forked from phpmyadmin/phpmyadmin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ChangeLog
307 lines (290 loc) · 16.8 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
phpMyAdmin - ChangeLog
======================
4.1.0.0 (not yet released)
+ rfe #499 On user creation, warn if the user already exists
+ Use indeterminate check all checkbox in server privileges
+ Break server_status.php functions into smaller functions
+ PMA_DBI functions in database_interface.lib.php renamed to be compliant with PEAR standards
+ [interface] Make warning about existing config directory clearer
+ rfe #1414 Allow specifying controlport
+ PMA_DBI functions in database interface libraries renamed to be compliant with PEAR standards
+ rfe #1412 Creating a view from an empty set of results
+ Improved layout on db and table operations pages
+ rfe #1410 Added support for AES_ENCRYPT for blob fields
+ rfe #1423 Clarify option text for icon/text settings
+ [interface] Upgraded CodeMirror to 3.x series
+ rfe #1363 Improved query profiler
+ [interface] rfe #1429 Better suggestion for database name
+ rfe #1433 Support relations with ndbcluster
- bug #3962 Proper escaping of JSON export
+ rfe #1328 Optional ReCAPTCHA support
+ rfe #1434 Improvements to the table browsing navigation bar
+ rfe #1233 and rfe #1283 Improvements to Relation View interface
+ rfe #175 Allow cross-database relations
- [core] Dropped support for PHP 5.2.
+ rfe #487 and rfe #1405 Find and Replacing column wise
+ rfe #1373 Use same create view dialog for editing a view
+ rfe #316 Configurable menus; allow user groups with customized menus per group
- bug #4024 Editing field a record is selected by makes pma load forever
- bug #4035 Query "inline" link disappears when turning off "Explain SQL" option
+ rfe #1385 Hide tables, functions, procedures, events and views in navigation tree
+ rfe #1321 Export view as if it was a table
+ Dropped configuration directive: SQP
+ Dropped configuration directive: MySQLManual*
4.0.6.0 (not yet released)
- bug #4036 Call to undefined function mb_detect_encoding (clarify the doc)
- bug Missing hints when changing a column's structure
- bug #4048 Cannot select foreign value in Search
- bug #4025 gzip export is not actually compressed with mod_deflate
4.0.5.0 (2013-08-04)
- bug #3977 Not detected configuration storage
- bug #3970 Pressing enter in the filter field reloads page
- bug #3984 Cannot insert in this table (PHP < 5.4)
- bug #3989 Reloading privileges does not update the interface
- bug #3960 NavigationBarIconic config not honored
- bug #3985 Call to undefined function mb_detect_encoding
- bug #4007 Analyze option not shown for InnoDB tables
- bug #4015 Forcing a storage engine for configuration storage
- bug Incorrect Drizzle 7 detection
- bug #4019 Create database if not exists (export): add an option to the
interface to enable generating CREATE DATABASE and USE (false by default)
- bug #4012 Crash on CSV file import
- bug #4009 Statistic Monitor shows only last 3 digits in graph
- bug #3998 Non-permanent SQL history not working
- bug #3578 Transformations for text/plain on a BLOB column
- [security] Improved protection against cross framing, see PMASA-2013-10
+ Reinstated configuration directive: AllowThirdPartyFraming
4.0.4.2 (2013-07-28)
- [security] fix unescaped parameter, see PMASA-2013-8
- [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
- [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
- [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
- [security] Fix full path disclosure, see PMASA-2013-12
- [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15
- [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15
- [security] Fix self-XSS in schema export, see PMASA-2013-14
- [security] Fix unencoded json object, see PMASA-2013-11
- [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13
4.0.4.1 (2013-06-30)
- [security] Global variables scope injection vulnerability (see PMASA-2013-7)
4.0.4.0 (2013-06-17)
- bug #3959 Using DefaultTabDatabase in NavigationTree for Database Click
- bug #3961 Avoid Suhosin warning when in simulation mode
- bug #3897 Row Statistics and Space usage bugs
- bug #3966 Only display "table has no unique column" message when applicable
- bug #3965 Default language wrong with zh-TW
- bug #3921 Call to undefined function PMA_isSuperuser() if default server is
not set
- bug #3971 Ctrl/shift + click opens links in same window
- bug #3964 Import using https does not work
- bug Missing removeCRLF option in ExportCsv and ExportExcel plugins
- bug #3631 Drop not working Visio schema export.
- bug #3645 Better handling of invalid ODS documents
- bug #3976 Number of pages
- bug #3922 User privileges, database name unescaped
4.0.3.0 (2013-06-05)
- bug #3941 Recent tables list always empty
- bug #3933 Do not translate "Open Document" in export settings
- bug #3927 List of tables is missing after expanding in the navigation frame
- bug #3942 Warnings about reserved word for many non reserved words
- bug #3912 Exporting row selection, resulted by ORDER BY query
- bug #3957 Cookies must be enabled past this point
- bug #3956 "Browse foreign values" search filter / page selector not working
- bug #3579 NOW() function incorrectly selected (partial regression)
- [security] Javascript execution vulnerability in Create view,
reported by Maxim Rupp (see PMASA-2013-6)
4.0.2.0 (2013-05-24)
- bug #3902 Cannot browse when table name contains keyword "call"
+ center loading indicator for navigation refresh, related to bug #3920
- bug #3925 Table sorting in navigation panel is case-sensitive
- bug #3915 Import of CSV file (Replace table data with file) with duplicate values
- bug #3907 undefined variables, function parameter problems
- bug #3898 Structure not refreshed after column drop
- bug #3926 View is not updatable
- bug #3919 PropertiesIconic not honored
- bug #3930 Databases to choose for specific privileges show up escaped
- bug #3910 Export database with empty table as a php array, does not produce valid PHP
- bug #3936 Query profiler chart not loading from SQL Query page
- bug #3946 Missing CSV import option "Do not abort on INSERT error"
- bug #3943 Missing Operations>Table options>AUTO_INCREMENT
- bug Missing CREATE DATABASE statement when exporting at database level
- bug #3924 Show warning when CSV file does not contain data for all columns
- bug #3947 Missing Sql Query after modify structure
- bug #3948 Server export problems
- bug #3917 CountTables directive is deprecated
4.0.1.0 (2013-05-14)
- bug #3879 Import broken for CSV using LOAD DATA
- bug #3889 When login fails and error display is active, login data is displayed
- bug #3890 [import] Web server upload directory import fails
- bug #3891 [import] Server upload folder import file name missing in success message
+ rfe #1421 [auth] Add retry button on connection failure with config auth
- bug #3894 [interface] Provide feedback if no columns selected for multi-submit
- bug #3799 [interface] Incorrect select field change on ctrl key navigation in Firefox
- bug #3885 [browse] display_binary_as_hex option causes unexpected behavior
- bug #3899 Git commit links to Github missing
- bug #3900 CSP WARN in Firefox console
- bug #3901 Setup script warning for config auth (stored login data) shows link BBcode
- bug #3895 [browse] Fixed getting BLOB data
- bug #3905 [export] Custom Exporting exports all databases
- bug #3909 [import] Import of CSV FIle to selected table doesn't work
- bug #3904 Browsing an empty table should not display its Structure
- bug #3908 Calendar widget improperly redirects to home
- bug #3918 Greyed out tabs when there are no rows fixed
- bug #3916 [interface] Missing scrollbar (original theme)
+ [vendor] add tcpdf path to vendor_config.php
- bug fix compat with tcpdf >= 6.0 (tested with 6.0.012)
4.0.0.0 (2013-05-03)
+ Patch #3481047 for rfe #3480477 Insert as new row enhancement
+ Patch #3480999 Activate codemirror in the query window
- Patch #3495284 XML Import - fix message and redirect
+ rfe #3484063 Null checkbox behavior
+ Patch #3497179 Contest-5: Add user: Allow create DB w/same name + grant u_%
+ Patch #3498201 Contest-6: Export all privileges
+ Patch #3502814 for rfe #3187077 Change password buttons should match
+ rfe #3488640 Expand table-group in non-light navigation frame if only one
+ Patch #3509360 Contest-3: Option "Truncate table" before "insert"
+ Patch #3506552 Contest-2: Show index information in the data dictionary
+ Patch #3510656 Contest-1: Ignoring foreign keys while dropping tables
- Bug #3509686 Reverting sort on joined column does not work
+ New transformation: append string
+ rfe #3507804 Session upload progress (PHP 5.4)
+ rfe #3488185 draggable columns vs copy column name
+ Patch #3507001 Contest-4: Textarea for large character columns
+ Removed the PHP version of the ENUM editor
+ Patch #3507111 Display distinct results, linked to corresponding data rows
- bug #3507917 [export] JSON has unescaped values for allegedly numeric columns
+ rfe #3516187 show tables creation, last update, last check timestamps in db_structure
- bug #3059806 Supporting running from CIFS/Samba shares
- bug #3516341 [export] Open Document Text, Word and Texy! Text show table structure twice
- bug [export] Texy! Text: Columns containing Pipe Character don't export properly
+ [export] Show triggers in Open Document Text, Word and Texy! Text
- Patch #3415061 [auth] Login screen appears under the page
+ rfe #3517354 [interface] Allow disabling CodeMirror with $cfg['CodemirrorEnable'] = false
+ rfe #3475567 [interface] New directive $cfg['HideStructureActions']
- bug #3468272 [import] Fixed import of ODS with more paragraphs in a cell
- bug #3510196 [core] Improved redirecting with ForceSSL option
+ rfe #3518852 [edit] edit blob but not other binary, new option $cfg['ProtectBinary'] = 'noblob'
+ Hide language select box if there are no locales installed
+ Removed some directives: verbose_check, SuggestDBName, LightTabs,
VerboseMultiSubmit, ReplaceHelpImg
- Patch #3500882 Fixing checkbox behaviour while editing identical rows
+ rfe #3441722 [interface] Display description of datatypes
+ rfe #3517835 [structure] Move columns easily
+ Ajaxified "Create View" functionality
+ [import] New plugin: import mediawiki
+ New navigation system
+ Discontinued the use of a frame-based layout
+ rfe #3528994 [interface] Allow wrapping possibly long values in replication-status table
+ [interface] Autoselect username input on cookie login page
- bug #3563799 [interface] Grid editing destroying huge amount of data
+ [import] Remove support for the unactive docSQL import format
- bug #3577443 [edit] "Browse foreign values" does not show on ajax edit
+ rfe #3522109 [browse] Grid editing: action to trigger it (or disable)
- bug #3526598 [interface] SQL query not shown when creating table
+ Dropped configuration directive: AllowThirdPartyFraming
+ Dropped configuration directive: LeftFrameLight
+ Dropped configuration directive: DisplayDatabasesList
+ Dropped configuration directives: ShowTooltipAliasDB and ShowTooltipAliasTB
+ Dropped configuration directive: NaviDatabaseNameColor
+ Added configuration directive: MaxNavigationItems
+ Renamed configuration directive: LeftFrameDBTree => NavigationTreeEnableGrouping
+ Renamed configuration directive: LeftFrameDBSeparator => NavigationTreeDbSeparator
+ Renamed configuration directive: LeftFrameTableSeparator => NavigationTreeTableSeparator
+ Renamed configuration directive: LeftFrameTableLevel => NavigationTreeTableLevel
+ Renamed configuration directive: LeftPointerEnable => NavigationTreePointerEnable
+ Renamed configuration directive: LeftDefaultTabTable => NavigationTreeDefaultTabTable
+ Renamed configuration directive: LeftDisplayTableFilterMinimum => NavigationTreeDisplayTableFilterMinimum
+ Renamed configuration directive: LeftDisplayLogo => NavigationDisplayLogo
+ Renamed configuration directive: LeftLogoLink => NavigationLogoLink
+ Renamed configuration directive: LeftLogoLinkWindow => NavigationLogoLinkWindow
+ Renamed configuration directive: LeftDisplayServers => NavigationDisplayServers
+ Renamed configuration directive: LeftRecentTable => NumRecentTables
+ Renamed configuration directive: LeftDisplayDatabaseFilterMinimum => NavigationTreeDisplayDbFilterMinimum
+ Removed the "Mark row on click" feature; must now click the checkbox to mark
+ Removed the "Synchronize" feature
+ Improved layout of server variables page
+ rfe #1052091 [config] Double-underscores in PMA table names
+ Improved the "More" dropdown on the table structure page
+ [interface] Added "scroll to top" link in menubar
+ [designer] Fullscreen mode for the designer
+ Upgraded jquery to v1.8.3 and jquery-ui to v1.9.2
+ Patch #3597529 [status] Add raw value as title on server status page
+ Support MySQL 5.6 partitioning
+ Removed the AjaxEnable directive
+ rfe #3542567 Accept IPv6 ranges and IPv6 CIDR notations in $cfg['Servers'][$i]['AllowDeny']['rules']
- Bug #3576788 Grid editing shows the value before silent truncation
- Upgraded jqPlot to 1.0.4 r1121
- Upgraded to jquery-ui-timepicker-addon 1.1.1
+ rfe #3599046 [interface] Added comments for indexes
- Replaced qtip with jQuery UI tooltip
- Upgraded CodeMirror to 2.37
- bug #2951 [export] Correctly export decimal fields.
- bug #3762 [core] Make Advisor work on Windows withou COM extension.
- bug #3519 [export] Prevent infinite recursion in PDF export.
- bug #3827 Table specific privileges not displayed for db name containing
underscore
- rfe #1386 Add IF NOT EXISTS clause when copying database
- No longer package .travis.yml configuration file when creating a release.
- bug #3830 Can't export custom query because it lowercases table names
- bug #3829 Enabling query profiling crashes javascript based navigation
+ rfe #879 Reserved word warning
+ Remove the database ordering sub-feature of the only_db directive
- bug #3840 When exporting to gzip format, the data is compressed 2 times
+ rfe #1319 Permit to create index when creating foreign key
- bug #3703 Incorrect updating of the list of users
- bug #3853 Blowfish implementation might be broken (replace with phpseclib)
- bug #3865 Using like operator on each backslash needs 4 backslash protection
- bug #3860 Displayed git revision info is not set
- bug #3871 Check referential integrity broken across databases
- bug #3874 [export] No preselected option when exporting table
- bug #3873 Can't copy table to target database if table exists there
- bug #3683 Incorrect listing of records from to count
- bug #3876 [import] PHP 5.2 - unexpected T_PAAMAYIM_NEKUDOTAYIM
- [security] Local file inclusion vulnerability, reported by Janek Vind
(see PMASA-2013-4)
- [security] Global variables overwrite in export.php, reported by Janek Vind
(see PMASA-2013-5)
- bug #3892 [export] SQL Export files are empty
3.5.8.2 (2013-07-28)
- [security] Fix self-XSS in "Showing rows", see PMASA-2013-8
- [security] Fix self-XSS in Display chart, see PMASA-2013-9
- [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
- [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
- [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
+ [security] JSON content type header for version_check.php, see PMASA-2013-9
+ [security] Backport fix for jQuery issue #9521 from jQuery 1.6.3, see PMASA-2013-9
+ [security] Fix full path disclosure, see PMASA-2013-12
+ [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15
+ [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15
- [security] Fix self-XSS in schema export, see PMASA-2013-14
- [security] Fix unencoded json object, see PMASA-2013-11
3.5.8.1 (2013-04-24)
- [security] Remote code execution (preg_replace), reported by Janek Vind
(see PMASA-2013-2)
- [security] Locally Saved SQL Dump File Multiple File Extension Remote Code
Execution, reported by Janek Vind (see PMASA-2013-3)
3.5.8.0 (2013-04-08)
- bug #3828 MariaDB reported as MySQL
- bug #3854 Incorrect header for Safari 6.0
- bug #3705 Attempt to open trigger for edit gives NULL
- Use HTML5 DOCTYPE
- [security] Self-XSS on GIS visualisation page, reported by Janek Vind
- bug #3800 Incorrect keyhandler behaviour #2
3.5.7.0 (2013-02-15)
- bug #3779 [core] Problem with backslash in enum fields
- bug #3816 Missing server_processlist.php
- bug #3821 Safari: white page
- Correct detection of the Chrome browser
3.5.6.0 (2013-01-28)
- bug #3593604 [status] Erroneous advisor rule
- bug #3596070 [status] localStorage broken in server status monitor
- bug #3598736 [routines] Editing a procedure with special characters
- bug #3600322 [core] Visualize GIS data throws Fatal Error
- bug #3599362 [core] Double-escaped error message
- bug #3776 [cookies] Login without auth on second server
--- Older ChangeLogs can be found on our project website ---
http://www.phpmyadmin.net/old-stuff/ChangeLogs/
# vim: et ts=4 sw=4 sts=4
# vim: ft=changelog fenc=utf-8
# vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>4&&getline(v\:lnum)!~'^#'
# vim: fdn=1 fdm=expr