forked from openemr/openemr
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ChangeLog
645 lines (574 loc) · 31 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
----------------------
phpMyAdmin - ChangeLog
----------------------
$Id$
$HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
2.11.10.0 (2009-12-07)
- [core] safer handling of temporary files with open_basedir (thanks to Thijs
Kinkhorst)
- [core] do not automatically set and create TempDir, it might lead to security
issue (thanks to Thijs Kinkhorst)
- [setup] avoid usage of (un)serialize, what might be unsafe in some cases
2.11.9.6 (2009-10-12)
- [security] XSS and SQL injection, thanks to Herman van Rink
2.11.9.5 (2009-03-24)
- [security] XSS vulnerability on export page
- [security] Insufficient output sanitizing when generating configuration file
2.11.9.4 (2008-12-09)
- [security] possible XSRF on several pages
2.11.9.3 (2008-10-30)
- [security] XSS in a Designer component
2.11.9.2 (2008-09-22)
- [security] XSS in MSIE using NUL byte, thanks to JPCERT.
2.11.9.1 (2008-09-15)
- [security] Code execution vulnerability, thanks to Norman Hippert
2.11.9.0 (2008-08-28)
- bug #2031221 [auth] Links to version number on login screen
- bug #2032707 [core] PMA does not start if ini_set() is disabled
- bug #2004915 [bookmarks] Saved queries greater than 1000 chars not
displayed, thanks to Maik Wiege - mswiege
- bug #2037381 [export] Export type "replace" does not work
- bug #2037375 [export] DROP PROCEDURE needs IF EXISTS
- bug #2045512 [export] Numbers in Excel export
+ [lang] Norwegian UTF-8 original file remerged, thanks to Sven-Erik Andersen
- bug #2074250 [parser] Undefined variable seen_from
2.11.8.0 (2008-07-28)
- patch #1987593 [interface] Table list pagination in navi,
thanks to Jason Day - jday29
- bug #1989081 [profiling] Profiling causes query to be executed again
(really causes a problem in case of INSERT/UPDATE)
- bug #1990342 [import] SQL file import very slow on Windows,
thanks to Richard Heaton - wotnot
- bug [XHTML] problem with tabindex and radio fields
- bug #1971221 [interface] tabindex not set correctly
- bug [views] VIEW name created via the GUI was not protected with backquotes
- bug #1989813 [interface] Deleting multiple views (space in name)
- bug #1992628 [parser] SQL parser removes essential space
- bug #1989281 [export] CSV for MS Excel incorrect escaping of double quotes
- bug #1959855 [interface] Font size option problem when no config file
- bug #1982489 [relation] Relationship view should check for changes
- bug [history] Do not save too big queries in history
- [security] Do not show version info on login screen
- bug #2018595 [import] Potential data loss on import resubmit
- patch #2020630 [export] Safari and timedate, thanks to Sebastian Mendel,
Isaac Bennetch and Jürgen Wind
- bug #2022182 [import, export] Import/Export fails because of Mac files
- [security] protection against cross-frame scripting and
new directive AllowThirdPartyFraming, thanks to YGN Ethical Hacker Group
- [security] possible XSS during setup, thanks to YGN Ethical Hacker Group
- [interface] revert language changing problem introduced with 2.11.7.1
2.11.7.1 (2008-07-15)
- bug [security] XSRF/CSRF by manipulating the db,
convcharset and collation_connection parameters,
thanks to YGN Ethical Hacker Group
2.11.7.0 (2008-06-23)
- bug #1908719 [interface] New field cannot be auto-increment and primary key
- [dbi] Incorrect interpretation for some mysqli field flags
- bug #1910621 [display] part 1: do not display a TEXT utf8_bin as BLOB
(fixed for mysqli extension only)
- [interface] sanitize the after_field parameter,
thanks to Norman Hippert
- [structure] do not remove the BINARY attribute in drop-down
- bug #1955386 [session] Overriding session.hash_bits_per_character
- [interface] sanitize the table comments in table print view,
db print view and db data dictionary, thanks to Norman Hippert
- bug #1939031 Auto_Increment selected for TimeStamp by Default
- patch #1957998 [display] No tilde for InnoDB row counter when we know
it for sure, thanks to Vladyslav Bakayev - dandy76
- bug #1955572 [display] alt text causes duplicated strings
- bug #1762029 [interface] Cannot upload BLOB into existing row
- bug #1981043 [export] HTML in exports getting corrupted,
thanks to Jason Judge - jasonjudge
- bug #1936761 [interface] BINARY not treated as BLOB: update/delete issues
- protection against XSS when register_globals is on and .htaccess has
no effect, thanks to Tim Starling
- bug #1996943 [export] Firefox 3 and .sql.gz (corrupted); detect Gecko 1.9,
thanks to Jürgen Wind - windkiel
2.11.6.0 (2008-04-29)
- bug #1903724 [interface] Displaying of very large queries in error message
- bug #1905711 [compatibility] Functions deprecated in PHP 5.3: is_a() and
get_magic_quotes_gpc(), thanks to Dmitry N. Shilnikov - yrtimd
- bug [lang] catalan wrong accented characters
- bug #1893034 [Export] SET NAMES for importing with command-line client
+ [lang] Russian update, thanks to Victor Volkov
- bug #1910485 [core] Unsetting the whitelist during the loop,
thanks to Jeroen Vrijkorte - jv_map
- bug #1906980 [Export] Import of VIEWs fails if temp table exists,
thanks to Falk Nisius - klaf
- bug #1812763 [Copy] Table copy when server is in ANSI_QUOTES sql_mode
thanks to Tony Marston - tonymarston
- bug #1918531 [compatibility] Navigation isn't w3.org valid
thanks to Michael Keck - mkkeck
- bug #1926357 [data] BIT defaults displayed incorrectly
- patch #1930057 [auth] colon in password prevents HTTP login on CGI/IIS,
thanks to Jürgen Wind - windkiel
- patch #1929553 [lang] Don't output BOM character in Swedish language file,
thanks to Samuel L. B. - samuellb
- patch #1895796 [lang] Typo in Japanese lang files,
thanks to tyman - acoustype
- bug #1935652 [auth] Access denied (show warning about mcrypt on login page)
- bug #1906983 [export] Reimport of FUNCTION fails
- bug #1919808 [operations] Renaming a database fails to handle functions
- bug #1934401 [core] Cannot force a language
- bug #1944077 [core] Config file containing a BOM,
thanks to Gaetano Giunta - ggiunta
- bug #1947189 [scripts] Missing </head> in scripts/signon.php,
thanks to Dolf Schimmel
+ [lang] Romanian update, thanks to Sergiu Bivol - sbivol
2.11.5.2 (2008-04-22)
- PMASA-2008-3 [security] File disclosure
2.11.5.1 (2008-03-29)
- bug #1909711 [security] Sensitive data in session files
2.11.5.0 (2008-03-01)
- bug #1862661 [GUI] Warn about rename deleting database
- bug #1866041 [interface] Incorrect sorting with AS
- bug #1871038 [import] Notice: undefined variable first_sql_delimiter
- bug #1873110 [export] Problem exporting with a LIMIT clause
- bug #1871164 [GUI] Empty and navigation frame synch.
- patch #1873188 [GUI] Making db pager work when js is disabled,
thanks to Jürgen Wind - windkiel
- bug #1875010 [auth] MySQL server and client version mismatch (mysql ext.)
- patch #1879031 [transform] dateformat transformation and UNIX timestamps,
thanks to Tim Steiner - spam38
- bug [import] Do not verify a missing enclosing character for CSV,
because files generated by Excel don't have any enclosing character
- bug #1799691 [export] "Propose table structure" and Export
- bug #1884911 [GUI] Space usage
- bug #1863326 [GUI] Wrong error message / no edit (Suhosin)
- bug #1887204 [GUI] Order columns in result list messing up query
- patch #1893538 [GUI] Display issues on Opera 9.50,
thanks to Jürgen Wind - windkiel
- bug [GUI] Do not display the database name used by the previous user,
thanks to Ronny Görner
- bug [security] Remove cookies from $_REQUEST for better coexistence with
other applications, thanks to Richard Cunningham. See PMASA-2008-1.
2.11.4.0 (2008-01-12)
- bug #1843428 [GUI] Space issue with DROP/DELETE/ALTER TABLE
- bug #1807816 [search] regular expression search doesn't work with
backslashes
- bug #1843463 [GUI] DROP PROCEDURE does not show alert
- bug #1835904 [GUI] Back link after a SQL error forgets the query
- bug #1835654 [core] wrong escaping when using double quotes
- bug #1817612 [cookies] Wrong cookie path on IIS with PHP-CGI,
thanks to Carsten Wiedmann
- bug #1848889 [export] export trigger should use DROP TRIGGER IF EXISTS
- bug #1851833 [display] Sorting forgets an explicit LIMIT
(fix for sorting on column headers)
- bug #1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin
- bug #1798786 [import] Wrong error when a string contains semicolon
- bug #1813508 [login] Missing parameter: field after re-login
- bug #1710144 [parser] Space after COUNT breaks Export but not Query
- bug #1783620 [parser] Subquery results without "as" are ignored
- bug #1821264 [display] MaxTableList and INFORMATION_SCHEMA
- bug #1859460 [display] Operations and many databases
- bug #1814679 [display] Database selection pagination when switching servers
- patch #1861717 [export] CSV Escape character not exported right,
thanks to nicolasdigraf
- bug #1864468 [display] Theme does not switch to darkblue_orange
- bug #1847409 [security] Path disclosure on darkblue_orange/layout.inc.php,
thanks to Jürgen Wind - windkiel
2.11.3.0 (2007-12-08)
- patch #1818389 to remove a notice (failed to flush buffer), thanks to
Bertrand
- patch #1821154, HTTP authentication: fix auth working with php/mod_fastcgi,
thanks to yarodin
- wrong default charset in case of broken session
- bug #1824506 [profiling] Profile command repeated on older MySQL servers
- bug #1825172 [export] Exporting and functions
- bug #1817224 [import] Incorrect detection of file_uploads in some cases,
thanks to Juergen Wind
- bug #1777249 [display] Do not underline links in left panel (in default
- bug #1826022 [privileges] unable to add user (MySQL 3.23) since PMA 2.11.2
- bug #1823045 [import] Error importing file with lowercase "delimiter"
- bug #1828913 [structure] Can't set FULLTEXT index on CHAR column
- bug #1804081 [export] export on server doesn't obey AllowAnyWhereRecoding
- bug #1789988 [display] space before SHOW COLUMNS
- bug #1831646 [table creation] Error in CREATE TABLE with multiple primary
keys and AUTO_INCREMENT
- [display] Division by zero when showing all records (page selector)
- bug #1828265 [privileges] No weird characters in generated password
- bug #1759194 [import] open_basedir warning
- bug #1793948 [parser] ROW_FORMAT incorrectly parsed
- undefined PMA_MYSQL_INT_VERSION when no default server is set
- bug #1763343 [session] Behavior with session.auto_start enabled
+ [lang] Hungarian update, thanks to Mihály Mészáros
+ [lang] German update, thanks to Jürgen Wind - windkiel
- patch #1837691 [query window] js errors, thanks to Victor Volkov
- patch #1839052 [lang] catalan not in UTF-8, thanks to jaz001
- patch #1838626 [GUI] Login interface broken on Konqueror, thanks to fhimpe
2.11.2.2 (2007-11-20)
- bug #1835123 [security] fixed XSS vulnerability on login page,
thanks to Tim Brown (Nth Dimension) for the advisory
and to Sebastian for the fix
2.11.2.1 (2007-11-11)
- fixed possible SQL injection using database name
- fixed possible XSS in database name - thanks to Omer Singer, The DigiTrust Group
2.11.2.0 (2007-10-27)
- patch #1791576 HTTP auth: support REDIRECT_REMOTE_USER, thanks to Allard
+ [lang] Serbian update, thanks to Mihailo Stefanovic
- bug #1798841 [relations] Copying db does not copy internal relations
- bug #1798646 [display] Character '+' in query wrongly interpreted
- bug #1801919 [themes] Do not use NaviDatabaseNameColor for fieldset legend
- bug #1764735 [core] Designer: PDF error when deleting a table
- bug #1764195 [views] DROP button does not work on defective views
- bug #1805773 [relations] browse foreign values: return values not escaped,
thanks to Alex Rambau
- bug #1807923 [login] Login with html entities in password fails
- [core] Undefined variable when creating a table that exists
- patch #1808578 Changes in font size were no longer detected after patch
#1787915
+ [lang] Croatian update, thanks to Renato Pavicic
- patch #1807615 [GUI] Display patch for column rights in Opera
- bug #1811519 Can't delete user with a german umlaut.
- bug #1811519 [privileges] fixed used collation for accessing mysql.user in server privileges
- it should not be possible to move or copy a table to information_schema
- bug #1814733 win: copy db to mixed name db fails
- bug #1777249 [display] Remove horizontal lines in navigation panel
- bug #1805102 [display] TextareaAutoSelect issues: set this parameter
default value to false to help cut&paste from a terminal window; also
set focus to the textarea
- bug #1814463 [display] Wrong database size
- bug #1811527 [display] Problem with links to the MySQL manual
- patch #1817529 [auth] Incorrect login via URL when AllowArbitraryServer
is true, thanks to Juergen Wind
2.11.1.2 (2007-10-17)
- fixed XSS in server_status.php, thanks to Omer Singer, The DigiTrust Group
- fixed some possible XSS with PHP_SELF, PATH_INFO, REQUEST_URI
(reference: CVE-2007-5589)
2.11.1.1 (2007-10-15)
- bug #1810629 [setup] XSS in setup.php, thanks to Omer Singer, The DigiTrust Group
2.11.1.0 (2007-09-20)
- bug #1783667 [export] NO_AUTO_VALUE_ON_ZERO and MySQL version
- bug #1780098 [GUI] Logout causes CSS loss, thanks to Juergen Wind
. incorrect field ids, thanks to Michael Keck
- bug #1787522 [view] wrong choice in algorithm drop-down
- bug #1777620 [GUI] Table Print preview: missing column header,
thanks to Mario Rohkrämer
- Do not display "Your MySQL library..." if only the Z part of X.Y.Z version
is different
- bugs #1767759, 1216521 [data] Duplicate entry error Browse feature: this minor
feature removed due to its complexity
- bug #1774825 [operations] Rename database loses charset info
- bug #1791568 [core] Undefined cfg, thanks to Christian Schmidt
- bug #1782332 [structure] New table form does not overtake data
- bug #1793763 [requirements] minimum PHP should be 4.2.0
- patch #1787915 Avoid CSS reloading on every click, thanks to Juergen Wind
- bug #1798627 [GUI] Wrong storage engine displayed
2.11.0.0 (2007-08-21)
+ [import] support handling of DELIMITER to mimic mysql CLI, thanks to fb1
+ improved PHP 6 compatibility
- bug #1674914 [structure] changing definition of a TIMESTAMP field
- bug #1615530 [upload] added more specific error message if field upload fails
- bug #1627210, #1083301, #1482401 [data] warning on duplicate indexes
- bug #1668724 JavaScript focus login Opera
- bug #1666657 [auth] Cookie password delete on timeout / inactivity
- bug #1648802 different mysql library and server version
- bug #1662976 [auth] Authentication fails when controluser/pass is set
- bug #1643758 [import] Error #1264 importing NULL values in MySQL 5.0
- bug #1523747 [innodb] make warning about row count more visible
- bug #1676012 [auth] strip non-US-ASCII characters (RFC2616)
- bug #1679440 Added FAQ entry about header errors under IIS caused by
an end-of-line character
- [gui] avoid displaying a wide selector in server selection
- bug #1614004 [relation] foreign key spanning multiple columns are
incorrectly displayed
- bug #1681598 [interface] Edit next row
- bug #1688053 [export] Wrong export of binary character fields
- bug #1498281 [parser] Wrong primary key used for displaying results
with subquery
- bug #1699772 Visual space bug in table name (in browser)
- bug #1699532 Cause of data manipulation issues: implemented changes
as suggested by crisp_; still have to work on updating an ENUM value
+ [core] added PMA_fatalError() and made use of it
. [core] added PMA_isValid() and PMA_ifSetOr() for variable handling
. [i18n] use generic $strOptions
. [core] get rid of $propicon
. [core] globalized variables to be includable inside function in
libraries/select_lang.lib.php
+ [doc] changed all documentation in config.inc.php to phpDocumentor style
+ [data] support for CREATE VIEW from query results
+ [gui] dropped css/ folder and moved into root of PMA
+ [l10n] new: Sinhala, Macedonian
+ [export] YAML export (see yaml.org), thanks to Bryce Thornton
+ [upload] moved file upload functionality into own class
+ [upload] make use of $cfg['TempDir'] for file uploads
+ [server] improved display of binary logs
+ [data] better error handling in tbl_create.php
+ [routines] from Patch #1649881, thanks to Mike Beck
+ [querywindow] store sql history in session
+ [querywindow] sql history now without db too
+ [querywindow] tweaks in sql history view
+ [export] Native Excel (Spreadsheet_Excel_Writer) improvements,
thanks to Christian Schmidt
+ [doc] requirement of mcrypt on 64-bit, thanks to Isaac Bennetch
+ [lang] Danish update, thanks to Finn Sorensen
+ RFE #1435922 [gui] navigation frame shows listing of databases when none selected
+ [data] support BIT datatype (under mysqli), thanks to Christian Schmidt
+ [display] automatic confirmation for sort by key, thanks to Juergen Wind
+ [data] can now choose the number of insert rows
+ RFE #1704779 [gui] link documentation from login page
+ RFE #1513345 [setup] check control user connection during setup
+ [structure] TRIGGERS: display/edit/drop/SQL export
+ [browse] store browse state in session per query
+ [lang] Turkish update, thanks to Burak Yavuz
+ [lang] Galician update, thanks to Xosé Calvo
+ [lang] Brazilian-Portuguese update, thanks to Airon Luis Pereira
+ [gui] Insert/Edit: no longer display the Go button each 15 lines
but just at the end of a row
+ [gui] Query window: use verbose server name if any
+ [auth] patch #1712514 specify host for single signon, thanks to Thierry
+ [gui] Navigator for the db list in the navigation panel
+ [gui] Navigator for the table list in the content panel
- bug #1727138 HTML not encoded (more than 1000 characters)
+ [display] Support for MySQL 5.0.37 profiling
+ RFE #1743983 [gui] Replace $max_characters by a configurable param:
$cfg['MaxCharactersInDisplayedSQL']
- bug #1746186 LeftLogoLink fails if set to some external site
. [transformations]: remove "auto-detect" MIME-type that was never implemented
+ [display] patch #1749705, Allow multibyte characters in number formatting,
thanks to garas
- bug #1747215 Export emits blanks at line ends
- bug #1751172 Do not export data when exporting a single VIEW
+ [lang] Swedish update, thanks to Björn T. Hallberg
+ [lang] Russian update, thanks to Victor Volkov and the php-myadmin.ru users
+ [privileges] Support password hashing on the Edit Privileges interface
- bug #1755339 Warn about rename dataase actually being copy/delete
- bug #1746921 Left frame shrinks on db change, thanks to Juergen Wind
+ [gui] Export: Select All/Unselect All over the choices,
thanks to Florian Schmitz
+ [lang] Japanese update, thanks to Ishigaki Kenichi
- bug #1759528 browse_foreigners fails due to newlines,
thanks to Hanno Boeck
+ [lang] Norwegian update, thanks to Sven-Erik Andersen
+ [lang] Italian update, thanks to Luca Rebellato
+ [lang] Spanish update, thanks to Daniel Hinostroza
. [export] Do not obey $cfg['MaxTableList'] on database export
- [doc] UploadDir and the Import tab, thanks to Juergen Wind
- bug #1766975 Parameters lost when editing stored routine
- [export] patch #1766633 Incorrect export with specified MySQL port,
thanks to Juergen Wind
+ [lang] Catalan update, thanks to Xavier Navarro
- bug #1751553 Drop-down instead of input when editing
- [data] foreign key browser: encoding mixups, thanks to Thijs Kinkhorst
- bug #1771721 Old SVN URLs
2.10.3.0 (2007-07-20)
- bug #1734285 Copy database with VIEWs
- bug #1722502 DROP TABLE in export VIEW
- bug #1729027 Sorting results of VIEW browsing
- bug #1733012 Unwanted table alias in delete button
- bug #1736405 Pretty printer and HTML line breaks
- bug #1745257 Invalid DB name is still displayed
- bug #1730367 Calendar "Go" has no effect
- bug #1748633 Incorrect parameter validation for VIEWs
+ [lang] Russian revision, thanks to Victor Volkov and the users of
php-myadmin.ru
- Do not try to delete an internal relation if we just deleted an InnoDB one
2.10.2.0 (2007-06-15)
+ [data] display all warnings, not only last one
- typo in fix for bug #1671813
- bug #1714908 Inserted Row Count is wrong
- bug #1712570 Deleting last record freezes
- bug #1717339 Missing header when deleting a checked column,
thanks to Michael Keck
- bug #1717477 Warning on Query page when db is empty
- bug #1721002 db rename -> undefined cfgRelation, thanks to Jürgen Wind
- bug #1721571 CREATE database privilege not always detected,
thanks to Gordon McNaughton
- bug #1715709 export in SQL format always includes procedures and functions
- bug #1722502 DROP TABLE in export view structure
- bug #1718787 Multi-server setup breaks Designer
- bug #1724401 Column truncation in repair table output
- patch #1726500 Wrong position of </tbody>, thanks to Jürgen Wind
- bug #1728590 Detected failing session_start fails, thanks to Jürgen Wind
- RFE #1714760 Obey ShowCreateDb on the Databases tab
- patch #1733762 Typo in message "INSERT DELAY", thanks to Victor Volkov
- patch #1730171 Dead message strLanguageFileNotFound, thanks to Victor Volkov
- patch #1731280 Avoid negative exponent in gmp_pow(), thanks to anosek
2.10.1.0 (2007-04-23)
- bug #1541147 [js] '#' in database names not correctly handled by queywindow.js
- bug #1671403 [parser] using "client" as table name
- bug #1672379 [core] Call to undefined function PMA_removeCookie()
- bug [core] undefined variable in libraries/tbl_replace_fields.inc.php
- bug [gui] query window icon did not work, thanks to Jürgen Wind - windkiel
. [general] use PMA_getenv('PHP_SELF')
- bug #1676033 [core] pow(int,int) causes overflow
- bug #1680952 [core] undefined function PMA_getUvaCondition()
- bug #1596328 [export] drop support for POSTGRESQL compatibility mode
- bug #1609443 [privileges] Grant all priv. on wildcard name (fix message)
- bug #1567317 [sqp] Syntax highlighter: extra spaces
- bug #1239401 [sqp] table dot numeric field name
- bug #1672789 [sqp] Undefined offset: 4 in sqlparser.lib.php #1674
- bug #1682044 [export] Export file even if file not selected
- bug #1664212 querywindow loses url encoded characters
- replaced ctype_digit() with is_numeric()
+ [config] clean cookies on phpMyAdmin upgrade
- bug #1674972 [export] no export with %afm%
- bug #1667887 HTML maxlength
- bug #1679055 #1050 - Table '<table name>' already exists
- patch #1681620 [interface] support reordering of $cfg['ColumnTypes'],
thanks to Leonard den Ottolander
- bug #1690718 Can't edit if BLOB and no PK
- bug #1672636 [export] PDF export too wide
+ [lang] brazilian-portuguese update, thanks to Airon Luis Pereira
- patch #1698964 javascript typo, thanks to Corey Hollaway
- bug #1703897 [css] undefined index 'js_frame'
- bug #1690561 Blobs being cleared on Edit of row
- bug #1679801 [core] XSS vulnerability in PMA_sanitize(), thanks to sp3x SecurityReason
- bug #1704467 XSS vulnerability in browse_foreigners.php, thanks to sp3x SecurityReason
2.10.0.2 (2007-03-02)
+ bug #1671813 CVE-2006-1549 deep recursion crash
2.10.0.1 (2007-03-01)
. [config] set $cfg['Servers'][$i]['ssl'] default value to false,
we got reports from some users having problems with the default value of true
2.10.0.0 (2007-02-28)
- bug #1659176 [general] memory error displaying a table with large BLOBs
- bug #1668662 [install] can create the new pma_designer_coords table
+ [gui] navi logo now links to main page by default, with still the possibility
of having an external URL
2007-02-25 Marc Delisle <[email protected]>
* libraries/common.lib.php: bug #1667466, undefined variable when
export + save on server
* server_status.php: bug #1665930, undefined PHP_SELF
2007-02-24 Marc Delisle <[email protected]>
* libraries/config.default.php: RFE #1621437, HEX and UNHEX were not
available for a BINARY field
2007-02-21 Marc Delisle <[email protected]>
* pmd/scripts/move.js: bug #1650770, Designer and Mac OSX,
thanks to Ivan Kirillov
2007-02-17 Marc Delisle <[email protected]>
* Documentation.html: patch #1659347, missing doc for some config,
thanks to Isaac Bennetch
* libraries/export/sql.php: bug #1663336, undefined variable
2007-02-16 Marc Delisle <[email protected]>
* libraries/common.lib.php, footer.inc.php: avoid generating big links
after an upload into a BLOB
2007-02-14 Marc Delisle <[email protected]>
* libraries/common.lib.php: white page after uploading a 700 Kio BLOB
* add a warning on main page if mcrypt can't be loaded (bug 1658160)
2007-02-12 Sebastian Mendel <[email protected]>
* libraries/database_interface.lib.php: bug #1616486 server_databases does
not show all databases
* libraries/sqlparser.data.php: MySQL function and column names, reserved
and forbidden words updated,
bug #1657045 Spatial functions not supported
bug #1657037 Missing column type "geometry"
2007-02-09 Marc Delisle <[email protected]>
* main.php: some links should open a new page
* Documentation.html, libraries/navigation_header.inc.php,
libraries/config.default.php: $cfg['LeftLogoLinkWindow'] to decide
in which window the logo-linked page will appear
2007-02-09 Michal Čihař <[email protected]>
* lang/czech: Fix syntax error (sorry for that).
2007-02-08 Marc Delisle <[email protected]>
* themes/darkblue_orange/img/logo_left.png,
themes/original/img/logo_left.png: smaller PMA logo for navi
2007-02-08 Sebastian Mendel <[email protected]>
* themes/*/css/theme_right.css.php: bug #1653769 browsing highlight disabling
doesn't work
2007-02-06 Sebastian Mendel <[email protected]>
* pmd_general.php, pmd_pdf.php, pmd_save_pos.php: fixed short open tags
patch #1652886 thanks to Martin Thielecke - mthie
* tbl_change.php: fixed escaping of field names in HTML and JavaScript
* libraries/common.lib.php: PMA_backquote() did not quote 0
* tbl_change.php: bug #1652810 - slashes are not escaped properly
2007-02-05 Marc Delisle <[email protected]>
* lang/japanese: Update, thanks to Ishigaki Kenichi - tcool.
2007-02-05 Sebastian Mendel <[email protected]>
* lang/german: updated
2007-02-03 Marc Delisle <[email protected]>
* pmd/scripts/move.js: display problems in Opera, thanks to Maxim Bulygin
2007-02-02 Marc Delisle <[email protected]>
* tbl_replace.php: Calendar icon does not work on "Insert another new row"
2007-02-01 Marc Delisle <[email protected]>
* libraries/import.lib.php: bug #1626064, too much quoting on import
2007-02-01 Sebastian Mendel <[email protected]>
* libraries/display_tbl.lib.php: bug #1644740 - $cfg['Order'] = 'SMART'
overwritten
* libraries/Theme.class.php: removed __wakeup() due to some requirements are
not fulfilled at this point - also thanks to Jürgen Wind - windkiel
2007-01-31 Sebastian Mendel <[email protected]>
* libraries/session.inc.php:
bug #1630871 - Detecting a missing write permission on sessions directory
2007-01-30 Sebastian Mendel <[email protected]>
* libraries/sqlparser.lib.php PMA_SQP_analyze():
bug #1647785 - do not pass variables by reference
2007-01-29 Marc Delisle <[email protected]>
* lang/catalan update, thanks to Xavier Navarro (xavin)
* pmd_general.php: possibility of quotes in Designer messages,
thanks to Ivan Kirillov
2007-01-26 Michal Čihař <[email protected]>
* libraries/common.lib.php, libraries/js_escape.lib.php,
test/escape_js_string.php, test/core.lib.php: Move java script escaping
to separate library, make it safer on </script> escaping and add
testcase for it.
* test/theme.php: Move to test package.
2007-01-22 Marc Delisle <[email protected]>
* pmd/*: button for direct/angular links, thanks to Ivan Kirillov
2007-01-22 Michal Čihař <[email protected]>
* lang/czech: Updated.
2007-01-21 Marc Delisle <[email protected]>
* libraries/Table.class.php: on a MySQL 5.0.33 server with 4400 databases,
one of which having 400 tables, it took more than 3 minutes just to
see the database structure (some accesses to INFORMATION_SCHEMA are
just too slow) so I changed PMA_Table::isView() to avoid calling
INFORMATION_SCHEMA
2007-01-20 Marc Delisle <[email protected]>
* libraries/sqlparser.lib.php: bug #1638267, wrong reserved word
recognition
* server_privileges.php: bug #1635377, superfluous backslash,
thanks to Hanut
2007-01-19 Marc Delisle <[email protected]>
* pmd*, lang/*: Designer now supports set/unset of the display field,
thanks to Ivan Kirillov
2007-01-18 Michal Čihař <[email protected]>
* lang/czech: Updated.
* libraries/auth/cookie.auth.lib.php: Make server switching honour more
server settings (patch #1630104).
2007-01-17 Marc Delisle <[email protected]>
* lang/turkish: update, thanks to Burak Yavuz - bourock
2007-01-16 Marc Delisle <[email protected]>
### 2.9.2 released from QA_2_9
2007-01-12 Marc Delisle <[email protected]>
* (many files): Designer, two features (snap to grid / display field)
thanks to Ivan Kirillov
* libraries/Theme_Manager.class.php: patch #1611684, force a change
of a session variable to avoid phpmyadmin.css.php caching problems,
thanks to Christian Schmidt
2007-01-11 Marc Delisle <[email protected]>
* lang/estonian: Update, thanks to Marko Ellermaa - uhuu
2007-01-09 Michal Čihař <[email protected]>
* index.php: Properly escape strings written in JS code.
* libraries/Theme_Manager.class.php: Avoid trigger error here, parameter
comes from user and it might lead to path disclossure.
* libraries/common.lib.php:
- Properly escape </script> in JS code.
- Check db, table and sql_query params to be string.
2007-01-08 Marc Delisle <[email protected]>
* libraries/session.inc.php: prevent attack on session name cookie
2007-01-05 Marc Delisle <[email protected]>
* libraries/session.inc.php: bug #1538132, remove the setting of
session.save_handler to 'files'
* pmd_general.php: patch #1627831,
English language improvements, thanks to Isaac Bennetch
* pmd_general.php, pmd_relation_new.php, lang/*: abstract messages
2007-01-04 Marc Delisle <[email protected]>
* pmd/scripts/move.js: avoid text selection when moving a table object
under MSIE 6, thanks to Ivan Kirillov
* libraries/db_links.inc.php: better icon for Designer, thanks to I.K.
2007-01-02 Marc Delisle <[email protected]>
* Designer: various fixes and improvements (for example support
for MSIE 6), thanks to Ivan Kirillov
* pdf_pages.php: undefined $pdf_page_number when no auto layout
* server_privileges.php: bug #1614087, deleting a user having a
global GRANT privilege fails under MySQL 4.1.x
2007-01-02 Michal Čihař <[email protected]>
* libraries/common.lib.php: Add <div> to allow selecting whole SQL by
tripple click (patch #1611591).
* libraries/export/sql.php: DELIMITER should not be commented out (bug
#1612870).
--- Older ChangeLogs can be found on our project website ---
http:https://www.phpmyadmin.net/old-stuff/ChangeLogs/
# vim: et ts=4 sw=4 sts=4
# vim: ft=changelog fenc=utf-8 encoding=utf-8
# vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>8&&getline(v\:lnum)!~'^#'
# vim: fdn=1 fdm=expr