From 20068e11c34e9940eb0205c03877804c9f1b2b60 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Fri, 23 Jan 2009 17:53:04 +0000 Subject: [PATCH] ChangeLog-2007 --- ChangeLog | 452 ------------------------------------------------------ 1 file changed, 452 deletions(-) diff --git a/ChangeLog b/ChangeLog index da73be1c7..38fae6edc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -401,458 +401,6 @@ danbarry - bug #1847409 [security] Path disclosure on darkblue_orange/layout.inc.php, thanks to Jürgen Wind - windkiel -2.11.3.0 (2007-12-08) -- patch #1818389 to remove a notice (failed to flush buffer), thanks to - Bertrand -- patch #1821154, HTTP authentication: fix auth working with php/mod_fastcgi, - thanks to yarodin -- wrong default charset in case of broken session -- bug #1824506 [profiling] Profile command repeated on older MySQL servers -- bug #1825172 [export] Exporting and functions -- bug #1817224 [import] Incorrect detection of file_uploads in some cases, - thanks to Juergen Wind -- bug #1777249 [display] Do not underline links in left panel (in default - themes) -- bug #1826022 [privileges] unable to add user (MySQL 3.23) since PMA 2.11.2 -- bug #1823045 [import] Error importing file with lowercase "delimiter" -- bug #1828913 [structure] Can't set FULLTEXT index on CHAR column -- bug #1804081 [export] export on server doesn't obey AllowAnyWhereRecoding -- bug #1789988 [display] space before SHOW COLUMNS -- bug #1831646 [table creation] Error in CREATE TABLE with multiple primary - keys and AUTO_INCREMENT -- [display] Division by zero when showing all records (page selector) -- bug #1828265 [privileges] No weird characters in generated password -- bug #1759194 [import] open_basedir warning -- bug #1793948 [parser] ROW_FORMAT incorrectly parsed -- undefined PMA_MYSQL_INT_VERSION when no default server is set -- bug #1763343 [session] Behavior with session.auto_start enabled -+ [lang] Hungarian update, thanks to Mihály Mészáros -+ [lang] German update, thanks to Jürgen Wind - windkiel -- patch #1837691 [query window] js errors, thanks to Victor Volkov -- patch #1839052 [lang] catalan not in UTF-8, thanks to jaz001 -- patch #1838626 [GUI] Login interface broken on Konqueror, thanks to fhimpe - -2.11.2.2 (2007-11-20) -- bug #1835123 [security] fixed XSS vulnerability on login page, - thanks to Tim Brown (Nth Dimension) for the advisory - and to Sebastian for the fix - -2.11.2.1 (2007-11-11) -- fixed possible SQL injection using database name -- fixed possible XSS in database name - thanks to Omer Singer, The DigiTrust Group - -2.11.2.0 (2007-10-27) -- patch #1791576 HTTP auth: support REDIRECT_REMOTE_USER, thanks to Allard -+ [lang] Serbian update, thanks to Mihailo Stefanovic -- bug #1798841 [relations] Copying db does not copy internal relations -- bug #1798646 [display] Character '+' in query wrongly interpreted -- bug #1801919 [themes] Do not use NaviDatabaseNameColor for fieldset legend -- bug #1764735 [core] Designer: PDF error when deleting a table -- bug #1764195 [views] DROP button does not work on defective views -- bug #1805773 [relations] browse foreign values: return values not escaped, - thanks to Alex Rambau -- bug #1807923 [login] Login with html entities in password fails -- [core] Undefined variable when creating a table that exists -- patch #1808578 Changes in font size were no longer detected after patch - #1787915 -+ [lang] Croatian update, thanks to Renato Pavicic -- patch #1807615 [GUI] Display patch for column rights in Opera -- bug #1811519 Can't delete user with a german umlaut. -- bug #1811519 [privileges] fixed used collation for accessing mysql.user in server privileges -- it should not be possible to move or copy a table to information_schema -- bug #1814733 win: copy db to mixed name db fails -- bug #1777249 [display] Remove horizontal lines in navigation panel -- bug #1805102 [display] TextareaAutoSelect issues: set this parameter - default value to false to help cut&paste from a terminal window; also - set focus to the textarea -- bug #1814463 [display] Wrong database size -- bug #1811527 [display] Problem with links to the MySQL manual -- patch #1817529 [auth] Incorrect login via URL when AllowArbitraryServer - is true, thanks to Juergen Wind - -2.11.1.2 (2007-10-17) -- fixed XSS in server_status.php, thanks to Omer Singer, The DigiTrust Group -- fixed some possible XSS with PHP_SELF, PATH_INFO, REQUEST_URI - (reference: CVE-2007-5589) - -2.11.1.1 (2007-10-15) -- bug #1810629 [setup] XSS in setup.php, thanks to Omer Singer, The DigiTrust Group - -2.11.1.0 (2007-09-20) -- bug #1783667 [export] NO_AUTO_VALUE_ON_ZERO and MySQL version -- bug #1780098 [GUI] Logout causes CSS loss, thanks to Juergen Wind -. incorrect field ids, thanks to Michael Keck -- bug #1787522 [view] wrong choice in algorithm drop-down -- bug #1777620 [GUI] Table Print preview: missing column header, - thanks to Mario Rohkrämer -- Do not display "Your MySQL library..." if only the Z part of X.Y.Z version - is different -- bugs #1767759, 1216521 [data] Duplicate entry error Browse feature: this minor - feature removed due to its complexity -- bug #1774825 [operations] Rename database loses charset info -- bug #1791568 [core] Undefined cfg, thanks to Christian Schmidt -- bug #1782332 [structure] New table form does not overtake data -- bug #1793763 [requirements] minimum PHP should be 4.2.0 -- patch #1787915 Avoid CSS reloading on every click, thanks to Juergen Wind -- bug #1798627 [GUI] Wrong storage engine displayed - -2.11.0.0 (2007-08-21) -+ [import] support handling of DELIMITER to mimic mysql CLI, thanks to fb1 -+ improved PHP 6 compatibility -- bug #1674914 [structure] changing definition of a TIMESTAMP field -- bug #1615530 [upload] added more specific error message if field upload fails -- bug #1627210, #1083301, #1482401 [data] warning on duplicate indexes -- bug #1668724 JavaScript focus login Opera -- bug #1666657 [auth] Cookie password delete on timeout / inactivity -- bug #1648802 different mysql library and server version -- bug #1662976 [auth] Authentication fails when controluser/pass is set -- bug #1643758 [import] Error #1264 importing NULL values in MySQL 5.0 -- bug #1523747 [innodb] make warning about row count more visible -- bug #1676012 [auth] strip non-US-ASCII characters (RFC2616) -- bug #1679440 Added FAQ entry about header errors under IIS caused by - an end-of-line character -- [gui] avoid displaying a wide selector in server selection -- bug #1614004 [relation] foreign key spanning multiple columns are - incorrectly displayed -- bug #1681598 [interface] Edit next row -- bug #1688053 [export] Wrong export of binary character fields -- bug #1498281 [parser] Wrong primary key used for displaying results - with subquery -- bug #1699772 Visual space bug in table name (in browser) -- bug #1699532 Cause of data manipulation issues: implemented changes - as suggested by crisp_; still have to work on updating an ENUM value -+ [core] added PMA_fatalError() and made use of it -. [core] added PMA_isValid() and PMA_ifSetOr() for variable handling -. [i18n] use generic $strOptions -. [core] get rid of $propicon -. [core] globalized variables to be includable inside function in - libraries/select_lang.lib.php -+ [doc] changed all documentation in config.inc.php to phpDocumentor style -+ [data] support for CREATE VIEW from query results -+ [gui] dropped css/ folder and moved into root of PMA -+ [l10n] new: Sinhala, Macedonian -+ [export] YAML export (see yaml.org), thanks to Bryce Thornton -+ [upload] moved file upload functionality into own class -+ [upload] make use of $cfg['TempDir'] for file uploads -+ [server] improved display of binary logs -+ [data] better error handling in tbl_create.php -+ [routines] from Patch #1649881, thanks to Mike Beck -+ [querywindow] store sql history in session -+ [querywindow] sql history now without db too -+ [querywindow] tweaks in sql history view -+ [export] Native Excel (Spreadsheet_Excel_Writer) improvements, - thanks to Christian Schmidt -+ [doc] requirement of mcrypt on 64-bit, thanks to Isaac Bennetch -+ [lang] Danish update, thanks to Finn Sorensen -+ RFE #1435922 [gui] navigation frame shows listing of databases when none selected -+ [data] support BIT datatype (under mysqli), thanks to Christian Schmidt -+ [display] automatic confirmation for sort by key, thanks to Juergen Wind -+ [data] can now choose the number of insert rows -+ RFE #1704779 [gui] link documentation from login page -+ RFE #1513345 [setup] check control user connection during setup -+ [structure] TRIGGERS: display/edit/drop/SQL export -+ [browse] store browse state in session per query -+ [lang] Turkish update, thanks to Burak Yavuz -+ [lang] Galician update, thanks to Xosé Calvo -+ [lang] Brazilian-Portuguese update, thanks to Airon Luis Pereira -+ [gui] Insert/Edit: no longer display the Go button each 15 lines - but just at the end of a row -+ [gui] Query window: use verbose server name if any -+ [auth] patch #1712514 specify host for single signon, thanks to Thierry -+ [gui] Navigator for the db list in the navigation panel -+ [gui] Navigator for the table list in the content panel -- bug #1727138 HTML not encoded (more than 1000 characters) -+ [display] Support for MySQL 5.0.37 profiling -+ RFE #1743983 [gui] Replace $max_characters by a configurable param: - $cfg['MaxCharactersInDisplayedSQL'] -- bug #1746186 LeftLogoLink fails if set to some external site -. [transformations]: remove "auto-detect" MIME-type that was never implemented -+ [display] patch #1749705, Allow multibyte characters in number formatting, - thanks to garas -- bug #1747215 Export emits blanks at line ends -- bug #1751172 Do not export data when exporting a single VIEW -+ [lang] Swedish update, thanks to Björn T. Hallberg -+ [lang] Russian update, thanks to Victor Volkov and the php-myadmin.ru users -+ [privileges] Support password hashing on the Edit Privileges interface -- bug #1755339 Warn about rename dataase actually being copy/delete -- bug #1746921 Left frame shrinks on db change, thanks to Juergen Wind -+ [gui] Export: Select All/Unselect All over the choices, - thanks to Florian Schmitz -+ [lang] Japanese update, thanks to Ishigaki Kenichi -- bug #1759528 browse_foreigners fails due to newlines, - thanks to Hanno Boeck -+ [lang] Norwegian update, thanks to Sven-Erik Andersen -+ [lang] Italian update, thanks to Luca Rebellato -+ [lang] Spanish update, thanks to Daniel Hinostroza -. [export] Do not obey $cfg['MaxTableList'] on database export -- [doc] UploadDir and the Import tab, thanks to Juergen Wind -- bug #1766975 Parameters lost when editing stored routine -- [export] patch #1766633 Incorrect export with specified MySQL port, - thanks to Juergen Wind -+ [lang] Catalan update, thanks to Xavier Navarro -- bug #1751553 Drop-down instead of input when editing -- [data] foreign key browser: encoding mixups, thanks to Thijs Kinkhorst -- bug #1771721 Old SVN URLs - -2.10.3.0 (2007-07-20) -- bug #1734285 Copy database with VIEWs -- bug #1722502 DROP TABLE in export VIEW -- bug #1729027 Sorting results of VIEW browsing -- bug #1733012 Unwanted table alias in delete button -- bug #1736405 Pretty printer and HTML line breaks -- bug #1745257 Invalid DB name is still displayed -- bug #1730367 Calendar "Go" has no effect -- bug #1748633 Incorrect parameter validation for VIEWs -+ [lang] Russian revision, thanks to Victor Volkov and the users of - php-myadmin.ru -- Do not try to delete an internal relation if we just deleted an InnoDB one - -2.10.2.0 (2007-06-15) -+ [data] display all warnings, not only last one -- typo in fix for bug #1671813 -- bug #1714908 Inserted Row Count is wrong -- bug #1712570 Deleting last record freezes -- bug #1717339 Missing header when deleting a checked column, - thanks to Michael Keck -- bug #1717477 Warning on Query page when db is empty -- bug #1721002 db rename -> undefined cfgRelation, thanks to Jürgen Wind -- bug #1721571 CREATE database privilege not always detected, - thanks to Gordon McNaughton -- bug #1715709 export in SQL format always includes procedures and functions -- bug #1722502 DROP TABLE in export view structure -- bug #1718787 Multi-server setup breaks Designer -- bug #1724401 Column truncation in repair table output -- patch #1726500 Wrong position of , thanks to Jürgen Wind -- bug #1728590 Detected failing session_start fails, thanks to Jürgen Wind -- RFE #1714760 Obey ShowCreateDb on the Databases tab -- patch #1733762 Typo in message "INSERT DELAY", thanks to Victor Volkov -- patch #1730171 Dead message strLanguageFileNotFound, thanks to Victor Volkov -- patch #1731280 Avoid negative exponent in gmp_pow(), thanks to anosek - -2.10.1.0 (2007-04-23) -- bug #1541147 [js] '#' in database names not correctly handled by queywindow.js -- bug #1671403 [parser] using "client" as table name -- bug #1672379 [core] Call to undefined function PMA_removeCookie() -- bug [core] undefined variable in libraries/tbl_replace_fields.inc.php -- bug [gui] query window icon did not work, thanks to Jürgen Wind - windkiel -. [general] use PMA_getenv('PHP_SELF') -- bug #1676033 [core] pow(int,int) causes overflow -- bug #1680952 [core] undefined function PMA_getUvaCondition() -- bug #1596328 [export] drop support for POSTGRESQL compatibility mode -- bug #1609443 [privileges] Grant all priv. on wildcard name (fix message) -- bug #1567317 [sqp] Syntax highlighter: extra spaces -- bug #1239401 [sqp] table dot numeric field name -- bug #1672789 [sqp] Undefined offset: 4 in sqlparser.lib.php #1674 -- bug #1682044 [export] Export file even if file not selected -- bug #1664212 querywindow loses url encoded characters -- replaced ctype_digit() with is_numeric() -+ [config] clean cookies on phpMyAdmin upgrade -- bug #1674972 [export] no export with %afm% -- bug #1667887 HTML maxlength -- bug #1679055 #1050 - Table '' already exists -- patch #1681620 [interface] support reordering of $cfg['ColumnTypes'], - thanks to Leonard den Ottolander -- bug #1690718 Can't edit if BLOB and no PK -- bug #1672636 [export] PDF export too wide -+ [lang] brazilian-portuguese update, thanks to Airon Luis Pereira -- patch #1698964 javascript typo, thanks to Corey Hollaway -- bug #1703897 [css] undefined index 'js_frame' -- bug #1690561 Blobs being cleared on Edit of row -- bug #1679801 [core] XSS vulnerability in PMA_sanitize(), thanks to sp3x SecurityReason -- bug #1704467 XSS vulnerability in browse_foreigners.php, thanks to sp3x SecurityReason - -2.10.0.2 (2007-03-02) -+ bug #1671813 CVE-2006-1549 deep recursion crash - -2.10.0.1 (2007-03-01) -. [config] set $cfg['Servers'][$i]['ssl'] default value to false, - we got reports from some users having problems with the default value of true - -2.10.0.0 (2007-02-28) -- bug #1659176 [general] memory error displaying a table with large BLOBs -- bug #1668662 [install] can create the new pma_designer_coords table -+ [gui] navi logo now links to main page by default, with still the possibility - of having an external URL - -2007-02-25 Marc Delisle - * libraries/common.lib.php: bug #1667466, undefined variable when - export + save on server - * server_status.php: bug #1665930, undefined PHP_SELF - -2007-02-24 Marc Delisle - * libraries/config.default.php: RFE #1621437, HEX and UNHEX were not - available for a BINARY field - -2007-02-21 Marc Delisle - * pmd/scripts/move.js: bug #1650770, Designer and Mac OSX, - thanks to Ivan Kirillov - -2007-02-17 Marc Delisle - * Documentation.html: patch #1659347, missing doc for some config, - thanks to Isaac Bennetch - * libraries/export/sql.php: bug #1663336, undefined variable - -2007-02-16 Marc Delisle - * libraries/common.lib.php, footer.inc.php: avoid generating big links - after an upload into a BLOB - -2007-02-14 Marc Delisle - * libraries/common.lib.php: white page after uploading a 700 Kio BLOB - * add a warning on main page if mcrypt can't be loaded (bug 1658160) - -2007-02-12 Sebastian Mendel - * libraries/database_interface.lib.php: bug #1616486 server_databases does - not show all databases - * libraries/sqlparser.data.php: MySQL function and column names, reserved - and forbidden words updated, - bug #1657045 Spatial functions not supported - bug #1657037 Missing column type "geometry" - -2007-02-09 Marc Delisle - * main.php: some links should open a new page - * Documentation.html, libraries/navigation_header.inc.php, - libraries/config.default.php: $cfg['LeftLogoLinkWindow'] to decide - in which window the logo-linked page will appear - -2007-02-09 Michal Čihař - * lang/czech: Fix syntax error (sorry for that). - -2007-02-08 Marc Delisle - * themes/darkblue_orange/img/logo_left.png, - themes/original/img/logo_left.png: smaller PMA logo for navi - -2007-02-08 Sebastian Mendel - * themes/*/css/theme_right.css.php: bug #1653769 browsing highlight disabling - doesn't work - -2007-02-06 Sebastian Mendel - * pmd_general.php, pmd_pdf.php, pmd_save_pos.php: fixed short open tags - patch #1652886 thanks to Martin Thielecke - mthie - * tbl_change.php: fixed escaping of field names in HTML and JavaScript - * libraries/common.lib.php: PMA_backquote() did not quote 0 - * tbl_change.php: bug #1652810 - slashes are not escaped properly - -2007-02-05 Marc Delisle - * lang/japanese: Update, thanks to Ishigaki Kenichi - tcool. - -2007-02-05 Sebastian Mendel - * lang/german: updated - -2007-02-03 Marc Delisle - * pmd/scripts/move.js: display problems in Opera, thanks to Maxim Bulygin - -2007-02-02 Marc Delisle - * tbl_replace.php: Calendar icon does not work on "Insert another new row" - -2007-02-01 Marc Delisle - * libraries/import.lib.php: bug #1626064, too much quoting on import - -2007-02-01 Sebastian Mendel - * libraries/display_tbl.lib.php: bug #1644740 - $cfg['Order'] = 'SMART' - overwritten - * libraries/Theme.class.php: removed __wakeup() due to some requirements are - not fulfilled at this point - also thanks to Jürgen Wind - windkiel - -2007-01-31 Sebastian Mendel - * libraries/session.inc.php: - bug #1630871 - Detecting a missing write permission on sessions directory - -2007-01-30 Sebastian Mendel - * libraries/sqlparser.lib.php PMA_SQP_analyze(): - bug #1647785 - do not pass variables by reference - -2007-01-29 Marc Delisle - * lang/catalan update, thanks to Xavier Navarro (xavin) - * pmd_general.php: possibility of quotes in Designer messages, - thanks to Ivan Kirillov - -2007-01-26 Michal Čihař - * libraries/common.lib.php, libraries/js_escape.lib.php, - test/escape_js_string.php, test/core.lib.php: Move java script escaping - to separate library, make it safer on escaping and add - testcase for it. - * test/theme.php: Move to test package. - -2007-01-22 Marc Delisle - * pmd/*: button for direct/angular links, thanks to Ivan Kirillov - -2007-01-22 Michal Čihař - * lang/czech: Updated. - -2007-01-21 Marc Delisle - * libraries/Table.class.php: on a MySQL 5.0.33 server with 4400 databases, - one of which having 400 tables, it took more than 3 minutes just to - see the database structure (some accesses to INFORMATION_SCHEMA are - just too slow) so I changed PMA_Table::isView() to avoid calling - INFORMATION_SCHEMA - -2007-01-20 Marc Delisle - * libraries/sqlparser.lib.php: bug #1638267, wrong reserved word - recognition - * server_privileges.php: bug #1635377, superfluous backslash, - thanks to Hanut - -2007-01-19 Marc Delisle - * pmd*, lang/*: Designer now supports set/unset of the display field, - thanks to Ivan Kirillov - -2007-01-18 Michal Čihař - * lang/czech: Updated. - * libraries/auth/cookie.auth.lib.php: Make server switching honour more - server settings (patch #1630104). - -2007-01-17 Marc Delisle - * lang/turkish: update, thanks to Burak Yavuz - bourock - -2007-01-16 Marc Delisle - ### 2.9.2 released from QA_2_9 - -2007-01-12 Marc Delisle - * (many files): Designer, two features (snap to grid / display field) - thanks to Ivan Kirillov - * libraries/Theme_Manager.class.php: patch #1611684, force a change - of a session variable to avoid phpmyadmin.css.php caching problems, - thanks to Christian Schmidt - -2007-01-11 Marc Delisle - * lang/estonian: Update, thanks to Marko Ellermaa - uhuu - -2007-01-09 Michal Čihař - * index.php: Properly escape strings written in JS code. - * libraries/Theme_Manager.class.php: Avoid trigger error here, parameter - comes from user and it might lead to path disclossure. - * libraries/common.lib.php: - - Properly escape in JS code. - - Check db, table and sql_query params to be string. - -2007-01-08 Marc Delisle - * libraries/session.inc.php: prevent attack on session name cookie - -2007-01-05 Marc Delisle - * libraries/session.inc.php: bug #1538132, remove the setting of - session.save_handler to 'files' - * pmd_general.php: patch #1627831, - English language improvements, thanks to Isaac Bennetch - * pmd_general.php, pmd_relation_new.php, lang/*: abstract messages - -2007-01-04 Marc Delisle - * pmd/scripts/move.js: avoid text selection when moving a table object - under MSIE 6, thanks to Ivan Kirillov - * libraries/db_links.inc.php: better icon for Designer, thanks to I.K. - -2007-01-02 Marc Delisle - * Designer: various fixes and improvements (for example support - for MSIE 6), thanks to Ivan Kirillov - * pdf_pages.php: undefined $pdf_page_number when no auto layout - * server_privileges.php: bug #1614087, deleting a user having a - global GRANT privilege fails under MySQL 4.1.x - -2007-01-02 Michal Čihař - * libraries/common.lib.php: Add
to allow selecting whole SQL by - tripple click (patch #1611591). - * libraries/export/sql.php: DELIMITER should not be commented out (bug - #1612870). - --- Older ChangeLogs can be found on our project website --- http://www.phpmyadmin.net/old-stuff/ChangeLogs/