phpMyAdmin - ChangeLog ====================== 4.1.0.0 (not yet released) + rfe #499 On user creation, warn if the user already exists + Use indeterminate check all checkbox in server privileges + Break server_status.php functions into smaller functions + PMA_DBI functions in database_interface.lib.php renamed to be compliant with PEAR standards + [interface] Make warning about existing config directory clearer + rfe #1414 Allow specifying controlport + PMA_DBI functions in database interface libraries renamed to be compliant with PEAR standards + rfe #1412 Creating a view from an empty set of results + Improved layout on db and table operations pages + rfe #1410 Added support for AES_ENCRYPT for blob fields + rfe #1423 Clarify option text for icon/text settings + [interface] Upgraded CodeMirror to 3.x series + rfe #1363 Improved query profiler + [interface] rfe #1429 Better suggestion for database name + rfe #1433 Support relations with ndbcluster - bug #3962 Proper escaping of JSON export + rfe #1328 Optional ReCAPTCHA support + rfe #1434 Improvements to the table browsing navigation bar + rfe #1233 and rfe #1283 Improvements to Relation View interface + rfe #175 Allow cross-database relations - [core] Dropped support for PHP 5.2. + rfe #487 and rfe #1405 Find and Replacing column wise + rfe #1373 Use same create view dialog for editing a view + rfe #316 Configurable menus; allow user groups with customized menus per group - bug #4024 Editing field a record is selected by makes pma load forever - bug #4035 Query "inline" link disappears when turning off "Explain SQL" option + rfe #1385 Hide tables, functions, procedures, events and views in navigation tree + rfe #1321 Export view as if it was a table 4.0.6.0 (not yet released) - bug #4036 Call to undefined function mb_detect_encoding (clarify the doc) - bug Missing hints when changing a column's structure 4.0.5.0 (2013-08-04) - bug #3977 Not detected configuration storage - bug #3970 Pressing enter in the filter field reloads page - bug #3984 Cannot insert in this table (PHP < 5.4) - bug #3989 Reloading privileges does not update the interface - bug #3960 NavigationBarIconic config not honored - bug #3985 Call to undefined function mb_detect_encoding - bug #4007 Analyze option not shown for InnoDB tables - bug #4015 Forcing a storage engine for configuration storage - bug Incorrect Drizzle 7 detection - bug #4019 Create database if not exists (export): add an option to the interface to enable generating CREATE DATABASE and USE (false by default) - bug #4012 Crash on CSV file import - bug #4009 Statistic Monitor shows only last 3 digits in graph - bug #3998 Non-permanent SQL history not working - bug #3578 Transformations for text/plain on a BLOB column - [security] Improved protection against cross framing, see PMASA-2013-10 + Reinstated configuration directive: AllowThirdPartyFraming 4.0.4.2 (2013-07-28) - [security] fix unescaped parameter, see PMASA-2013-8 - [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 - [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 - [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 - [security] Fix full path disclosure, see PMASA-2013-12 - [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 - [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15 - [security] Fix self-XSS in schema export, see PMASA-2013-14 - [security] Fix unencoded json object, see PMASA-2013-11 - [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13 4.0.4.1 (2013-06-30) - [security] Global variables scope injection vulnerability (see PMASA-2013-7) 4.0.4.0 (2013-06-17) - bug #3959 Using DefaultTabDatabase in NavigationTree for Database Click - bug #3961 Avoid Suhosin warning when in simulation mode - bug #3897 Row Statistics and Space usage bugs - bug #3966 Only display "table has no unique column" message when applicable - bug #3965 Default language wrong with zh-TW - bug #3921 Call to undefined function PMA_isSuperuser() if default server is not set - bug #3971 Ctrl/shift + click opens links in same window - bug #3964 Import using https does not work - bug Missing removeCRLF option in ExportCsv and ExportExcel plugins - bug #3631 Drop not working Visio schema export. - bug #3645 Better handling of invalid ODS documents - bug #3976 Number of pages - bug #3922 User privileges, database name unescaped 4.0.3.0 (2013-06-05) - bug #3941 Recent tables list always empty - bug #3933 Do not translate "Open Document" in export settings - bug #3927 List of tables is missing after expanding in the navigation frame - bug #3942 Warnings about reserved word for many non reserved words - bug #3912 Exporting row selection, resulted by ORDER BY query - bug #3957 Cookies must be enabled past this point - bug #3956 "Browse foreign values" search filter / page selector not working - bug #3579 NOW() function incorrectly selected (partial regression) - [security] Javascript execution vulnerability in Create view, reported by Maxim Rupp (see PMASA-2013-6) 4.0.2.0 (2013-05-24) - bug #3902 Cannot browse when table name contains keyword "call" + center loading indicator for navigation refresh, related to bug #3920 - bug #3925 Table sorting in navigation panel is case-sensitive - bug #3915 Import of CSV file (Replace table data with file) with duplicate values - bug #3907 undefined variables, function parameter problems - bug #3898 Structure not refreshed after column drop - bug #3926 View is not updatable - bug #3919 PropertiesIconic not honored - bug #3930 Databases to choose for specific privileges show up escaped - bug #3910 Export database with empty table as a php array, does not produce valid PHP - bug #3936 Query profiler chart not loading from SQL Query page - bug #3946 Missing CSV import option "Do not abort on INSERT error" - bug #3943 Missing Operations>Table options>AUTO_INCREMENT - bug Missing CREATE DATABASE statement when exporting at database level - bug #3924 Show warning when CSV file does not contain data for all columns - bug #3947 Missing Sql Query after modify structure - bug #3948 Server export problems - bug #3917 CountTables directive is deprecated 4.0.1.0 (2013-05-14) - bug #3879 Import broken for CSV using LOAD DATA - bug #3889 When login fails and error display is active, login data is displayed - bug #3890 [import] Web server upload directory import fails - bug #3891 [import] Server upload folder import file name missing in success message + rfe #1421 [auth] Add retry button on connection failure with config auth - bug #3894 [interface] Provide feedback if no columns selected for multi-submit - bug #3799 [interface] Incorrect select field change on ctrl key navigation in Firefox - bug #3885 [browse] display_binary_as_hex option causes unexpected behavior - bug #3899 Git commit links to Github missing - bug #3900 CSP WARN in Firefox console - bug #3901 Setup script warning for config auth (stored login data) shows link BBcode - bug #3895 [browse] Fixed getting BLOB data - bug #3905 [export] Custom Exporting exports all databases - bug #3909 [import] Import of CSV FIle to selected table doesn't work - bug #3904 Browsing an empty table should not display its Structure - bug #3908 Calendar widget improperly redirects to home - bug #3918 Greyed out tabs when there are no rows fixed - bug #3916 [interface] Missing scrollbar (original theme) + [vendor] add tcpdf path to vendor_config.php - bug fix compat with tcpdf >= 6.0 (tested with 6.0.012) 4.0.0.0 (2013-05-03) + Patch #3481047 for rfe #3480477 Insert as new row enhancement + Patch #3480999 Activate codemirror in the query window - Patch #3495284 XML Import - fix message and redirect + rfe #3484063 Null checkbox behavior + Patch #3497179 Contest-5: Add user: Allow create DB w/same name + grant u_% + Patch #3498201 Contest-6: Export all privileges + Patch #3502814 for rfe #3187077 Change password buttons should match + rfe #3488640 Expand table-group in non-light navigation frame if only one + Patch #3509360 Contest-3: Option "Truncate table" before "insert" + Patch #3506552 Contest-2: Show index information in the data dictionary + Patch #3510656 Contest-1: Ignoring foreign keys while dropping tables - Bug #3509686 Reverting sort on joined column does not work + New transformation: append string + rfe #3507804 Session upload progress (PHP 5.4) + rfe #3488185 draggable columns vs copy column name + Patch #3507001 Contest-4: Textarea for large character columns + Removed the PHP version of the ENUM editor + Patch #3507111 Display distinct results, linked to corresponding data rows - bug #3507917 [export] JSON has unescaped values for allegedly numeric columns + rfe #3516187 show tables creation, last update, last check timestamps in db_structure - bug #3059806 Supporting running from CIFS/Samba shares - bug #3516341 [export] Open Document Text, Word and Texy! Text show table structure twice - bug [export] Texy! Text: Columns containing Pipe Character don't export properly + [export] Show triggers in Open Document Text, Word and Texy! Text - Patch #3415061 [auth] Login screen appears under the page + rfe #3517354 [interface] Allow disabling CodeMirror with $cfg['CodemirrorEnable'] = false + rfe #3475567 [interface] New directive $cfg['HideStructureActions'] - bug #3468272 [import] Fixed import of ODS with more paragraphs in a cell - bug #3510196 [core] Improved redirecting with ForceSSL option + rfe #3518852 [edit] edit blob but not other binary, new option $cfg['ProtectBinary'] = 'noblob' + Hide language select box if there are no locales installed + Removed some directives: verbose_check, SuggestDBName, LightTabs, VerboseMultiSubmit, ReplaceHelpImg - Patch #3500882 Fixing checkbox behaviour while editing identical rows + rfe #3441722 [interface] Display description of datatypes + rfe #3517835 [structure] Move columns easily + Ajaxified "Create View" functionality + [import] New plugin: import mediawiki + New navigation system + Discontinued the use of a frame-based layout + rfe #3528994 [interface] Allow wrapping possibly long values in replication-status table + [interface] Autoselect username input on cookie login page - bug #3563799 [interface] Grid editing destroying huge amount of data + [import] Remove support for the unactive docSQL import format - bug #3577443 [edit] "Browse foreign values" does not show on ajax edit + rfe #3522109 [browse] Grid editing: action to trigger it (or disable) - bug #3526598 [interface] SQL query not shown when creating table + Dropped configuration directive: AllowThirdPartyFraming + Dropped configuration directive: LeftFrameLight + Dropped configuration directive: DisplayDatabasesList + Dropped configuration directives: ShowTooltipAliasDB and ShowTooltipAliasTB + Dropped configuration directive: NaviDatabaseNameColor + Added configuration directive: MaxNavigationItems + Renamed configuration directive: LeftFrameDBTree => NavigationTreeEnableGrouping + Renamed configuration directive: LeftFrameDBSeparator => NavigationTreeDbSeparator + Renamed configuration directive: LeftFrameTableSeparator => NavigationTreeTableSeparator + Renamed configuration directive: LeftFrameTableLevel => NavigationTreeTableLevel + Renamed configuration directive: LeftPointerEnable => NavigationTreePointerEnable + Renamed configuration directive: LeftDefaultTabTable => NavigationTreeDefaultTabTable + Renamed configuration directive: LeftDisplayTableFilterMinimum => NavigationTreeDisplayTableFilterMinimum + Renamed configuration directive: LeftDisplayLogo => NavigationDisplayLogo + Renamed configuration directive: LeftLogoLink => NavigationLogoLink + Renamed configuration directive: LeftLogoLinkWindow => NavigationLogoLinkWindow + Renamed configuration directive: LeftDisplayServers => NavigationDisplayServers + Renamed configuration directive: LeftRecentTable => NumRecentTables + Renamed configuration directive: LeftDisplayDatabaseFilterMinimum => NavigationTreeDisplayDbFilterMinimum + Removed the "Mark row on click" feature; must now click the checkbox to mark + Removed the "Synchronize" feature + Improved layout of server variables page + rfe #1052091 [config] Double-underscores in PMA table names + Improved the "More" dropdown on the table structure page + [interface] Added "scroll to top" link in menubar + [designer] Fullscreen mode for the designer + Upgraded jquery to v1.8.3 and jquery-ui to v1.9.2 + Patch #3597529 [status] Add raw value as title on server status page + Support MySQL 5.6 partitioning + Removed the AjaxEnable directive + rfe #3542567 Accept IPv6 ranges and IPv6 CIDR notations in $cfg['Servers'][$i]['AllowDeny']['rules'] - Bug #3576788 Grid editing shows the value before silent truncation - Upgraded jqPlot to 1.0.4 r1121 - Upgraded to jquery-ui-timepicker-addon 1.1.1 + rfe #3599046 [interface] Added comments for indexes - Replaced qtip with jQuery UI tooltip - Upgraded CodeMirror to 2.37 - bug #2951 [export] Correctly export decimal fields. - bug #3762 [core] Make Advisor work on Windows withou COM extension. - bug #3519 [export] Prevent infinite recursion in PDF export. - bug #3827 Table specific privileges not displayed for db name containing underscore - rfe #1386 Add IF NOT EXISTS clause when copying database - No longer package .travis.yml configuration file when creating a release. - bug #3830 Can't export custom query because it lowercases table names - bug #3829 Enabling query profiling crashes javascript based navigation + rfe #879 Reserved word warning + Remove the database ordering sub-feature of the only_db directive - bug #3840 When exporting to gzip format, the data is compressed 2 times + rfe #1319 Permit to create index when creating foreign key - bug #3703 Incorrect updating of the list of users - bug #3853 Blowfish implementation might be broken (replace with phpseclib) - bug #3865 Using like operator on each backslash needs 4 backslash protection - bug #3860 Displayed git revision info is not set - bug #3871 Check referential integrity broken across databases - bug #3874 [export] No preselected option when exporting table - bug #3873 Can't copy table to target database if table exists there - bug #3683 Incorrect listing of records from to count - bug #3876 [import] PHP 5.2 - unexpected T_PAAMAYIM_NEKUDOTAYIM - [security] Local file inclusion vulnerability, reported by Janek Vind (see PMASA-2013-4) - [security] Global variables overwrite in export.php, reported by Janek Vind (see PMASA-2013-5) - bug #3892 [export] SQL Export files are empty 3.5.8.2 (2013-07-28) - [security] Fix self-XSS in "Showing rows", see PMASA-2013-8 - [security] Fix self-XSS in Display chart, see PMASA-2013-9 - [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 - [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 - [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 + [security] JSON content type header for version_check.php, see PMASA-2013-9 + [security] Backport fix for jQuery issue #9521 from jQuery 1.6.3, see PMASA-2013-9 + [security] Fix full path disclosure, see PMASA-2013-12 + [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 + [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15 - [security] Fix self-XSS in schema export, see PMASA-2013-14 - [security] Fix unencoded json object, see PMASA-2013-11 3.5.8.1 (2013-04-24) - [security] Remote code execution (preg_replace), reported by Janek Vind (see PMASA-2013-2) - [security] Locally Saved SQL Dump File Multiple File Extension Remote Code Execution, reported by Janek Vind (see PMASA-2013-3) 3.5.8.0 (2013-04-08) - bug #3828 MariaDB reported as MySQL - bug #3854 Incorrect header for Safari 6.0 - bug #3705 Attempt to open trigger for edit gives NULL - Use HTML5 DOCTYPE - [security] Self-XSS on GIS visualisation page, reported by Janek Vind - bug #3800 Incorrect keyhandler behaviour #2 3.5.7.0 (2013-02-15) - bug #3779 [core] Problem with backslash in enum fields - bug #3816 Missing server_processlist.php - bug #3821 Safari: white page - Correct detection of the Chrome browser 3.5.6.0 (2013-01-28) - bug #3593604 [status] Erroneous advisor rule - bug #3596070 [status] localStorage broken in server status monitor - bug #3598736 [routines] Editing a procedure with special characters - bug #3600322 [core] Visualize GIS data throws Fatal Error - bug #3599362 [core] Double-escaped error message - bug #3776 [cookies] Login without auth on second server --- Older ChangeLogs can be found on our project website --- http://www.phpmyadmin.net/old-stuff/ChangeLogs/ # vim: et ts=4 sw=4 sts=4 # vim: ft=changelog fenc=utf-8 # vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>4&&getline(v\:lnum)!~'^#' # vim: fdn=1 fdm=expr