Allow changing of default queries (RFE #839168). Documentation.html is valid XHTML again.
This commit is contained in:
Michal Čihař
@@ -14,6 +14,10 @@ $Source$
|
||||
operations.
|
||||
* server_databases.php: Add correct parameters to left frame to keep
|
||||
server choice, language, etc. (bug #845397).
|
||||
* libraries/config_import.lib.php, config.inc.php, db_details.php,
|
||||
tbl_query_box.php, Documentation: Allow changing of default queries (RFE
|
||||
#839168).
|
||||
* Documentation.html: Valid XHTML again.
|
||||
|
||||
2003-11-20 Garvin Hicking <me@supergarv.de>
|
||||
* libraries/auth/*, libraries/dbg/*, libraries/export/*
|
||||
|
||||
@@ -658,6 +658,7 @@ $cfg['PmaAbsoluteUri'] = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
|
||||
foreign keys (key value and "display field" are
|
||||
shown)<br />
|
||||
(see FAQ 6.21)
|
||||
</li>
|
||||
<li>
|
||||
display links on the table properties page, to check referential
|
||||
integrity (display missing foreign keys) for each described key;
|
||||
@@ -1743,8 +1744,8 @@ $cfg['PmaAbsoluteUri'] = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
|
||||
<br /><br />
|
||||
</dd>
|
||||
|
||||
<a name="wysiwyg"></a>
|
||||
<dt><b>$cfg['WYSIWYG-PDF'] </b>boolean</dt>
|
||||
<dt><a name="wysiwyg"></a>
|
||||
<b>$cfg['WYSIWYG-PDF'] </b>boolean</dt>
|
||||
<dd>
|
||||
Utilizes a WYSIWYG editing control to easily place elements of a PDF
|
||||
page. By clicking on the button 'toggle scratchboard' on the page
|
||||
@@ -1775,6 +1776,14 @@ $cfg['PmaAbsoluteUri'] = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
|
||||
<br /><br />
|
||||
</dd>
|
||||
|
||||
<dt><b>$cfg['DefaultQueryTable'] </b>string</dt>
|
||||
<dt><b>$cfg['DefaultQueryDatabase'] </b>string</dt>
|
||||
<dd>
|
||||
Default query that will be displayed in query boxes, when user didn't
|
||||
specify any. Use %d for database name and %t for table name.
|
||||
<br /><br />
|
||||
</dd>
|
||||
|
||||
<dt><b>$cfg['SQP']['fmtType']</b> string [<tt>html</tt>|<tt>none</tt>]</dt>
|
||||
<dd>
|
||||
The main use of the new SQL Parser is to pretty-print SQL queries. By
|
||||
@@ -1939,7 +1948,7 @@ $cfg['PmaAbsoluteUri'] = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
|
||||
<p>
|
||||
<a href="#transformationsintro">Introduction</a> -
|
||||
<a href="#transformationshowto">Usage</a> -
|
||||
<a href="#transformationsfiles">File structure</a> -
|
||||
<a href="#transformationsfiles">File structure</a>
|
||||
</p>
|
||||
|
||||
<a name="transformationsintro"></a><br />
|
||||
@@ -3444,19 +3453,15 @@ To create a new, empty mimetype please see libraries/transformations/template_ge
|
||||
You can simply include table in your LaTeX documents, minimal sample
|
||||
document should look like following one (assuming you have table
|
||||
exported in file <code>table.tex</code>):
|
||||
<br />
|
||||
<br />
|
||||
<pre>
|
||||
<font color="#a52a2a"><b>\documentclass</b></font><font color="#6a5acd">{</font><font color="#a020f0">article</font><font color="#6a5acd">}</font>
|
||||
<font color="#a52a2a"><b>\usepackage</b></font><font color="#6a5acd">{</font><font color="#6a5acd">longtable</font><font color="#6a5acd">}</font>
|
||||
|
||||
<font color="#a52a2a"><b>\begin</b></font><font color="#6a5acd">{</font><font color="#a020f0">document</font><font color="#6a5acd">}</font>
|
||||
|
||||
<font color="#a52a2a"><b>\include</b></font><font color="#6a5acd">{</font><font color="#6a5acd">table</font><font color="#6a5acd">}</font>
|
||||
|
||||
<font color="#a52a2a"><b>\end</b></font><font color="#6a5acd">{</font><font color="#a020f0">document</font><font color="#6a5acd">}</font>
|
||||
</pre>
|
||||
</p>
|
||||
|
||||
<pre>
|
||||
\documentclass{article} % or any class you want
|
||||
\usepackage{longtable} % for displaying table
|
||||
\begin{document} % start of document
|
||||
\include{table} % including exported table
|
||||
\end{document} % end of document
|
||||
</pre>
|
||||
|
||||
<h4>
|
||||
[6.20] In MySQL 4, I see a lot of databases which are not mine, and cannot
|
||||
@@ -3575,50 +3580,49 @@ To create a new, empty mimetype please see libraries/transformations/template_ge
|
||||
|
||||
The team regrets that the author did not communicate with us before
|
||||
sending this alert. However, here is our current reply to the points mentionned:
|
||||
<br /><br />
|
||||
<ul>
|
||||
<li>"Directory transversal attack"
|
||||
<br /><br />
|
||||
|
||||
This problem had been fixed in version 2.5.0, even if the author reports
|
||||
the 2.5.2 development version as vulnerable, which we could not reproduce.
|
||||
<br /><br />
|
||||
</li>
|
||||
<li>"Remote local file retrieving"
|
||||
<br /><br />
|
||||
This is a misleading title, as the author tells in his text:
|
||||
"Note that you can't request files ( only dirs )".
|
||||
<br /><br />
|
||||
</li>
|
||||
|
||||
<li>"Remote internal directory listing"
|
||||
<br /><br />
|
||||
It was possible to retrieve the list of phpMyAdmin's directory (which we
|
||||
doubt can cause any damage), but we fixed this in the
|
||||
2.5.2 version.
|
||||
<br /><br />
|
||||
</li>
|
||||
|
||||
<li>"XSS and Path disclosures"
|
||||
<br /><br />
|
||||
Most of the XSS problems have been fixed in version 2.5.0. The rest
|
||||
have been fixed in the 2.5.2 version.
|
||||
<br /><br />
|
||||
We believe that the Path disclosures problems have also been fixed
|
||||
in version 2.5.2.
|
||||
<br /><br />
|
||||
</li>
|
||||
<li>"Information encoding weakness"
|
||||
<br /><br />
|
||||
We believe that an exploit for this weakness would be difficult
|
||||
to achieve. However version 2.5.2 now encrypts the password
|
||||
with the well-known blowfish algorithm.
|
||||
<br /><br />
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
</p>
|
||||
|
||||
<ul>
|
||||
<li>"Directory transversal attack"
|
||||
<br /><br />
|
||||
|
||||
This problem had been fixed in version 2.5.0, even if the author reports
|
||||
the 2.5.2 development version as vulnerable, which we could not reproduce.
|
||||
<br /><br />
|
||||
</li>
|
||||
<li>"Remote local file retrieving"
|
||||
<br /><br />
|
||||
This is a misleading title, as the author tells in his text:
|
||||
"Note that you can't request files ( only dirs )".
|
||||
<br /><br />
|
||||
</li>
|
||||
|
||||
<li>"Remote internal directory listing"
|
||||
<br /><br />
|
||||
It was possible to retrieve the list of phpMyAdmin's directory (which we
|
||||
doubt can cause any damage), but we fixed this in the
|
||||
2.5.2 version.
|
||||
<br /><br />
|
||||
</li>
|
||||
|
||||
<li>"XSS and Path disclosures"
|
||||
<br /><br />
|
||||
Most of the XSS problems have been fixed in version 2.5.0. The rest
|
||||
have been fixed in the 2.5.2 version.
|
||||
<br /><br />
|
||||
We believe that the Path disclosures problems have also been fixed
|
||||
in version 2.5.2.
|
||||
<br /><br />
|
||||
</li>
|
||||
<li>"Information encoding weakness"
|
||||
<br /><br />
|
||||
We believe that an exploit for this weakness would be difficult
|
||||
to achieve. However version 2.5.2 now encrypts the password
|
||||
with the well-known blowfish algorithm.
|
||||
<br /><br />
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
<!-- DEVELOPERS -->
|
||||
<a name="developers"></a><br />
|
||||
<h2>Developers Information</h2>
|
||||
|
||||
@@ -14,18 +14,15 @@
|
||||
+ Version history: ChangeLog
|
||||
+ General notes: README
|
||||
+ License: LICENSE
|
||||
* Documentation version: $Id: Documentation.html,v 1.518 2003/11/07
|
||||
18:01:55 lem9 Exp $
|
||||
* Documentation version: $Id: Documentation.html,v 2.1 2003/11/19
|
||||
11:36:19 rabus Exp $
|
||||
|
||||
Requirements
|
||||
|
||||
* PHP3, PHP4 or PHP5: phpMyAdmin widely uses the 'str_replace()' PHP
|
||||
function that was added in PHP 3.0.6, but was buggy up until
|
||||
PHP 3.0.8. Then you should not run this script with PHP3 < 3.0.8.
|
||||
PHP also needs to be compiled with MySQL support;
|
||||
* php 4.1.0 or later
|
||||
If you want to display inline thumbnails of JPEGs with the
|
||||
original aspect ratio, you also need GD2 support in PHP.
|
||||
* MySQL 3.21 or newer (details);
|
||||
* MySQL 3.23.32 or newer (details);
|
||||
* a web-browser (doh!).
|
||||
|
||||
Introduction
|
||||
@@ -1201,6 +1198,12 @@ $cfg['PmaAbsoluteUri'] = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
|
||||
functionality was kindly borrowed from www.youngpup.net and is
|
||||
underlying so specific license.
|
||||
|
||||
$cfg['DefaultQueryTable'] string
|
||||
$cfg['DefaultQueryDatabase'] string
|
||||
Default query that will be displayed in query boxes, when user
|
||||
didn't specify any. Use %d for database name and %t for table
|
||||
name.
|
||||
|
||||
$cfg['SQP']['fmtType'] string [html|none]
|
||||
The main use of the new SQL Parser is to pretty-print SQL
|
||||
queries. By default we use HTML to format the query, but you
|
||||
@@ -1318,7 +1321,7 @@ $cfg['PmaAbsoluteUri'] = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
|
||||
|
||||
Transformations
|
||||
|
||||
Introduction - Usage - File structure -
|
||||
Introduction - Usage - File structure
|
||||
|
||||
[1. Introduction]
|
||||
|
||||
@@ -1659,9 +1662,9 @@ FAQ - Frequently Asked Questions
|
||||
|
||||
[1.17] Which MySQL versions does phpMyAdmin support?
|
||||
|
||||
All MySQL versions from 3.21 till 4.0 are fully supported. Please note
|
||||
that the older your MySQL version is, the more limitations you will
|
||||
have to face.
|
||||
All MySQL versions from 3.23.32 till 4.0 are fully supported. Please
|
||||
note that the older your MySQL version is, the more limitations you
|
||||
will have to face.
|
||||
phpMyAdmin provides experimental support for MySQL 4.1. That means
|
||||
that although you can assign character sets to a table or field,
|
||||
phpMyAdmin will not recode the data when inserting or extracting it.
|
||||
@@ -2421,14 +2424,11 @@ FAQ - Frequently Asked Questions
|
||||
You can simply include table in your LaTeX documents, minimal sample
|
||||
document should look like following one (assuming you have table
|
||||
exported in file table.tex):
|
||||
\documentclass{article}
|
||||
\usepackage{longtable}
|
||||
|
||||
\begin{document}
|
||||
|
||||
\include{table}
|
||||
|
||||
\end{document}
|
||||
\documentclass{article} % or any class you want
|
||||
\usepackage{longtable} % for displaying table
|
||||
\begin{document} % start of document
|
||||
\include{table} % including exported table
|
||||
\end{document} % end of document
|
||||
|
||||
[6.20] In MySQL 4, I see a lot of databases which are not mine, and cannot
|
||||
access them.
|
||||
|
||||
@@ -502,6 +502,14 @@ $cfg['MaxExactCount'] = 20000; // When approximate count < this, PM
|
||||
$cfg['WYSIWYG-PDF'] = TRUE; // Utilize DHTML/JS capabilities to allow WYSIWYG editing of
|
||||
// the PDF page editor. Requires an IE6/Mozilla based browser.
|
||||
|
||||
/**
|
||||
* Default queries.
|
||||
* %d will be replaced by database name
|
||||
* %t will be replaced by table name
|
||||
*/
|
||||
$cfg['DefaultQueryTable'] = 'SELECT * FROM %t WHERE 1';
|
||||
$cfg['DefaultQueryDatabase']= '';
|
||||
|
||||
/**
|
||||
* SQL Query box settings
|
||||
* These are the links display in all of the SQL Query boxes
|
||||
|
||||
@@ -62,8 +62,13 @@ $auto_sel = ($cfg['TextareaAutoSelect']
|
||||
<?php echo sprintf($strRunSQLQuery, htmlspecialchars($db)) . ' ' . PMA_showMySQLDocu('Reference', 'SELECT'); ?> :<br />
|
||||
<div style="margin-bottom: 5px">
|
||||
<textarea name="sql_query" cols="<?php echo $cfg['TextareaCols'] * 2; ?>" rows="<?php echo $cfg['TextareaRows']; ?>" wrap="virtual" dir="<?php echo $text_dir; ?>"<?php echo $auto_sel; ?>>
|
||||
<?php echo ((!empty($query_to_display)) ? htmlspecialchars($query_to_display) : ''); ?>
|
||||
</textarea><br />
|
||||
<?php
|
||||
if (!empty($query_to_display)) {
|
||||
echo htmlspecialchars($query_to_display);
|
||||
} else {
|
||||
echo htmlspecialchars(str_replace('%d', PMA_backquote($db), $cfg['DefaultQueryDatabase']));
|
||||
}
|
||||
?> </textarea><br />
|
||||
<input type="checkbox" name="show_query" value="1" id="checkbox_show_query" checked="checked" />
|
||||
<label for="checkbox_show_query"><?php echo $strShowThisQuery; ?></label><br />
|
||||
</div>
|
||||
|
||||
@@ -788,6 +788,14 @@ if (!defined('PMA_CONFIG_IMPORT_LIB_INCLUDED')) {
|
||||
if (!isset($cfg['WYSIWYG-PDF'])) {
|
||||
$cfg['WYSIWYG-PDF'] = TRUE;
|
||||
}
|
||||
|
||||
if (!isset($cfg['DefaultQueryTable'])) {
|
||||
$cfg['DefaultQueryTable'] = 'SELECT * FROM %t WHERE 1';
|
||||
}
|
||||
|
||||
if (!isset($cfg['DefaultQueryDatabase'])) {
|
||||
$cfg['DefaultQueryDatabase']= '';
|
||||
}
|
||||
|
||||
if (!isset($cfg['ShowTooltipAliasDB'])) {
|
||||
$cfg['ShowTooltipAliasDB'] = FALSE;
|
||||
|
||||
@@ -142,7 +142,15 @@ if (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE) {
|
||||
<?php echo sprintf($strRunSQLQuery, htmlspecialchars($db)) . $queryframe_db_list . (isset($is_inside_querywindow) ? '<br />' : ' ') . PMA_showMySQLDocu('Reference', 'SELECT'); ?>
|
||||
<br />
|
||||
<textarea name="sql_query" rows="<?php echo $cfg['TextareaRows']; ?>" cols="<?php echo (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE ? ceil($cfg['TextareaCols'] * 1.25) : $cfg['TextareaCols'] * 2); ?>" wrap="virtual" dir="<?php echo $text_dir; ?>"<?php echo $auto_sel; ?>>
|
||||
<?php echo ((!empty($query_to_display)) ? htmlspecialchars($query_to_display) : 'SELECT * FROM ' . htmlspecialchars(PMA_backquote($table)) . ' WHERE 1'); ?></textarea>
|
||||
<?php
|
||||
if (!empty($query_to_display)) {
|
||||
echo htmlspecialchars($query_to_display);
|
||||
} elseif (isset($table)) {
|
||||
echo htmlspecialchars(str_replace('%d', PMA_backquote($db), str_replace('%t', PMA_backquote($table), $cfg['DefaultQueryTable'])));
|
||||
} else {
|
||||
echo htmlspecialchars(str_replace('%d', PMA_backquote($db), $cfg['DefaultQueryDatabase']));
|
||||
}
|
||||
?></textarea>
|
||||
</td>
|
||||
<?php if (isset($table) && $fields_cnt > 0) { ?>
|
||||
<td align="center" valign="top"><?php echo (isset($is_inside_querywindow) ? '<br />' : '') . $strFields; ?>:<br />
|
||||
|
||||
Reference in New Issue
Block a user