Mailinglist Archive: opensuse-commit (1318 mails)
| < Previous | Next > |
commit phpMyAdmin
- From: root@xxxxxxx (h_root)
- Date: Sun, 6 Aug 2006 22:29:39 +0200 (CEST)
- Message-id: <20060806202939.1864F9D974@xxxxxxxxxxxxxxx>
Hello community,
here is the log from the commit of package phpMyAdmin
checked in at Sun Aug 6 22:29:36 CEST 2006.
--------
--- phpMyAdmin/phpMyAdmin.changes 2006-06-01 12:20:57.000000000 +0200
+++ phpMyAdmin/phpMyAdmin.changes 2006-08-03 15:41:33.000000000 +0200
@@ -1,0 +2,11 @@
+Thu Aug 3 14:37:26 CEST 2006 - mskibbe@xxxxxxx
+
+- update to 2.8.2.1
+ * XSS vulnerability from requests not containing a token
+ * reenabled XML option in Export
+ * added a user with password containing a backslash
+ * setup script: compatibility with security tokens
+ * setup script: detection of writable config
+ * reading the database list with MySQL wildcards
+
+-------------------------------------------------------------------
Old:
----
phpMyAdmin-2.8.1.tar.bz2
New:
----
phpMyAdmin-2.8.2.1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ phpMyAdmin.spec ++++++
--- /var/tmp/diff_new_pack.6vPEZA/_old 2006-08-06 22:29:17.000000000 +0200
+++ /var/tmp/diff_new_pack.6vPEZA/_new 2006-08-06 22:29:17.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package phpMyAdmin (Version 2.8.1)
+# spec file for package phpMyAdmin (Version 2.8.2.1)
#
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -14,12 +14,11 @@
BuildRequires: apache2-devel libapr-util1-devel pcre-devel pwgen
License: GPL
Group: Productivity/Networking/Web/Frontends
-Requires: mod_php_any php-mysql php-bz2 php-gd php-zlib php-iconv php-mcrypt php-session
+Requires: mod_php_any php-mysql php-bz2 php-gd php-zlib php-iconv php-mcrypt php-session apache2
Autoreqprov: on
-Version: 2.8.1
+Version: 2.8.2.1
Release: 1
-%define tarversion %{version}
-Source0: %{name}-%{tarversion}.tar.bz2
+Source0: %{name}-%{version}.tar.bz2
Patch1: %{name}-blowfish_secret.patch
URL: http://www.phpMyAdmin.net
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -62,7 +61,7 @@
Garvin Hicking <me@xxxxxxxxxxxx>
%prep
-%setup -q -n %{name}-%{tarversion}
+%setup -q -n %{name}-%{version}
%patch1
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
@@ -126,6 +125,14 @@
%verify(not md5 size mtime) %config(noreplace) %{serverroot}%{name}/libraries/blowfish_secret.inc.php
%changelog -n phpMyAdmin
+* Thu Aug 03 2006 - mskibbe@xxxxxxx
+- update to 2.8.2.1
+ * XSS vulnerability from requests not containing a token
+ * reenabled XML option in Export
+ * added a user with password containing a backslash
+ * setup script: compatibility with security tokens
+ * setup script: detection of writable config
+ * reading the database list with MySQL wildcards
* Thu Jun 01 2006 - postadal@xxxxxxx
- updated to 2.8.1 (bugfix-only release) [#177091]
* fixes some XSS vulnerabilities
++++++ phpMyAdmin-2.8.1.tar.bz2 -> phpMyAdmin-2.8.2.1.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/ChangeLog new/phpMyAdmin-2.8.2.1/ChangeLog
--- old/phpMyAdmin-2.8.1/ChangeLog 2006-05-20 19:16:21.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/ChangeLog 2006-08-02 22:28:10.000000000 +0200
@@ -2,12 +2,58 @@
phpMyAdmin - Changelog
----------------------
-$Id: ChangeLog,v 2.1929.2.130.2.4 2006/05/20 17:16:21 lem9 Exp $
+$Id: ChangeLog,v 2.1929.2.142.2.6 2006/08/02 20:28:10 lem9 Exp $
$Source: /cvsroot/phpmyadmin/phpMyAdmin/ChangeLog,v $
+2006-08-02 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ ### 2.8.2.1 released from MAINT_2_8_2
+
+2006-08-01 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * themes/darkblue_orange/css/theme_right.css.php, theme_left.css.php:
+ darkblue_orange was not readable, thanks to Juergen Windkiel
+ * Documentation.html: patch #1532493 + light editing from me,
+ thanks to Isaac Bennetch
+
+2006-07-28 Michal ÄihaÅ <michal@xxxxxxxxx>
+ * scripts/setup.php: Include setup from HEAD:
+ - Protect against php code input from user (bug #1530370).
+ - Implement own var_export.
+
+2006-07-26 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * libraries/common.lib.php: bug #1523784, blank page after Edit
+ in IE6 via IIS
+
+2006-07-04 Sebastian Mendel <cybot_tm@xxxxxxxxxxxxxxxxxxxxx>
+ * libraries/Config.class.php: reload default configuration if
+ config.inc.php is removed
+
+2006-06-30 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * libraries/common.lib.php: escape also single quotes
+ ### 2.8.2 released from QA_2_8
+
+2006-06-28 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * libraries/common.lib.php: escape allowed parameters from non-token
+ requests
+
+2006-06-15 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * libraries/display_export.lib.php: reenable XML option in export
+
+2006-06-02 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * Documentation.html: requirements: web browser with cookies enabled
+
+2006-05-29 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * main.php: bug #1496881, CVS link broken in main.php
+
2006-05-20 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
### 2.8.1 released from MAINT_2_8_1
+2006-05-17 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * server_privileges.php: bug #1478812, Add user (password containing
+ a backslash; also minor optimization
+
+2006-05-15 Marc Delisle <lem9@xxxxxxxxxxxxxxxxxxxxx>
+ * libraries/common.lib.php, bug #1475949, removing the default value
+
2006-05-15 Michal ÄihaÅ <michal@xxxxxxxxx>
* scripts/setup.php: Compatibility with security tokens (bug #1488453).
* scripts/setup.php: Fix detection of writable config (bug #1488447).
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/Documentation.html new/phpMyAdmin-2.8.2.1/Documentation.html
--- old/phpMyAdmin-2.8.1/Documentation.html 2006-05-20 19:16:47.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/Documentation.html 2006-08-02 18:48:53.000000000 +0200
@@ -1,6 +1,6 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en-US" lang="en-US">
-<!-- $Id: Documentation.html,v 2.205.2.17.2.1 2006/05/20 17:16:47 lem9 Exp $ -->
+<!-- $Id: Documentation.html,v 2.205.2.21.2.2 2006/08/02 16:48:53 lem9 Exp $ -->
<!--
vim: expandtab ts=4 sw=4 sts=4 tw=78
-->
@@ -9,7 +9,7 @@
<link rel="icon" href="./favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
- <title>phpMyAdmin 2.8.1 - Documentation</title>
+ <title>phpMyAdmin 2.8.2.1 - Documentation</title>
<link rel="stylesheet" type="text/css" href="docs.css" />
</head>
@@ -33,7 +33,7 @@
<hr noshade="noshade" width="100%" />
</div>
-<h1>phpMyAdmin 2.8.1 Documentation</h1>
+<h1>phpMyAdmin 2.8.2.1 Documentation</h1>
<!-- TOP MENU -->
@@ -53,7 +53,7 @@
</li>
<li>
Documentation version:
- <i>$Id: Documentation.html,v 2.205.2.17.2.1 2006/05/20 17:16:47 lem9 Exp $</i>
+ <i>$Id: Documentation.html,v 2.205.2.21.2.2 2006/08/02 16:48:53 lem9 Exp $</i>
</li>
</ul>
@@ -85,7 +85,7 @@
phase but every other action that you do in phpMyAdmin.
</li>
<li>
- a web-browser (doh!).
+ <b>Web browser</b> with cookies enabled.
</li>
</ul>
@@ -131,12 +131,20 @@
</li>
</ul>
-<p class="footnote">
- (*)
- phpMyAdmin can compress (Zip, GZip -RFC 1952- or Bzip2 formats) dumps
- and CSV exports if you use PHP4 >= 4.0.4 with Zlib support
- (<tt>--with-zlib</tt>) and/or Bzip2 support (<tt>--with-bz2</tt>).
-</p>
+<h4>A word about users:</h4>
+<p> Many people have difficulty
+ understanding the concept of user management with regards to phpMyAdmin. When
+ a user logs in to phpMyAdmin, that username and password are passed directly
+ to MySQL. phpMyAdmin does no account management on its own (other than
+ allowing one to manipulate the MySQL user account information); all users
+ must be valid MySQL users.</p>
+
+<p class="footnote" id="footnote_1">
+ <sup>1)</sup> phpMyAdmin can compress (Zip, GZip -RFC 1952- or Bzip2 formats)
+ dumps and <abbr title="comma seperated values">CSV</abbr> exports if you use
+ PHP with Zlib support (<tt>--with-zlib</tt>) and/or Bzip2 support
+ (<tt>--with-bz2</tt>). Proper support may also need changes in
+ <tt>php.ini</tt>.</p>
<!-- INSTALLATION -->
@@ -170,31 +178,94 @@
from the owner of other scripts will be a
problem). See <a href="#faq4_2">FAQ 4.2</a> and
<a href="#faq1_26">FAQ 1.26</a> for suggestions.</li>
- <li> Create the file <tt>config.inc.php</tt> in the main (top-level)
- directory (the one that contains <tt>index.php</tt>).
- You can use setup script provided in distribution (<a
- href="scripts/setup.php">scripts/setup.php</a>) to create basics of
- config file. See <a href="#setup_script">Setup</a> chapter for
- details. If you don't like setup or want to fine tune resulting
- configuration, open (or create in case of starting from scratch)
- <tt>config.inc.php</tt> in your favorite editor and fill in there
- values for host, user, password and authentication mode to fit your
- environment. Look at <tt>libraries/config.default.php</tt> how these
- fields should be defined. Here, "host" means the MySQL
- server. Have a look at <a href="#config">Configuration section</a>
- for an explanation of all values. Please also read the remaining of
- this Installation section for information about authentication modes
- and the linked-tables infrastructure.</li> <li> If you are using the
+
+ <li>Now you must configure your installation. There are two methods that
+ can be used. Traditionally, users have hand-edited a copy of
+ config.inc.php, but now a wizard-style setup script is provided for
+ those who prefer a graphical installation. Creating a config.inc.php is
+ still a quick way to get started and needed for some advanced features.
+ <ul><li>To manually create the file, simply use your text editor to
+ create the file <tt>config.inc.php</tt> in the main (top-level)
+ phpMyAdmin directory (the one that contains <tt>index.php</tt>).
+ phpMyAdmin first loads <tt>libraries/config.default.php</tt>
+ and then overrides those values with anything found in
+ <tt>config.inc.php</tt>. If the default value is okay for a particular
+ setting, there is no need to include it in <tt>config.inc.php</tt>.
+ You'll need a few directives to get going, a simple configuration
+ may look like this:
+<pre>
+<?php
+$cfg['blowfish_secret'] = 'ba17c1ec07d65003'; // use here a value of your choice
+
+$i=0;
+$i++;
+$cfg['Servers'][$i]['auth_type'] = 'cookie';
+?>
+</pre>
+ Or, if you prefer to not be prompted every time you log in:
+<pre>
+<?php
+
+$i=0;
+$i++;
+$cfg['Servers'][$i]['user'] = 'root';
+$cfg['Servers'][$i]['password'] = 'cbb74bc'; // use here your password
+?>
+</pre>
+ For a full explanation of possible configuration values, see the
+ <a href="#config">Configuration Section</a> of this document.</li>
+ <li id="setup_script">Instead of manually editing
+ <tt>config.inc.php</tt>, you can use the
+ <a href="scripts/setup.php">Setup Script</a>. First you must
+ manually create a folder <tt>config</tt> in the phpMyAdmin
+ directory. This is a security measure. On a Linux/Unix system you
+ can use the following commands:
+<pre>
+cd phpMyAdmin
+mkdir config # create directory for saving
+chmod o+rw config # give it world writable permissions
+</pre>
+ And to edit an existing configuration, copy it over first:
+<pre>
+cp config.inc.php config/ # copy current configuration for editing
+chmod o+w config/config.inc.php # give it world writable permissions
+</pre>
+ On other platforms, simply create the folder and ensure that your
+ web server has read and write access to it. <a href="#faq1_26">FAQ
+ 1.26</a> can help with this.<br /><br />
+
+ Next, open <tt><a href="scripts/setup.php">scripts/setup.php</a>
+ </tt>in your browser. Note that <strong>changes are not saved to
+ disk until explicitly choose <tt>Save</tt></strong> from the
+ <i>Configuration</i> area of the screen. Normally the script saves
+ the new config.inc.php to the <tt>config/</tt> directory, but if
+ the webserver does not have the proper permissions you may see the
+ error "Cannot load or save configuration." Ensure that the <tt>
+ config/</tt> directory exists and has the proper permissions -
+ or use the <tt>Download</tt> link to save the config file locally
+ and upload (via FTP or some similar means) to the proper location.<br /><br />
+
+ Once the file has been saved, it must be moved out of the <tt>
+ config/</tt> directory and the permissions must be reset, again
+ as a security measure:
+<pre>
+mv config/config.inc.php . # move file to current directory
+chmod o-rw config.inc.php # remove world read and write permissions
+</pre>
+ Now the file is ready to be used. You can choose to review or edit
+ the file with your favorite editor, if you prefer to set some
+ advanced options which the setup script does not provide.</li></ul></li>
+ <li> If you are using the
<tt>auth_type</tt> configuration directive, it is suggested that you protect the phpMyAdmin
installation directory, for example with HTTP–AUTH in a
<i>.htaccess</i> file. See the <a href="#faqmultiuser">
multi–user sub–section</a> of this FAQ for additional
information, especially <a href="#faq4_4">FAQ 4.4</a>.</li>
- <li> Open the file
- <i><www.your-host.com>/<your-install-dir>/index.php</i>
- in your browser. phpMyAdmin should now display a welcome screen
- and your databases, or a login dialog if using HTTP or cookie
- authentication mode.</li>
+ <li>Open the <a href="index.php">main phpMyAdmin directory</a>
+ in your browser. phpMyAdmin should now display a welcome screen
+ and your databases, or a login dialog if using
+ <abbr title="HyperText Transfer Protocol">HTTP</abbr> or cookie
+ authentication mode.</li>
<li> You should deny access to the <tt>libraries</tt> subfolder in your webserver
configuration. For Apache you can use supplied .htaccess file in that
folder, for other webservers, you should configure this yourself.
@@ -202,56 +273,6 @@
side scripting vulnerabilities that might happen to be found in that
code.</li>
</ol>
-<a name="setup_script"></a>
-<h3>Setup script usage</h3>
- <p>
- Since 2.8.0 phpMyAdmin comes with a setup script that can help you with
- creating configuration. This script is located in <tt>scripts</tt> folder: <a
- href="scripts/setup.php">scripts/setup.php</a>. Its usage is quite
-simple. You follow the dialogs and this script prepares in memory the
-configuration directives. You then have two choices for saving the
-configuration file:
- </p>
- <ol>
- <li>Download it to your local workstation, then upload (for example
- with ftp) to your main phpMyAdmin directory. In this case, you
- don't have to prepare a special <tt>config</tt> directory, so
- no further actions are necessary.</li>
- <li>Save the file to your webserver into <tt>config</tt> directory.
- </li>
- </ol>
- <p>
- For saving file on webserver, or loading
- previous configuration you have to create <tt>config</tt> directory in
- phpMyAdmin's top level directory and make it writable to web server. For
- loading previous configuration, place it there (and make sure it has write
- permissions for webserver). On a Linux/UNIX server you can use the
- following commands:
- </p>
- <pre>
- cd phpMyAdmin
- mkdir config # create directory for saving
- chmod o+rw config # give it world writable permissions
- # if you want to edit existing configuration:
- cp config.inc.php config/ # copy current configuration
- chmod o+w config/config.inc.php # give it world writable permissions
- </pre>
- <p>On a Windows system, create a <tt>config</tt> in the main phpMyAdmin
- directory and ensure that your web server has read/write access to it.
- <a href="#faq1_26">FAQ 1.26</a> can help you about this. If you already have
- an existing <tt>config.inc.php</tt> in your main directory, copy it to the
- newly created <tt>config</tt> directory.
- </p>
- <p>
- Then you can open <tt>scripts/setup.php</tt> in your browser and perform
- setup. After saving your configuration move generated configuration to top
- level directory and delete created <tt>config</tt> directory. Do not
- forget to remove world write permissions on <tt>config.inc.php</tt>!
- </p>
- <p>
- Please note that it does not allow to configure everything, so for some
- additional features you still need to manually edit the configuration file.
- </p>
<a name="linked-tables"></a>
<h3>Linked-tables infrastructure</h3>
@@ -286,16 +307,19 @@
</p>
<h3>Upgrading from an older version</h3>
-<p>
- Just copy <tt>config.inc.php</tt> from previous installation into a
- newly unpacked one. If your previous phpMyAdmin version was 2.3.0 or
- older, some tweaking may be required because, as of 2.7.0, using those
- old config files is no longer supported.
- <br /> <br />
- You should <strong>not</strong> copy <tt>libraries/config.default.php</tt> over
- <tt>config.inc.php</tt> because the default configuration file
- is version-specific.
-</p>
+
+<p> Simply copy <i>./config.inc.php</i> from your previous installation into the newly
+ unpacked one. Configuration files from very old versions (2.3.0 or older) may
+ require some tweaking as some options have been changed or removed.</p>
+
+<p> You should <strong>not</strong> copy <tt>libraries/config.default.php</tt>
+ over <tt>config.inc.php</tt> because the default configuration file
+ is version-specific.</p>
+
+<p> If you have upgraded your MySQL server from a version older than 4.1.2 to
+ version 4.1.2 or newer and if you use the pmadb/linked table infrastructure,
+ you should run the SQL script found in
+ <tt>scripts/upgrade_tables_mysql_4_1_2+.sql</tt>.</p>
<h3>Using authentication modes</h3>
<ul>
@@ -4116,9 +4140,9 @@
<ol>
<li>
fetch the current CVS tree over anonymous CVS:<br />
- <tt>cvs -d:pserver:anonymous@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/cvsroot/phpmyadmin login</tt><br />
+ <tt>cvs -d:pserver:anonymous@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/cvsroot/phpmyadmin login</tt><br />
[Password: simply press the Enter key]<br />
- <tt>cvs -z3 -d:pserver:anonymous@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/cvsroot/phpmyadmin checkout phpMyAdmin</tt><br />
+ <tt>cvs -z3 -d:pserver:anonymous@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/cvsroot/phpmyadmin checkout phpMyAdmin</tt><br />
[This will create a new sub-directory named phpMyAdmin]
</li>
<li>
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/Documentation.txt new/phpMyAdmin-2.8.2.1/Documentation.txt
--- old/phpMyAdmin-2.8.1/Documentation.txt 2006-05-20 19:33:32.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/Documentation.txt 2006-08-02 22:30:26.000000000 +0200
@@ -5,15 +5,15 @@
Transformations - FAQ - Developers - Credits - Translators
-------------------------------------------------------------------------------
-phpMyAdmin 2.8.1 Documentation
+phpMyAdmin 2.8.2.1 Documentation
* SourceForge phpMyAdmin project page [ http://www.phpmyadmin.net/ ]
* Local documents:
+ Version history: ChangeLog
+ General notes: README
+ License: LICENSE
- * Documentation version: $Id: Documentation.html,v 2.205.2.17.2.1 2006/05/20
- 17:16:47 lem9 Exp $
+ * Documentation version: $Id: Documentation.html,v 2.205.2.21.2.2 2006/08/02
+ 16:48:53 lem9 Exp $
Requirements
@@ -29,7 +29,7 @@
"cookie" authentication method, having the mcrypt PHP extension on your web
server accelerates not only the login phase but every other action that you
do in phpMyAdmin.
- * a web-browser (doh!).
+ * Web browser with cookies enabled.
Introduction
@@ -64,9 +64,17 @@
* support mysqli, the improved MySQL extension (see FAQ 1.17)
* communicate in 50 different languages
-(*) phpMyAdmin can compress (Zip, GZip -RFC 1952- or Bzip2 formats) dumps and
-CSV exports if you use PHP4 >= 4.0.4 with Zlib support (--with-zlib) and/or
-Bzip2 support (--with-bz2).
+A word about users:
+
+Many people have difficulty understanding the concept of user management with
+regards to phpMyAdmin. When a user logs in to phpMyAdmin, that username and
+password are passed directly to MySQL. phpMyAdmin does no account management on
+its own (other than allowing one to manipulate the MySQL user account
+information); all users must be valid MySQL users.
+
+^1) phpMyAdmin can compress (Zip, GZip -RFC 1952- or Bzip2 formats) dumps and
+CSV exports if you use PHP with Zlib support (--with-zlib) and/or Bzip2 support
+(--with-bz2). Proper support may also need changes in php.ini.
Installation
@@ -92,71 +100,89 @@
2. Ensure that all the scripts have the appropriate owner (if PHP is running
in safe mode, having some scripts with an owner different from the owner of
other scripts will be a problem). See FAQ 4.2 and FAQ 1.26 for suggestions.
- 3. Create the file config.inc.php in the main (top-level) directory (the one
- that contains index.php). You can use setup script provided in distribution
- (scripts/setup.php) to create basics of config file. See Setup chapter for
- details. If you don't like setup or want to fine tune resulting
- configuration, open (or create in case of starting from scratch)
- config.inc.php in your favorite editor and fill in there values for host,
- user, password and authentication mode to fit your environment. Look at
- libraries/config.default.php how these fields should be defined. Here,
- "host" means the MySQL server. Have a look at Configuration section for an
- explanation of all values. Please also read the remaining of this
- Installation section for information about authentication modes and the
- linked-tables infrastructure.
+ 3. Now you must configure your installation. There are two methods that can be
+ used. Traditionally, users have hand-edited a copy of config.inc.php, but
+ now a wizard-style setup script is provided for those who prefer a
+ graphical installation. Creating a config.inc.php is still a quick way to
+ get started and needed for some advanced features.
+ + To manually create the file, simply use your text editor to create the
+ file config.inc.php in the main (top-level) phpMyAdmin directory (the
+ one that contains index.php). phpMyAdmin first loads libraries/
+ config.default.php and then overrides those values with anything found
+ in config.inc.php. If the default value is okay for a particular
+ setting, there is no need to include it in config.inc.php. You'll need
+ a few directives to get going, a simple configuration may look like
+ this:
+
+ <?php
+ $cfg['blowfish_secret'] = 'ba17c1ec07d65003'; // use here a value of your choice
+
+ $i=0;
+ $i++;
+ $cfg['Servers'][$i]['auth_type'] = 'cookie';
+ ?>
+
+ Or, if you prefer to not be prompted every time you log in:
+
+ <?php
+
+ $i=0;
+ $i++;
+ $cfg['Servers'][$i]['user'] = 'root';
+ $cfg['Servers'][$i]['password'] = 'cbb74bc'; // use here your password
+ ?>
+
+ For a full explanation of possible configuration values, see the
+ Configuration Section of this document.
+ + Instead of manually editing config.inc.php, you can use the Setup
+ Script. First you must manually create a folder config in the
+ phpMyAdmin directory. This is a security measure. On a Linux/Unix
+ system you can use the following commands:
+
+ cd phpMyAdmin
+ mkdir config # create directory for saving
+ chmod o+rw config # give it world writable permissions
+
+ And to edit an existing configuration, copy it over first:
+
+ cp config.inc.php config/ # copy current configuration for editing
+ chmod o+w config/config.inc.php # give it world writable permissions
+
+ On other platforms, simply create the folder and ensure that your web
+ server has read and write access to it. FAQ 1.26 can help with this.
+
+ Next, open scripts/setup.php in your browser. Note that changes are not
+ saved to disk until explicitly choose Save from the Configuration area
+ of the screen. Normally the script saves the new config.inc.php to the
+ config/ directory, but if the webserver does not have the proper
+ permissions you may see the error "Cannot load or save configuration."
+ Ensure that the config/ directory exists and has the proper permissions
+ - or use the Download link to save the config file locally and upload
+ (via FTP or some similar means) to the proper location.
+
+ Once the file has been saved, it must be moved out of the config/
+ directory and the permissions must be reset, again as a security
+ measure:
+
+ mv config/config.inc.php . # move file to current directory
+ chmod o-rw config.inc.php # remove world read and write permissions
+
+ Now the file is ready to be used. You can choose to review or edit the
+ file with your favorite editor, if you prefer to set some advanced
+ options which the setup script does not provide.
4. If you are using the auth_type configuration directive, it is suggested
that you protect the phpMyAdmin installation directory, for example with
HTTP?AUTH in a .htaccess file. See the multi?user sub?section of this FAQ
for additional information, especially FAQ 4.4.
- 5. Open the file <www.your-host.com>/<your-install-dir>/index.php in your
- browser. phpMyAdmin should now display a welcome screen and your databases,
- or a login dialog if using HTTP or cookie authentication mode.
+ 5. Open the main phpMyAdmin directory in your browser. phpMyAdmin should now
+ display a welcome screen and your databases, or a login dialog if using
+ HTTP or cookie authentication mode.
6. You should deny access to the libraries subfolder in your webserver
configuration. For Apache you can use supplied .htaccess file in that
folder, for other webservers, you should configure this yourself. Such
configuration prevents from possible path exposure and cross side scripting
vulnerabilities that might happen to be found in that code.
-Setup script usage
-
-Since 2.8.0 phpMyAdmin comes with a setup script that can help you with
-creating configuration. This script is located in scripts folder: scripts/
-setup.php. Its usage is quite simple. You follow the dialogs and this script
-prepares in memory the configuration directives. You then have two choices for
-saving the configuration file:
-
- 1. Download it to your local workstation, then upload (for example with ftp)
- to your main phpMyAdmin directory. In this case, you don't have to prepare
- a special config directory, so no further actions are necessary.
- 2. Save the file to your webserver into config directory.
-
-For saving file on webserver, or loading previous configuration you have to
-create config directory in phpMyAdmin's top level directory and make it
-writable to web server. For loading previous configuration, place it there (and
-make sure it has write permissions for webserver). On a Linux/UNIX server you
-can use the following commands:
-
- cd phpMyAdmin
- mkdir config # create directory for saving
- chmod o+rw config # give it world writable permissions
- # if you want to edit existing configuration:
- cp config.inc.php config/ # copy current configuration
- chmod o+w config/config.inc.php # give it world writable permissions
-
-
-On a Windows system, create a config in the main phpMyAdmin directory and
-ensure that your web server has read/write access to it. FAQ 1.26 can help you
-about this. If you already have an existing config.inc.php in your main
-directory, copy it to the newly created config directory.
-
-Then you can open scripts/setup.php in your browser and perform setup. After
-saving your configuration move generated configuration to top level directory
-and delete created config directory. Do not forget to remove world write
-permissions on config.inc.php!
-
-Please note that it does not allow to configure everything, so for some
-additional features you still need to manually edit the configuration file.
-
Linked-tables infrastructure
For a whole set of new features (bookmarks, comments, SQL-history,
@@ -187,14 +213,17 @@
Upgrading from an older version
-Just copy config.inc.php from previous installation into a newly unpacked one.
-If your previous phpMyAdmin version was 2.3.0 or older, some tweaking may be
-required because, as of 2.7.0, using those old config files is no longer
-supported.
+Simply copy ./config.inc.php from your previous installation into the newly
+unpacked one. Configuration files from very old versions (2.3.0 or older) may
+require some tweaking as some options have been changed or removed.
You should not copy libraries/config.default.php over config.inc.php because
the default configuration file is version-specific.
+If you have upgraded your MySQL server from a version older than 4.1.2 to
+version 4.1.2 or newer and if you use the pmadb/linked table infrastructure,
+you should run the SQL script found in scripts/upgrade_tables_mysql_4_1_2+.sql.
+
Using authentication modes
* HTTP and cookie authentication modes are recommended in a multi-user
@@ -2702,10 +2731,10 @@
The following method is preferred for new developers:
1. fetch the current CVS tree over anonymous CVS:
- cvs -d:pserver:anonymous@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/cvsroot/phpmyadmin
+ cvs -d:pserver:anonymous@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/cvsroot/phpmyadmin
login
[Password: simply press the Enter key]
- cvs -z3 -d:pserver:anonymous@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/cvsroot/
+ cvs -z3 -d:pserver:anonymous@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/cvsroot/
phpmyadmin checkout phpMyAdmin
[This will create a new sub-directory named phpMyAdmin]
2. add your stuff
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/README new/phpMyAdmin-2.8.2.1/README
--- old/phpMyAdmin-2.8.1/README 2006-05-20 19:17:03.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/README 2006-08-01 15:58:19.000000000 +0200
@@ -1,12 +1,12 @@
-$Id: README,v 2.40.2.6.2.1 2006/05/20 17:17:03 lem9 Exp $
+$Id: README,v 2.40.2.8.2.1 2006/08/01 13:58:19 lem9 Exp $
phpMyAdmin - Readme
===================
A set of PHP-scripts to manage MySQL over the web.
- Version 2.8.1
- -------------
+ Version 2.8.2.1
+ ---------------
http://www.phpmyadmin.net/
Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller.com>
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/RELEASE-DATE-2.8.1 new/phpMyAdmin-2.8.2.1/RELEASE-DATE-2.8.1
--- old/phpMyAdmin-2.8.1/RELEASE-DATE-2.8.1 2006-05-20 19:33:32.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/RELEASE-DATE-2.8.1 1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-Sat May 20 17:33:32 UTC 2006
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/RELEASE-DATE-2.8.2.1 new/phpMyAdmin-2.8.2.1/RELEASE-DATE-2.8.2.1
--- old/phpMyAdmin-2.8.1/RELEASE-DATE-2.8.2.1 1970-01-01 01:00:00.000000000 +0100
+++ new/phpMyAdmin-2.8.2.1/RELEASE-DATE-2.8.2.1 2006-08-02 22:30:26.000000000 +0200
@@ -0,0 +1 @@
+Wed Aug 2 20:30:26 UTC 2006
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/docs.css new/phpMyAdmin-2.8.2.1/docs.css
--- old/phpMyAdmin-2.8.1/docs.css 2003-11-18 16:20:37.000000000 +0100
+++ new/phpMyAdmin-2.8.2.1/docs.css 2006-08-02 18:48:53.000000000 +0200
@@ -1,4 +1,4 @@
-/* $Id: docs.css,v 2.0 2003/11/18 15:20:37 nijel Exp $ */
+/* $Id: docs.css,v 2.0.22.1 2006/08/02 16:48:53 lem9 Exp $ */
/* Stylesheet for phpMyAdmin documentation */
/* vim: expandtab ts=4 sw=4 sts=4 tw=78
*/
@@ -127,8 +127,11 @@
}
pre {
- margin: 2px 5% 2px 5%;
-
+ margin: 1em 5% 1em 5%;
+ border: 1px solid silver;
+ color: #000000;
+ background-color: #eeeeee;
+ padding: 0.5em;
}
pre.wrap {
white-space: normal;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/lang/finnish-iso-8859-1.inc.php new/phpMyAdmin-2.8.2.1/lang/finnish-iso-8859-1.inc.php
--- old/phpMyAdmin-2.8.1/lang/finnish-iso-8859-1.inc.php 2006-03-23 18:42:12.000000000 +0100
+++ new/phpMyAdmin-2.8.2.1/lang/finnish-iso-8859-1.inc.php 2006-08-02 19:00:56.000000000 +0200
@@ -1,8 +1,8 @@
<?php
-/* $Id: finnish-iso-8859-1.inc.php,v 2.124.2.4 2006/03/23 17:42:12 lem9 Exp $ */
+/* $Id: finnish-iso-8859-1.inc.php,v 2.124.2.4.4.1 2006/08/02 17:00:56 lem9 Exp $ */
/*
- * Translated by Jouni Kähkönen, <yoneh at users.sourceforge.net>
+ * Translated by Jouni Kähkönen, <address withdrawn>
* Previous translations by Visa Kopu, <visa@xxxxxxxxxxxx>
*
* Nov 2005: Several changes and fixes done (by Jouni Kähkönen)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/lang/finnish-iso-8859-15.inc.php new/phpMyAdmin-2.8.2.1/lang/finnish-iso-8859-15.inc.php
--- old/phpMyAdmin-2.8.1/lang/finnish-iso-8859-15.inc.php 2006-03-23 18:42:12.000000000 +0100
+++ new/phpMyAdmin-2.8.2.1/lang/finnish-iso-8859-15.inc.php 2006-08-02 19:00:56.000000000 +0200
@@ -1,8 +1,8 @@
<?php
-/* $Id: finnish-iso-8859-15.inc.php,v 2.59.2.4 2006/03/23 17:42:12 lem9 Exp $ */
+/* $Id: finnish-iso-8859-15.inc.php,v 2.59.2.4.4.1 2006/08/02 17:00:56 lem9 Exp $ */
/*
- * Translated by Jouni Kähkönen, <yoneh at users.sourceforge.net>
+ * Translated by Jouni Kähkönen, <address withdrawn>
* Previous translations by Visa Kopu, <visa@xxxxxxxxxxxx>
*
* Nov 2005: Several changes and fixes done (by Jouni Kähkönen)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/lang/finnish-utf-8.inc.php new/phpMyAdmin-2.8.2.1/lang/finnish-utf-8.inc.php
--- old/phpMyAdmin-2.8.1/lang/finnish-utf-8.inc.php 2006-03-23 18:42:12.000000000 +0100
+++ new/phpMyAdmin-2.8.2.1/lang/finnish-utf-8.inc.php 2006-08-02 19:00:56.000000000 +0200
@@ -1,8 +1,8 @@
<?php
-/* $Id: finnish-utf-8.inc.php,v 2.124.2.4 2006/03/23 17:42:12 lem9 Exp $ */
+/* $Id: finnish-utf-8.inc.php,v 2.124.2.4.4.1 2006/08/02 17:00:56 lem9 Exp $ */
/*
- * Translated by Jouni Kähkönen, <yoneh at users.sourceforge.net>
+ * Translated by Jouni Kähkönen, <address withdrawn>
* Previous translations by Visa Kopu, <visa@xxxxxxxxxxxx>
*
* Nov 2005: Several changes and fixes done (by Jouni Kähkönen)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/libraries/Config.class.php new/phpMyAdmin-2.8.2.1/libraries/Config.class.php
--- old/phpMyAdmin-2.8.1/libraries/Config.class.php 2006-05-20 19:15:21.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/libraries/Config.class.php 2006-08-01 16:14:27.000000000 +0200
@@ -1,5 +1,5 @@
<?php
-/* $Id: Config.class.php,v 1.21.2.15.2.1 2006/05/20 17:15:21 lem9 Exp $ */
+/* $Id: Config.class.php,v 1.21.2.18.2.2 2006/08/01 14:14:27 lem9 Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
class PMA_Config
@@ -76,7 +76,7 @@
*/
function checkSystem()
{
- $this->set('PMA_VERSION', '2.8.1');
+ $this->set('PMA_VERSION', '2.8.2.1');
/**
* @deprecated
*/
@@ -289,14 +289,15 @@
*/
function __wakeup()
{
- if (file_exists($this->getSource()) && $this->source_mtime !== filemtime($this->getSource())
+ if (! $this->checkConfigSource()
+ || $this->source_mtime !== filemtime($this->getSource())
|| $this->default_source_mtime !== filemtime($this->default_source)
- || $this->error_config_file || $this->error_config_default_file) {
+ || $this->error_config_file
+ || $this->error_config_default_file) {
$this->settings = array();
- $this->load($this->getSource());
+ $this->load();
$this->checkSystem();
}
-
// check for https needs to be done everytime,
// as https and http uses same session so this info can not be stored
// in session
@@ -420,6 +421,11 @@
*/
function checkConfigSource()
{
+ if (! $this->getSource()) {
+ // no configuration file set at all
+ return false;
+ }
+
if ( ! file_exists($this->getSource()) ) {
// do not trigger error here
// https://sf.net/tracker/?func=detail&aid=1370269&group_id=23067&atid=377408
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/libraries/common.lib.php new/phpMyAdmin-2.8.2.1/libraries/common.lib.php
--- old/phpMyAdmin-2.8.1/libraries/common.lib.php 2006-05-14 18:46:51.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/libraries/common.lib.php 2006-08-01 16:18:28.000000000 +0200
@@ -1,5 +1,5 @@
<?php
-/* $Id: common.lib.php,v 2.266.2.23.2.1 2006/05/14 16:46:51 nijel Exp $ */
+/* $Id: common.lib.php,v 2.266.2.27.2.1 2006/08/01 14:18:28 lem9 Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
/**
@@ -1082,11 +1082,13 @@
}
} else {
session_write_close();
- if (PMA_IS_IIS) {
- header('Refresh: 0; ' . $uri);
- } else {
+ // bug #1523784, IE6 does not like 'Refresh: 0', it
+ // results in a blank page
+ //if (PMA_IS_IIS) {
+ // header('Refresh: 0; ' . $uri);
+ //} else {
header('Location: ' . $uri);
- }
+ //}
}
}
}
@@ -2584,7 +2586,9 @@
if (strtoupper($default) == 'NULL') {
$query .= ' DEFAULT NULL';
} else {
- $query .= ' DEFAULT \'' . PMA_sqlAddslashes($default) . '\'';
+ if (!empty($default) || $default == '0') {
+ $query .= ' DEFAULT \'' . PMA_sqlAddslashes($default) . '\'';
+ }
}
}
@@ -2932,6 +2936,9 @@
unset($_GET[$key]);
unset($_POST[$key]);
unset($GLOBALS[$key]);
+ } else {
+ // allowed stuff could be compromised so escape it
+ $_REQUEST[$key] = htmlspecialchars($_REQUEST[$key], ENT_QUOTES);
}
}
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/libraries/display_export.lib.php new/phpMyAdmin-2.8.2.1/libraries/display_export.lib.php
--- old/phpMyAdmin-2.8.1/libraries/display_export.lib.php 2006-01-17 18:02:30.000000000 +0100
+++ new/phpMyAdmin-2.8.2.1/libraries/display_export.lib.php 2006-06-15 22:22:56.000000000 +0200
@@ -1,5 +1,5 @@
<?php
-/* $Id: display_export.lib.php,v 2.47 2006/01/17 17:02:30 cybot_tm Exp $ */
+/* $Id: display_export.lib.php,v 2.47.2.1 2006/06/15 20:22:56 lem9 Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
// Get relations & co. status
@@ -36,7 +36,7 @@
<?php
$hide_structure = false;
$hide_sql = false;
-$hide_xml = (bool) (isset($db) && strlen($db));
+$hide_xml = (bool) ! (isset($db) && strlen($db));
if ($export_type == 'server') {
echo PMA_generate_common_hidden_inputs('', '', 1);
} elseif ($export_type == 'database') {
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/main.php new/phpMyAdmin-2.8.2.1/main.php
--- old/phpMyAdmin-2.8.1/main.php 2006-04-24 09:30:14.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/main.php 2006-05-29 18:09:30.000000000 +0200
@@ -1,5 +1,5 @@
<?php
-/* $Id: main.php,v 2.100.2.2 2006/04/24 07:30:14 nijel Exp $ */
+/* $Id: main.php,v 2.100.2.3 2006/05/29 16:09:30 lem9 Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
/**
@@ -283,7 +283,7 @@
?>
<li><bdo xml:lang="en" dir="ltr">
[<a href="changelog.php" target="_blank">ChangeLog</a>]
- [<a href="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/phpmyadmin/phpMyAdmin/";
+ [<a href="http://phpmyadmin.cvs.sourceforge.net/phpmyadmin/";
target="_blank">CVS</a>]
[<a href="http://sourceforge.net/mail/?group_id=23067";
target="_blank">Lists</a>]
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/scripts/setup.php new/phpMyAdmin-2.8.2.1/scripts/setup.php
--- old/phpMyAdmin-2.8.1/scripts/setup.php 2006-05-15 09:57:09.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/scripts/setup.php 2006-08-01 16:01:37.000000000 +0200
@@ -1,5 +1,5 @@
<?php
-/* $Id: setup.php,v 1.23.2.8.2.2 2006/05/15 07:57:09 nijel Exp $ */
+/* $Id: setup.php,v 1.23.2.10.2.1 2006/08/01 14:01:37 lem9 Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
// phpMyAdmin setup script by Michal ÄihaÅ <michal@xxxxxxxxx>
@@ -14,7 +14,7 @@
// Script information
$script_info = 'phpMyAdmin ' . $PMA_Config->get('PMA_VERSION') . ' setup script by Michal ÄihaÅ <michal@xxxxxxxxx>';
-$script_version = '$Id: setup.php,v 1.23.2.8.2.2 2006/05/15 07:57:09 nijel Exp $';
+$script_version = '$Id: setup.php,v 1.23.2.10.2.1 2006/08/01 14:01:37 lem9 Exp $';
// Grab action
if (isset($_POST['action'])) {
@@ -395,19 +395,56 @@
*
* @return string fancy server name
*/
-function get_server_name($val, $id = FALSE) {
+function get_server_name($val, $id = FALSE, $escape = true) {
if (!empty($val['verbose'])) {
- $ret = htmlspecialchars($val['verbose']);
+ $ret = $val['verbose'];
} else {
- $ret = htmlspecialchars($val['host']);
+ $ret = $val['host'];
}
$ret .= ' (' . get_server_auth($val) . ')';
if ($id !== FALSE) {
$ret .= ' [' . ($id + 1) . ']' ;
}
- return $ret;
+ if ($escape) {
+ return htmlspecialchars($ret);
+ } else {
+ return $ret;
+ }
}
+
+/**
+ * Exports variable to PHP code, very limited version of var_export
+ *
+ * @param string data to export
+ *
+ * @see var_export
+ *
+ * @return string PHP code containing variable value
+ */
+function PMA_var_export($input) {
+ $output = '';
+ if (is_null($input)) {
+ $output .= 'NULL';
+ } elseif (is_array($input)) {
+ $output .= "array (\n";
+ foreach($input as $key => $value) {
+ $output .= PMA_var_export($key) . ' => ' . PMA_var_export($value);
+ $output .= ",\n";
+ }
+ $output .= ')';
+ } elseif (is_string($input)) {
+ $output .= '\'' . addslashes($input) . '\'';
+ } elseif (is_int($input) || is_double($input)) {
+ $output .= (string) $input;
+ } elseif (is_bool($input)) {
+ $output .= $input ? 'true' : 'false';
+ } else {
+ die('Unknown type for PMA_var_export: ' . $input);
+ }
+ return $output;
+}
+
/**
* Creates configuration code for one variable
*
@@ -429,23 +466,26 @@
$ret .= $name . " = array(\n";
} else {
// Something unknown...
- $ret .= $name. ' = ' . var_export($val, TRUE) . ";\n";
+ $ret .= $name. ' = ' . PMA_var_export($val) . ";\n";
break;
}
}
if ($type == 'string') {
- $ret .= $name. "['$k'] = " . var_export($v, TRUE) . ";\n";
+ $ret .= get_cfg_val($name . "['$k']", $v);
} elseif ($type == 'int') {
- $ret .= " " . var_export($v, TRUE) . ",\n";
+ $ret .= " " . PMA_var_export($v) . ",\n";
}
}
- if ($type == 'int') {
+ if (!isset($type)) {
+ /* Empty array */
+ $ret .= $name . " = array();\n";
+ } elseif ($type == 'int') {
$ret .= ");\n";
}
$ret .= "\n";
unset($type);
} else {
- $ret .= $name . ' = ' . var_export($val, TRUE) . ";\n";
+ $ret .= $name . ' = ' . PMA_var_export($val) . ";\n";
}
return $ret;
}
@@ -466,7 +506,7 @@
if (count($c['Servers']) > 0) {
$ret .= "/* Servers configuration */\n\$i = 0;\n";
foreach ($c['Servers'] as $cnt => $srv) {
- $ret .= "\n/* Server " . get_server_name($srv, $cnt) . " */\n\$i++;\n";
+ $ret .= "\n/* Server " . strtr(get_server_name($srv, $cnt, false), '*', '-') . " */\n\$i++;\n";
foreach ($srv as $key => $val) {
$ret .= get_cfg_val("\$cfg['Servers'][\$i]['$key']", $val);
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/server_privileges.php new/phpMyAdmin-2.8.2.1/server_privileges.php
--- old/phpMyAdmin-2.8.1/server_privileges.php 2006-03-14 18:32:19.000000000 +0100
+++ new/phpMyAdmin-2.8.2.1/server_privileges.php 2006-05-17 12:24:14.000000000 +0200
@@ -1,5 +1,5 @@
<?php
-/* $Id: server_privileges.php,v 2.91.2.2 2006/03/14 17:32:19 lem9 Exp $ */
+/* $Id: server_privileges.php,v 2.91.2.3 2006/05/17 10:24:14 lem9 Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
require_once('./libraries/common.lib.php');
@@ -764,15 +764,12 @@
'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON *.* TO \''
. PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\'';
if ($pred_password != 'none' && $pred_password != 'keep') {
- $pma_pw_hidden = '';
- for ($i = 0; $i < strlen($pma_pw); $i++) {
- $pma_pw_hidden .= '*';
- }
+ $pma_pw_hidden = str_repeat('*', strlen($pma_pw));
$sql_query = $real_sql_query . ' IDENTIFIED BY \'' . $pma_pw_hidden . '\'';
- $real_sql_query .= ' IDENTIFIED BY \'' . $pma_pw . '\'';
+ $real_sql_query .= ' IDENTIFIED BY \'' . PMA_sqlAddslashes($pma_pw) . '\'';
if ( isset( $create_user_real ) ) {
$create_user_show = $create_user_real . ' IDENTIFIED BY \'' . $pma_pw_hidden . '\'';
- $create_user_real .= ' IDENTIFIED BY \'' . $pma_pw . '\'';
+ $create_user_real .= ' IDENTIFIED BY \'' . PMA_sqlAddslashes($pma_pw) . '\'';
}
} else {
if ($pred_password == 'keep' && !empty($password)) {
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/themes/darkblue_orange/css/theme_left.css.php new/phpMyAdmin-2.8.2.1/themes/darkblue_orange/css/theme_left.css.php
--- old/phpMyAdmin-2.8.1/themes/darkblue_orange/css/theme_left.css.php 2006-04-06 17:56:20.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/themes/darkblue_orange/css/theme_left.css.php 2006-08-01 18:47:21.000000000 +0200
@@ -8,7 +8,7 @@
/* general tags */
body {
font-family: Verdana, Arial, Helvetica, sans-serif;
- font-size: 10px;
+ font-size: 12px;
background-color: #666699;
color: #ffffff;
margin: 0;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/themes/darkblue_orange/css/theme_right.css.php new/phpMyAdmin-2.8.2.1/themes/darkblue_orange/css/theme_right.css.php
--- old/phpMyAdmin-2.8.1/themes/darkblue_orange/css/theme_right.css.php 2006-04-12 13:18:30.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/themes/darkblue_orange/css/theme_right.css.php 2006-08-01 18:47:21.000000000 +0200
@@ -8,7 +8,7 @@
/* general tags */
body {
font-family: Verdana, Arial, Helvetica, sans-serif;
- font-size: 10px;
+ font-size: 12px;
color: #000000;
background-color: #ffffff;
margin: 5px;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/phpMyAdmin-2.8.1/translators.html new/phpMyAdmin-2.8.2.1/translators.html
--- old/phpMyAdmin-2.8.1/translators.html 2006-05-20 19:17:23.000000000 +0200
+++ new/phpMyAdmin-2.8.2.1/translators.html 2006-08-02 18:59:28.000000000 +0200
@@ -1,13 +1,13 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en-US" lang="en-US">
-<!-- $Id: translators.html,v 2.64.2.6.2.1 2006/05/20 17:17:23 lem9 Exp $ -->
+<!-- $Id: translators.html,v 2.64.2.8.2.2 2006/08/02 16:59:28 lem9 Exp $ -->
<head>
<link rel="icon" href="./favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
- <title>phpMyAdmin 2.8.1 - Official translators</title>
+ <title>phpMyAdmin 2.8.2.1 - Official translators</title>
<link rel="stylesheet" type="text/css" href="docs.css" />
</head>
@@ -29,7 +29,7 @@
<hr noshade="noshade" width="100%" />
</div>
-<h1>phpMyAdmin 2.8.1 official translators list</h1>
+<h1>phpMyAdmin 2.8.2.1 official translators list</h1>
<p>
Here is the list of the "official translators" of
@@ -189,7 +189,7 @@
<tr>
<td>Finnish</td>
<td>
- Jouni Kahkonen (yoneh@xxxxxxxxxxxxxxxxxxxxx)
+ Jouni Kahkonen (address withdrawn)
</td>
</tr>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
| < Previous | Next > |