1 ----------------------
6 $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
8 2.11.3.0 (not yet released)
9 - patch #1818389 to remove a notice (failed to flush buffer), thanks to
11 - patch #1821154, HTTP authentication: fix auth working with php/mod_fastcgi,
13 - wrong default charset in case of broken session
14 - bug #1824506 [profiling] Profile command repeated on older MySQL servers
15 - bug #1825172 [export] Exporting and functions
16 - bug #1817224 [import] Incorrect detection of file_uploads in some cases,
17 thanks to Juergen Wind
18 - bug #1777249 [display] Do not underline links in left panel (in default
19 - bug #1826022 [privileges] unable to add user (MySQL 3.23) since PMA 2.11.2
20 - bug #1823045 [import] Error importing file with lowercase "delimiter"
21 - bug #1828913 [structure] Can't set FULLTEXT index on CHAR column
22 - bug #1804081 [export] export on server doesn't obey AllowAnyWhereRecoding
23 - bug #1789988 [display] space before SHOW COLUMNS
24 - bug #1831646 [table creation] Error in CREATE TABLE with multiple primary
25 keys and AUTO_INCREMENT
26 - [display] Division by zero when showing all records (page selector)
27 - bug #1828265 [privileges] No weird characters in generated password
28 - bug #1759194 [import] open_basedir warning
31 - fixed possible SQL injection using database name
32 - fixed possible XSS in database name - thanks to Omer Singer, The DigiTrust Group
35 - patch #1791576 HTTP auth: support REDIRECT_REMOTE_USER, thanks to Allard
36 + [lang] Serbian update, thanks to Mihailo Stefanovic
37 - bug #1798841 [relations] Copying db does not copy internal relations
38 - bug #1798646 [display] Character '+' in query wrongly interpreted
39 - bug #1801919 [themes] Do not use NaviDatabaseNameColor for fieldset legend
40 - bug #1764735 [core] Designer: PDF error when deleting a table
41 - bug #1764195 [views] DROP button does not work on defective views
42 - bug #1805773 [relations] browse foreign values: return values not escaped,
44 - bug #1807923 [login] Login with html entities in password fails
45 - [core] Undefined variable when creating a table that exists
46 - patch #1808578 Changes in font size were no longer detected after patch
48 + [lang] Croatian update, thanks to Renato Pavicic
49 - patch #1807615 [GUI] Display patch for column rights in Opera
50 - bug #1811519 Can't delete user with a german umlaut.
51 - bug #1811519 [privileges] fixed used collation for accessing mysql.user in server privileges
52 - it should not be possible to move or copy a table to information_schema
53 - bug #1814733 win: copy db to mixed name db fails
54 - bug #1777249 [display] Remove horizontal lines in navigation panel
55 - bug #1805102 [display] TextareaAutoSelect issues: set this parameter
56 default value to false to help cut&paste from a terminal window; also
57 set focus to the textarea
58 - bug #1814463 [display] Wrong database size
59 - bug #1811527 [display] Problem with links to the MySQL manual
60 - patch #1817529 [auth] Incorrect login via URL when AllowArbitraryServer
61 is true, thanks to Juergen Wind
64 - fixed XSS in server_status.php, thanks to Omer Singer, The DigiTrust Group
65 - fixed some possible XSS with PHP_SELF, PATH_INFO, REQUEST_URI
66 (reference: CVE-2007-5589)
69 - bug #1810629 [setup] XSS in setup.php, thanks to Omer Singer, The DigiTrust Group
73 - bug #1783667 [export] NO_AUTO_VALUE_ON_ZERO and MySQL version
74 - bug #1780098 [GUI] Logout causes CSS loss, thanks to Juergen Wind
75 . incorrect field ids, thanks to Michael Keck
76 - bug #1787522 [view] wrong choice in algorithm drop-down
77 - bug #1777620 [GUI] Table Print preview: missing column header,
78 thanks to Mario Rohkrämer
79 - Do not display "Your MySQL library..." if only the Z part of X.Y.Z version
81 - bugs #1767759, 1216521 [data] Duplicate entry error Browse feature: this minor
82 feature removed due to its complexity
83 - bug #1774825 [operations] Rename database loses charset info
84 - bug #1791568 [core] Undefined cfg, thanks to Christian Schmidt
85 - bug #1782332 [structure] New table form does not overtake data
86 - bug #1793763 [requirements] minimum PHP should be 4.2.0
87 - patch #1787915 Avoid CSS reloading on every click, thanks to Juergen Wind
88 - bug #1798627 [GUI] Wrong storage engine displayed
92 + [import] support handling of DELIMITER to mimic mysql CLI, thanks to fb1
93 + improved PHP 6 compatibility
94 - bug #1674914 [structure] changing definition of a TIMESTAMP field
95 - bug #1615530 [upload] added more specific error message if field upload fails
96 - bug #1627210, #1083301, #1482401 [data] warning on duplicate indexes
97 - bug #1668724 JavaScript focus login Opera
98 - bug #1666657 [auth] Cookie password delete on timeout / inactivity
99 - bug #1648802 different mysql library and server version
100 - bug #1662976 [auth] Authentication fails when controluser/pass is set
101 - bug #1643758 [import] Error #1264 importing NULL values in MySQL 5.0
102 - bug #1523747 [innodb] make warning about row count more visible
103 - bug #1676012 [auth] strip non-US-ASCII characters (RFC2616)
104 - bug #1679440 Added FAQ entry about header errors under IIS caused by
105 an end-of-line character
106 - [gui] avoid displaying a wide selector in server selection
107 - bug #1614004 [relation] foreign key spanning multiple columns are
108 incorrectly displayed
109 - bug #1681598 [interface] Edit next row
110 - bug #1688053 [export] Wrong export of binary character fields
111 - bug #1498281 [parser] Wrong primary key used for displaying results
113 - bug #1699772 Visual space bug in table name (in browser)
114 - bug #1699532 Cause of data manipulation issues: implemented changes
115 as suggested by crisp_; still have to work on updating an ENUM value
116 + [core] added PMA_fatalError() and made use of it
117 . [core] added PMA_isValid() and PMA_ifSetOr() for variable handling
118 . [i18n] use generic $strOptions
119 . [core] get rid of $propicon
120 . [core] globalized variables to be includable inside function in
121 libraries/select_lang.lib.php
122 + [doc] changed all documentation in config.inc.php to phpDocumentor style
123 + [data] support for CREATE VIEW from query results
124 + [gui] dropped css/ folder and moved into root of PMA
125 + [l10n] new: Sinhala, Macedonian
126 + [export] YAML export (see yaml.org), thanks to Bryce Thornton
127 + [upload] moved file upload functionality into own class
128 + [upload] make use of $cfg['TempDir'] for file uploads
129 + [server] improved display of binary logs
130 + [data] better error handling in tbl_create.php
131 + [routines] from Patch #1649881, thanks to Mike Beck
132 + [querywindow] store sql history in session
133 + [querywindow] sql history now without db too
134 + [querywindow] tweaks in sql history view
135 + [export] Native Excel (Spreadsheet_Excel_Writer) improvements,
136 thanks to Christian Schmidt
137 + [doc] requirement of mcrypt on 64-bit, thanks to Isaac Bennetch
138 + [lang] Danish update, thanks to Finn Sorensen
139 + RFE #1435922 [gui] navigation frame shows listing of databases when none selected
140 + [data] support BIT datatype (under mysqli), thanks to Christian Schmidt
141 + [display] automatic confirmation for sort by key, thanks to Juergen Wind
142 + [data] can now choose the number of insert rows
143 + RFE #1704779 [gui] link documentation from login page
144 + RFE #1513345 [setup] check control user connection during setup
145 + [structure] TRIGGERS: display/edit/drop/SQL export
146 + [browse] store browse state in session per query
147 + [lang] Turkish update, thanks to Burak Yavuz
148 + [lang] Galician update, thanks to Xosé Calvo
149 + [lang] Brazilian-Portuguese update, thanks to Airon Luis Pereira
150 + [gui] Insert/Edit: no longer display the Go button each 15 lines
151 but just at the end of a row
152 + [gui] Query window: use verbose server name if any
153 + [auth] patch #1712514 specify host for single signon, thanks to Thierry
154 + [gui] Navigator for the db list in the navigation panel
155 + [gui] Navigator for the table list in the content panel
156 - bug #1727138 HTML not encoded (more than 1000 characters)
157 + [display] Support for MySQL 5.0.37 profiling
158 + RFE #1743983 [gui] Replace $max_characters by a configurable param:
159 $cfg['MaxCharactersInDisplayedSQL']
160 - bug #1746186 LeftLogoLink fails if set to some external site
161 . [transformations]: remove "auto-detect" MIME-type that was never implemented
162 + [display] patch #1749705, Allow multibyte characters in number formatting,
164 - bug #1747215 Export emits blanks at line ends
165 - bug #1751172 Do not export data when exporting a single VIEW
166 + [lang] Swedish update, thanks to Björn T. Hallberg
167 + [lang] Russian update, thanks to Victor Volkov and the php-myadmin.ru users
168 + [privileges] Support password hashing on the Edit Privileges interface
169 - bug #1755339 Warn about rename dataase actually being copy/delete
170 - bug #1746921 Left frame shrinks on db change, thanks to Juergen Wind
171 + [gui] Export: Select All/Unselect All over the choices,
172 thanks to Florian Schmitz
173 + [lang] Japanese update, thanks to Ishigaki Kenichi
174 - bug #1759528 browse_foreigners fails due to newlines,
175 thanks to Hanno Boeck
176 + [lang] Norwegian update, thanks to Sven-Erik Andersen
177 + [lang] Italian update, thanks to Luca Rebellato
178 + [lang] Spanish update, thanks to Daniel Hinostroza
179 . [export] Do not obey $cfg['MaxTableList'] on database export
180 - [doc] UploadDir and the Import tab, thanks to Juergen Wind
181 - bug #1766975 Parameters lost when editing stored routine
182 - [export] patch #1766633 Incorrect export with specified MySQL port,
183 thanks to Juergen Wind
184 + [lang] Catalan update, thanks to Xavier Navarro
185 - bug #1751553 Drop-down instead of input when editing
186 - [data] foreign key browser: encoding mixups, thanks to Thijs Kinkhorst
187 - bug #1771721 Old SVN URLs
189 2.10.3.0 (2007-07-20)
191 - bug #1734285 Copy database with VIEWs
192 - bug #1722502 DROP TABLE in export VIEW
193 - bug #1729027 Sorting results of VIEW browsing
194 - bug #1733012 Unwanted table alias in delete button
195 - bug #1736405 Pretty printer and HTML line breaks
196 - bug #1745257 Invalid DB name is still displayed
197 - bug #1730367 Calendar "Go" has no effect
198 - bug #1748633 Incorrect parameter validation for VIEWs
199 + [lang] Russian revision, thanks to Victor Volkov and the users of
201 - Do not try to delete an internal relation if we just deleted an InnoDB one
203 2.10.2.0 (2007-06-15)
205 + [data] display all warnings, not only last one
206 - typo in fix for bug #1671813
207 - bug #1714908 Inserted Row Count is wrong
208 - bug #1712570 Deleting last record freezes
209 - bug #1717339 Missing header when deleting a checked column,
210 thanks to Michael Keck
211 - bug #1717477 Warning on Query page when db is empty
212 - bug #1721002 db rename -> undefined cfgRelation, thanks to Jürgen Wind
213 - bug #1721571 CREATE database privilege not always detected,
214 thanks to Gordon McNaughton
215 - bug #1715709 export in SQL format always includes procedures and functions
216 - bug #1722502 DROP TABLE in export view structure
217 - bug #1718787 Multi-server setup breaks Designer
218 - bug #1724401 Column truncation in repair table output
219 - patch #1726500 Wrong position of </tbody>, thanks to Jürgen Wind
220 - bug #1728590 Detected failing session_start fails, thanks to Jürgen Wind
221 - RFE #1714760 Obey ShowCreateDb on the Databases tab
222 - patch #1733762 Typo in message "INSERT DELAY", thanks to Victor Volkov
223 - patch #1730171 Dead message strLanguageFileNotFound, thanks to Victor Volkov
224 - patch #1731280 Avoid negative exponent in gmp_pow(), thanks to anosek
226 2.10.1.0 (2007-04-23)
227 =====================
229 - bug #1541147 [js] '#' in database names not correctly handled by queywindow.js
230 - bug #1671403 [parser] using "client" as table name
231 - bug #1672379 [core] Call to undefined function PMA_removeCookie()
232 - bug [core] undefined variable in libraries/tbl_replace_fields.inc.php
233 - bug [gui] query window icon did not work, thanks to Jürgen Wind - windkiel
234 . [general] use PMA_getenv('PHP_SELF')
235 - bug #1676033 [core] pow(int,int) causes overflow
236 - bug #1680952 [core] undefined function PMA_getUvaCondition()
237 - bug #1596328 [export] drop support for POSTGRESQL compatibility mode
238 - bug #1609443 [privileges] Grant all priv. on wildcard name (fix message)
239 - bug #1567317 [sqp] Syntax highlighter: extra spaces
240 - bug #1239401 [sqp] table dot numeric field name
241 - bug #1672789 [sqp] Undefined offset: 4 in sqlparser.lib.php #1674
242 - bug #1682044 [export] Export file even if file not selected
243 - bug #1664212 querywindow loses url encoded characters
244 - replaced ctype_digit() with is_numeric()
245 + [config] clean cookies on phpMyAdmin upgrade
246 - bug #1674972 [export] no export with %afm%
247 - bug #1667887 HTML maxlength
248 - bug #1679055 #1050 - Table '<table name>' already exists
249 - patch #1681620 [interface] support reordering of $cfg['ColumnTypes'],
250 thanks to Leonard den Ottolander
251 - bug #1690718 Can't edit if BLOB and no PK
252 - bug #1672636 [export] PDF export too wide
253 + [lang] brazilian-portuguese update, thanks to Airon Luis Pereira
254 - patch #1698964 javascript typo, thanks to Corey Hollaway
255 - bug #1703897 [css] undefined index 'js_frame'
256 - bug #1690561 Blobs being cleared on Edit of row
257 - bug #1679801 [core] XSS vulnerability in PMA_sanitize(), thanks to sp3x SecurityReason
258 - bug #1704467 XSS vulnerability in browse_foreigners.php, thanks to sp3x SecurityReason
260 2.10.0.2 (2007-03-02)
261 =====================
263 + bug #1671813 CVE-2006-1549 deep recursion crash
265 2.10.0.1 (2007-03-01)
266 =====================
268 . [config] set $cfg['Servers'][$i]['ssl'] default value to false,
269 we got reports from some users having problems with the default value of true
271 2.10.0.0 (2007-02-28)
272 =====================
274 - bug #1659176 [general] memory error displaying a table with large BLOBs
275 - bug #1668662 [install] can create the new pma_designer_coords table
276 + [gui] navi logo now links to main page by default, with still the possibility
277 of having an external URL
279 2007-02-25 Marc Delisle <lem9@users.sourceforge.net>
280 * libraries/common.lib.php: bug #1667466, undefined variable when
281 export + save on server
282 * server_status.php: bug #1665930, undefined PHP_SELF
284 2007-02-24 Marc Delisle <lem9@users.sourceforge.net>
285 * libraries/config.default.php: RFE #1621437, HEX and UNHEX were not
286 available for a BINARY field
288 2007-02-21 Marc Delisle <lem9@users.sourceforge.net>
289 * pmd/scripts/move.js: bug #1650770, Designer and Mac OSX,
290 thanks to Ivan Kirillov
292 2007-02-17 Marc Delisle <lem9@users.sourceforge.net>
293 * Documentation.html: patch #1659347, missing doc for some config,
294 thanks to Isaac Bennetch
295 * libraries/export/sql.php: bug #1663336, undefined variable
297 2007-02-16 Marc Delisle <lem9@users.sourceforge.net>
298 * libraries/common.lib.php, footer.inc.php: avoid generating big links
299 after an upload into a BLOB
301 2007-02-14 Marc Delisle <lem9@users.sourceforge.net>
302 * libraries/common.lib.php: white page after uploading a 700 Kio BLOB
303 * add a warning on main page if mcrypt can't be loaded (bug 1658160)
305 2007-02-12 Sebastian Mendel <cybot_tm@users.sourceforge.net>
306 * libraries/database_interface.lib.php: bug #1616486 server_databases does
307 not show all databases
308 * libraries/sqlparser.data.php: MySQL function and column names, reserved
309 and forbidden words updated,
310 bug #1657045 Spatial functions not supported
311 bug #1657037 Missing column type "geometry"
313 2007-02-09 Marc Delisle <lem9@users.sourceforge.net>
314 * main.php: some links should open a new page
315 * Documentation.html, libraries/navigation_header.inc.php,
316 libraries/config.default.php: $cfg['LeftLogoLinkWindow'] to decide
317 in which window the logo-linked page will appear
319 2007-02-09 Michal Čihař <michal@cihar.com>
320 * lang/czech: Fix syntax error (sorry for that).
322 2007-02-08 Marc Delisle <lem9@users.sourceforge.net>
323 * themes/darkblue_orange/img/logo_left.png,
324 themes/original/img/logo_left.png: smaller PMA logo for navi
326 2007-02-08 Sebastian Mendel <cybot_tm@users.sourceforge.net>
327 * themes/*/css/theme_right.css.php: bug #1653769 browsing highlight disabling
330 2007-02-06 Sebastian Mendel <cybot_tm@users.sourceforge.net>
331 * pmd_general.php, pmd_pdf.php, pmd_save_pos.php: fixed short open tags
332 patch #1652886 thanks to Martin Thielecke - mthie
333 * tbl_change.php: fixed escaping of field names in HTML and JavaScript
334 * libraries/common.lib.php: PMA_backquote() did not quote 0
335 * tbl_change.php: bug #1652810 - slashes are not escaped properly
337 2007-02-05 Marc Delisle <lem9@users.sourceforge.net>
338 * lang/japanese: Update, thanks to Ishigaki Kenichi - tcool.
340 2007-02-05 Sebastian Mendel <cybot_tm@users.sourceforge.net>
341 * lang/german: updated
343 2007-02-03 Marc Delisle <lem9@users.sourceforge.net>
344 * pmd/scripts/move.js: display problems in Opera, thanks to Maxim Bulygin
346 2007-02-02 Marc Delisle <lem9@users.sourceforge.net>
347 * tbl_replace.php: Calendar icon does not work on "Insert another new row"
349 2007-02-01 Marc Delisle <lem9@users.sourceforge.net>
350 * libraries/import.lib.php: bug #1626064, too much quoting on import
352 2007-02-01 Sebastian Mendel <cybot_tm@users.sourceforge.net>
353 * libraries/display_tbl.lib.php: bug #1644740 - $cfg['Order'] = 'SMART'
355 * libraries/Theme.class.php: removed __wakeup() due to some requirements are
356 not fulfilled at this point - also thanks to Jürgen Wind - windkiel
358 2007-01-31 Sebastian Mendel <cybot_tm@users.sourceforge.net>
359 * libraries/session.inc.php:
360 bug #1630871 - Detecting a missing write permission on sessions directory
362 2007-01-30 Sebastian Mendel <cybot_tm@users.sourceforge.net>
363 * libraries/sqlparser.lib.php PMA_SQP_analyze():
364 bug #1647785 - do not pass variables by reference
366 2007-01-29 Marc Delisle <lem9@users.sourceforge.net>
367 * lang/catalan update, thanks to Xavier Navarro (xavin)
368 * pmd_general.php: possibility of quotes in Designer messages,
369 thanks to Ivan Kirillov
371 2007-01-26 Michal Čihař <michal@cihar.com>
372 * libraries/common.lib.php, libraries/js_escape.lib.php,
373 test/escape_js_string.php, test/core.lib.php: Move java script escaping
374 to separate library, make it safer on </script> escaping and add
376 * test/theme.php: Move to test package.
378 2007-01-22 Marc Delisle <lem9@users.sourceforge.net>
379 * pmd/*: button for direct/angular links, thanks to Ivan Kirillov
381 2007-01-22 Michal Čihař <michal@cihar.com>
382 * lang/czech: Updated.
384 2007-01-21 Marc Delisle <lem9@users.sourceforge.net>
385 * libraries/Table.class.php: on a MySQL 5.0.33 server with 4400 databases,
386 one of which having 400 tables, it took more than 3 minutes just to
387 see the database structure (some accesses to INFORMATION_SCHEMA are
388 just too slow) so I changed PMA_Table::isView() to avoid calling
391 2007-01-20 Marc Delisle <lem9@users.sourceforge.net>
392 * libraries/sqlparser.lib.php: bug #1638267, wrong reserved word
394 * server_privileges.php: bug #1635377, superfluous backslash,
397 2007-01-19 Marc Delisle <lem9@users.sourceforge.net>
398 * pmd*, lang/*: Designer now supports set/unset of the display field,
399 thanks to Ivan Kirillov
401 2007-01-18 Michal Čihař <michal@cihar.com>
402 * lang/czech: Updated.
403 * libraries/auth/cookie.auth.lib.php: Make server switching honour more
404 server settings (patch #1630104).
406 2007-01-17 Marc Delisle <lem9@users.sourceforge.net>
407 * lang/turkish: update, thanks to Burak Yavuz - bourock
409 2007-01-16 Marc Delisle <lem9@users.sourceforge.net>
410 ### 2.9.2 released from QA_2_9
412 2007-01-12 Marc Delisle <lem9@users.sourceforge.net>
413 * (many files): Designer, two features (snap to grid / display field)
414 thanks to Ivan Kirillov
415 * libraries/Theme_Manager.class.php: patch #1611684, force a change
416 of a session variable to avoid phpmyadmin.css.php caching problems,
417 thanks to Christian Schmidt
419 2007-01-11 Marc Delisle <lem9@users.sourceforge.net>
420 * lang/estonian: Update, thanks to Marko Ellermaa - uhuu
422 2007-01-09 Michal Čihař <michal@cihar.com>
423 * index.php: Properly escape strings written in JS code.
424 * libraries/Theme_Manager.class.php: Avoid trigger error here, parameter
425 comes from user and it might lead to path disclossure.
426 * libraries/common.lib.php:
427 - Properly escape </script> in JS code.
428 - Check db, table and sql_query params to be string.
430 2007-01-08 Marc Delisle <lem9@users.sourceforge.net>
431 * libraries/session.inc.php: prevent attack on session name cookie
433 2007-01-05 Marc Delisle <lem9@users.sourceforge.net>
434 * libraries/session.inc.php: bug #1538132, remove the setting of
435 session.save_handler to 'files'
436 * pmd_general.php: patch #1627831,
437 English language improvements, thanks to Isaac Bennetch
438 * pmd_general.php, pmd_relation_new.php, lang/*: abstract messages
440 2007-01-04 Marc Delisle <lem9@users.sourceforge.net>
441 * pmd/scripts/move.js: avoid text selection when moving a table object
442 under MSIE 6, thanks to Ivan Kirillov
443 * libraries/db_links.inc.php: better icon for Designer, thanks to I.K.
445 2007-01-02 Marc Delisle <lem9@users.sourceforge.net>
446 * Designer: various fixes and improvements (for example support
447 for MSIE 6), thanks to Ivan Kirillov
448 * pdf_pages.php: undefined $pdf_page_number when no auto layout
449 * server_privileges.php: bug #1614087, deleting a user having a
450 global GRANT privilege fails under MySQL 4.1.x
452 2007-01-02 Michal Čihař <michal@cihar.com>
453 * libraries/common.lib.php: Add <div> to allow selecting whole SQL by
454 tripple click (patch #1611591).
455 * libraries/export/sql.php: DELIMITER should not be commented out (bug
458 --- Older ChangeLogs can be found on our project website ---
459 http://www.phpmyadmin.net/old-stuff/ChangeLogs/
461 # vim: et ts=4 sw=4 sts=4
462 # vim: ft=changelog fenc=utf-8 encoding=utf-8
463 # vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>8&&getline(v\:lnum)!~'^#'
464 # vim: fdn=1 fdm=expr