crypt module to generate encryption keys
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 2ef4fe3d842f25e1ad0551e7ca4781b5fc7a4e59
https://github.com/phpmyadmin/phpmyadmin/commit/2ef4fe3d842f25e1ad0551e7ca4781b5fc7a4e59
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/FormattedTransformationsPlugin.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
Log Message:
-----------
Use iframe sandbox for rendering HTML in transformation
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f00b2587495ecb5bab87e0876c9431e0c6aeb21b
https://github.com/phpmyadmin/phpmyadmin/commit/f00b2587495ecb5bab87e0876c9431e0c6aeb21b
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/config/ServerConfigChecks.php
M libraries/plugins/transformations/abs/FormattedTransformationsPlugin.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: e749214b1681ce6af31df169f57b0c23d2a40232
https://github.com/phpmyadmin/phpmyadmin/commit/e749214b1681ce6af31df169f57b0c23d2a40232
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/VersionInformation.php
M libraries/error_report.lib.php
Log Message:
-----------
Prefer curl over file_get_contents
Curl is better in SSL certificate verification.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3d628c7fa548cac8a98aa79d3bea958a90974840
https://github.com/phpmyadmin/phpmyadmin/commit/3d628c7fa548cac8a98aa79d3bea958a90974840
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/VersionInformation.php
M libraries/error_report.lib.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 767195e197e1b75609875330602aa203782e8671
https://github.com/phpmyadmin/phpmyadmin/commit/767195e197e1b75609875330602aa203782e8671
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/config/Validator.php
M libraries/core.lib.php
M libraries/plugins/auth/AuthenticationCookie.php
M libraries/replication.inc.php
A test/libraries/core/PMA_sanitizeMySQLHost_test.php
Log Message:
-----------
Sanitize MySQL host name before connecting
It can contain p: prefix which we don't want to honor.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 5299b369833e4ccaa7abdd5a76019a6cba0634e1
https://github.com/phpmyadmin/phpmyadmin/commit/5299b369833e4ccaa7abdd5a76019a6cba0634e1
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/config/Validator.php
M libraries/core.lib.php
M libraries/plugins/auth/AuthenticationCookie.php
M libraries/replication.inc.php
A test/libraries/core/PMA_sanitizeMySQLHost_test.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: ba072e42dc15123bdd61185ccce85e384ca452b6
https://github.com/phpmyadmin/phpmyadmin/commit/ba072e42dc15123bdd61185ccce85e384ca452b6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/core.lib.php
M libraries/tracking.lib.php
A test/libraries/core/PMA_safeUnserialize_test.php
Log Message:
-----------
Validate serialized data before unserializing
We need only strings, integers or arrays, so there is no need to
unserialize strings containing any complex types.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: dfa389aa5a2e086fd437fec4ebba1dddec50cbce
https://github.com/phpmyadmin/phpmyadmin/commit/dfa389aa5a2e086fd437fec4ebba1dddec50cbce
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/core.lib.php
M libraries/tracking.lib.php
A test/libraries/core/PMA_safeUnserialize_test.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: bde4ef735b0620f8b11deb21f29a79d9942a98ce
https://github.com/phpmyadmin/phpmyadmin/commit/bde4ef735b0620f8b11deb21f29a79d9942a98ce
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M templates/server/databases/create.phtml
Log Message:
-----------
Escape suggested database name
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 80b03a4f1629957c4b3f22288147e5ed8495856b
https://github.com/phpmyadmin/phpmyadmin/commit/80b03a4f1629957c4b3f22288147e5ed8495856b
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/db_designer.lib.php
M libraries/plugins/export/ExportSql.php
M libraries/plugins/schema/ExportRelationSchema.php
M libraries/pmd_common.php
M libraries/relation.lib.php
Log Message:
-----------
Ensure page number is integer
Even if somebody decides to change configuration storage structure.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: c2ca1c8c22dd5d3c401be15594bccc9d176215bd
https://github.com/phpmyadmin/phpmyadmin/commit/c2ca1c8c22dd5d3c401be15594bccc9d176215bd
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/db_designer.lib.php
M libraries/plugins/export/ExportSql.php
M libraries/plugins/schema/ExportRelationSchema.php
M libraries/pmd_common.php
M libraries/relation.lib.php
M templates/server/databases/create.phtml
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 7ef96c5cdc2adc16f4d8530ad90c76715825d471
https://github.com/phpmyadmin/phpmyadmin/commit/7ef96c5cdc2adc16f4d8530ad90c76715825d471
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/RecentFavoriteTable.php
M libraries/Table.php
Log Message:
-----------
Correctly escape MySQL username in queries
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 24246115f5f1a348fbc3a4222eeb53ee6be623fa
https://github.com/phpmyadmin/phpmyadmin/commit/24246115f5f1a348fbc3a4222eeb53ee6be623fa
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M libraries/RecentFavoriteTable.php
M libraries/Table.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 1290f9895bbcda839d0ae0b150114b9d43ab33f7
https://github.com/phpmyadmin/phpmyadmin/commit/1290f9895bbcda839d0ae0b150114b9d43ab33f7
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M po/ko.po
Log Message:
-----------
Fix merge error in po file
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: e9d5efd69d7b43459de0724ff920863481a755a5
https://github.com/phpmyadmin/phpmyadmin/commit/e9d5efd69d7b43459de0724ff920863481a755a5
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-12 (Tue, 12 Jul 2016)
Changed paths:
M po/ko.po
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 551031da09f461a8cef3f6e5883bd0baf1a872dc
https://github.com/phpmyadmin/phpmyadmin/commit/551031da09f461a8cef3f6e5883bd0baf1a872dc
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M transformation_wrapper.php
Log Message:
-----------
Validate image scaling dimensions
Ensure we pass only integers and they are not too big.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: dee23704eefa7366bb4300847d98a8127d958e4c
https://github.com/phpmyadmin/phpmyadmin/commit/dee23704eefa7366bb4300847d98a8127d958e4c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M doc/faq.rst
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 71ccd06aa97fefb427924b2f370a7147a3104f95
https://github.com/phpmyadmin/phpmyadmin/commit/71ccd06aa97fefb427924b2f370a7147a3104f95
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M transformation_wrapper.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: ceeef537488b348a9ec4c485159e7f097f71bea5
https://github.com/phpmyadmin/phpmyadmin/commit/ceeef537488b348a9ec4c485159e7f097f71bea5
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/display_export.lib.php
Log Message:
-----------
Add missing escaping to the export type
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: dd732134f27abc6fc41d4ec52a9e02914ca8fdf6
https://github.com/phpmyadmin/phpmyadmin/commit/dd732134f27abc6fc41d4ec52a9e02914ca8fdf6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugin_interface.lib.php
Log Message:
-----------
Do not try to create non existing classes
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 6b9197d7df9a77716c1bac83b39a17a33c0cffec
https://github.com/phpmyadmin/phpmyadmin/commit/6b9197d7df9a77716c1bac83b39a17a33c0cffec
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/display_export.lib.php
M libraries/plugin_interface.lib.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: dc52930bbab226ce7b7555c3f8714b3fd31d0499
https://github.com/phpmyadmin/phpmyadmin/commit/dc52930bbab226ce7b7555c3f8714b3fd31d0499
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugins/export/ExportSql.php
Log Message:
-----------
Properly handle newlines in SQL comments
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 7e510e8e92b33493aded0086c0b87d8ed7bdec78
https://github.com/phpmyadmin/phpmyadmin/commit/7e510e8e92b33493aded0086c0b87d8ed7bdec78
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M templates/table/structure/display_structure.phtml
Log Message:
-----------
Properly escape partition removal query
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 9e3492730ebf6d60dafd0283f605c6ad09f8271a
https://github.com/phpmyadmin/phpmyadmin/commit/9e3492730ebf6d60dafd0283f605c6ad09f8271a
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M transformation_wrapper.php
Log Message:
-----------
Do not use empty MIME type
This will turn on content sniffing in browser leading to unwanted
results.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: c3a3531b61bb0c886d4d6838356c32f655a1123c
https://github.com/phpmyadmin/phpmyadmin/commit/c3a3531b61bb0c886d4d6838356c32f655a1123c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M transformation_wrapper.php
Log Message:
-----------
Escape HTML markup in transformation wrapper
...in case content type is html.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f0ad030460ac4a7e9fe8378afe9c10a96e7579fa
https://github.com/phpmyadmin/phpmyadmin/commit/f0ad030460ac4a7e9fe8378afe9c10a96e7579fa
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugins/export/ExportSql.php
M templates/table/structure/display_structure.phtml
M transformation_wrapper.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 9f11a0e81198ef39664453de8531f9d627819c9e
https://github.com/phpmyadmin/phpmyadmin/commit/9f11a0e81198ef39664453de8531f9d627819c9e
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/server_user_groups.lib.php
Log Message:
-----------
Add missing escaping in user group queries
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: cc6853538cec697b67e03fbfef2e5f2c7ebc481f
https://github.com/phpmyadmin/phpmyadmin/commit/cc6853538cec697b67e03fbfef2e5f2c7ebc481f
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/RegexValidationTransformationsPlugin.php
Log Message:
-----------
Properly escape error input in the message
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: c3310536b2896a12dab3e0f7715c7e693221de25
https://github.com/phpmyadmin/phpmyadmin/commit/c3310536b2896a12dab3e0f7715c7e693221de25
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/ImageUploadTransformationsPlugin.php
Log Message:
-----------
Ensure widht and height are integers
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: dc899d8e7584b6bfb104d66668527e9609a80b36
https://github.com/phpmyadmin/phpmyadmin/commit/dc899d8e7584b6bfb104d66668527e9609a80b36
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
Log Message:
-----------
Ensure widht and height are integers
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: e4be768781a6c17ece9d2d3f34f9aa0f3e2e1056
https://github.com/phpmyadmin/phpmyadmin/commit/e4be768781a6c17ece9d2d3f34f9aa0f3e2e1056
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
Log Message:
-----------
Ensure widht and height are integers
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 987cce0bcf2f0ba9b705638343872f56283a0508
https://github.com/phpmyadmin/phpmyadmin/commit/987cce0bcf2f0ba9b705638343872f56283a0508
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M js/tbl_relation.js
Log Message:
-----------
Properly escape foreign key selection
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: a7333d7cc750ab279a34a71fdf89a017a57c6d45
https://github.com/phpmyadmin/phpmyadmin/commit/a7333d7cc750ab279a34a71fdf89a017a57c6d45
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M js/tbl_relation.js
M libraries/plugins/transformations/abs/ImageUploadTransformationsPlugin.php
M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
M libraries/plugins/transformations/abs/RegexValidationTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/server_user_groups.lib.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 42c868b69171f7c6095a55ab3998481cb1674d2c
https://github.com/phpmyadmin/phpmyadmin/commit/42c868b69171f7c6095a55ab3998481cb1674d2c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M templates/table/search/zoom_result_form.phtml
Log Message:
-----------
HML encode embedded JSON data
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 52978a57ad016a267c598850ee3490dd38537c1a
https://github.com/phpmyadmin/phpmyadmin/commit/52978a57ad016a267c598850ee3490dd38537c1a
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M templates/table/search/zoom_result_form.phtml
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 97ff98bc6270735d545190b73522b82c0f67ef0c
https://github.com/phpmyadmin/phpmyadmin/commit/97ff98bc6270735d545190b73522b82c0f67ef0c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M test/classes/plugin/transformations/TransformationPluginsTest.php
Log Message:
-----------
Fix tests for transformations
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 7b3dc673d2b0630cabcc47bf823ea6af73366c26
https://github.com/phpmyadmin/phpmyadmin/commit/7b3dc673d2b0630cabcc47bf823ea6af73366c26
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugins/export/ExportSql.php
Log Message:
-----------
Fix exporting multiline comments
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: af8385dc878523a5aa648423b6f33c4f936de95b
https://github.com/phpmyadmin/phpmyadmin/commit/af8385dc878523a5aa648423b6f33c4f936de95b
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M test/classes/plugin/transformations/TransformationPluginsTest.php
Log Message:
-----------
Fix tests for transformations
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 205694982bf5f9a9d2bda80255fef22166dbd4a9
https://github.com/phpmyadmin/phpmyadmin/commit/205694982bf5f9a9d2bda80255fef22166dbd4a9
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/plugins/export/ExportSql.php
Log Message:
-----------
Fix exporting multiline comments
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f0100b81ec503f6d0ab8d1071d63ed902869d223
https://github.com/phpmyadmin/phpmyadmin/commit/f0100b81ec503f6d0ab8d1071d63ed902869d223
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 306c148098c105aa403a01620c79c56cd1f347c6
https://github.com/phpmyadmin/phpmyadmin/commit/306c148098c105aa403a01620c79c56cd1f347c6
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/navigation/nodes/NodeDatabase.php
Log Message:
-----------
Add missing escaping in navigation pane
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: f1a910bb7d218ddfd4d8980bd618ebf179910405
https://github.com/phpmyadmin/phpmyadmin/commit/f1a910bb7d218ddfd4d8980bd618ebf179910405
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2016-07-13 (Wed, 13 Jul 2016)
Changed paths:
M libraries/navigation/nodes/NodeDatabase.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 3a4172525f07753a4ac120cef15df457f0560b6c
https://github.com/phpmyadmin/phpmyadmin/commit/3a4172525f07753a4ac120cef15df457f0560b6c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
M libraries/plugins/auth/recaptcha/ReCaptcha/ReCaptcha.php
A libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/Curl.php
A libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/CurlPost.php
M libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/Socket.php
M libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/SocketPost.php
M libraries/plugins/auth/recaptcha/ReCaptcha/RequestParameters.php
M libraries/plugins/auth/recaptcha/autoload.php
M libraries/tcpdf/README.TXT
M libraries/tcpdf/include/sRGB.icc
M libraries/tcpdf/include/tcpdf_fonts.php
M libraries/tcpdf/include/tcpdf_images.php
M libraries/tcpdf/include/tcpdf_static.php
M libraries/tcpdf/tcpdf.php
M po/ar.po
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 7913196d21f785dc8198104f3fb7bf747aca1039
https://github.com/phpmyadmin/phpmyadmin/commit/7913196d21f785dc8198104f3fb7bf747aca1039
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
M doc/conf.py
M po/ar.po
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 3ca72e9c73c5fafd41d82e46a3e035e40abebf06
https://github.com/phpmyadmin/phpmyadmin/commit/3ca72e9c73c5fafd41d82e46a3e035e40abebf06
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 2610daed9d003029965db7e888bc4e78f7a4d7e1
https://github.com/phpmyadmin/phpmyadmin/commit/2610daed9d003029965db7e888bc4e78f7a4d7e1
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
M libraries/navigation/nodes/NodeDatabase.php
Log Message:
-----------
Merge branch 'master-security' of github.com:phpmyadmin/phpmyadmin-security into master-security
Commit: c0a05eced47cb83ff9953829853262a30addb142
https://github.com/phpmyadmin/phpmyadmin/commit/c0a05eced47cb83ff9953829853262a30addb142
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
M libraries/navigation/nodes/NodeDatabase.php
Log Message:
-----------
Merge branch 'QA_4_6-security' of github.com:phpmyadmin/phpmyadmin-security into QA_4_6-security
Commit: 1543be7138be5de37f6152a2b6d09cc74e1cb42f
https://github.com/phpmyadmin/phpmyadmin/commit/1543be7138be5de37f6152a2b6d09cc74e1cb42f
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
M doc/config.rst
M libraries/plugins/export/ExportXml.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/export/ExportXmlTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
M test/libraries/PMA_FormDisplay_tpl_test.php
M test/libraries/PMA_sanitize_test.php
M test/test_data/exploit_test.sql
M test/test_data/phpmyadmin_importXML_For_Testing.xml
M test/test_data/pma_bookmark.sql
Log Message:
-----------
Use https to access phpmyadmin.net
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3f98ad5414dc2ad0c6a148acc75c12d2311d0dcc
https://github.com/phpmyadmin/phpmyadmin/commit/3f98ad5414dc2ad0c6a148acc75c12d2311d0dcc
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
M doc/config.rst
M libraries/plugins/export/ExportXml.php
M test/classes/SanitizeTest.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/export/ExportXmlTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
M test/libraries/PMA_FormDisplay_tpl_test.php
M test/test_data/exploit_test.sql
M test/test_data/phpmyadmin_importXML_For_Testing.xml
M test/test_data/pma_bookmark.sql
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 7e6edaf756201034b5e08b40f3ffb9f8af9a7d49
https://github.com/phpmyadmin/phpmyadmin/commit/7e6edaf756201034b5e08b40f3ffb9f8af9a7d49
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
A test/libraries/core/PMA_isAllowedDomain_test.php
Log Message:
-----------
Add tests for PMA_isAllowedDomain
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 67d6eeac42c599e53e81781961dadfcb3d8aac23
https://github.com/phpmyadmin/phpmyadmin/commit/67d6eeac42c599e53e81781961dadfcb3d8aac23
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
M libraries/core.lib.php
M test/libraries/core/PMA_isAllowedDomain_test.php
Log Message:
-----------
Improve URL filtering in url.php
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3ba8a026fc403e68ae4854fa0addd00135eb7848
https://github.com/phpmyadmin/phpmyadmin/commit/3ba8a026fc403e68ae4854fa0addd00135eb7848
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-18 (Mon, 18 Jul 2016)
Changed paths:
M libraries/core.lib.php
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Use hash_hmac for MAC rather than plain SHA1
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f45b8cd49cbad2c8b92d02fa2435921d15490b29
https://github.com/phpmyadmin/phpmyadmin/commit/f45b8cd49cbad2c8b92d02fa2435921d15490b29
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
Log Message:
-----------
Use different secret for MAC than encryption
Generated using string splitting.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 2a2d865d50508458e683b96fa7d33ca5976b1d11
https://github.com/phpmyadmin/phpmyadmin/commit/2a2d865d50508458e683b96fa7d33ca5976b1d11
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Validate input data from cookies
We expect strings only, so not accept anything else.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: e2a25d773d28c9440087f3f54be45680d903d2d2
https://github.com/phpmyadmin/phpmyadmin/commit/e2a25d773d28c9440087f3f54be45680d903d2d2
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Merge pmaServer and pmaPass cookies
This addresses several issues:
- makes server name encrypted and authenticated, so that it can not be
tampered
- reduces cookie usage
- reduces overhead of encryption/authentication
The pmaUser cookie is still separate to avoid different lifetime
(pmaUser has month lifetime, while pmaAuth is session only by default).
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: d29df46b3aec576da5d8949b0792f25b63d0ac54
https://github.com/phpmyadmin/phpmyadmin/commit/d29df46b3aec576da5d8949b0792f25b63d0ac54
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Do not generate too long session secret
We need 16+16 bytes, generating 256 is not really needed.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: ef03daf658db501ddce304a1d2d0cd59dc4a6c71
https://github.com/phpmyadmin/phpmyadmin/commit/ef03daf658db501ddce304a1d2d0cd59dc4a6c71
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Remove hashing of blowfish secret
New code doesn't have problems with longer secrets.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f07fd90ee910e4c6f31c310521faff460f046c28
https://github.com/phpmyadmin/phpmyadmin/commit/f07fd90ee910e4c6f31c310521faff460f046c28
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M doc/config.rst
M index.php
M libraries/config/ServerConfigChecks.php
Log Message:
-----------
Document recommended length of 32 for blowfish_secret
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 2b7be93829c38ccee7e05e769e4878280dc30ed6
https://github.com/phpmyadmin/phpmyadmin/commit/2b7be93829c38ccee7e05e769e4878280dc30ed6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/config/ServerConfigChecks.php
Log Message:
-----------
Improve Blowfish secret generation in setup script
Now generates secret containing all printable ASCII chars, making it way
more random than with hex encoded random string.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f693c103be7103591902484a232728dcc79a8b02
https://github.com/phpmyadmin/phpmyadmin/commit/f693c103be7103591902484a232728dcc79a8b02
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M config.sample.inc.php
M doc/setup.rst
Log Message:
-----------
Document 32 chars length for blowfish_secret
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3ee65fc8bf3f3d105ed0c532c9344f5feab553ae
https://github.com/phpmyadmin/phpmyadmin/commit/3ee65fc8bf3f3d105ed0c532c9344f5feab553ae
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Use MAC to verify IV as well
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 48764f226073be9fb52c7b68101fb8f7b12e3d5f
https://github.com/phpmyadmin/phpmyadmin/commit/48764f226073be9fb52c7b68101fb8f7b12e3d5f
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/import/ImportShp.php
Log Message:
-----------
Delete temporary file before reporting error
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: d9f918c36550e0e0706b00e5e9811068c6cb4bc8
https://github.com/phpmyadmin/phpmyadmin/commit/d9f918c36550e0e0706b00e5e9811068c6cb4bc8
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M doc/conf.py
M libraries/server_privileges.lib.php
M po/ckb.po
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 0b60b78e9d9a2b7948abf58a75dbd77a356044b3
https://github.com/phpmyadmin/phpmyadmin/commit/0b60b78e9d9a2b7948abf58a75dbd77a356044b3
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M doc/conf.py
M libraries/server_privileges.lib.php
M po/ckb.po
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 2adf1ca83e5b55c2608eb996e3d0d59b5eea1131
https://github.com/phpmyadmin/phpmyadmin/commit/2adf1ca83e5b55c2608eb996e3d0d59b5eea1131
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M config.sample.inc.php
M doc/config.rst
M doc/setup.rst
M index.php
M libraries/config/ServerConfigChecks.php
M libraries/core.lib.php
M libraries/plugins/auth/AuthenticationCookie.php
M libraries/plugins/import/ImportShp.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
A test/libraries/core/PMA_isAllowedDomain_test.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: ddeab2a11ffd9ffdbb0db84e9c763ce202a4a4aa
https://github.com/phpmyadmin/phpmyadmin/commit/ddeab2a11ffd9ffdbb0db84e9c763ce202a4a4aa
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/import/ImportShp.php
M libraries/zip_extension.lib.php
M test/libraries/PMA_zip_extension_test.php
Log Message:
-----------
Sanitize filename on SHP import
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 52586bd949c1b7a159c871fbaf00006fc06f2b98
https://github.com/phpmyadmin/phpmyadmin/commit/52586bd949c1b7a159c871fbaf00006fc06f2b98
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/import/ImportShp.php
M libraries/zip_extension.lib.php
M test/libraries/PMA_zip_extension_test.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 41e3db158f15abfcc44840071a9e20beb00753ae
https://github.com/phpmyadmin/phpmyadmin/commit/41e3db158f15abfcc44840071a9e20beb00753ae
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/navigation/NavigationTree.php
M libraries/navigation/nodes/Node.php
Log Message:
-----------
Properly escape NavigationTreeDbSeparator in queries
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 5d1a6af96f91a14c91e6a5d3ba3b1e0af5f43769
https://github.com/phpmyadmin/phpmyadmin/commit/5d1a6af96f91a14c91e6a5d3ba3b1e0af5f43769
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/advisory_rules.txt
M libraries/sanitizing.lib.php
M test/classes/MessageTest.php
M url.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 65b9eb54d9f26da6ade8f8843a2d78e49608119b
https://github.com/phpmyadmin/phpmyadmin/commit/65b9eb54d9f26da6ade8f8843a2d78e49608119b
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/Sanitize.php
M libraries/advisory_rules.txt
M test/classes/MessageTest.php
M url.php
Log Message:
-----------
Merge branch 'master' into master-security
Commit: bebb2fe5df0e68b5c9609d457b55bf41dedb43d0
https://github.com/phpmyadmin/phpmyadmin/commit/bebb2fe5df0e68b5c9609d457b55bf41dedb43d0
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/navigation/NavigationTree.php
M libraries/navigation/nodes/Node.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 67b538efc3e480168c8377e4bf2390120a914c07
https://github.com/phpmyadmin/phpmyadmin/commit/67b538efc3e480168c8377e4bf2390120a914c07
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M url.php
Log Message:
-----------
Send standard set of HTTP headers on redirect
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 643681ee68b0e553a8acd0a33f01ca199d797a17
https://github.com/phpmyadmin/phpmyadmin/commit/643681ee68b0e553a8acd0a33f01ca199d797a17
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Use consistent iv and encrypted text concatenation as other libs
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 9106b339334f9f40d814ea1bcd690a568726a8f5
https://github.com/phpmyadmin/phpmyadmin/commit/9106b339334f9f40d814ea1bcd690a568726a8f5
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Improve secrets splitting
- ensure it has 16 bytes
- extends it by copying content if original is too short
- correctly handle corner cases (eg. 1 byte secret)
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 024a924b38aaf87c60e9eedc86b86c5b8d9f9aba
https://github.com/phpmyadmin/phpmyadmin/commit/024a924b38aaf87c60e9eedc86b86c5b8d9f9aba
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
Log Message:
-----------
Avoid calculating strlen twice
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: d93b8736379ccc5cf0884ed9daa55ab7997b6ccb
https://github.com/phpmyadmin/phpmyadmin/commit/d93b8736379ccc5cf0884ed9daa55ab7997b6ccb
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/config/ServerConfigChecks.php
Log Message:
-----------
Move return to correct place
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f72572708f82df83d5d58639d3a2303ff15fb7cf
https://github.com/phpmyadmin/phpmyadmin/commit/f72572708f82df83d5d58639d3a2303ff15fb7cf
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/config/ServerConfigChecks.php
M libraries/plugins/auth/AuthenticationCookie.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M url.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: fd324e583ed72b21ccaca4f84ec6b0a858861ae6
https://github.com/phpmyadmin/phpmyadmin/commit/fd324e583ed72b21ccaca4f84ec6b0a858861ae6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/config/ServerConfigChecks.php
Log Message:
-----------
Revert "Move return to correct place"
This reverts commit d93b8736379ccc5cf0884ed9daa55ab7997b6ccb.
Commit: 45aedabbe62e552a0cb3173917da8406e85668f8
https://github.com/phpmyadmin/phpmyadmin/commit/45aedabbe62e552a0cb3173917da8406e85668f8
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M test/classes/plugin/auth/AuthenticationCookieTest.php
Log Message:
-----------
Fix test errors
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 35b89b7f25bd07c3c815ff9d66fc2a46eeeec017
https://github.com/phpmyadmin/phpmyadmin/commit/35b89b7f25bd07c3c815ff9d66fc2a46eeeec017
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/config/ServerConfigChecks.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 28eb84ef435bc0be8446ce62c57f438cf5bbd070
https://github.com/phpmyadmin/phpmyadmin/commit/28eb84ef435bc0be8446ce62c57f438cf5bbd070
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M ChangeLog
M libraries/Table.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: be70f0c6bf4785c4b0188071bd9f676b43de68c8
https://github.com/phpmyadmin/phpmyadmin/commit/be70f0c6bf4785c4b0188071bd9f676b43de68c8
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M ChangeLog
M libraries/Table.php
M scripts/upload-release
Log Message:
-----------
Merge branches 'QA_4_6-security' and 'master' into master-security
Commit: ff1016e504770dd334ab30fa85de11e8559eee01
https://github.com/phpmyadmin/phpmyadmin/commit/ff1016e504770dd334ab30fa85de11e8559eee01
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/create_addfield.lib.php
M normalization.php
M tbl_addfield.php
Log Message:
-----------
Limit maximal numver of fields to 4096
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3b794e0ed115334fccf8b0787f5d8d468ba3ad3d
https://github.com/phpmyadmin/phpmyadmin/commit/3b794e0ed115334fccf8b0787f5d8d468ba3ad3d
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/create_addfield.lib.php
M normalization.php
M tbl_addfield.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: c4861494e9ca7ff297c80341ea30f5b3f8a933f2
https://github.com/phpmyadmin/phpmyadmin/commit/c4861494e9ca7ff297c80341ea30f5b3f8a933f2
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M libraries/create_addfield.lib.php
Log Message:
-----------
Simplify fields number calcualtion
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 623f5b46213b8b4fda16f52017dbaec3e44e1ce3
https://github.com/phpmyadmin/phpmyadmin/commit/623f5b46213b8b4fda16f52017dbaec3e44e1ce3
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M file_echo.php
Log Message:
-----------
Remove no longer used code
It was used by old charts code to download charts.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 835958af3105d13754f3ba3c58de85dc7c25633e
https://github.com/phpmyadmin/phpmyadmin/commit/835958af3105d13754f3ba3c58de85dc7c25633e
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M ChangeLog
M libraries/DisplayResults.php
M libraries/Linter.php
M libraries/PDF.php
M libraries/plugins/schema/dia/Dia.php
M libraries/plugins/schema/eps/Eps.php
M libraries/plugins/schema/svg/Svg.php
M libraries/tracking.lib.php
M tbl_get_field.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: ec7a4cfc82bbc955307190043107390900ed5ef6
https://github.com/phpmyadmin/phpmyadmin/commit/ec7a4cfc82bbc955307190043107390900ed5ef6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-22 (Fri, 22 Jul 2016)
Changed paths:
M ChangeLog
M libraries/DisplayResults.php
M libraries/Linter.php
M libraries/PDF.php
M libraries/plugins/schema/dia/Dia.php
M libraries/plugins/schema/eps/Eps.php
M libraries/plugins/schema/svg/Svg.php
M libraries/tracking.lib.php
M tbl_get_field.php
Log Message:
-----------
Merge branches 'QA_4_6-security' and 'master' into master-security
Commit: 1e6b740e6feace1a7be44a19a980477ce62fdded
https://github.com/phpmyadmin/phpmyadmin/commit/1e6b740e6feace1a7be44a19a980477ce62fdded
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M import.php
M libraries/dbi/DBIMysql.php
M libraries/dbi/DBIMysqli.php
Log Message:
-----------
Enable LOAD DATA LOCAL INFILE only when needed
There is no need to have this feature allowed for normal SQL queries, it
can lead to leaking sensitive files from the web server. It's enough to
enable it only in LDI import plugin, where we control what queries are
executed.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f0f8f2b65e46f11ed23efe3262810132ffa2b1bf
https://github.com/phpmyadmin/phpmyadmin/commit/f0f8f2b65e46f11ed23efe3262810132ffa2b1bf
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M libraries/server_privileges.lib.php
Log Message:
-----------
Escape routine privileges listing
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: fce934bdb47b0cb28543ba2f93fab01553640d88
https://github.com/phpmyadmin/phpmyadmin/commit/fce934bdb47b0cb28543ba2f93fab01553640d88
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M import.php
M libraries/dbi/DBIMysql.php
M libraries/dbi/DBIMysqli.php
M libraries/server_privileges.lib.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: b932b94577ec7516283d765a645e29d2fb4d6d5a
https://github.com/phpmyadmin/phpmyadmin/commit/b932b94577ec7516283d765a645e29d2fb4d6d5a
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M libraries/gis/GISGeometry.php
Log Message:
-----------
Ensure GIS point coordinates are numeric
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: d3a91549be9fd63d3afe3ea542114aa72f4cd79a
https://github.com/phpmyadmin/phpmyadmin/commit/d3a91549be9fd63d3afe3ea542114aa72f4cd79a
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M libraries/session.inc.php
Log Message:
-----------
Remove file path from the session error message
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: ae23386ce94b1c53140c131f56dec3914ce9f481
https://github.com/phpmyadmin/phpmyadmin/commit/ae23386ce94b1c53140c131f56dec3914ce9f481
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M libraries/gis/GISGeometry.php
M libraries/session.inc.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 754c1c987bef11093e905dfa20b06273851647ea
https://github.com/phpmyadmin/phpmyadmin/commit/754c1c987bef11093e905dfa20b06273851647ea
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M lint.php
Log Message:
-----------
Properly mark requests to lint as AJAX request
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 9ff612a76c83f89e9e6588154fd6849e6b8e9d42
https://github.com/phpmyadmin/phpmyadmin/commit/9ff612a76c83f89e9e6588154fd6849e6b8e9d42
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M lint.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: e67e69229a1df3a26df12b1bae89065834fd85b4
https://github.com/phpmyadmin/phpmyadmin/commit/e67e69229a1df3a26df12b1bae89065834fd85b4
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-23 (Sat, 23 Jul 2016)
Changed paths:
M doc/config.rst
M index.php
M libraries/common.inc.php
M libraries/config.default.php
M libraries/config/messages.inc.php
M libraries/config/setup.forms.php
R phpinfo.php
Log Message:
-----------
Remove option to show phpinfo() ($cfg['ShowPhpInfo'])
This is really more a PHP debugging feature than anything related to
phpMyAdmin. If user wants to debug, it's as simple a creating file with
one line of php code.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3ec8ba8693589b434283bb89489e5bf4908bfa79
https://github.com/phpmyadmin/phpmyadmin/commit/3ec8ba8693589b434283bb89489e5bf4908bfa79
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M doc/config.rst
M index.php
M libraries/common.inc.php
M libraries/config.default.php
M libraries/config/messages.inc.php
M libraries/config/setup.forms.php
R phpinfo.php
Log Message:
-----------
Merge pull request #179 from phpmyadmin/remove-phpinfo
Remove option to show phpinfo() ($cfg['ShowPhpInfo'])
Commit: c868852ae498893aa1717108b72e869146eaed49
https://github.com/phpmyadmin/phpmyadmin/commit/c868852ae498893aa1717108b72e869146eaed49
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M ChangeLog
M libraries/Config.php
M libraries/VersionInformation.php
M libraries/server_privileges.lib.php
M user_password.php
M view_create.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 99492bf42aee13181ec6b796c5d13db3ee915b94
https://github.com/phpmyadmin/phpmyadmin/commit/99492bf42aee13181ec6b796c5d13db3ee915b94
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M ChangeLog
M libraries/core.lib.php
M libraries/session.inc.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/auth/AuthenticationHttpTest.php
M test/classes/plugin/auth/AuthenticationSignonTest.php
M test/libraries/core/PMA_headerLocation_test.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: f5015c2ea30841f1541cb99e58630baab95925b6
https://github.com/phpmyadmin/phpmyadmin/commit/f5015c2ea30841f1541cb99e58630baab95925b6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M ChangeLog
M doc/config.rst
M index.php
M libraries/Config.php
M libraries/VersionInformation.php
M libraries/common.inc.php
M libraries/config.default.php
M libraries/config/messages.inc.php
M libraries/config/setup.forms.php
M libraries/core.lib.php
M libraries/server_privileges.lib.php
M libraries/session.inc.php
R phpinfo.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/auth/AuthenticationHttpTest.php
M test/classes/plugin/auth/AuthenticationSignonTest.php
M test/libraries/core/PMA_headerLocation_test.php
M user_password.php
M view_create.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 6e49998555bcc15238a840c773aa94220754f4a5
https://github.com/phpmyadmin/phpmyadmin/commit/6e49998555bcc15238a840c773aa94220754f4a5
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M doc/config.rst
M scripts/create-release.sh
M scripts/upload-release
M test/libraries/core/PMA_headerLocation_test.php
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 9f64b31fccd588f5534ec7cca1de42f11c202888
https://github.com/phpmyadmin/phpmyadmin/commit/9f64b31fccd588f5534ec7cca1de42f11c202888
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M ChangeLog
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 5e0843a6eb80a2b22ef7928ee512dcfb976fb5e8
https://github.com/phpmyadmin/phpmyadmin/commit/5e0843a6eb80a2b22ef7928ee512dcfb976fb5e8
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M ChangeLog
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 27736090172617562fc4df45aa4a9ce90637ee3d
https://github.com/phpmyadmin/phpmyadmin/commit/27736090172617562fc4df45aa4a9ce90637ee3d
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 77a4d6ed9504b37d7cd26bcea26f30ecc6afdadd
https://github.com/phpmyadmin/phpmyadmin/commit/77a4d6ed9504b37d7cd26bcea26f30ecc6afdadd
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
R libraries/plugins/transformations/generator_main_class.sh
R libraries/plugins/transformations/generator_plugin.sh
A scripts/transformations_generator_main_class.sh
A scripts/transformations_generator_plugin.sh
Log Message:
-----------
Move generator scripts out of the code
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 0aa3b23b418ad7fd70e4000c740630f212bbb36a
https://github.com/phpmyadmin/phpmyadmin/commit/0aa3b23b418ad7fd70e4000c740630f212bbb36a
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
R libraries/plugins/transformations/generator_main_class.sh
R libraries/plugins/transformations/generator_plugin.sh
A scripts/transformations_generator_main_class.sh
A scripts/transformations_generator_plugin.sh
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: cc9d0f128ca51afb49f453d9327c851bcbe07f19
https://github.com/phpmyadmin/phpmyadmin/commit/cc9d0f128ca51afb49f453d9327c851bcbe07f19
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M db_central_columns.php
M libraries/DisplayResults.php
M libraries/browse_foreigners.lib.php
M libraries/controllers/server/ServerBinlogController.php
M libraries/plugins/AuthenticationPlugin.php
M libraries/plugins/auth/AuthenticationCookie.php
M templates/columns_definitions/column_name.phtml
M templates/table/search/options.phtml
M templates/table/search/options_zoom.phtml
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 690202368b6a7dd6548c6317c2a86216185b1215
https://github.com/phpmyadmin/phpmyadmin/commit/690202368b6a7dd6548c6317c2a86216185b1215
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M db_central_columns.php
M libraries/DisplayResults.php
M libraries/browse_foreigners.lib.php
M libraries/controllers/server/ServerBinlogController.php
M libraries/plugins/AuthenticationPlugin.php
M libraries/plugins/auth/AuthenticationCookie.php
M templates/columns_definitions/column_name.phtml
M templates/table/search/options.phtml
M templates/table/search/options_zoom.phtml
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: f367c6185da16d4ce237b1c8aacdbc3c117eb96b
https://github.com/phpmyadmin/phpmyadmin/commit/f367c6185da16d4ce237b1c8aacdbc3c117eb96b
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Log Message:
-----------
Merge branch 'master' into master-security
Commit: c90967071a3f43c7b53315c2595277748c1b4bed
https://github.com/phpmyadmin/phpmyadmin/commit/c90967071a3f43c7b53315c2595277748c1b4bed
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M user_password.php
Log Message:
-----------
Do not allow to set too long password
We do not accept password longer than 256 chars, so do not accept it on
password change as well.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: b6df1bd1e39a0861d9d3aabc86e2137496c90d9c
https://github.com/phpmyadmin/phpmyadmin/commit/b6df1bd1e39a0861d9d3aabc86e2137496c90d9c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths:
M user_password.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 774f0c1fefefa9b505838719c94ace9c61126bd6
https://github.com/phpmyadmin/phpmyadmin/commit/774f0c1fefefa9b505838719c94ace9c61126bd6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-27 (Wed, 27 Jul 2016)
Changed paths:
M libraries/ZipFile.php
M libraries/engines/Innodb.php
M libraries/sysinfo.lib.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 471c3377c1316a793960d4e99452990d2cefb9b1
https://github.com/phpmyadmin/phpmyadmin/commit/471c3377c1316a793960d4e99452990d2cefb9b1
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-27 (Wed, 27 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: cf41107497f8855b78f60457d3f51bb69401d476
https://github.com/phpmyadmin/phpmyadmin/commit/cf41107497f8855b78f60457d3f51bb69401d476
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-27 (Wed, 27 Jul 2016)
Changed paths:
M libraries/ZipFile.php
M libraries/engines/Innodb.php
M libraries/sysinfo.lib.php
M po/fr.po
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/th.po
M test/README.rst
Log Message:
-----------
Merge branch 'master' into master-security
Commit: c1e94052ac6c806ded4d9d64843af45a8fc30e0e
https://github.com/phpmyadmin/phpmyadmin/commit/c1e94052ac6c806ded4d9d64843af45a8fc30e0e
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-27 (Wed, 27 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 51b676c8e056cd18f2bf23521fa393282228a534
https://github.com/phpmyadmin/phpmyadmin/commit/51b676c8e056cd18f2bf23521fa393282228a534
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-27 (Wed, 27 Jul 2016)
Changed paths:
M doc/config.rst
M po/es.po
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 7e17c9fada39a449e0abc24824c7af36c75e8bb8
https://github.com/phpmyadmin/phpmyadmin/commit/7e17c9fada39a449e0abc24824c7af36c75e8bb8
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-27 (Wed, 27 Jul 2016)
Changed paths:
M doc/config.rst
M po/es.po
Log Message:
-----------
Merge branch 'master' into master-security
Commit: a68f1481d139f3be04850c7136ca28e8446489a6
https://github.com/phpmyadmin/phpmyadmin/commit/a68f1481d139f3be04850c7136ca28e8446489a6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-27 (Wed, 27 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: d31ff5a1e739d5a8b470b45960f8052d2ced1bba
https://github.com/phpmyadmin/phpmyadmin/commit/d31ff5a1e739d5a8b470b45960f8052d2ced1bba
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Changed paths:
M DCO
M README
M doc/config.rst
M doc/copyright.rst
M doc/credits.rst
M doc/faq.rst
M doc/glossary.rst
A doc/images/usergroups.png
M doc/privileges.rst
M doc/require.rst
M doc/setup.rst
M doc/transformations.rst
M libraries/config.default.php
M libraries/dbi/DBIMysqli.php
M libraries/error_report.lib.php
M libraries/iconv_wrapper.lib.php
M libraries/import.lib.php
M libraries/ip_allow_deny.lib.php
M libraries/plugins/export/ExportPhparray.php
M libraries/plugins/transformations/TEMPLATE_ABSTRACT
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
M libraries/session.inc.php
M libraries/url_generating.lib.php
M scripts/line-counts.sh
M scripts/revision-info
M setup/index.php
M test/README.rst
M test/classes/AdvisorTest.php
M test/classes/ConfigTest.php
M test/classes/DisplayResultsTest.php
M test/classes/MessageTest.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/auth/AuthenticationHttpTest.php
M test/classes/plugin/auth/AuthenticationSignonTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
M test/libraries/PMA_FormDisplay_tpl_test.php
M test/libraries/core/PMA_headerLocation_test.php
M test/selenium/TestBase.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 360b8e8a117d69bd607be6b07f01b5d28df7d038
https://github.com/phpmyadmin/phpmyadmin/commit/360b8e8a117d69bd607be6b07f01b5d28df7d038
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Changed paths:
M DCO
M README
M doc/charts.rst
M doc/config.rst
M doc/copyright.rst
M doc/credits.rst
M doc/faq.rst
M doc/glossary.rst
A doc/images/usergroups.png
M doc/privileges.rst
M doc/setup.rst
M libraries/Config.php
M libraries/URL.php
M libraries/config.default.php
M libraries/dbi/DBIMysqli.php
M libraries/error_report.lib.php
M libraries/import.lib.php
M libraries/ip_allow_deny.lib.php
M libraries/plugins/export/ExportMediawiki.php
M libraries/plugins/transformations/abs/DateFormatTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
M libraries/sysinfo.lib.php
M scripts/line-counts.sh
M scripts/revision-info
M scripts/upload-release
M setup/index.php
M test/classes/AdvisorTest.php
M test/classes/ConfigTest.php
M test/classes/DisplayResultsTest.php
M test/classes/MessageTest.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/auth/AuthenticationHttpTest.php
M test/classes/plugin/auth/AuthenticationSignonTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
M test/libraries/PMA_FormDisplay_tpl_test.php
M test/libraries/core/PMA_headerLocation_test.php
M test/selenium/TestBase.php
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 9f21a4319cd83d8f8d5e29817642b45f490fee78
https://github.com/phpmyadmin/phpmyadmin/commit/9f21a4319cd83d8f8d5e29817642b45f490fee78
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 4caa90a8324c928da3e6050f20736dbcbeaf1627
https://github.com/phpmyadmin/phpmyadmin/commit/4caa90a8324c928da3e6050f20736dbcbeaf1627
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Changed paths:
M libraries/DbSearch.php
Log Message:
-----------
Escape string when showing confirmation message
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 2a99b6d0005a5f3790942c3778c6af67054efd90
https://github.com/phpmyadmin/phpmyadmin/commit/2a99b6d0005a5f3790942c3778c6af67054efd90
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Changed paths:
M libraries/DbSearch.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: e96d0bd4616c20b8bea578fdf3bc9b5332b675c4
https://github.com/phpmyadmin/phpmyadmin/commit/e96d0bd4616c20b8bea578fdf3bc9b5332b675c4
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Changed paths:
M libraries/DbSearch.php
Log Message:
-----------
Adjust code to new code base
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 1eefa08bb05a3f857f57adad785f89c16c2d6ff8
https://github.com/phpmyadmin/phpmyadmin/commit/1eefa08bb05a3f857f57adad785f89c16c2d6ff8
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Changed paths:
M js/functions.js
M version_check.php
Log Message:
-----------
Add login and token validation to version_check
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 8dcaae5f83588b1aa65a05d3d93f408540dbf22d
https://github.com/phpmyadmin/phpmyadmin/commit/8dcaae5f83588b1aa65a05d3d93f408540dbf22d
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Changed paths:
M libraries/Response.php
Log Message:
-----------
Do not try to wrap output in case response handling is disabled
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 3e91fe55fbc9a714233c3f2fea36a2599c906c5b
https://github.com/phpmyadmin/phpmyadmin/commit/3e91fe55fbc9a714233c3f2fea36a2599c906c5b
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-28 (Thu, 28 Jul 2016)
Changed paths:
M js/functions.js
M libraries/Response.php
M version_check.php
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 0dfa2f32bf8ef815ec57ccb26c808eae13a6a663
https://github.com/phpmyadmin/phpmyadmin/commit/0dfa2f32bf8ef815ec57ccb26c808eae13a6a663
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-29 (Fri, 29 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6'
Commit: 1221b5ea4a0b5023a379ccca7db784dbe410cf3c
https://github.com/phpmyadmin/phpmyadmin/commit/1221b5ea4a0b5023a379ccca7db784dbe410cf3c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-29 (Fri, 29 Jul 2016)
Changed paths:
M ChangeLog
M libraries/DatabaseInterface.php
M libraries/Util.php
M libraries/controllers/server/ServerDatabasesController.php
M po/fi.po
M server_privileges.php
M test/classes/controllers/ServerDatabasesControllerTest.php
M themes/original/css/common.css.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: aebbb31aad30222052a147f4a0c0349dfd500cfb
https://github.com/phpmyadmin/phpmyadmin/commit/aebbb31aad30222052a147f4a0c0349dfd500cfb
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-29 (Fri, 29 Jul 2016)
Changed paths:
M ChangeLog
M doc/config.rst
M examples/openid.php
M libraries/DatabaseInterface.php
M libraries/Util.php
M libraries/common.inc.php
M libraries/controllers/server/ServerDatabasesController.php
M libraries/core.lib.php
M libraries/dbi/DBIDummy.php
M libraries/dbi/DBIExtension.php
M libraries/dbi/DBIMysql.php
M libraries/dbi/DBIMysqli.php
M libraries/replication.inc.php
M libraries/server_status_monitor.lib.php
M libraries/transformations.lib.php
M po/fi.po
M server_privileges.php
M test/classes/DatabaseInterfaceTest.php
M test/classes/controllers/ServerDatabasesControllerTest.php
M test/classes/dbi/DBIMysqlTest.php
M test/classes/dbi/DBIMysqliTest.php
M themes/original/css/common.css.php
Log Message:
-----------
Merge branch 'master' into master-security
Commit: 1f595e37e0f68c98034a0d13787787607d5f74f1
https://github.com/phpmyadmin/phpmyadmin/commit/1f595e37e0f68c98034a0d13787787607d5f74f1
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-29 (Fri, 29 Jul 2016)
Changed paths:
M libraries/replication.inc.php
Log Message:
-----------
Move hostname sanitization to correct place
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 2a7b996eac301cce1e6192c46d84fe9affc956e5
https://github.com/phpmyadmin/phpmyadmin/commit/2a7b996eac301cce1e6192c46d84fe9affc956e5
Author: Michal Čihař <michal at cihar.com>
Date: 2016-07-29 (Fri, 29 Jul 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: d621855169f7ac97c1250c7982be8c160ae056ef
https://github.com/phpmyadmin/phpmyadmin/commit/d621855169f7ac97c1250c7982be8c160ae056ef
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-01 (Mon, 01 Aug 2016)
Changed paths:
M ChangeLog
M import.php
M libraries/config/messages.inc.php
M libraries/sql.lib.php
M po/af.po
M po/ar.po
M po/az.po
M po/be.po
M po/be at latin.po
M po/bg.po
M po/bn.po
M po/br.po
M po/brx.po
M po/bs.po
M po/ca.po
M po/ckb.po
M po/cs.po
M po/cy.po
M po/da.po
M po/de.po
M po/el.po
M po/en_GB.po
M po/eo.po
M po/es.po
M po/et.po
M po/eu.po
M po/fa.po
M po/fi.po
M po/fr.po
M po/fy.po
M po/gl.po
M po/gu.po
M po/he.po
M po/hi.po
M po/hr.po
M po/hu.po
M po/hy.po
M po/ia.po
M po/id.po
M po/it.po
M po/ja.po
M po/ka.po
M po/kk.po
M po/km.po
M po/kn.po
M po/ko.po
M po/ksh.po
M po/ky.po
M po/li.po
M po/lt.po
M po/lv.po
M po/mk.po
M po/ml.po
M po/mn.po
M po/ms.po
M po/nb.po
M po/ne.po
M po/nl.po
M po/pa.po
M po/phpmyadmin.pot
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/ro.po
M po/ru.po
M po/si.po
M po/sk.po
M po/sl.po
M po/sq.po
M po/sr.po
M po/sr at latin.po
M po/sv.po
M po/ta.po
M po/te.po
M po/th.po
M po/tk.po
M po/tr.po
M po/tt.po
M po/ug.po
M po/uk.po
M po/ur.po
M po/uz.po
M po/uz at latin.po
M po/vi.po
M po/vls.po
M po/zh_CN.po
M po/zh_TW.po
M sql.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 7ef6fecb87ff4177128e48fe9ebcd16ca6f34300
https://github.com/phpmyadmin/phpmyadmin/commit/7ef6fecb87ff4177128e48fe9ebcd16ca6f34300
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-01 (Mon, 01 Aug 2016)
Changed paths:
M ChangeLog
M import.php
M libraries/URL.php
M libraries/common.inc.php
M libraries/config/messages.inc.php
M libraries/sql.lib.php
M po/af.po
M po/ar.po
M po/az.po
M po/be.po
M po/be at latin.po
M po/bg.po
M po/bn.po
M po/br.po
M po/brx.po
M po/bs.po
M po/ca.po
M po/ckb.po
M po/cs.po
M po/cy.po
M po/da.po
M po/de.po
M po/el.po
M po/en_GB.po
M po/eo.po
M po/es.po
M po/et.po
M po/eu.po
M po/fa.po
M po/fi.po
M po/fil.po
M po/fr.po
M po/fy.po
M po/gl.po
M po/gu.po
M po/he.po
M po/hi.po
M po/hr.po
M po/hu.po
M po/hy.po
M po/ia.po
M po/id.po
M po/it.po
M po/ja.po
M po/ka.po
M po/kk.po
M po/km.po
M po/kn.po
M po/ko.po
M po/ksh.po
M po/ky.po
M po/li.po
M po/lt.po
M po/lv.po
M po/mk.po
M po/ml.po
M po/mn.po
M po/ms.po
M po/nb.po
M po/ne.po
M po/nl.po
M po/pa.po
M po/phpmyadmin.pot
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/ro.po
M po/ru.po
M po/si.po
M po/sk.po
M po/sl.po
M po/sq.po
M po/sr.po
M po/sr at latin.po
M po/sv.po
M po/ta.po
M po/te.po
M po/th.po
M po/tk.po
M po/tr.po
M po/tt.po
M po/ug.po
M po/uk.po
M po/ur.po
M po/uz.po
M po/uz at latin.po
M po/vi.po
M po/vls.po
M po/zh_CN.po
M po/zh_TW.po
M sql.php
M test/classes/AdvisorTest.php
M test/classes/DbSearchTest.php
M test/classes/DisplayResultsTest.php
M test/classes/FooterTest.php
M test/classes/ThemeManagerTest.php
M test/classes/ThemeTest.php
M test/classes/URLTest.php
M test/classes/config/PageSettingsTest.php
M test/classes/plugin/auth/AuthenticationConfigTest.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/libraries/PMA_Form_Processing_test.php
M test/libraries/PMA_insert_edit_test.php
M test/libraries/PMA_server_privileges_test.php
M test/libraries/PMA_user_preferences_test.php
M test/libraries/common/PMA_getDbLink_test.php
M test/libraries/common/PMA_showMessage_test_disabled.php
Log Message:
-----------
Merge branch 'master' into master-security
Commit: a8e3e662ada9467a382c734f2ac307cb8c8f0418
https://github.com/phpmyadmin/phpmyadmin/commit/a8e3e662ada9467a382c734f2ac307cb8c8f0418
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-01 (Mon, 01 Aug 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: ef9bd20e7a1b793bf9a64b04b3c5a9e332bb80df
https://github.com/phpmyadmin/phpmyadmin/commit/ef9bd20e7a1b793bf9a64b04b3c5a9e332bb80df
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-02 (Tue, 02 Aug 2016)
Changed paths:
M ChangeLog
M doc/config.rst
M doc/privileges.rst
M po/ia.po
M po/sl.po
M user_password.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 493ece49ee378bd01beed56cea1ecd7656bec302
https://github.com/phpmyadmin/phpmyadmin/commit/493ece49ee378bd01beed56cea1ecd7656bec302
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-02 (Tue, 02 Aug 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.php
M po/it.po
M po/tr.po
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 1cd7b757bf9b930aa211c3735d161e344fe380f6
https://github.com/phpmyadmin/phpmyadmin/commit/1cd7b757bf9b930aa211c3735d161e344fe380f6
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-02 (Tue, 02 Aug 2016)
Changed paths:
M ChangeLog
M doc/config.rst
M doc/privileges.rst
M libraries/LanguageManager.php
M libraries/plugins/auth/AuthenticationCookie.php
M po/et.po
M po/ia.po
M po/it.po
A po/kab.po
M po/nl.po
M po/sl.po
M po/tr.po
M user_password.php
Log Message:
-----------
Merge branch 'master' into master-security
Commit: c2924de158632433b5229d5d51069b14d7a4af50
https://github.com/phpmyadmin/phpmyadmin/commit/c2924de158632433b5229d5d51069b14d7a4af50
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-02 (Tue, 02 Aug 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: e7d4ef2fbc8f3e83716af24941edc975d55b6554
https://github.com/phpmyadmin/phpmyadmin/commit/e7d4ef2fbc8f3e83716af24941edc975d55b6554
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-02 (Tue, 02 Aug 2016)
Changed paths:
M ChangeLog
M index.php
M js/ajax.js
M libraries/DatabaseInterface.php
M libraries/Footer.php
M libraries/advisory_rules.txt
M libraries/config/messages.inc.php
M po/af.po
M po/ar.po
M po/az.po
M po/be.po
M po/be at latin.po
M po/bg.po
M po/bn.po
M po/br.po
M po/brx.po
M po/bs.po
M po/ca.po
M po/ckb.po
M po/cs.po
M po/cy.po
M po/da.po
M po/de.po
M po/el.po
M po/en_GB.po
M po/eo.po
M po/es.po
M po/et.po
M po/eu.po
M po/fa.po
M po/fi.po
M po/fr.po
M po/fy.po
M po/gl.po
M po/gu.po
M po/he.po
M po/hi.po
M po/hr.po
M po/hu.po
M po/hy.po
M po/ia.po
M po/id.po
M po/it.po
M po/ja.po
M po/ka.po
M po/kk.po
M po/km.po
M po/kn.po
M po/ko.po
M po/ksh.po
M po/ky.po
M po/li.po
M po/lt.po
M po/lv.po
M po/mk.po
M po/ml.po
M po/mn.po
M po/ms.po
M po/nb.po
M po/ne.po
M po/nl.po
M po/pa.po
M po/phpmyadmin.pot
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/ro.po
M po/ru.po
M po/si.po
M po/sk.po
M po/sl.po
M po/sq.po
M po/sr.po
M po/sr at latin.po
M po/sv.po
M po/ta.po
M po/te.po
M po/th.po
M po/tk.po
M po/tr.po
M po/tt.po
M po/ug.po
M po/uk.po
M po/ur.po
M po/uz.po
M po/uz at latin.po
M po/vi.po
M po/vls.po
M po/zh_CN.po
M po/zh_TW.po
M templates/privileges/edit_routine_privileges.phtml
M templates/table/structure/display_table_stats.phtml
M themes/original/css/common.css.php
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 12873604cbc248c5b969c9cfafaa6691a4c7bfba
https://github.com/phpmyadmin/phpmyadmin/commit/12873604cbc248c5b969c9cfafaa6691a4c7bfba
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-02 (Tue, 02 Aug 2016)
Changed paths:
M ChangeLog
M doc/credits.rst
M index.php
M js/ajax.js
M libraries/Footer.php
M libraries/advisory_rules.txt
M libraries/config/messages.inc.php
M po/af.po
M po/ar.po
M po/az.po
M po/be.po
M po/be at latin.po
M po/bg.po
M po/bn.po
M po/br.po
M po/brx.po
M po/bs.po
M po/ca.po
M po/ckb.po
M po/cs.po
M po/cy.po
M po/da.po
M po/de.po
M po/el.po
M po/en_GB.po
M po/eo.po
M po/es.po
M po/et.po
M po/eu.po
M po/fa.po
M po/fi.po
M po/fr.po
M po/fy.po
M po/gl.po
M po/gu.po
M po/he.po
M po/hi.po
M po/hr.po
M po/hu.po
M po/hy.po
M po/ia.po
M po/id.po
M po/it.po
M po/ja.po
M po/ka.po
M po/kk.po
M po/km.po
M po/kn.po
M po/ko.po
M po/ksh.po
M po/ky.po
M po/li.po
M po/lt.po
M po/lv.po
M po/mk.po
M po/ml.po
M po/mn.po
M po/ms.po
M po/nb.po
M po/ne.po
M po/nl.po
M po/pa.po
M po/phpmyadmin.pot
M po/pl.po
M po/pt.po
M po/pt_BR.po
M po/ro.po
M po/ru.po
M po/si.po
M po/sk.po
M po/sl.po
M po/sq.po
M po/sr.po
M po/sr at latin.po
M po/sv.po
M po/ta.po
M po/te.po
M po/th.po
M po/tk.po
M po/tr.po
M po/tt.po
M po/ug.po
M po/uk.po
M po/ur.po
M po/uz.po
M po/uz at latin.po
M po/vi.po
M po/vls.po
M po/zh_CN.po
M po/zh_TW.po
M templates/privileges/edit_routine_privileges.phtml
M templates/table/structure/display_table_stats.phtml
M themes/original/css/common.css.php
Log Message:
-----------
Merge branch 'master' into master-security
Commit: d788c8dcd4c82dc4205df6e1df04748bbc3ff7df
https://github.com/phpmyadmin/phpmyadmin/commit/d788c8dcd4c82dc4205df6e1df04748bbc3ff7df
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-02 (Tue, 02 Aug 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 2ec1f50d4580b4d2c22e39f908efa1cd5688b890
https://github.com/phpmyadmin/phpmyadmin/commit/2ec1f50d4580b4d2c22e39f908efa1cd5688b890
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-03 (Wed, 03 Aug 2016)
Changed paths:
M ChangeLog
M libraries/controllers/database/DatabaseStructureController.php
M libraries/mult_submits.lib.php
M libraries/transformations.lib.php
M po/et.po
M po/it.po
M po/ja.po
M po/nl.po
Log Message:
-----------
Merge branch 'QA_4_6' into QA_4_6-security
Commit: 95d4f57fedef2498c9b7e55bb0eac920250dc7e2
https://github.com/phpmyadmin/phpmyadmin/commit/95d4f57fedef2498c9b7e55bb0eac920250dc7e2
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-03 (Wed, 03 Aug 2016)
Changed paths:
M ChangeLog
M libraries/controllers/database/DatabaseStructureController.php
M libraries/mult_submits.lib.php
M libraries/transformations.lib.php
M po/et.po
M po/ia.po
M po/it.po
M po/ja.po
M po/kab.po
M po/nl.po
M scripts/create-release.sh
Log Message:
-----------
Merge branch 'master' into master-security
Commit: b274309ce51a59d9e42a717569ab3ef589bf7529
https://github.com/phpmyadmin/phpmyadmin/commit/b274309ce51a59d9e42a717569ab3ef589bf7529
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-03 (Wed, 03 Aug 2016)
Log Message:
-----------
Merge branch 'QA_4_6-security' into master-security
Commit: 0f6b76b57844af5b43675c9ff5489d1a3a6baa63
https://github.com/phpmyadmin/phpmyadmin/commit/0f6b76b57844af5b43675c9ff5489d1a3a6baa63
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2016-08-16 (Tue, 16 Aug 2016)
Changed paths:
M .scrutinizer.yml
M build.xml
M changelog.php
M config.sample.inc.php
M doc/config.rst
M doc/setup.rst
M examples/openid.php
M examples/signon.php
R examples/swekey.sample.conf
M file_echo.php
M import.php
M index.php
M js/functions.js
M js/tbl_relation.js
M libraries/DbSearch.php
M libraries/Error.php
M libraries/File.php
M libraries/RecentFavoriteTable.php
M libraries/Response.php
M libraries/Table.php
M libraries/Util.php
M libraries/VersionInformation.php
M libraries/common.inc.php
M libraries/config.default.php
M libraries/config/ServerConfigChecks.php
M libraries/config/Validator.php
M libraries/config/messages.inc.php
M libraries/config/setup.forms.php
M libraries/core.lib.php
M libraries/create_addfield.lib.php
M libraries/db_designer.lib.php
M libraries/dbi/DBIMysql.php
M libraries/dbi/DBIMysqli.php
M libraries/display_export.lib.php
M libraries/display_git_revision.lib.php
M libraries/engines/Pbxt.php
M libraries/error_report.lib.php
M libraries/file_listing.lib.php
M libraries/gis/GISGeometry.php
M libraries/ip_allow_deny.lib.php
M libraries/navigation/NavigationTree.php
M libraries/navigation/nodes/Node.php
M libraries/navigation/nodes/NodeDatabase.php
M libraries/plugin_interface.lib.php
M libraries/plugins/auth/AuthenticationCookie.php
R libraries/plugins/auth/swekey/authentication.inc.php
R libraries/plugins/auth/swekey/musbe-ca.crt
R libraries/plugins/auth/swekey/swekey.auth.lib.php
R libraries/plugins/auth/swekey/swekey.php
M libraries/plugins/export/ExportMediawiki.php
M libraries/plugins/export/ExportPhparray.php
M libraries/plugins/export/ExportSql.php
M libraries/plugins/export/ExportXml.php
M libraries/plugins/import/ImportShp.php
M libraries/plugins/schema/ExportRelationSchema.php
M libraries/plugins/transformations/abs/FormattedTransformationsPlugin.php
M libraries/plugins/transformations/abs/ImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/ImageUploadTransformationsPlugin.php
M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
M libraries/plugins/transformations/abs/RegexValidationTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
R libraries/plugins/transformations/generator_main_class.sh
R libraries/plugins/transformations/generator_plugin.sh
M libraries/pmd_common.php
M libraries/relation.lib.php
M libraries/replication.inc.php
M libraries/replication_gui.lib.php
M libraries/sanitizing.lib.php
M libraries/server_privileges.lib.php
M libraries/server_status_variables.lib.php
M libraries/server_user_groups.lib.php
M libraries/session.inc.php
M libraries/tracking.lib.php
M libraries/zip_extension.lib.php
M lint.php
M normalization.php
R phpinfo.php
M phpunit.xml.dist
A scripts/transformations_generator_main_class.sh
A scripts/transformations_generator_plugin.sh
M tbl_addfield.php
M templates/list/item.phtml
M templates/server/databases/create.phtml
M templates/table/gis_visualization/gis_visualization.phtml
M templates/table/search/zoom_result_form.phtml
M templates/table/structure/display_structure.phtml
M test/classes/DisplayResultsTest.php
M test/classes/engines/PbxtTest.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/export/ExportPhparrayTest.php
M test/classes/plugin/export/ExportXmlTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
M test/libraries/PMA_ip_allow_deny_test.php
M test/libraries/PMA_zip_extension_test.php
A test/libraries/core/PMA_isAllowedDomain_test.php
A test/libraries/core/PMA_safeUnserialize_test.php
A test/libraries/core/PMA_sanitizeMySQLHost_test.php
M themes.php
M transformation_wrapper.php
M url.php
M user_password.php
M version_check.php
Log Message:
-----------
Merge remote-tracking branch 'security/QA_4_6-security' into QA_4_6
Commit: b9a6a9993e175ff13375462333ce1139095d01e1
https://github.com/phpmyadmin/phpmyadmin/commit/b9a6a9993e175ff13375462333ce1139095d01e1
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2016-08-16 (Tue, 16 Aug 2016)
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/Config.php
Log Message:
-----------
Release 4.6.4
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: bd403cdbd2162db2f80b09e8751596a1f8b4b32d
https://github.com/phpmyadmin/phpmyadmin/commit/bd403cdbd2162db2f80b09e8751596a1f8b4b32d
Author: Axel Rindle <axel.rindle at gmx.de>
Date: 2016-08-17 (Wed, 17 Aug 2016)
Changed paths:
M po/de.po
Log Message:
-----------
Translated using Weblate (German)
Currently translated at 100.0% (3214 of 3214 strings)
[CI skip]
Commit: 0c3dac812ce739a96d554fbb4a20b37418255fc8
https://github.com/phpmyadmin/phpmyadmin/commit/0c3dac812ce739a96d554fbb4a20b37418255fc8
Author: Weblate <noreply at weblate.org>
Date: 2016-08-17 (Wed, 17 Aug 2016)
Changed paths:
M .scrutinizer.yml
M ChangeLog
M README
M build.xml
M changelog.php
M config.sample.inc.php
M doc/conf.py
M doc/config.rst
M doc/setup.rst
M examples/openid.php
M examples/signon.php
R examples/swekey.sample.conf
M file_echo.php
M import.php
M index.php
M js/functions.js
M js/tbl_relation.js
M libraries/Config.php
M libraries/DbSearch.php
M libraries/Error.php
M libraries/File.php
M libraries/RecentFavoriteTable.php
M libraries/Response.php
M libraries/Table.php
M libraries/Util.php
M libraries/VersionInformation.php
M libraries/common.inc.php
M libraries/config.default.php
M libraries/config/ServerConfigChecks.php
M libraries/config/Validator.php
M libraries/config/messages.inc.php
M libraries/config/setup.forms.php
M libraries/core.lib.php
M libraries/create_addfield.lib.php
M libraries/db_designer.lib.php
M libraries/dbi/DBIMysql.php
M libraries/dbi/DBIMysqli.php
M libraries/display_export.lib.php
M libraries/display_git_revision.lib.php
M libraries/engines/Pbxt.php
M libraries/error_report.lib.php
M libraries/file_listing.lib.php
M libraries/gis/GISGeometry.php
M libraries/ip_allow_deny.lib.php
M libraries/navigation/NavigationTree.php
M libraries/navigation/nodes/Node.php
M libraries/navigation/nodes/NodeDatabase.php
M libraries/plugin_interface.lib.php
M libraries/plugins/auth/AuthenticationCookie.php
R libraries/plugins/auth/swekey/authentication.inc.php
R libraries/plugins/auth/swekey/musbe-ca.crt
R libraries/plugins/auth/swekey/swekey.auth.lib.php
R libraries/plugins/auth/swekey/swekey.php
M libraries/plugins/export/ExportMediawiki.php
M libraries/plugins/export/ExportPhparray.php
M libraries/plugins/export/ExportSql.php
M libraries/plugins/export/ExportXml.php
M libraries/plugins/import/ImportShp.php
M libraries/plugins/schema/ExportRelationSchema.php
M libraries/plugins/transformations/abs/FormattedTransformationsPlugin.php
M libraries/plugins/transformations/abs/ImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/ImageUploadTransformationsPlugin.php
M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
M libraries/plugins/transformations/abs/RegexValidationTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
R libraries/plugins/transformations/generator_main_class.sh
R libraries/plugins/transformations/generator_plugin.sh
M libraries/pmd_common.php
M libraries/relation.lib.php
M libraries/replication.inc.php
M libraries/replication_gui.lib.php
M libraries/sanitizing.lib.php
M libraries/server_privileges.lib.php
M libraries/server_status_variables.lib.php
M libraries/server_user_groups.lib.php
M libraries/session.inc.php
M libraries/tracking.lib.php
M libraries/zip_extension.lib.php
M lint.php
M normalization.php
R phpinfo.php
M phpunit.xml.dist
A scripts/transformations_generator_main_class.sh
A scripts/transformations_generator_plugin.sh
M tbl_addfield.php
M templates/list/item.phtml
M templates/server/databases/create.phtml
M templates/table/gis_visualization/gis_visualization.phtml
M templates/table/search/zoom_result_form.phtml
M templates/table/structure/display_structure.phtml
M test/classes/DisplayResultsTest.php
M test/classes/engines/PbxtTest.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/export/ExportPhparrayTest.php
M test/classes/plugin/export/ExportXmlTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
M test/libraries/PMA_ip_allow_deny_test.php
M test/libraries/PMA_zip_extension_test.php
A test/libraries/core/PMA_isAllowedDomain_test.php
A test/libraries/core/PMA_safeUnserialize_test.php
A test/libraries/core/PMA_sanitizeMySQLHost_test.php
M themes.php
M transformation_wrapper.php
M url.php
M user_password.php
M version_check.php
Log Message:
-----------
Merge remote-tracking branch 'origin/QA_4_6' into QA_4_6
Commit: b3d8ebad3fc2dcea89e87c0a77bb0cb84f76cec3
https://github.com/phpmyadmin/phpmyadmin/commit/b3d8ebad3fc2dcea89e87c0a77bb0cb84f76cec3
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2016-08-16 (Tue, 16 Aug 2016)
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/Config.php
Log Message:
-----------
Prepare for 4.6.5
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 52f23338a82d910a1c1869602796f7ec006a6949
https://github.com/phpmyadmin/phpmyadmin/commit/52f23338a82d910a1c1869602796f7ec006a6949
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-17 (Wed, 17 Aug 2016)
Changed paths:
M changelog.php
M config.sample.inc.php
M doc/config.rst
M doc/setup.rst
M examples/openid.php
M examples/signon.php
M import.php
M index.php
M js/functions.js
M js/tbl_relation.js
M libraries/DbSearch.php
M libraries/Error.php
M libraries/File.php
M libraries/Logging.php
M libraries/RecentFavoriteTable.php
M libraries/Response.php
M libraries/Sanitize.php
M libraries/Table.php
M libraries/Util.php
M libraries/VersionInformation.php
M libraries/common.inc.php
M libraries/config.default.php
M libraries/config/ServerConfigChecks.php
M libraries/config/Validator.php
M libraries/config/messages.inc.php
M libraries/config/setup.forms.php
M libraries/core.lib.php
M libraries/create_addfield.lib.php
M libraries/db_designer.lib.php
M libraries/dbi/DBIMysql.php
M libraries/dbi/DBIMysqli.php
M libraries/display_export.lib.php
M libraries/display_git_revision.lib.php
M libraries/engines/Pbxt.php
M libraries/error_report.lib.php
M libraries/file_listing.lib.php
M libraries/gis/GISGeometry.php
M libraries/ip_allow_deny.lib.php
M libraries/navigation/NavigationTree.php
M libraries/navigation/nodes/Node.php
M libraries/navigation/nodes/NodeDatabase.php
M libraries/plugin_interface.lib.php
M libraries/plugins/auth/AuthenticationCookie.php
M libraries/plugins/export/ExportMediawiki.php
M libraries/plugins/export/ExportPhparray.php
M libraries/plugins/export/ExportSql.php
M libraries/plugins/export/ExportXml.php
M libraries/plugins/import/ImportShp.php
M libraries/plugins/schema/ExportRelationSchema.php
M libraries/plugins/transformations/abs/FormattedTransformationsPlugin.php
M libraries/plugins/transformations/abs/ImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/ImageUploadTransformationsPlugin.php
M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
M libraries/plugins/transformations/abs/RegexValidationTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
R libraries/plugins/transformations/generator_main_class.sh
R libraries/plugins/transformations/generator_plugin.sh
M libraries/pmd_common.php
M libraries/relation.lib.php
M libraries/replication.inc.php
M libraries/replication_gui.lib.php
M libraries/server_privileges.lib.php
M libraries/server_status_variables.lib.php
M libraries/server_user_groups.lib.php
M libraries/session.inc.php
M libraries/tracking.lib.php
M libraries/zip_extension.lib.php
M lint.php
M normalization.php
R phpinfo.php
A scripts/transformations_generator_main_class.sh
A scripts/transformations_generator_plugin.sh
M tbl_addfield.php
M templates/list/item.phtml
M templates/server/databases/create.phtml
M templates/table/gis_visualization/gis_visualization.phtml
M templates/table/search/zoom_result_form.phtml
M templates/table/structure/display_structure.phtml
M test/classes/DisplayResultsTest.php
M test/classes/engines/PbxtTest.php
M test/classes/plugin/auth/AuthenticationCookieTest.php
M test/classes/plugin/export/ExportPhparrayTest.php
M test/classes/plugin/export/ExportXmlTest.php
M test/classes/plugin/transformations/TransformationPluginsTest.php
M test/libraries/PMA_ip_allow_deny_test.php
M test/libraries/PMA_zip_extension_test.php
A test/libraries/core/PMA_isAllowedDomain_test.php
A test/libraries/core/PMA_safeUnserialize_test.php
A test/libraries/core/PMA_sanitizeMySQLHost_test.php
M themes.php
M transformation_wrapper.php
M url.php
M user_password.php
M version_check.php
Log Message:
-----------
Merge branch 'master-security'
Commit: e1952a5eefae563cd77eb519ccaca6afe2a1a2b7
https://github.com/phpmyadmin/phpmyadmin/commit/e1952a5eefae563cd77eb519ccaca6afe2a1a2b7
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-17 (Wed, 17 Aug 2016)
Changed paths:
M ChangeLog
Log Message:
-----------
Merge commit 'b9a6a9993e175ff13375462333ce1139095d01e1'
Commit: 8c9ed41badb82cf4f10f0fc0a14fe28d7cd540aa
https://github.com/phpmyadmin/phpmyadmin/commit/8c9ed41badb82cf4f10f0fc0a14fe28d7cd540aa
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-17 (Wed, 17 Aug 2016)
Log Message:
-----------
Merge commit '0c3dac812ce739a96d554fbb4a20b37418255fc8'
Commit: ee7bfa7601c4e5973bf0ff6551ccb00b4a3aaebe
https://github.com/phpmyadmin/phpmyadmin/commit/ee7bfa7601c4e5973bf0ff6551ccb00b4a3aaebe
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-17 (Wed, 17 Aug 2016)
Changed paths:
M ChangeLog
Log Message:
-----------
Merge branch 'QA_4_6'
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/26c0961df664...ee7bfa7601c4
More information about the Git
mailing list