nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,868 Commits 1 Branch 0 Tags
954c57da6971d6d359da2442deb6f6c859cc40e5
Commit Graph

318 Commits

Author SHA1 Message Date
Marc Delisle
954c57da69 bug #1603660, incorrect escaping 2006-12-06 17:32:12 +00:00
Michal Čihař
cceeae91e9 Fix XSS on database comment, thanks to laurent gaffié. 2006-11-18 19:33:14 +00:00
Marc Delisle
74d1c7de63 undefined index 2006-11-18 11:30:58 +00:00
Michal Čihař
98575f4e56 Fix path disclossure while passing array as some params. 2006-11-17 09:32:24 +00:00
Michal Čihař
3ce5fa581f Check before commit! 2006-11-17 08:49:22 +00:00
Marc Delisle
5aeac4294f wrong parameter when calling error.php 2006-10-19 20:44:51 +00:00
Michal Čihař
dea9bc31fe Fix escaping of long query with js (thanks to Erwin for report). 2006-10-19 15:57:17 +00:00
Marc Delisle
4c71e900e2 false alarm, the code is correct at this place 2006-09-27 16:04:30 +00:00
Marc Delisle
8f8a2e179f oops, the numeric key detection at this place blocks with some queries 2006-09-27 14:56:06 +00:00
Marc Delisle
df7e45bddf numeric key check moved higher 2006-09-27 13:30:46 +00:00
Marc Delisle
adc5e4e920 simplify logic; typecast for better protection 2006-09-27 13:11:25 +00:00
Marc Delisle
50319d634c additional check against REQUEST overwriting 2006-09-26 20:19:02 +00:00
Marc Delisle
ac2f606a21 block if PMA_token is empty 2006-09-26 19:37:18 +00:00
Marc Delisle
b3906852bb first part of security fixes 2006-09-26 19:23:24 +00:00
Michal Čihař
731d5a0fcb Internationalise link to MySQL documentation when translation exists, this needs to be defined in language file (RFE #1547130). 2006-08-30 10:43:15 +00:00
Marc Delisle
890396fb0e bug #1544734, error messages link outdated 2006-08-26 13:50:47 +00:00
Marc Delisle
9b2f2deb06 bug #1542875 Cookie auth on IIS 2006-08-21 11:55:32 +00:00
Marc Delisle
7bcf140588 bug #1534475, arbitrary server not taken into account 2006-08-10 16:50:18 +00:00
Sebastian Mendel
39c52ac207 now really (forgot to return the unquoted string) 2006-08-02 12:18:09 +00:00
Sebastian Mendel
53ddec4168 forgot to replace escaped quotes 2006-08-02 11:58:08 +00:00
Sebastian Mendel
179917ec41 added PMA_unQuote() to remove quotes from strings 2006-08-02 11:34:38 +00:00
Sebastian Mendel
6d75c0afaf added PMA_escapeJsString() to escape strings for JavaScript inside CDATA blocks 2006-08-02 10:15:56 +00:00
Sebastian Mendel
ed52b071a1 use PMA_Config class for cookie needs, do not unset not set cookie 2006-07-31 15:06:25 +00:00
Marc Delisle
35b1ab1f88 bug #1523784, blank page after Edit in IE6 via IIS 2006-07-26 21:13:34 +00:00
Michal Čihař
64976261a3 Fix extension loading on HP-UX (bug #1524776), thanks to Francois Laupretre - flp1. 2006-07-18 20:40:40 +00:00
Sebastian Mendel
506b3cb938 bug #1477576 with rtl langs, navi links open in wrong frame 2006-07-03 15:01:45 +00:00
Marc Delisle
183441507c check also single quotes 2006-06-30 13:13:19 +00:00
Marc Delisle
6d6f47bdb2 escape allowed parameters from non-token requests 2006-06-28 15:39:56 +00:00
Sebastian Mendel
1b7b9673ac bug #1490556 Request-URI Too Large 2006-06-20 17:58:14 +00:00
Sebastian Mendel
1e1499eef2 did not recognize hard coded & when ; is set as url separator in php 2006-06-20 15:30:59 +00:00
Marc Delisle
840a5b3d56 bug #1498108, support twice the separator in db name 2006-05-31 16:43:45 +00:00
Michal Čihař
22128e5f89 Fix reading database list with MySQL wildcards (bug #1487613). 2006-05-14 16:40:54 +00:00
Michal Čihař
d90fbbf27c Better handle other URL separator than & (bug #1487365). 2006-05-12 15:39:33 +00:00
Michal Čihař
ed84a68f63 Use htmlspecialchars instead of htmlentities, it doesn't break utf-8. 2006-05-02 13:28:35 +00:00
Sebastian Mendel
9a4e3a65c2 improved themes 2006-04-27 13:18:42 +00:00
Michal Čihař
9f8afc5d4e Reload language file after switch to utf-8 translation (bug #1442605). 2006-04-27 12:13:52 +00:00
Michal Čihař
3758013766 Better detection of duplicate rows (bug #1477500). 2006-04-27 09:16:32 +00:00
Michal Čihař
47bbff3b81 Make cookie login form work with token protection. 2006-04-25 14:46:51 +00:00
Michal Čihař
0bf717892f Protect against external links which could perform any action (CVE-2006-1804). 2006-04-20 14:45:42 +00:00
Sebastian Mendel
2ce3cc1da9 - added option to PMA_arrayWalkRecursive() to use function also on keys 
- un-magic_quotes_gpc also keys in GPC arrays
 2006-04-12 16:41:27 +00:00
Sebastian Mendel
2511a03729 fixed bug #1469174 configuration changes not accepted in theme manager 2006-04-12 11:00:59 +00:00
Sebastian Mendel
fefedf57f5 fixed bug #1469109 PMA_backquote() issues 2006-04-12 08:47:44 +00:00
Sebastian Mendel
44a0f36096 use PMA_getenv() 2006-04-11 14:33:17 +00:00
Sebastian Mendel
0e1f1c0997 added PMA_getenv() as a wrapper to $_SERVER, $_ENV, getenv() and apache_getenv() 2006-04-11 13:58:58 +00:00
Marc Delisle
01b1374bc4 patch #1455286, catch 'permission denied' error on SHOW DATABASES 2006-03-23 10:59:50 +00:00
Marc Delisle
d40a1dab40 mysqli and zend.ze1_compatibility_mode 2006-03-17 01:32:10 +00:00
Michal Čihař
7b48016c66 Add wrapper to show config errors even with no error reporting (RFE #1447173). 2006-03-16 22:15:07 +00:00
Michal Čihař
a70def98ca Do not forget wrongly configured servers, otherwise user gets warning only on first access (RFE #1451521). 2006-03-16 21:58:37 +00:00
Marc Delisle
8597a6aabf bug #1449715, loading of binary data very slow 2006-03-14 16:44:37 +00:00
Marc Delisle
30afc8d7b0 bug 1445120, cookie login not working on IIS 2006-03-13 23:14:50 +00:00