nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
39,638 Commits 1 Branch 0 Tags
retro
Commit Graph

46 Commits

Author SHA1 Message Date
Michal Čihař
d17fba309c Fix permissions. 
Most files were made executable somewhere in ninadsp tree, reverting
this.
 2010-08-30 09:53:37 +02:00
ninadsp
e646a2760c Fixed conflict due to upstream merge 2010-07-23 21:59:15 +05:30
Michal Čihař
318dc4b650 Drop @version tag from docblocks. 2010-07-20 13:59:17 +02:00
Michal Čihař
df4a6efe47 Drop convcharset/pma_charset handling. 
This code had no real use, it was used for converting strings from MySQL
to browser encoding.
 2010-07-20 11:46:11 +02:00
ninadsp
bed1948d04 testing git setup - no major change made in code yet 
only added a few comments
 2010-05-23 01:22:01 +05:30
Michal Čihař
56941e509c Adding @package, second part. 2008-11-24 11:05:40 +00:00
Marc Delisle
544831fda7 patch #2007196, Typos in comments, thanks to knittl - knittl 2008-07-01 19:21:28 +00:00
Marc Delisle
afbb2a9dc2 protection against XSS when register_globals is on and .htaccess has no effect 2008-06-21 15:01:27 +00:00
Marc Delisle
29e7412909 improve function name, comments and fix typos 2008-02-23 20:39:33 +00:00
Sebastian Mendel
d138f1f856 cleanup 2007-10-18 09:03:01 +00:00
Sebastian Mendel
ef7a052074 - fixed XSS in server_status.php, thanks to Omer Singer, The DigiTrust Group 
- fixed some possible XSS with PHP_SELF (PATH_INFO)
- commented out some use of PATH_INFO ... needs further testing
 2007-10-16 07:11:28 +00:00
Sebastian Mendel
b43ab99c15 new error handler ... 2007-10-08 15:13:44 +00:00
Sebastian Mendel
cfeb306526 coding standard: no spaces inside braces 2007-04-01 11:02:46 +00:00
Sebastian Mendel
374abd5173 fixed/added page level docblock 2007-03-20 10:32:13 +00:00
Sebastian Mendel
817e790762 synced/fixed vim line 2007-03-19 17:55:39 +00:00
Marc Delisle
8ba543d012 fix for attack via FILES 2006-09-29 13:24:33 +00:00
Sebastian Mendel
44a0f36096 use PMA_getenv() 2006-04-11 14:33:17 +00:00
Sebastian Mendel
5bdcd33740 replaced $_SERVER with getenv() 2006-03-06 11:32:58 +00:00
Sebastian Mendel
5b9cab5a91 check magic_quotes only once in common.inc.php 2005-12-12 14:28:28 +00:00
Sebastian Mendel
e3ff258e16 moved stuff from grab_globals into common.inc.php (preprare removal of grab_globals) 
check/init global required variables like: $lang, $server, $db, $table, $convcharset, $goto
introduced $goto-whitelist
PEAR coding standard
 2005-12-12 12:48:00 +00:00
Marc Delisle
ee3825013d prepare removal of grab_globals 2005-12-11 13:06:02 +00:00
Michal Čihař
044b696570 Do not choke on arrays in $_SERVER array (bug #1370414). 2005-12-08 19:36:32 +00:00
Sebastian Mendel
5f3b086ed2 protect $import_blacklist from overwriting 2005-12-06 14:51:49 +00:00
Sebastian Mendel
af66555969 argh! now really! 2005-11-26 06:11:48 +00:00
Sebastian Mendel
9ec71beedf allow scripts to bypass importing vars 2005-11-26 06:08:07 +00:00
Sebastian Mendel
34b6eb346d - wrong check for empty 
- forgot to check $sanitize
 2005-11-17 13:53:06 +00:00
Sebastian Mendel
cae92ceb9f *REVERT* do not prevent import pma_* 2005-11-17 11:59:44 +00:00
Sebastian Mendel
34dae8c6d3 added variables starting with pma_, numeric or containing spaces to $import_blacklist 2005-11-17 11:29:15 +00:00
Sebastian Mendel
00736fef4a just to be sure: 
- clean/empty $GLOBALS with $variables_whitelist
- unset some vars after use
- check all superglobals that could be imported by register_globals=on
  for GLOBALS key (not only _REQUEST and _FILES )
- added $import_blacklist
- rewrote PMA_gpc_extract()
  - use $import_blacklist
  - documentation
 2005-11-17 09:45:12 +00:00
Sebastian Mendel
2d6e0f00d8 [XSS] clean $_SERVER variables 2005-10-27 17:03:36 +00:00
Marc Delisle
8fdd30964e security fix 2005-10-21 02:47:47 +00:00
Marc Delisle
694f7ef519 bug #1322871, local file inclusion 2005-10-11 13:36:37 +00:00
Sebastian Mendel
87764fc859 introducing sessions 2005-09-27 16:26:18 +00:00
Marc Delisle
80aecf6518 bugs 1248577 (incorrect message 'you should define a primary key') and 1253125 (request-URI too large) 2005-08-14 19:31:55 +00:00
Alexander M. Turek
94cdc26045 updated comment 2005-03-03 20:59:24 +00:00
Alexander M. Turek
e2a387ea5c bug #1153079 2005-03-03 20:32:45 +00:00
Alexander M. Turek
0aa14421f8 Fixed the fix 2005-02-24 17:30:02 +00:00
Alexander M. Turek
8f3bffcf4e bug #1149381 2005-02-23 11:34:47 +00:00
Alexander M. Turek
f90cbaf9ac Typo 2005-02-23 00:09:41 +00:00
Alexander M. Turek
4cbcd96081 bugs #1149381 and 1149383 2005-02-22 23:07:59 +00:00
Michal Čihař
1aaa89fa54 Little code reorganistaion (RFE #957308), removed some remaining php3 compatibility code in SQL parser. 2004-05-20 16:14:13 +00:00
Alexander M. Turek
37d50c1822 Huge set of optimizations, please test! 2003-11-26 22:52:25 +00:00
Garvin Hicking
8d1bfe6f3b Reverted some obfuscated RegExes. Nijel, as you where working on that: I removed the bugfixes you threw in for my faulty code because there where some issue left (for me): 
The lines

$re0 = '@(^|(\\\\\\\\)+|[^\\\\])'; // non-escaped wildcards
$re1 = '@(^|[^\])(\\\)+'; // escaped wildcards

as they currently where made no sense to me, because the single [^\] should be replaced to [^\\\\] as well, doesn't it? To not seriously break more stuff I decided to revert to the previous mechanism here.

I will do more serious tests the next days and will actually work with my PMA again and I pay close attention to see if there are any issues left.

I also searched through the code to see if the setting of the array points from former while() constructs was in any way used [current(), next(), prev(), key(), end(), each()] but did find none.
 2003-11-25 19:20:20 +00:00
Garvin Hicking
f0da471ec3 /libraries cleanup hopefully done. Double-Checked every change, my installation still works. ;) 
Will continue working on remaining files tomorrow and hope to make it to the end of the next day.
 2003-11-20 16:31:51 +00:00
Alexander M. Turek
197b293e7d Do not use $HTTP_*_VARS arrays anymore. 2003-11-19 11:07:23 +00:00
Michal Čihař
6884f9701a no more support for php3 2003-11-18 15:20:45 +00:00