diff --git a/ChangeLog b/ChangeLog
index 0aa2bf80e..a4780e848 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
 $Id$
 $Source$
 
+2004-06-30 Marc Delisle  <lem9@users.sourceforge.net>
+    * left.php: fix against security alert, thanks to Garvin
+
 2004-06-30 Alexander M. Turek  <me@derrabus.de>
     * libraries/common.lib.php: Fix against $_REQUEST['cfg'] exploits.
 
diff --git a/Documentation.html b/Documentation.html
index 28ef05b84..0cb4a5999 100755
--- a/Documentation.html
+++ b/Documentation.html
@@ -3766,6 +3766,41 @@ To create a new, empty mimetype please see libraries/transformations/template_ge
     <br /><br />
     </li>
 </ul>
+<h4>
+    [8.2] Security alert, dated 2004-06-29.
+</h4>
+<p>
+    Last update of this FAQ: 2004-06-30.
+    <br /><br />
+    The phpMyAdmin development team received notice of this security alert:
+    <a href="http://securityfocus.com/archive/1/367486/2004-06-26/2004-07-02/0" target="_blank">http://securityfocus.com/archive/1/367486/2004-06-26/2004-07-02/0</a>
+    <br /><br />
+    We would like to put emphasis on the disappointment we feel when a 
+    bugreporter does not contact the authors of a software first, before 
+    posting any exploits. The common way to report this, is to give the 
+    developers a reasonable amount of time to respond to an exploit before 
+    it is made public.
+    <br /><br />
+    We acknowledge that phpMyAdmin versions 2.5.1 to 2.5.7 are vulnerable
+    to this problem, if each of the following conditions are met:
+</p>
+<ul>
+    <li>
+    The Web server hosting phpMyAdmin is not running in safe mode.
+    </li>
+    <li>
+    In config.inc.php, <tt>$cfg['LeftFrameLight']</tt> is set to FALSE
+    (the default value of this parameter is TRUE).
+    </li>
+    <li>
+    There is no firewall blocking requests from the Web server to the
+    attacking host.
+    </li>
+</ul>
+<p>
+    <br />
+    Version 2.5.7-pl1 was released with a fix for this vulnerability.
+</p>
 
 <!-- DEVELOPERS -->
 <a name="developers"></a><br />
diff --git a/left.php b/left.php
index 4397fec67..7c48b675b 100644
--- a/left.php
+++ b/left.php
@@ -45,6 +45,22 @@ require_once('./libraries/bookmark.lib.php');
 require_once('./libraries/relation.lib.php');
 $cfgRelation = PMA_getRelationsParam();
 
+function PMA_multimerge(&$stack, &$table) {
+global $list_item, $table_item;
+
+    $key = array_shift($table);
+
+    if (count($table) > 0) {
+        if (!isset($stack[$key])) {
+            $stack[$key] = '';
+        }
+        PMA_multimerge($stack[$key], $table);
+    } else {
+        $stack['pma_name'][]      = $table_item;
+        $stack['pma_list_item'][] = $list_item;
+    }
+}
+
 function PMA_reduceNest($_table) {
 
     if ($GLOBALS['cfg']['LeftFrameTableLevel'] > 0) {
@@ -52,7 +68,7 @@ function PMA_reduceNest($_table) {
         $temp_table = $_table;
         $new_table = array();
         $last_index = 0;
-        for ($ti = 0; $ti < $max; $ti++) {
+        for ($ti = 0; $ti <= $max; $ti++) {
             if (isset($temp_table[$ti])) {
                 $new_table[$ti] = $temp_table[$ti];
                 unset($temp_table[$ti]);
@@ -325,7 +341,7 @@ echo "\n";
 
 <?php
 if ($cfg['LeftDisplayLogo'] && !$cfg['QueryFrame']) {
-?>  
+?>
 <!-- phpMyAdmin logo -->
 <?php
     if (@file_exists($pmaThemeImage . 'logo_left.png')) {
@@ -381,7 +397,7 @@ if (!$cfg['QueryFrame']) {
            . '<img src="' . $pmaThemeImage . 'b_sqlhelp.png" border="0" hspace="1" width="16" height="16" alt="MySQL - ' . $strDocu . '" title="MySQL - ' . $strDocu . '"'
            .' onmouseover="this.style.backgroundColor=\'#ffffff\';" onmouseout="this.style.backgroundColor=\'\';" align="absmiddle" />'
            . '</a>';
-    } 
+    }
 ?>
     </div>
     <hr />
@@ -423,7 +439,7 @@ if ($num_dbs > 1) {
     <?php
             echo PMA_generate_common_hidden_inputs();
             echo '        <input type="hidden" name="hash" value="' . $hash . '" />' . "\n";
-            echo '        <span class="heada"><b>' . $strDatabase . ':</b></span><br />'; 
+            echo '        <span class="heada"><b>' . $strDatabase . ':</b></span><br />';
             echo '        <select name="lightm_db" onchange="this.form.submit()">' . "\n";
             echo '            <option value="">(' . $strDatabases . ') ...</option>' . "\n";
         } // end !$cfg['QueryFrame']
@@ -561,13 +577,12 @@ if ($num_dbs > 1) {
                                 $_table[$key] = '__protected__';
                             }
                         }
-
-                        unset($_table[count($_table)-1]);
                         $_table = PMA_reduceNest($_table);
 
-                        $eval_string = '$tablestack[\'' . implode('\'][\'', $_table) . '\'][\'pma_name\'][] = \'' . str_replace('\'', '\\\'', $table_item) . '\';';
-                        $eval_string .= '$tablestack[\'' . implode('\'][\'', $_table) . '\'][\'pma_list_item\'][] = \'' . str_replace('\'', '\\\'', $list_item) . '\';';
-                        eval($eval_string);
+                        if (count($_table) == 1) {
+                            array_unshift($_table, '');
+                        }
+                        PMA_multimerge($tablestack, $_table);
                     } else {
                         $tablestack['']['pma_name'][] = $table_item;
                         $tablestack['']['pma_list_item'][] = $list_item;
@@ -577,12 +592,12 @@ if ($num_dbs > 1) {
                     $tablestack['']['pma_list_item'][] = $list_item;
                 }
             } // end while (tables list)
+
             PMA_nestedSet($j, $tablestack);
         ?>
         </div>
         <?php
             echo "\n";
-
         }
 
         // Light mode -> displays the select combo with databases names and the
@@ -642,10 +657,10 @@ if ($num_dbs > 1) {
             } // end if... else...
             if (!$cfg['QueryFrame']) {
                 if (!empty($num_tables)) {
-                    echo '            <option value="' . htmlspecialchars($db) . '"' . $selected . '>' 
+                    echo '            <option value="' . htmlspecialchars($db) . '"' . $selected . '>'
                        . ($db_tooltip != '' && $cfg['ShowTooltipAliasDB'] ? htmlspecialchars($db_tooltip) : htmlspecialchars($db)) . ' (' . $num_tables . ')</option>' . "\n";
                 } else {
-                    echo '            <option value="' . htmlspecialchars($db) . '"' . $selected . '>' 
+                    echo '            <option value="' . htmlspecialchars($db) . '"' . $selected . '>'
                        . ($db_tooltip != '' && $cfg['ShowTooltipAliasDB'] ? htmlspecialchars($db_tooltip) : htmlspecialchars($db)) . ' (-)</option>' . "\n";
                 }
             } // end !$cfg['QueryFrame']
@@ -828,13 +843,12 @@ else if ($num_dbs == 1) {
                             $_table[$key] = '__protected__';
                         }
                     }
-
-                    unset($_table[count($_table)-1]);
                     $_table = PMA_reduceNest($_table);
 
-                    $eval_string = '$tablestack[\'' . implode('\'][\'', $_table) . '\'][\'pma_name\'][] = \'' . str_replace('\'', '\\\'', $table_item) . '\';';
-                    $eval_string .= '$tablestack[\'' . implode('\'][\'', $_table) . '\'][\'pma_list_item\'][] = \'' . str_replace('\'', '\\\'', $list_item) . '\';';
-                    eval($eval_string);
+                    if (count($_table) == 1) {
+                        array_unshift($_table, '');
+                    }
+                    PMA_multimerge($tablestack, $_table);
                 } else {
                     $tablestack['']['pma_name'][] = $table_item;
                     $tablestack['']['pma_list_item'][] = $list_item;