diff options
author | Marc Delisle <marc@infomarc.info> | 2008-07-15 18:40:42 +0400 |
---|---|---|
committer | Marc Delisle <marc@infomarc.info> | 2008-07-15 18:40:42 +0400 |
commit | 084fd3ed16290339ee98a14d067932f638974044 (patch) | |
tree | 28829105497a86ea9dcd0219fbb72b876f46376f | |
parent | 13fbcf4107476dc2d53a8dde707667172f807641 (diff) |
version number of the release; we need the server parameter; document server parameterRELEASE_2_11_7_1
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | Documentation.html | 7 | ||||
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | libraries/Config.class.php | 2 | ||||
-rw-r--r-- | libraries/common.inc.php | 6 | ||||
-rw-r--r-- | translators.html | 4 |
6 files changed, 14 insertions, 11 deletions
@@ -5,7 +5,7 @@ phpMyAdmin - ChangeLog $Id$ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $ -2.11.7.1 () +2.11.7.1 (2008-07-15) - bug #1908719 [security] XSRF/CSRF by manipulating the db, convcharset and collation_connection parameters, thanks to YGN Ethical Hacker Group diff --git a/Documentation.html b/Documentation.html index 5a10c5d073..86d1bc353c 100644 --- a/Documentation.html +++ b/Documentation.html @@ -11,7 +11,7 @@ <link rel="icon" href="./favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> - <title>phpMyAdmin 2.11.7 - Documentation</title> + <title>phpMyAdmin 2.11.7.1 - Documentation</title> <link rel="stylesheet" type="text/css" href="docs.css" /> </head> @@ -33,7 +33,7 @@ <li><a href="#glossary">Glossary</a></li> </ul> -<h1>phpMyAdmin 2.11.7 Documentation</h1> +<h1>phpMyAdmin 2.11.7.1 Documentation</h1> <ul><li><a href="http://www.phpmyadmin.net/"> phpMyAdmin homepage</a></li> @@ -2749,7 +2749,8 @@ SetInputFilter PHP <a href="#faq1_34">1.34 Can I access directly to database or table pages?</a></h4> <p> Yes. Out of the box, you can use <abbr title="Uniform Resource Locator">URL</abbr>s like - http://server/phpMyAdmin/index.php?db=database&table=table&target=script. +http://server/phpMyAdmin/index.php?server=X&db=database&table=table&target=script. For <tt>server</tt> you use the server number which refers to +the order of the server paragraph in <tt>config.inc.php</tt>. Table and script parts are optional. If you want http://server/phpMyAdmin/database[/table][/script] <abbr title="Uniform Resource Locator">URL</abbr>s, you need to do some configuration. Following lines apply only for <a @@ -5,8 +5,8 @@ phpMyAdmin - Readme A set of PHP-scripts to manage MySQL over the web. - Version 2.11.7 - -------------- + Version 2.11.7.1 + ---------------- http://www.phpmyadmin.net/ Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller.com> diff --git a/libraries/Config.class.php b/libraries/Config.class.php index 31a89a4279..419fd425c1 100644 --- a/libraries/Config.class.php +++ b/libraries/Config.class.php @@ -85,7 +85,7 @@ class PMA_Config */ function checkSystem() { - $this->set('PMA_VERSION', '2.11.7'); + $this->set('PMA_VERSION', '2.11.7.1'); /** * @deprecated */ diff --git a/libraries/common.inc.php b/libraries/common.inc.php index d6cc392480..9988a4bd7e 100644 --- a/libraries/common.inc.php +++ b/libraries/common.inc.php @@ -398,8 +398,10 @@ if (! PMA_isValid($_REQUEST['token']) || $_SESSION[' PMA_token '] != $_REQUEST[' * List of parameters which are allowed from unsafe source */ $allow_list = array( - /* needed for direct access, see FAQ 1.34 */ - 'db', 'table', 'target', + /* needed for direct access, see FAQ 1.34 + * also, server needed for cookie login screen (multi-server) + */ + 'server', 'db', 'table', 'target', /* Session ID */ 'phpMyAdmin', /* Cookie preferences */ diff --git a/translators.html b/translators.html index 1937851bbb..487d4d56c7 100644 --- a/translators.html +++ b/translators.html @@ -8,7 +8,7 @@ <link rel="icon" href="./favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> - <title>phpMyAdmin 2.11.7 - Official translators</title> + <title>phpMyAdmin 2.11.7.1 - Official translators</title> <link rel="stylesheet" type="text/css" href="docs.css" /> </head> @@ -31,7 +31,7 @@ <li><a href="Documentation.html#glossary">Glossary</a></li> </ul> -<h1>phpMyAdmin 2.11.7 official translators list</h1> +<h1>phpMyAdmin 2.11.7.1 official translators list</h1> <p> Here is the list of the "official translators" of phpMyAdmin.</p> |