nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,254 Commits 1 Branch 0 Tags
9ebd401b0ea4efea8ddc8cd846da559bf420ccaa
Commit Graph

3498 Commits

Author SHA1 Message Date
Michal Čihař
9ebd401b0e Remove error.php 
Redirecting to other script introduces possibility of inject custom
messages to it. Though there is no clear security issue in this, it
might confuse users and mistake them to go to external site as it allows
to include links.

Conflicts:

	error.php
	libraries/core.lib.php
 2011-01-06 09:36:30 +01:00
Madhura Jayaratne
066b746bef patch #3150164 [structure] Ordering by size gives incorrect results 2011-01-03 08:10:49 -05:00
Marc Delisle
abbbd192bf 3.3.10-dev 2010-12-22 12:29:09 -05:00
Aamir Khan
1ceccbd50c fix typo 2010-12-22 15:59:44 +01:00
Dieter Adriaenssens
8afdcbe2b8 bug #3127904, Close all opened round brackets indents 2010-12-13 21:18:33 +01:00
Marc Delisle
b6f717a602 bug #3125606 [parser] Query for table "level" causes strange display 2010-12-11 08:03:50 -05:00
Herman van Rink
f805097b86 bug #3115519: fixed XSS on search 2010-11-26 09:06:09 -05:00
Marc Delisle
5f4604c9bb bug #3103853 [js] Double quotes were not escaped in generated js; I think this only applies to 3.3.x 2010-11-06 07:51:06 -04:00
Michal Čihař
252ab527bc Fix require path. 2010-11-01 10:03:16 +01:00
Marc Delisle
266b8e3aaf 3.3.9-dev 2010-10-18 06:09:38 -04:00
Dieter Adriaenssens
2d7cbdfc4d parameter is already added to url 2010-10-07 21:15:40 +02:00
Dieter Adriaenssens
8c34269e52 bug #3062454, Display routines/events also when no tables are defined 2010-10-07 20:32:07 +02:00
Marc Delisle
1623c7e065 Browsing a table containing geometry columns 2010-10-03 09:20:32 -04:00
Marc Delisle
22fa5adee3 bug #3056023 [import] USE query not working 2010-09-29 08:04:32 -04:00
Dieter Adriaenssens
c0d1c7a2ae export/copy procedures and routines before tables 2010-09-28 19:37:03 +02:00
Dieter Adriaenssens
adaa35a87f Update library PHPExcel to version 1.7.4 2010-09-11 16:18:42 +02:00
Dieter Adriaenssens
f5879655d5 value can be negative 2010-09-11 11:02:14 +02:00
Dieter Adriaenssens
194e357a99 BIGINT field type added to table analysis on import 2010-09-10 17:28:12 +02:00
Marc Delisle
9b846d65a8 3.3.8-dev 2010-08-31 12:11:49 -04:00
Marc Delisle
1b812f2d25 undefined variables after deleting a user 2010-08-30 12:54:12 -04:00
Michal Čihař
061b87f11f bug #3035300 [parser] Fixed wrong definition of keywords. 2010-08-30 17:23:50 +02:00
Michal Čihař
4a234050f2 bug #3054458 [core] Fixed displaying number of rows. 2010-08-30 14:17:51 +02:00
Herman van Rink
d1e9585c9e Merge branch 'QA_3_3' of ssh://phpmyadmin.git.sourceforge.net/gitroot/phpmyadmin/phpmyadmin into QA_3_3 2010-08-24 15:17:11 +02:00
Herman van Rink
45bdf8f522 Add additional condition for strict checking. 2010-08-24 14:47:29 +02:00
Michal Čihař
362251abbf Merge branch 'MAINT_3_3_6' into QA_3_3 
Conflicts:
	Documentation.html
	README
	libraries/Config.class.php
	translators.html
 2010-08-23 17:08:58 +02:00
Michal Čihař
133a77fac7 Escape backtrace listing to avoid possible XSS on this. 2010-08-23 17:05:53 +02:00
Michal Čihař
a24e418527 Avoid PHP error when false is passed to PMA_DBI_getError. 
This can be caused by controllink set to false.
 2010-08-23 17:02:15 +02:00
Marc Delisle
9036ac09e3 3.3.7-dev 2010-08-20 13:03:13 -04:00
Marc Delisle
1e7bc7d691 3.3.6-rc1 2010-08-20 12:59:21 -04:00
Michal Čihař
41145feb12 Merge branch 'MAINT_3_3_5' into QA_3_3 
Conflicts:
	ChangeLog
	libraries/common.lib.php
 2010-08-20 13:36:49 +02:00
Michal Čihař
59b3b4916b Escape error message coming from MySQL to avoid XSS on bad parameters. 2010-08-20 11:35:42 +02:00
Michal Čihař
bf60ec82e9 Fix possible XSS on IIS redirect page. 2010-08-20 11:20:10 +02:00
Michal Čihař
893abac3e5 bug #3042495 [core] Move PMA_sendHeaderLocation to core.lib.php. 
It might be needed from common.inc.php even if PMA_MINIMUM_COMMON is
defined.
 2010-08-20 11:09:15 +02:00
Herman van Rink
f273e6cbf6 Fix XSS on error with very long query. 2010-08-20 10:42:03 +02:00
Michal Čihař
d2e0e09e0d Fix XSS with $cfg['SQP']['fmtType'] = 'text'. 2010-08-20 10:38:32 +02:00
Michal Čihař
48e9096600 Properly check validity of sort parameter. 2010-08-18 12:31:54 +02:00
Michal Čihař
25ac7de38c Document PMA_sanitize. 2010-08-18 11:42:08 +02:00
Michal Čihař
00add5c43f Add option to escape PMA_sanitize output. 
This is required when it is used in form values.
 2010-08-18 11:38:19 +02:00
Michal Čihař
533e102135 Fix handling of unknown sort order. 2010-08-18 11:30:19 +02:00
Michal Čihař
e8cf1ac677 Generate new token on forcible generating of session id. 2010-08-17 15:30:47 +02:00
Marc Delisle
dda6de20d2 bug #3042706 [pmadb] Relations, bookmarks, etc deleted after table drop 2010-08-10 17:55:04 -04:00
Marc Delisle
04c2f9d254 bug #3040226 [XHTML] LockFromUpdate checkbox not checked by default 2010-08-07 06:27:04 -04:00
Will Palmer
158517d764 bug [mysqli] non-global $cfg referenced where $GLOBAL['cfg'] expected 2010-08-05 12:19:14 -04:00
Marc Delisle
fd1d214d35 bug #3036132 [core] Triggers not fetched if dbname has an hyphen 2010-08-01 06:17:03 -04:00
Marc Delisle
f3f073a0ba 3.3.5 release 2010-07-26 12:26:41 -04:00
Michal Čihař
049fc7fef7 bug #3031705 [core] Fix generating condition for real numbers by comparing them to string. 2010-07-26 15:51:26 +02:00
Michal Čihař
83d458aa05 Revert "bug #3031705 [core] Do not use CONCAT for DECIMAL fields." 
This reverts commit ef500cd23f.

We probably need to use CONCAT still, just the other side should be
converted to string as well.
 2010-07-26 15:45:36 +02:00
Michal Čihař
ef500cd23f bug #3031705 [core] Do not use CONCAT for DECIMAL fields. 2010-07-20 14:37:53 +02:00
Marc Delisle
828d008838 3.3.6-dev 2010-07-18 14:34:32 -04:00
Marc Delisle
31c18cbe11 3.3.5-rc1 2010-07-18 14:31:53 -04:00