nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,661 Commits 1 Branch 0 Tags
8b8ce64792bb981cefc37a19f29f28f112df1c16
Commit Graph

8661 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michal Čihař
8b8ce64792 Fix XSS on dbname. 2010-08-18 12:22:19 +02:00
Michal Čihař
0fe30236fa Document PMA_sanitize. 2010-08-18 11:47:54 +02:00
Michal Čihař
a4a54da173 Escape html chars in form values. 2010-08-18 11:47:46 +02:00
Michal Čihař
c69fca50ee Add option to escape PMA_sanitize output. 
This is required when it is used in form values.
 2010-08-18 11:47:35 +02:00
Michal Čihař
c910f4c9ec Fix handling of unknown sort order. 2010-08-18 11:46:29 +02:00
Michal Čihař
08e27b8907 Secure handling of sort_by and sort_order in server_databases.php. 2010-08-18 11:46:29 +02:00
Michal Čihař
110c44a7a3 Fix XSS on delimiter in tbl_sql.php. 2010-08-18 11:46:29 +02:00
Marc Delisle
4951fd1c85 Fix XSS on delimiter in db_sql.php. 2010-08-18 11:46:29 +02:00
Marc Delisle
8535d48ae9 2.11.10 release 2009-12-07 17:13:18 +00:00
Michal Čihař
719e0dce65 [setup] avoid usage of (un)serialize, what might be unsafe in some cases 2009-12-07 13:09:09 +00:00
Marc Delisle
212daad0c0 [security] XSS and SQL injection 2009-10-12 21:47:40 +00:00
Michal Čihař
72f86848c3 Document removal of config directory after configuring phpMyAdmin. 2009-03-25 08:30:28 +00:00
Marc Delisle
7b5ec357bc 2.11.9.5 2009-03-24 21:04:18 +00:00
Michal Čihař
aeae6df369 Use official names for wiki (wiki.phpmyadmin.net) and demo server (demo.phpmyadmin.net). 2009-03-24 12:56:58 +00:00
Michal Čihař
36ddf8b61e Escape special chars when displaying filename template cookies. 2009-03-24 08:55:07 +00:00
Michal Čihař
460a649dbc Do not output unescaped chars to generated configuration file. 2009-03-24 08:34:23 +00:00
Michal Čihař
0d4adbfc19 [security] possible XSRF on several pages 2008-12-09 13:45:32 +00:00
Michal Čihař
1639051ec7 Adjust create-release.sh instructions to match current website. 2008-11-21 08:58:00 +00:00
Marc Delisle
625e9f2e93 [security] XSS in a Designer component 2008-10-30 12:47:24 +00:00
Marc Delisle
9155163f6e typos 2008-09-22 14:09:44 +00:00
Michal Čihař
44f9f2f8b7 XSS in MSIE using NUL byte, thanks to JPCERT. 2008-09-22 10:13:32 +00:00
Marc Delisle
f8d65ec564 [security] Code execution vulnerability 2008-09-15 12:03:45 +00:00
Marc Delisle
4680cab381 TempDir new doc 2008-09-03 14:04:44 +00:00
Michal Čihař
6c96a59db5 Do not automatically set and create TempDir, it might lead to secrity issue (thanks to Thijs Kinkhorst). 2008-09-02 17:35:48 +00:00
Marc Delisle
ca5d9f1afc typos 2008-08-29 16:38:37 +00:00
Michal Čihař
8fcdad4306 safer handling of temporary files with open_basedir (thanks to Thijs Kinkhorst) 2008-08-29 15:49:06 +00:00
Marc Delisle
274b5c9eed 2.11.9 and 2.11.10-dev 2008-08-28 16:41:57 +00:00
Marc Delisle
454d50201b bug #2074250 [parser] Undefined variable seen_from 2008-08-28 16:17:53 +00:00
Marc Delisle
cab54b7cb4 Norwegian UTF-8 original file remerged 2008-08-26 16:33:00 +00:00
Marc Delisle
de7abbdd5b bug #2045512 [export] Numbers in Excel export 2008-08-13 16:28:43 +00:00
Marc Delisle
f2e2499116 bug #2037375 [export] DROP PROCEDURE needs IF EXISTS 2008-08-09 13:58:44 +00:00
Marc Delisle
f5e6b809dd bug #2037381 [export] Export type "replace" does not work 2008-08-06 17:25:31 +00:00
Marc Delisle
f969ed1fa6 bug #2004915 [bookmarks] Saved queries greater than 1000 chars not displayed 2008-08-01 20:02:21 +00:00
Marc Delisle
55f1bc4d38 bug #2032707 [core] PMA does not start if ini_set() is disabled 2008-08-01 19:15:01 +00:00
Marc Delisle
f5159676c2 bug #2031221 [auth] Links to version number on login screen 2008-08-01 19:00:36 +00:00
Marc Delisle
47bda17428 2.11.8 2008-07-28 16:40:56 +00:00
Marc Delisle
7f89dc2204 norwegian update (2.11.x) 2008-07-25 20:41:14 +00:00
Marc Delisle
6e33006754 bug #2027102 quotes around lang missing 2008-07-25 12:25:33 +00:00
Marc Delisle
a56294f275 revert language changing problem introduced with 2.11.7.1; version number 2.11.8-rc1 2008-07-24 18:01:10 +00:00
Marc Delisle
87e7ed2709 2.11.9-dev 2008-07-24 17:48:59 +00:00
Marc Delisle
6a5e53c31b possible XSS during setup 2008-07-24 17:26:05 +00:00
Marc Delisle
976a3e461b protection against cross-frame scripting 2008-07-24 17:12:32 +00:00
Marc Delisle
d38b5d6ff5 bug #2022182 [import, export] Import/Export fails because of Mac files 2008-07-23 16:55:33 +00:00
Marc Delisle
a6f1375a53 logo background color 2008-07-19 14:46:28 +00:00
Marc Delisle
414189aebe patch #2020630 [export] Safari and timedate 2008-07-18 17:42:52 +00:00
Marc Delisle
784ee3063c bug #2018595 [import] Potential data loss on import resubmit 2008-07-17 14:02:26 +00:00
Marc Delisle
d7e910e296 port 2.11.7.1 fix 2008-07-15 18:42:50 +00:00
Marc Delisle
c221da970d remove version info on cookie login screen 2008-07-15 14:14:09 +00:00
Marc Delisle
afb3903291 display Language with emphasis when a non-English language is chosen 2008-07-09 15:33:49 +00:00
Marc Delisle
4025975910 Do not save too big queries in history 2008-07-09 14:17:19 +00:00