nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,186 Commits 1 Branch 0 Tags
d1e9585c9e31b82a57e47c614c4989791117c78a
Commit Graph

10186 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Herman van Rink
d1e9585c9e Merge branch 'QA_3_3' of ssh://phpmyadmin.git.sourceforge.net/gitroot/phpmyadmin/phpmyadmin into QA_3_3 2010-08-24 15:17:11 +02:00
Herman van Rink
b301062bee Generalized include, to incorporate the Config class 2010-08-24 15:14:27 +02:00
Herman van Rink
45bdf8f522 Add additional condition for strict checking. 2010-08-24 14:47:29 +02:00
Michal Čihař
362251abbf Merge branch 'MAINT_3_3_6' into QA_3_3 
Conflicts:
	Documentation.html
	README
	libraries/Config.class.php
	translators.html
 2010-08-23 17:08:58 +02:00
Michal Čihař
133a77fac7 Escape backtrace listing to avoid possible XSS on this. 2010-08-23 17:05:53 +02:00
Michal Čihař
a24e418527 Avoid PHP error when false is passed to PMA_DBI_getError. 
This can be caused by controllink set to false.
 2010-08-23 17:02:15 +02:00
Herman van Rink
5920476d44 Updated unittest to conform latest update 2010-08-23 14:30:17 +02:00
Marc Delisle
9036ac09e3 3.3.7-dev 2010-08-20 13:03:13 -04:00
Marc Delisle
1e7bc7d691 3.3.6-rc1 2010-08-20 12:59:21 -04:00
Michal Čihař
8b53799f0d Merge branch 'MAINT_3_3_5' into QA_3_3 2010-08-20 13:42:29 +02:00
Michal Čihař
5a0fec9b3c Set version to 3.3.5.1. 2010-08-20 13:42:17 +02:00
Michal Čihař
41145feb12 Merge branch 'MAINT_3_3_5' into QA_3_3 
Conflicts:
	ChangeLog
	libraries/common.lib.php
 2010-08-20 13:36:49 +02:00
Michal Čihař
d128f80605 Changelog. 2010-08-20 13:33:32 +02:00
Michal Čihař
59b3b4916b Escape error message coming from MySQL to avoid XSS on bad parameters. 2010-08-20 11:35:42 +02:00
Michal Čihař
782b8b46be Avoid information disclossure on error. 2010-08-20 11:33:24 +02:00
Michal Čihař
bf60ec82e9 Fix possible XSS on IIS redirect page. 2010-08-20 11:20:10 +02:00
Michal Čihař
893abac3e5 bug #3042495 [core] Move PMA_sendHeaderLocation to core.lib.php. 
It might be needed from common.inc.php even if PMA_MINIMUM_COMMON is
defined.
 2010-08-20 11:09:15 +02:00
Michal Čihař
a29323a1a6 bug #3044189 [doc] Cleared documentation for hide_db. 2010-08-20 11:02:38 +02:00
Herman van Rink
f273e6cbf6 Fix XSS on error with very long query. 2010-08-20 10:42:03 +02:00
Michal Čihař
d2e0e09e0d Fix XSS with $cfg['SQP']['fmtType'] = 'text'. 2010-08-20 10:38:32 +02:00
Michal Čihař
b337f45a0a Revert "Do not assume that DefaultLang is escaped." 
This reverts commit 05ca00e0a2.

There does not seem to be bug here.
 2010-08-19 15:37:06 +02:00
Michal Čihař
05ca00e0a2 Do not assume that DefaultLang is escaped. 2010-08-18 12:37:20 +02:00
Michal Čihař
48e9096600 Properly check validity of sort parameter. 2010-08-18 12:31:54 +02:00
Michal Čihař
be0f47a931 Fix XSS on hostname. 2010-08-18 12:13:59 +02:00
Michal Čihař
cd205cc55a Fix XSS on username. 2010-08-18 12:12:09 +02:00
Michal Čihař
7dc6cea065 Fix XSS on tablename and pred_tablename. 2010-08-18 12:09:13 +02:00
Michal Čihař
6028221d97 Fix XSS on dbname. 2010-08-18 12:07:45 +02:00
Michal Čihař
2a1233b69c Fix XSS on checkprivs. 2010-08-18 12:05:32 +02:00
Michal Čihař
25ac7de38c Document PMA_sanitize. 2010-08-18 11:42:08 +02:00
Michal Čihař
fa30188dde Escape html chars in form values. 2010-08-18 11:38:19 +02:00
Michal Čihař
00add5c43f Add option to escape PMA_sanitize output. 
This is required when it is used in form values.
 2010-08-18 11:38:19 +02:00
Marc Delisle
c75e41d5d8 Limit list of correct values for sort order. 2010-08-18 11:30:19 +02:00
Michal Čihař
533e102135 Fix handling of unknown sort order. 2010-08-18 11:30:19 +02:00
Michal Čihař
ea3b718fc3 Secure handling of sort_by and sort_order in server_databases.php. 2010-08-18 11:30:19 +02:00
Michal Čihař
7f266483b8 Fix XSS on delimiter in tbl_sql.php. 2010-08-18 11:30:19 +02:00
Marc Delisle
5bcd95a42c Fix XSS on delimiter in db_sql.php. 2010-08-18 11:30:19 +02:00
Michal Čihař
6d548f7d44 Fix XSS on field_str in db_search.php. 2010-08-18 11:30:19 +02:00
Michal Čihař
e8cf1ac677 Generate new token on forcible generating of session id. 2010-08-17 15:30:47 +02:00
Michal Čihař
9e2a3f207b Ignore non default themes in git. 2010-08-17 13:38:37 +02:00
Michal Čihař
80cca2d68c Update translation based on current master branch. 2010-08-17 13:36:41 +02:00
Marc Delisle
dda6de20d2 bug #3042706 [pmadb] Relations, bookmarks, etc deleted after table drop 2010-08-10 17:55:04 -04:00
Marc Delisle
789d3a4131 Withdraw or edit FAQ entries related to older MySQL or PHP 2010-08-07 07:08:11 -04:00
Marc Delisle
04c2f9d254 bug #3040226 [XHTML] LockFromUpdate checkbox not checked by default 2010-08-07 06:27:04 -04:00
Marc Delisle
d42dab9dd4 patch #3039269 [dbi] Wrong variable checked for nopassword option 2010-08-05 12:22:56 -04:00
Will Palmer
158517d764 bug [mysqli] non-global $cfg referenced where $GLOBAL['cfg'] expected 2010-08-05 12:19:14 -04:00
Marc Delisle
fd1d214d35 bug #3036132 [core] Triggers not fetched if dbname has an hyphen 2010-08-01 06:17:03 -04:00
Marc Delisle
e6e78a1fa4 incorrect HTML entity 2010-07-31 15:06:28 -04:00
Marc Delisle
7951b2bacc bug #3034026 [confirmation] TRUNCATE queries get no confirmation request 2010-07-31 14:54:05 -04:00
Michal Čihař
4317af25ef Merge branch 'MAINT_3_3_5' into QA_3_3 2010-07-26 18:29:37 +02:00
Marc Delisle
e43fe5a8f1 3.3.5 release 2010-07-26 12:27:30 -04:00