1 ----------------------
6 $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
8 3.2.0.0 (not yet released)
9 - [core] better support for vendor customisation (based on what Debian needs)
10 + rfe #2127987 warn when session.gc_maxlifetime is less than cookie validity
11 + rfe #2100910 configurable default charset for import
12 + rfe #1913541 link to InnoDB status when error 1005 occurs
13 + rfe #1927189 strip ` from column names on import
14 + rfe #1821619 LeftFrameDBSeparator can be an array
15 + patch #1821619 [privileges] Extra back reference when editing table-specific
16 privileges, thanks to Herman van Rink - helmo
17 + patch #2356575 [display] Sortable database columns,
18 thanks to Bryce Thornton - brycethornton
19 - patch #2486825 [lang] Wrong string in setup script hints,
20 thanks to Isaac Bennetch - ibennetch
21 - patch #2498350 [cleanup] XHTML cleanup, thanks to Virsacer - virsacer
23 3.1.3.0 (not yet released)
24 + [lang] Turkish update, thanks to Burak Yavuz
25 - patch #2496403 [display] Multi-row change with "]",
26 thanks to Virsacer - virsacer
28 3.1.2.0 (not yet released)
29 - bug #1253252 [display] Can't NULL a column with relation defined
30 - bug #2009500 [SQL] Small improvements in generated SQL (partial fix)
31 - bug #1963184 [export] YAML export improvement,
32 thanks to Bryce Thornton - brycethornton
33 + [lang] Dutch update, thanks to Herman van Rink - helmo
34 - patch #2407785 [cleanup] ereg*() deprecated in PHP 5.3,
35 thanks to Alex Frase - atfrase
36 - bug #2417058 [properties] Edit fields: losing auto-increment setting
37 - patch #2444082 [changelog] changelog.php linkifies one link wrong,
38 thanks to Robert Xiao - nneonneo
39 - bug #2363653 [properties] Various problems with table structure
40 - bug [display] BIT field contents disappear when edited
41 + [lang] Czech update, thanks to Ondřej Vadinský.
42 - bug #2461735 [operations] Table operations adds "row_format"
43 - bug #2445213 [export] Commas for CSV Excel 2008 for Mac
44 - bug #2397877 [core] ForceSSL and http auth_type
45 - bug #2473127 [display] Deleting rows displays tbl structure, not contents
46 - patch #2478940 [core] PHP 5.2+ warning does not work,
47 thanks to Jürgen Wind - windkiel
48 - bug #2416418 [privileges] Escaping special characters
51 - patch #2242765 [core] Navi panel server links wrong,
52 thanks to Martin Stricker - martinstricker
53 - bug #2186823 [core] bad session.save_path not detected
54 - bug #2202709 [core] Re-login causes PMA to forget current table name
55 - bug #2280904 [export] do not include view name in export
56 - rfe #1688975 [display] enable copying of auto increment by default
57 - bug #2355753 [core] do not bail out creating session on any PHP warning
58 - bug #2355925 [display] properly update tooltips in navigation frame
59 - bug #2355923 [core] do not use ctype if it is not available
60 - bug #2356433 [display] HeaderFlipType "fake" problems,
61 thanks to Michal Biniek
62 - bug #2363919 [display] Incorrect size for view
63 - bug #2121287 [display] Drop-down menu blinking in FF
64 + [lang] Catalan update, thanks to Xavier Navarro
65 + [lang] Finnish update, thanks to Jouni Kahkonen
66 - [core] Avoid error with BLOBstreaming support requiring SUPER privilege
67 - [security] possible XSRF on several pages
70 + [auth] Support for Swekey hardware authentication,
71 see http://phpmyadmin.net/auth_key
72 - bug #2046883 [core] Notices about deprecated dl() (so stop using it)
73 + BLOBstreaming support, thanks to Raj Kissu Rajandran and
74 Google Summer of Code 2008
75 + patch #2067462 [lang] link FAQ references in messages,
76 thanks to Thijs Kinkhorst - kink
77 + new setup script, thanks to Piotr Przybylski (work in progress)
78 - rfe #1892243 [export] more links to documentation
79 + [auth] cookie auth now autogenerates blowfish_secret, but it has some
80 limitations and you still should set it in config file
81 + [auth] cookie authentication is now the default
82 + [auth] do not allow root user without password unless explicitly enabled by
84 + rfe #1778908 [auth] arbitrary server auth can now also accept port
85 - patch #2089240 [export] handle correctly switching SQL modes
86 + rfe #1612724 [export] add option to export without comments
87 - bug #2090002 [display] Cannot edit row in VIEW
88 - patch #2099962 [js] fix js error without frameset, thanks to Xuefer
89 - patch #2099972 [structure] Display None when there is no default value,
90 thanks to Xuefer - xuefer
91 - patch #2122883 [PDF schema] Option to display just the keys,
92 thanks to Samuel Sol Villar dos Santos - yohanleafheart
93 + rfe #1276463 [search] Search empty/not empty values
94 + rfe #823652 [structure] ENUM values: field size too small
95 - [lang] Persian update, thanks to Goolex - goolex
96 - [lang] Czech update, thanks to Ondřej Vadinský.
97 - patch #2255890 [lang] English-language cleanup,
98 thanks to Isaac Bennetch - ibennetch
99 + [lang] Norwegian update, thanks to Sven-Erik Andersen
100 + [lang] Hungarian update, thanks to Jozsef Tamas Herczeg - dodika
101 + [lang] French update by Marc Delisle - lem9
102 - bug #2222344 [display] Query involving a function shown as binary
103 + [lang] Italian update, thanks to fantu - fantu
104 + [lang] Swedish update, thanks to Björn T. Hallberg
105 - bug #2315549 [import] fclose() error with "Create PHP code"
106 + [lang] Polish update, thanks to Jakub Wilk
108 3.0.2.0 (not released)
109 - [lang] Italian update, thanks to Luca and fantu
110 - bug #2107583 [GUI] Leading newline truncated, thanks to Isart Montane
111 - bug #2222230 [import] Assigning a value in import.php, thanks to
115 - [security] XSS in a Designer component
118 - bug #2134126 [GUI] SQL error after sorting a subset
119 + [lang] Catalan update, thanks to Xavier Navarro
120 + [lang] Russian update, thanks to Victor Volkov
121 - patch #2143882 [import] Temporary uploaded file not deleted,
122 thanks to David Misc - dmisc
123 - bug #2136986 [auth] Cannot create database after session timeout
124 - bug #1914066 [core] ForceSSL generates incorrectly escaped redirections,
125 this time with the correct fix
126 + [lang] Hungarian update, thanks to Jozsef Tamas Herczeg - dodika
127 - bug #2153970 [core] Properly truncate SQL to avoid half of html tags
128 + [lang] Romanian update, thanks to Sergiu Bivol - sbivol
129 - bug #2161443 [structure] Incorrect index choice shown when modifying an
131 - bug #2127094 [interface] Misleading message after cancelling an action
132 + [lang] Croatian update, thanks to Renato Pavicic
133 + [lang] Finnish update, thanks to Jouni Kahkonen
134 + [lang] Polish update, thanks to Jakub Wilk
135 + [lang] Japanese update, thanks to Ishigaki Kenichi
136 - patch #2176438 [privileges] Wrong message when changing password,
137 thanks to incognito - zytisin
138 - bug #2163437 [core] Cannot disable PMA tables
139 - bug #2184240 [lang] Problems with Italian language file, thanks to Luca
141 - bug #2187193 [interface] ShowChgPassword setting not respected
144 + [export] properly handle line breaks for YAML, thanks to Dan Barry -
146 + [navi] new parameter $cfg['LeftDefaultTabTable']
147 + [table] support MySQL 5.1 PARTITION: CREATE TABLE / Table structure,
148 partition maintenance
149 + [privileges] support for EVENT and TRIGGER
150 + [error handler] NEW handle errors to prevent path disclosure and display/collect errors
151 + [mysqlnd] do not display $strMysqlLibDiffersServerVersion if the client
153 + [webapp] experimental Mozilla Prism support
154 + [export] new plugin "codegen" for NHibernate, thanks to caocao; I'm
155 looking for a name more descriptive than codegen, taking into account
156 that it might later support other formats like JSON in the same plugin
157 + [export] new export to Texy! markup
158 + [lang] Finnish update, thanks to Jouni Kahkonen
159 + [config] new parameter $cfg['CheckConfigurationPermissions']
160 + [config] new parameter $cfg['Servers'][$i]['ShowDatabasesCommand']
161 + [config] new parameter $cfg['Servers'][$i]['CountTables']
162 + rfe #1775288 [transformation] proper display if IP-address stored as INT
163 + rfe #1758177 [core] Add the Geometry DataTypes
164 + rfe #1741101, patch #1798184 UUID default for CHAR(36) PRIMARY KEY,
165 thanks to Gert Palok - gert_p
166 - bug #1664240 [GUI] css height makes cfg TextareaRows useless
167 - bug #1724217 [Create PHP Code] doesn't include newlines for text fields
168 - bug #1845605 [i18n] translators.html still uses iso-8859-1
169 - bug #1823018 [charset] Edit(Delete) img-links pointing to wrong row
170 - bug #1826205 [export] Problems with yaml text export
171 - bug #1344768 [database] create/alter table new field can not have empty string
173 + rfe #1840165 [interface] Enlarge column name field in vertical mode
174 + patch #1847534 [interface] New "Inside field" in db search,
176 + [GUI] Mootools js library (http://mootools.net) and new parameter
177 $cfg['InitialSlidersState']
178 * [core] cache some MySQL stats (do not query them with every page request)
179 + [view] clearer dialog WITH (CASCADED | LOCAL) CHECK OPTION
180 + [lang] Norwegian update, thanks to Sven-Erik Andersen
181 + [lang] Japanese update, thanks to Ishigaki Kenichi
182 + [lang] Italian update, thanks to Luca Rebellato
184 * minimal support on db structure page
186 + [pdf] Merged tcpdf 2.2.002 (PHP5 version), thanks to Nicola Asuni
187 + [engines] Maria support
188 + [engines] MyISAM and InnoDB: support ROW_FORMAT table option
189 + prevent search indexes from indexing phpMyAdmin installations
190 + [engines] PBXT: table options, foreign key (relation view, designer)
191 + [lang] New Bangla, thanks to Raquibul Islam and Joy Kumar Nag
192 + [interface] Display options; thanks to Dave Grijalva
193 for the idea about showing the display field while browsing
194 - bug #1910621 [display] part 2: do not display a BINARY content as text
195 + rfe #1962383 [designer] Option to create a PDF page
196 - patch #2007196, Typos in comments, thanks to knittl - knittl
197 - bug #1982315 [GUI] Comma and quote in ENUM, thanks to Joshua Hogendorn
199 - bug #1970836 [parser] SQL parser is slow, thanks to Christian Schmidt
200 + rfe #1692928 [transformation] Option to disable browser transformations
201 + [import] Speed optimization to be able to import the sakila database
202 + [doc] Documentation for distributing phpMyAdmin in README.VENDOR.
203 + [display] headwords for sorted column
204 - bug #2033962 [import] Cannot import zip file
205 + [lang] Swedish update, thanks to Björn T. Hallberg
206 - bug #2050068 [gui] "Check tables having overhead" selects wrong tables
207 + [lang] Belarusian update, thanks to Jaska Zedlik
208 + [lang] Norwegian update, thanks to Sven-Erik Andersen
209 + [lang] Italian update, thanks to Luca Rebellato
210 - [core] safer handling of temporary files with open_basedir (thanks to Thijs
212 - [core] do not automatically set and create TempDir, it might lead to security
213 issue (thanks to Thijs Kinkhorst)
214 + [lang] Czech update
215 - bug #2066923 [display] Navi browse icon does not go to page 1
216 - patch #2075263 [auth] Single sign-on and cookie clearing,
217 thanks to Charles Suh - cws125
218 - [doc] better documentation of $cfg['TempDir']
219 - bug #2080963 [charset] Clarify doc and improved code, thanks to
220 Victor Volkov - hanut
221 - bug [charset] Cannot sort twice on a column when the table name
223 + [lang] Spanish update, thanks to Daniel Hinostroza
224 + [lang] Hungarian update, thanks to Jozsef Tamas Herczeg - dodika
225 - bug #2113848 [navi] Page number after database switching
226 - patch #2115966 [GUI] Checkboxes and IE 7, thanks to Martin - maschg
227 - bug #1914066 [core] ForceSSL generates incorrectly escaped redirections
229 2.11.9.4 (2008-12-09)
230 - [security] possible XSRF on several pages
232 2.11.9.3 (2008-10-30)
233 - [security] XSS in a Designer component
235 2.11.9.2 (2008-09-22)
236 - [security] XSS in MSIE using NUL byte, thanks to JPCERT.
238 2.11.9.1 (2008-09-15)
239 - [security] Code execution vulnerability, thanks to Norman Hippert
241 2.11.9.0 (2008-08-28)
242 - bug #2031221 [auth] Links to version number on login screen
243 - bug #2032707 [core] PMA does not start if ini_set() is disabled
244 - bug #2004915 [bookmarks] Saved queries greater than 1000 chars not
245 displayed, thanks to Maik Wiege - mswiege
246 - bug #2037381 [export] Export type "replace" does not work
247 - bug #2037375 [export] DROP PROCEDURE needs IF EXISTS
248 - bug #2045512 [export] Numbers in Excel export
249 - bug #2074250 [parser] Undefined variable seen_from
251 2.11.8.0 (2008-07-28)
252 - patch #1987593 [interface] Table list pagination in navi,
253 thanks to Jason Day - jday29
254 - bug #1989081 [profiling] Profiling causes query to be executed again
255 (really causes a problem in case of INSERT/UPDATE)
256 - bug #1990342 [import] SQL file import very slow on Windows,
257 thanks to Richard Heaton - wotnot
258 - bug [XHTML] problem with tabindex and radio fields
259 - bug #1971221 [interface] tabindex not set correctly
260 - bug [views] VIEW name created via the GUI was not protected with backquotes
261 - bug #1989813 [interface] Deleting multiple views (space in name)
262 - bug #1992628 [parser] SQL parser removes essential space
263 - bug #1989281 [export] Export fails if one table is marked as crashed
264 - bug #2001005 [GUI] ARCHIVE cannot have indexes
265 - bug #1989281 [export] CSV for MS Excel incorrect escaping of double quotes
266 - bug #1959855 [interface] Font size option problem when no config file
267 (todo (trunk): navi frame size does not change for theme original)
268 - bug #1982489 [relation] Relationship view should check for changes
269 - bug [history] Do not save too big queries in history
270 - [security] Do not show version info on login screen
271 - bug #2018595 [import] Potential data loss on import resubmit
272 - patch #2020630 [export] Safari and timedate, thanks to Sebastian Mendel,
273 Isaac Bennetch and Jürgen Wind
274 - bug #2022182 [import, export] Import/Export fails because of Mac files
275 - [security] protection against cross-frame scripting and
276 new directive AllowThirdPartyFraming, thanks to YGN Ethical Hacker Group
277 - [security] possible XSS during setup, thanks to YGN Ethical Hacker Group
278 - [interface] revert language changing problem introduced with 2.11.7.1
280 2.11.7.1 (2008-07-15)
281 - bug [security] XSRF/CSRF by manipulating the db,
282 convcharset and collation_connection parameters,
283 thanks to YGN Ethical Hacker Group
285 2.11.7.0 (2008-06-23)
286 - bug #1908719 [interface] New field cannot be auto-increment and primary key
287 - [dbi] Incorrect interpretation for some mysqli field flags
288 - bug #1910621 [display] part 1: do not display a TEXT utf8_bin as BLOB
289 (fixed for mysqli extension only)
290 - [interface] sanitize the after_field parameter,
291 thanks to Norman Hippert
292 - [structure] do not remove the BINARY attribute in drop-down
293 - bug #1955386 [session] Overriding session.hash_bits_per_character
294 - [interface] sanitize the table comments in table print view,
295 db print view and db data dictionary, thanks to Norman Hippert
296 - bug #1939031 Auto_Increment selected for TimeStamp by Default
297 - patch #1957998 [display] No tilde for InnoDB row counter when we know
298 it for sure, thanks to Vladyslav Bakayev - dandy76
299 - bug #1955572 [display] alt text causes duplicated strings
300 - bug #1762029 [interface] Cannot upload BLOB into existing row
301 - bug #1981043 [export] HTML in exports getting corrupted,
302 thanks to Jason Judge - jasonjudge
303 - bug #1936761 [interface] BINARY not treated as BLOB: update/delete issues
304 - protection against XSS when register_globals is on and .htaccess has
305 no effect, thanks to Tim Starling
306 - bug #1996943 [export] Firefox 3 and .sql.gz (corrupted); detect Gecko 1.9,
307 thanks to Jürgen Wind - windkiel
309 2.11.6.0 (2008-04-29)
310 - bug #1903724 [interface] Displaying of very large queries in error message
311 - bug #1905711 [compatibility] Functions deprecated in PHP 5.3: is_a() and
312 get_magic_quotes_gpc(), thanks to Dmitry N. Shilnikov - yrtimd
313 - bug [lang] catalan wrong accented characters
314 - bug #1893034 [Export] SET NAMES for importing with command-line client
315 + [lang] Russian update, thanks to Victor Volkov
316 - bug #1910485 [core] Unsetting the whitelist during the loop,
317 thanks to Jeroen Vrijkorte - jv_map
318 - bug #1906980 [Export] Import of VIEWs fails if temp table exists,
319 thanks to Falk Nisius - klaf
320 - bug #1812763 [Copy] Table copy when server is in ANSI_QUOTES sql_mode
321 thanks to Tony Marston - tonymarston
322 - bug #1918531 [compatibility] Navigation isn't w3.org valid
323 thanks to Michael Keck - mkkeck
324 - bug #1926357 [data] BIT defaults displayed incorrectly
325 - patch #1930057 [auth] colon in password prevents HTTP login on CGI/IIS,
326 thanks to Jürgen Wind - windkiel
327 - patch #1929553 [lang] Don't output BOM character in Swedish language file,
328 thanks to Samuel L. B. - samuellb
329 - patch #1895796 [lang] Typo in Japanese lang files,
330 thanks to tyman - acoustype
331 - bug #1935652 [auth] Access denied (show warning about mcrypt on login page)
332 - bug #1906983 [export] Reimport of FUNCTION fails
333 - bug #1919808 [operations] Renaming a database fails to handle functions
334 - bug #1934401 [core] Cannot force a language
335 - bug #1944077 [core] Config file containing a BOM,
336 thanks to Gaetano Giunta - ggiunta
337 - bug #1947189 [scripts] Missing </head> in scripts/signon.php,
338 thanks to Dolf Schimmel
339 + [lang] Romanian update, thanks to Sergiu Bivol - sbivol
341 2.11.5.2 (2008-04-22)
342 - PMASA-2008-3 [security] File disclosure
344 2.11.5.1 (2008-03-29)
345 - bug #1909711 [security] Sensitive data in session files
347 2.11.5.0 (2008-03-01)
348 - bug #1862661 [GUI] Warn about rename deleting database
349 - bug #1866041 [interface] Incorrect sorting with AS
350 - bug #1871038 [import] Notice: undefined variable first_sql_delimiter
351 - bug #1873110 [export] Problem exporting with a LIMIT clause
352 - bug #1871164 [GUI] Empty and navigation frame synch.
353 - patch #1873188 [GUI] Making db pager work when js is disabled,
354 thanks to Jürgen Wind - windkiel
355 - bug #1875010 [auth] MySQL server and client version mismatch (mysql ext.)
356 - patch #1879031 [transform] dateformat transformation and UNIX timestamps,
357 thanks to Tim Steiner - spam38
358 - bug [import] Do not verify a missing enclosing character for CSV,
359 because files generated by Excel don't have any enclosing character
360 - bug #1799691 [export] "Propose table structure" and Export
361 - bug #1884911 [GUI] Space usage
362 - bug #1863326 [GUI] Wrong error message / no edit (Suhosin)
363 - bug #1887204 [GUI] Order columns in result list messing up query
364 - patch #1893538 [GUI] Display issues on Opera 9.50,
365 thanks to Jürgen Wind - windkiel
366 - bug [GUI] Do not display the database name used by the previous user,
367 thanks to Ronny Görner
368 - bug [security] Remove cookies from $_REQUEST for better coexistence with
369 other applications, thanks to Richard Cunningham. See PMASA-2008-1.
371 2.11.4.0 (2008-01-12)
372 - bug #1843428 [GUI] Space issue with DROP/DELETE/ALTER TABLE
373 - bug #1807816 [search] regular expression search doesn't work with
375 - bug #1843463 [GUI] DROP PROCEDURE does not show alert
376 - bug #1835904 [GUI] Back link after a SQL error forgets the query
377 - bug #1835654 [core] wrong escaping when using double quotes
378 - bug #1817612 [cookies] Wrong cookie path on IIS with PHP-CGI,
379 thanks to Carsten Wiedmann
380 - bug #1848889 [export] export trigger should use DROP TRIGGER IF EXISTS
381 - bug #1851833 [display] Sorting forgets an explicit LIMIT
382 (fix for sorting on column headers)
383 - bug #1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin
384 - bug #1798786 [import] Wrong error when a string contains semicolon
385 - bug #1813508 [login] Missing parameter: field after re-login
386 - bug #1710144 [parser] Space after COUNT breaks Export but not Query
387 - bug #1783620 [parser] Subquery results without "as" are ignored
388 - bug #1821264 [display] MaxTableList and INFORMATION_SCHEMA
389 - bug #1859460 [display] Operations and many databases
390 - bug #1814679 [display] Database selection pagination when switching servers
391 - patch #1861717 [export] CSV Escape character not exported right,
392 thanks to nicolasdigraf
393 - bug #1864468 [display] Theme does not switch to darkblue_orange
394 - bug #1847409 [security] Path disclosure on darkblue_orange/layout.inc.php,
395 thanks to Jürgen Wind - windkiel
397 2.11.3.0 (2007-12-08)
398 - patch #1818389 to remove a notice (failed to flush buffer), thanks to
400 - patch #1821154, HTTP authentication: fix auth working with php/mod_fastcgi,
402 - wrong default charset in case of broken session
403 - bug #1824506 [profiling] Profile command repeated on older MySQL servers
404 - bug #1825172 [export] Exporting and functions
405 - bug #1817224 [import] Incorrect detection of file_uploads in some cases,
406 thanks to Juergen Wind
407 - bug #1777249 [display] Do not underline links in left panel (in default
409 - bug #1826022 [privileges] unable to add user (MySQL 3.23) since PMA 2.11.2
410 - bug #1823045 [import] Error importing file with lowercase "delimiter"
411 - bug #1828913 [structure] Can't set FULLTEXT index on CHAR column
412 - bug #1804081 [export] export on server doesn't obey AllowAnyWhereRecoding
413 - bug #1789988 [display] space before SHOW COLUMNS
414 - bug #1831646 [table creation] Error in CREATE TABLE with multiple primary
415 keys and AUTO_INCREMENT
416 - [display] Division by zero when showing all records (page selector)
417 - bug #1828265 [privileges] No weird characters in generated password
418 - bug #1759194 [import] open_basedir warning
419 - bug #1793948 [parser] ROW_FORMAT incorrectly parsed
420 - undefined PMA_MYSQL_INT_VERSION when no default server is set
421 - bug #1763343 [session] Behavior with session.auto_start enabled
422 + [lang] Hungarian update, thanks to Mihály Mészáros
423 + [lang] German update, thanks to Jürgen Wind - windkiel
424 - patch #1837691 [query window] js errors, thanks to Victor Volkov
425 - patch #1839052 [lang] catalan not in UTF-8, thanks to jaz001
426 - patch #1838626 [GUI] Login interface broken on Konqueror, thanks to fhimpe
428 2.11.2.2 (2007-11-20)
429 - bug #1835123 [security] fixed XSS vulnerability on login page,
430 thanks to Tim Brown (Nth Dimension) for the advisory
431 and to Sebastian for the fix
433 2.11.2.1 (2007-11-11)
434 - fixed possible SQL injection using database name
435 - fixed possible XSS in database name - thanks to Omer Singer, The DigiTrust Group
437 2.11.2.0 (2007-10-27)
438 - patch #1791576 HTTP auth: support REDIRECT_REMOTE_USER, thanks to Allard
439 + [lang] Serbian update, thanks to Mihailo Stefanovic
440 - bug #1798841 [relations] Copying db does not copy internal relations
441 - bug #1798646 [display] Character '+' in query wrongly interpreted
442 - bug #1801919 [themes] Do not use NaviDatabaseNameColor for fieldset legend
443 - bug #1764735 [core] Designer: PDF error when deleting a table
444 - bug #1764195 [views] DROP button does not work on defective views
445 - bug #1805773 [relations] browse foreign values: return values not escaped,
446 thanks to Alex Rambau
447 - bug #1807923 [login] Login with html entities in password fails
448 - [core] Undefined variable when creating a table that exists
449 - patch #1808578 Changes in font size were no longer detected after patch
451 + [lang] Croatian update, thanks to Renato Pavicic
452 - patch #1807615 [GUI] Display patch for column rights in Opera
453 - bug #1811519 Can't delete user with a german umlaut.
454 - bug #1811519 [privileges] fixed used collation for accessing mysql.user in server privileges
455 - it should not be possible to move or copy a table to information_schema
456 - bug #1814733 win: copy db to mixed name db fails
457 - bug #1777249 [display] Remove horizontal lines in navigation panel
458 - bug #1805102 [display] TextareaAutoSelect issues: set this parameter
459 default value to false to help cut&paste from a terminal window; also
460 set focus to the textarea
461 - bug #1814463 [display] Wrong database size
462 - bug #1811527 [display] Problem with links to the MySQL manual
463 - patch #1817529 [auth] Incorrect login via URL when AllowArbitraryServer
464 is true, thanks to Juergen Wind
466 2.11.1.2 (2007-10-17)
467 - fixed XSS in server_status.php, thanks to Omer Singer, The DigiTrust Group
468 - fixed some possible XSS with PHP_SELF, PATH_INFO, REQUEST_URI
469 (reference: CVE-2007-5589)
471 2.11.1.1 (2007-10-15)
472 - bug #1810629 [setup] XSS in setup.php, thanks to Omer Singer, The DigiTrust Group
474 2.11.1.0 (2007-09-20)
475 - bug #1783667 [export] NO_AUTO_VALUE_ON_ZERO and MySQL version
476 - bug #1780098 [GUI] Logout causes CSS loss, thanks to Juergen Wind
477 . incorrect field ids, thanks to Michael Keck
478 - bug #1787522 [view] wrong choice in algorithm drop-down
479 - bug #1777620 [GUI] Table Print preview: missing column header,
480 thanks to Mario Rohkrämer
481 - Do not display "Your MySQL library..." if only the Z part of X.Y.Z version
483 - bugs #1767759, 1216521 [data] Duplicate entry error Browse feature: this minor
484 feature removed due to its complexity
485 - bug #1774825 [operations] Rename database loses charset info
486 - bug #1791568 [core] Undefined cfg, thanks to Christian Schmidt
487 - bug #1782332 [structure] New table form does not overtake data
488 - bug #1793763 [requirements] minimum PHP should be 4.2.0
489 - patch #1787915 Avoid CSS reloading on every click, thanks to Juergen Wind
490 - bug #1798627 [GUI] Wrong storage engine displayed
492 2.11.0.0 (2007-08-21)
493 + [import] support handling of DELIMITER to mimic mysql CLI, thanks to fb1
494 + improved PHP 6 compatibility
495 - bug #1674914 [structure] changing definition of a TIMESTAMP field
496 - bug #1615530 [upload] added more specific error message if field upload fails
497 - bug #1627210, #1083301, #1482401 [data] warning on duplicate indexes
498 - bug #1668724 JavaScript focus login Opera
499 - bug #1666657 [auth] Cookie password delete on timeout / inactivity
500 - bug #1648802 different mysql library and server version
501 - bug #1662976 [auth] Authentication fails when controluser/pass is set
502 - bug #1643758 [import] Error #1264 importing NULL values in MySQL 5.0
503 - bug #1523747 [innodb] make warning about row count more visible
504 - bug #1676012 [auth] strip non-US-ASCII characters (RFC2616)
505 - bug #1679440 Added FAQ entry about header errors under IIS caused by
506 an end-of-line character
507 - [gui] avoid displaying a wide selector in server selection
508 - bug #1614004 [relation] foreign key spanning multiple columns are
509 incorrectly displayed
510 - bug #1681598 [interface] Edit next row
511 - bug #1688053 [export] Wrong export of binary character fields
512 - bug #1498281 [parser] Wrong primary key used for displaying results
514 - bug #1699772 Visual space bug in table name (in browser)
515 - bug #1699532 Cause of data manipulation issues: implemented changes
516 as suggested by crisp_; still have to work on updating an ENUM value
517 + [core] added PMA_fatalError() and made use of it
518 . [core] added PMA_isValid() and PMA_ifSetOr() for variable handling
519 . [i18n] use generic $strOptions
520 . [core] get rid of $propicon
521 . [core] globalized variables to be includable inside function in
522 libraries/select_lang.lib.php
523 + [doc] changed all documentation in config.inc.php to phpDocumentor style
524 + [data] support for CREATE VIEW from query results
525 + [gui] dropped css/ folder and moved into root of PMA
526 + [l10n] new: Sinhala, Macedonian
527 + [export] YAML export (see yaml.org), thanks to Bryce Thornton
528 + [upload] moved file upload functionality into own class
529 + [upload] make use of $cfg['TempDir'] for file uploads
530 + [server] improved display of binary logs
531 + [data] better error handling in tbl_create.php
532 + [routines] from Patch #1649881, thanks to Mike Beck
533 + [querywindow] store sql history in session
534 + [querywindow] sql history now without db too
535 + [querywindow] tweaks in sql history view
536 + [export] Native Excel (Spreadsheet_Excel_Writer) improvements,
537 thanks to Christian Schmidt
538 + [doc] requirement of mcrypt on 64-bit, thanks to Isaac Bennetch
539 + [lang] Danish update, thanks to Finn Sorensen
540 + RFE #1435922 [gui] navigation frame shows listing of databases when none selected
541 + [data] support BIT datatype (under mysqli), thanks to Christian Schmidt
542 + [display] automatic confirmation for sort by key, thanks to Juergen Wind
543 + [data] can now choose the number of insert rows
544 + RFE #1704779 [gui] link documentation from login page
545 + RFE #1513345 [setup] check control user connection during setup
546 + [structure] TRIGGERS: display/edit/drop/SQL export
547 + [browse] store browse state in session per query
548 + [lang] Turkish update, thanks to Burak Yavuz
549 + [lang] Galician update, thanks to Xosé Calvo
550 + [lang] Brazilian-Portuguese update, thanks to Airon Luis Pereira
551 + [gui] Insert/Edit: no longer display the Go button each 15 lines
552 but just at the end of a row
553 + [gui] Query window: use verbose server name if any
554 + [auth] patch #1712514 specify host for single signon, thanks to Thierry
555 + [gui] Navigator for the db list in the navigation panel
556 + [gui] Navigator for the table list in the content panel
557 - bug #1727138 HTML not encoded (more than 1000 characters)
558 + [display] Support for MySQL 5.0.37 profiling
559 + RFE #1743983 [gui] Replace $max_characters by a configurable param:
560 $cfg['MaxCharactersInDisplayedSQL']
561 - bug #1746186 LeftLogoLink fails if set to some external site
562 . [transformations]: remove "auto-detect" MIME-type that was never implemented
563 + [display] patch #1749705, Allow multibyte characters in number formatting,
565 - bug #1747215 Export emits blanks at line ends
566 - bug #1751172 Do not export data when exporting a single VIEW
567 + [lang] Swedish update, thanks to Björn T. Hallberg
568 + [lang] Russian update, thanks to Victor Volkov and the php-myadmin.ru users
569 + [privileges] Support password hashing on the Edit Privileges interface
570 - bug #1755339 Warn about rename dataase actually being copy/delete
571 - bug #1746921 Left frame shrinks on db change, thanks to Juergen Wind
572 + [gui] Export: Select All/Unselect All over the choices,
573 thanks to Florian Schmitz
574 + [lang] Japanese update, thanks to Ishigaki Kenichi
575 - bug #1759528 browse_foreigners fails due to newlines,
576 thanks to Hanno Boeck
577 + [lang] Norwegian update, thanks to Sven-Erik Andersen
578 + [lang] Italian update, thanks to Luca Rebellato
579 + [lang] Spanish update, thanks to Daniel Hinostroza
580 . [export] Do not obey $cfg['MaxTableList'] on database export
581 - [doc] UploadDir and the Import tab, thanks to Juergen Wind
582 - bug #1766975 Parameters lost when editing stored routine
583 - [export] patch #1766633 Incorrect export with specified MySQL port,
584 thanks to Juergen Wind
585 + [lang] Catalan update, thanks to Xavier Navarro
586 - bug #1751553 Drop-down instead of input when editing
587 - [data] foreign key browser: encoding mixups, thanks to Thijs Kinkhorst
588 - bug #1771721 Old SVN URLs
590 2.10.3.0 (2007-07-20)
591 - bug #1734285 Copy database with VIEWs
592 - bug #1722502 DROP TABLE in export VIEW
593 - bug #1729027 Sorting results of VIEW browsing
594 - bug #1733012 Unwanted table alias in delete button
595 - bug #1736405 Pretty printer and HTML line breaks
596 - bug #1745257 Invalid DB name is still displayed
597 - bug #1730367 Calendar "Go" has no effect
598 - bug #1748633 Incorrect parameter validation for VIEWs
599 + [lang] Russian revision, thanks to Victor Volkov and the users of
601 - Do not try to delete an internal relation if we just deleted an InnoDB one
603 2.10.2.0 (2007-06-15)
604 + [data] display all warnings, not only last one
605 - typo in fix for bug #1671813
606 - bug #1714908 Inserted Row Count is wrong
607 - bug #1712570 Deleting last record freezes
608 - bug #1717339 Missing header when deleting a checked column,
609 thanks to Michael Keck
610 - bug #1717477 Warning on Query page when db is empty
611 - bug #1721002 db rename -> undefined cfgRelation, thanks to Jürgen Wind
612 - bug #1721571 CREATE database privilege not always detected,
613 thanks to Gordon McNaughton
614 - bug #1715709 export in SQL format always includes procedures and functions
615 - bug #1722502 DROP TABLE in export view structure
616 - bug #1718787 Multi-server setup breaks Designer
617 - bug #1724401 Column truncation in repair table output
618 - patch #1726500 Wrong position of </tbody>, thanks to Jürgen Wind
619 - bug #1728590 Detected failing session_start fails, thanks to Jürgen Wind
620 - RFE #1714760 Obey ShowCreateDb on the Databases tab
621 - patch #1733762 Typo in message "INSERT DELAY", thanks to Victor Volkov
622 - patch #1730171 Dead message strLanguageFileNotFound, thanks to Victor Volkov
623 - patch #1731280 Avoid negative exponent in gmp_pow(), thanks to anosek
625 2.10.1.0 (2007-04-23)
626 - bug #1541147 [js] '#' in database names not correctly handled by queywindow.js
627 - bug #1671403 [parser] using "client" as table name
628 - bug #1672379 [core] Call to undefined function PMA_removeCookie()
629 - bug [core] undefined variable in libraries/tbl_replace_fields.inc.php
630 - bug [gui] query window icon did not work, thanks to Jürgen Wind - windkiel
631 . [general] use PMA_getenv('PHP_SELF')
632 - bug #1676033 [core] pow(int,int) causes overflow
633 - bug #1680952 [core] undefined function PMA_getUvaCondition()
634 - bug #1596328 [export] drop support for POSTGRESQL compatibility mode
635 - bug #1609443 [privileges] Grant all priv. on wildcard name (fix message)
636 - bug #1567317 [sqp] Syntax highlighter: extra spaces
637 - bug #1239401 [sqp] table dot numeric field name
638 - bug #1672789 [sqp] Undefined offset: 4 in sqlparser.lib.php #1674
639 - bug #1682044 [export] Export file even if file not selected
640 - bug #1664212 querywindow loses url encoded characters
641 - replaced ctype_digit() with is_numeric()
642 + [config] clean cookies on phpMyAdmin upgrade
643 - bug #1674972 [export] no export with %afm%
644 - bug #1667887 HTML maxlength
645 - bug #1679055 #1050 - Table '<table name>' already exists
646 - patch #1681620 [interface] support reordering of $cfg['ColumnTypes'],
647 thanks to Leonard den Ottolander
648 - bug #1690718 Can't edit if BLOB and no PK
649 - bug #1672636 [export] PDF export too wide
650 + [lang] brazilian-portuguese update, thanks to Airon Luis Pereira
651 - patch #1698964 javascript typo, thanks to Corey Hollaway
652 - bug #1703897 [css] undefined index 'js_frame'
653 - bug #1690561 Blobs being cleared on Edit of row
654 - bug #1679801 [core] XSS vulnerability in PMA_sanitize(), thanks to sp3x SecurityReason
655 - bug #1704467 XSS vulnerability in browse_foreigners.php, thanks to sp3x SecurityReason
657 2.10.0.2 (2007-03-02)
658 + bug #1671813 CVE-2006-1549 deep recursion crash
660 2.10.0.1 (2007-03-01)
661 . [config] set $cfg['Servers'][$i]['ssl'] default value to false,
662 we got reports from some users having problems with the default value of true
664 2.10.0.0 (2007-02-28)
665 - bug #1659176 [general] memory error displaying a table with large BLOBs
666 - bug #1668662 [install] can create the new pma_designer_coords table
667 + [gui] navi logo now links to main page by default, with still the possibility
668 of having an external URL
670 2007-02-25 Marc Delisle <lem9@users.sourceforge.net>
671 * libraries/common.lib.php: bug #1667466, undefined variable when
672 export + save on server
673 * server_status.php: bug #1665930, undefined PHP_SELF
675 2007-02-24 Marc Delisle <lem9@users.sourceforge.net>
676 * libraries/config.default.php: RFE #1621437, HEX and UNHEX were not
677 available for a BINARY field
679 2007-02-21 Marc Delisle <lem9@users.sourceforge.net>
680 * pmd/scripts/move.js: bug #1650770, Designer and Mac OSX,
681 thanks to Ivan Kirillov
683 2007-02-17 Marc Delisle <lem9@users.sourceforge.net>
684 * Documentation.html: patch #1659347, missing doc for some config,
685 thanks to Isaac Bennetch
686 * libraries/export/sql.php: bug #1663336, undefined variable
688 2007-02-16 Marc Delisle <lem9@users.sourceforge.net>
689 * libraries/common.lib.php, footer.inc.php: avoid generating big links
690 after an upload into a BLOB
692 2007-02-14 Marc Delisle <lem9@users.sourceforge.net>
693 * libraries/common.lib.php: white page after uploading a 700 Kio BLOB
694 * add a warning on main page if mcrypt can't be loaded (bug 1658160)
696 2007-02-12 Sebastian Mendel <cybot_tm@users.sourceforge.net>
697 * libraries/database_interface.lib.php: bug #1616486 server_databases does
698 not show all databases
699 * libraries/sqlparser.data.php: MySQL function and column names, reserved
700 and forbidden words updated,
701 bug #1657045 Spatial functions not supported
702 bug #1657037 Missing column type "geometry"
704 2007-02-09 Marc Delisle <lem9@users.sourceforge.net>
705 * main.php: some links should open a new page
706 * Documentation.html, libraries/navigation_header.inc.php,
707 libraries/config.default.php: $cfg['LeftLogoLinkWindow'] to decide
708 in which window the logo-linked page will appear
710 2007-02-09 Michal Čihař <michal@cihar.com>
711 * lang/czech: Fix syntax error (sorry for that).
713 2007-02-08 Marc Delisle <lem9@users.sourceforge.net>
714 * themes/darkblue_orange/img/logo_left.png,
715 themes/original/img/logo_left.png: smaller PMA logo for navi
717 2007-02-08 Sebastian Mendel <cybot_tm@users.sourceforge.net>
718 * themes/*/css/theme_right.css.php: bug #1653769 browsing highlight disabling
721 2007-02-06 Sebastian Mendel <cybot_tm@users.sourceforge.net>
722 * pmd_general.php, pmd_pdf.php, pmd_save_pos.php: fixed short open tags
723 patch #1652886 thanks to Martin Thielecke - mthie
724 * tbl_change.php: fixed escaping of field names in HTML and JavaScript
725 * libraries/common.lib.php: PMA_backquote() did not quote 0
726 * tbl_change.php: bug #1652810 - slashes are not escaped properly
728 2007-02-05 Marc Delisle <lem9@users.sourceforge.net>
729 * lang/japanese: Update, thanks to Ishigaki Kenichi - tcool.
731 2007-02-05 Sebastian Mendel <cybot_tm@users.sourceforge.net>
732 * lang/german: updated
734 2007-02-03 Marc Delisle <lem9@users.sourceforge.net>
735 * pmd/scripts/move.js: display problems in Opera, thanks to Maxim Bulygin
737 2007-02-02 Marc Delisle <lem9@users.sourceforge.net>
738 * tbl_replace.php: Calendar icon does not work on "Insert another new row"
740 2007-02-01 Marc Delisle <lem9@users.sourceforge.net>
741 * libraries/import.lib.php: bug #1626064, too much quoting on import
743 2007-02-01 Sebastian Mendel <cybot_tm@users.sourceforge.net>
744 * libraries/display_tbl.lib.php: bug #1644740 - $cfg['Order'] = 'SMART'
746 * libraries/Theme.class.php: removed __wakeup() due to some requirements are
747 not fulfilled at this point - also thanks to Jürgen Wind - windkiel
749 2007-01-31 Sebastian Mendel <cybot_tm@users.sourceforge.net>
750 * libraries/session.inc.php:
751 bug #1630871 - Detecting a missing write permission on sessions directory
753 2007-01-30 Sebastian Mendel <cybot_tm@users.sourceforge.net>
754 * libraries/sqlparser.lib.php PMA_SQP_analyze():
755 bug #1647785 - do not pass variables by reference
757 2007-01-29 Marc Delisle <lem9@users.sourceforge.net>
758 * lang/catalan update, thanks to Xavier Navarro (xavin)
759 * pmd_general.php: possibility of quotes in Designer messages,
760 thanks to Ivan Kirillov
762 2007-01-26 Michal Čihař <michal@cihar.com>
763 * libraries/common.lib.php, libraries/js_escape.lib.php,
764 test/escape_js_string.php, test/core.lib.php: Move java script escaping
765 to separate library, make it safer on </script> escaping and add
767 * test/theme.php: Move to test package.
769 2007-01-22 Marc Delisle <lem9@users.sourceforge.net>
770 * pmd/*: button for direct/angular links, thanks to Ivan Kirillov
772 2007-01-22 Michal Čihař <michal@cihar.com>
773 * lang/czech: Updated.
775 2007-01-21 Marc Delisle <lem9@users.sourceforge.net>
776 * libraries/Table.class.php: on a MySQL 5.0.33 server with 4400 databases,
777 one of which having 400 tables, it took more than 3 minutes just to
778 see the database structure (some accesses to INFORMATION_SCHEMA are
779 just too slow) so I changed PMA_Table::isView() to avoid calling
782 2007-01-20 Marc Delisle <lem9@users.sourceforge.net>
783 * libraries/sqlparser.lib.php: bug #1638267, wrong reserved word
785 * server_privileges.php: bug #1635377, superfluous backslash,
788 2007-01-19 Marc Delisle <lem9@users.sourceforge.net>
789 * pmd*, lang/*: Designer now supports set/unset of the display field,
790 thanks to Ivan Kirillov
792 2007-01-18 Michal Čihař <michal@cihar.com>
793 * lang/czech: Updated.
794 * libraries/auth/cookie.auth.lib.php: Make server switching honour more
795 server settings (patch #1630104).
797 2007-01-17 Marc Delisle <lem9@users.sourceforge.net>
798 * lang/turkish: update, thanks to Burak Yavuz - bourock
800 2007-01-16 Marc Delisle <lem9@users.sourceforge.net>
801 ### 2.9.2 released from QA_2_9
803 2007-01-12 Marc Delisle <lem9@users.sourceforge.net>
804 * (many files): Designer, two features (snap to grid / display field)
805 thanks to Ivan Kirillov
806 * libraries/Theme_Manager.class.php: patch #1611684, force a change
807 of a session variable to avoid phpmyadmin.css.php caching problems,
808 thanks to Christian Schmidt
810 2007-01-11 Marc Delisle <lem9@users.sourceforge.net>
811 * lang/estonian: Update, thanks to Marko Ellermaa - uhuu
813 2007-01-09 Michal Čihař <michal@cihar.com>
814 * index.php: Properly escape strings written in JS code.
815 * libraries/Theme_Manager.class.php: Avoid trigger error here, parameter
816 comes from user and it might lead to path disclossure.
817 * libraries/common.lib.php:
818 - Properly escape </script> in JS code.
819 - Check db, table and sql_query params to be string.
821 2007-01-08 Marc Delisle <lem9@users.sourceforge.net>
822 * libraries/session.inc.php: prevent attack on session name cookie
824 2007-01-05 Marc Delisle <lem9@users.sourceforge.net>
825 * libraries/session.inc.php: bug #1538132, remove the setting of
826 session.save_handler to 'files'
827 * pmd_general.php: patch #1627831,
828 English language improvements, thanks to Isaac Bennetch
829 * pmd_general.php, pmd_relation_new.php, lang/*: abstract messages
831 2007-01-04 Marc Delisle <lem9@users.sourceforge.net>
832 * pmd/scripts/move.js: avoid text selection when moving a table object
833 under MSIE 6, thanks to Ivan Kirillov
834 * libraries/db_links.inc.php: better icon for Designer, thanks to I.K.
836 2007-01-02 Marc Delisle <lem9@users.sourceforge.net>
837 * Designer: various fixes and improvements (for example support
838 for MSIE 6), thanks to Ivan Kirillov
839 * pdf_pages.php: undefined $pdf_page_number when no auto layout
840 * server_privileges.php: bug #1614087, deleting a user having a
841 global GRANT privilege fails under MySQL 4.1.x
843 2007-01-02 Michal Čihař <michal@cihar.com>
844 * libraries/common.lib.php: Add <div> to allow selecting whole SQL by
845 tripple click (patch #1611591).
846 * libraries/export/sql.php: DELIMITER should not be commented out (bug
849 --- Older ChangeLogs can be found on our project website ---
850 http://www.phpmyadmin.net/old-stuff/ChangeLogs/
852 # vim: et ts=4 sw=4 sts=4
853 # vim: ft=changelog fenc=utf-8 encoding=utf-8
854 # vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>8&&getline(v\:lnum)!~'^#'
855 # vim: fdn=1 fdm=expr