Bug#770438: unblock: phpmyadmin/4:4.2.12-1
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi
this is pre-approval request to allow version upgrade for phpMyAdmin.
The new upstream version was released yesterday with dozen of security
fixes and I think it's better to do full upgrade now than cherry picking
individual fixes. The another good reason is that upstream 4.2.x
releases are in bug fixing only mode.
Upstream changelog:
4.2.12.0 (2014-11-20)
- - bug #4574 Blank/white page when JavaScript disabled
- - bug #4577 Multi row actions cause full page reloads
- - bug ReferenceError: targeurl is not defined
- - bug Incorrect text/icon display in Tracking report
- - bug #4404 Recordset return from procedure display nothing
- - bug #4584 Edit dialog for routines is too long for smaller displays
- - bug #4586 Javascript error after moving a column
- - bug #4576 Issue with long comments on table columns
- - bug #4599 Input field unnecessarily selected on focus
- - bug #4602 Exporting selected rows exports all rows of the query
- - bug #4444 No insert statement produced in SQL export for queries with alias
- - bug #4603 Field disabled when internal relations used
- - bug #4596 [security] XSS through exception stack
- - bug #4595 [security] Path traversal can lead to leakage of line count
- - bug #4578 [security] XSS vulnerability in table print view
- - bug #4579 [security] XSS vulnerability in zoom search page
- - bug #4594 [security] Path traversal in file inclusion of GIS factory
- - bug #4598 [security] XSS in multi submit
- - bug #4597 [security] XSS through pma_fontsize cookie
4.2.11.0 (2014-10-31)
- - bug ReferenceError: Table_onover is not defined
- - bug #4552 Incorrect routines display for database due to case insensitive checks
- - bug #4259 reCaptcha sound session expired problem
- - bug #4557 PHP fatal error, undefined function __()
- - bug #4568 Date displayed incorrectly when charting a timeline
- - bug #4571 Database Privileges link does not work
- - bug makegrid.js: where_clause is undefined
- - bug #4572 missing trailing slash (import and open_basedir)
Debdiff filtered from translations and generated changes is attached,
it's diffstat is:
ChangeLog | 33 ++++++++
README | 2
debian/changelog | 8 ++
import.php | 11 --
js/common.js | 4 -
js/jquery/jquery.menuResizer-1.0.js | 3
js/makegrid.js | 3
js/rte.js | 6 +
js/sql.js | 13 +++
js/tbl_chart.js | 4 -
js/tbl_structure.js | 16 ++++
libraries/Config.class.php | 4 -
libraries/DatabaseInterface.class.php | 3
libraries/DisplayResults.class.php | 19 +++-
libraries/Header.class.php | 3
libraries/Theme.class.php | 2
libraries/Util.class.php | 18 ++++
libraries/core.lib.php | 8 +-
libraries/display_export.lib.php | 8 +-
libraries/error_report.lib.php | 15 +++
libraries/gis/GIS_Factory.class.php | 4 -
libraries/mult_submits.lib.php | 7 +
libraries/navigation/Nodes/Node_Database.class.php | 18 +++-
libraries/navigation/Nodes/Node_Table.class.php | 12 ++-
libraries/operations.lib.php | 8 +-
libraries/plugins/auth/AuthenticationCookie.class.php | 11 +-
libraries/relation.lib.php | 2
libraries/rte/rte_events.lib.php | 9 +-
libraries/rte/rte_routines.lib.php | 9 +-
libraries/sql.lib.php | 69 +++++++++++++-----
libraries/structure.lib.php | 2
libraries/tbl_printview.lib.php | 2
libraries/tbl_tracking.lib.php | 2
pmd_general.php | 2
server_privileges.php | 2
tbl_export.php | 20 +++++
tbl_zoom_select.php | 2
37 files changed, 280 insertions(+), 84 deletions(-)
Potentian unblock line:
unblock phpmyadmin/4:4.2.12-1
Thanks
- --
Michal Čihař | http://cihar.com | http://blog.cihar.com
- -- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=cs_CZ.utf8, LC_CTYPE=cs_CZ.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJUbvp1AAoJEJwnsxNCt1Edub0QAIzgiaQ70DxVmPZAoiRfZ1xR
8rYIGCdUP1+cg7RA9PHYbtry0GL/VJsiyizWnkBnMk97L1v369sK4TpC24l+f4/i
ELjGTg95dGp7DBXwTV3eb0ASfWvY98PRtDFi8AX+M2ePdWmsCtO/nHe0JFrqV49M
4h3zxZ+mHxcgiZqLZNSnX+c+yv4e+qXJMUxdh1IXTMYjZ/2GNgAAwTfHN9eUF6Tj
49gcl4Vvr69dhQtjN0zpNZk6ebKnlc52xFlqkWKjttQ84I7i7eVdYX5Ir3rR+qhr
GNZljkfX/dpS+rWzbjvJQUXaHm4ne+xOzcYwTdqcwkfxQx6byA7RklpNWZ5qSwsZ
24DSs6K//Ml2RmV7+rMjxRvZjk4kGO0cWa1mSVj9KbGpuMCAVZQ5al4pIHdwqHU1
1slHB7i0RzLpV4EekI3IYLPMn2VEflYfATJ7mLiyLGiI+RtpHW2YVpAObakrWuPN
XJy+zGExzKwrbL7HVVBF9UvGbTvJ3dwXsAqkAQno+veQjFYt6Z18PJmBnO/WZ3Qq
gJnV5ffYV4PEBeS6RI0CVL9xnmzloI9PSB7FPtSmOxQDLQytnMAnX3NXizU4CkPT
6SgJeV6utQzSe4DbcSSi6N4fMOdp11ljYZCWVA/1x54MQs5z5V+Tke1sMceAoFXF
asA1vTnHCTX5tNNX5Zfn
=yIU7
-----END PGP SIGNATURE-----
diff -Nru phpmyadmin-4.2.10.1/debian/changelog phpmyadmin-4.2.12/debian/changelog
--- phpmyadmin-4.2.10.1/debian/changelog 2014-10-21 16:59:44.000000000 +0200
+++ phpmyadmin-4.2.12/debian/changelog 2014-11-20 17:12:57.000000000 +0100
@@ -1,3 +1,11 @@
+phpmyadmin (4:4.2.12-1) UNRELEASED; urgency=medium
+
+ * New upstrem release.
+ - Fixes several security issues: CVE-2014-8958, CVE-2014-8959,
+ CVE-2014-8960, CVE-2014-8961.
+
+ -- Michal Čihař <nijel@debian.org> Thu, 20 Nov 2014 17:10:03 +0100
+
phpmyadmin (4:4.2.10.1-1) unstable; urgency=medium
* New upstream release.
diff -Nru phpmyadmin-4.2.10.1/ChangeLog phpmyadmin-4.2.12/ChangeLog
--- phpmyadmin-4.2.10.1/ChangeLog 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/ChangeLog 2014-11-20 16:41:00.000000000 +0100
@@ -1,6 +1,37 @@
phpMyAdmin - ChangeLog
======================
+4.2.12.0 (2014-11-20)
+- bug #4574 Blank/white page when JavaScript disabled
+- bug #4577 Multi row actions cause full page reloads
+- bug ReferenceError: targeurl is not defined
+- bug Incorrect text/icon display in Tracking report
+- bug #4404 Recordset return from procedure display nothing
+- bug #4584 Edit dialog for routines is too long for smaller displays
+- bug #4586 Javascript error after moving a column
+- bug #4576 Issue with long comments on table columns
+- bug #4599 Input field unnecessarily selected on focus
+- bug #4602 Exporting selected rows exports all rows of the query
+- bug #4444 No insert statement produced in SQL export for queries with alias
+- bug #4603 Field disabled when internal relations used
+- bug #4596 [security] XSS through exception stack
+- bug #4595 [security] Path traversal can lead to leakage of line count
+- bug #4578 [security] XSS vulnerability in table print view
+- bug #4579 [security] XSS vulnerability in zoom search page
+- bug #4594 [security] Path traversal in file inclusion of GIS factory
+- bug #4598 [security] XSS in multi submit
+- bug #4597 [security] XSS through pma_fontsize cookie
+
+4.2.11.0 (2014-10-31)
+- bug ReferenceError: Table_onover is not defined
+- bug #4552 Incorrect routines display for database due to case insensitive checks
+- bug #4259 reCaptcha sound session expired problem
+- bug #4557 PHP fatal error, undefined function __()
+- bug #4568 Date displayed incorrectly when charting a timeline
+- bug #4571 Database Privileges link does not work
+- bug makegrid.js: where_clause is undefined
+- bug #4572 missing trailing slash (import and open_basedir)
+
4.2.10.1 (2014-10-21)
- bug #4562 [security] XSS in debug SQL output
- bug #4563 [security] XSS in monitor query analyzer
@@ -11,7 +42,6 @@
- bug PDF export: title not present in PDF
- bug #4543 Changing column name can break saved "order by" clause
- bug #4545 trying to favorite table while browser localStorage is disabled throws JS error
-- bug #4259 reCaptcha sound session expired problem
- bug #4548 Inline editing a field converts tab to spaces
- bug #4252 Database-level permission bug for db names containing underscores
- bug #3120 Events are not exported when using xml
@@ -276,7 +306,6 @@
- bug #4257 Hide fractional seconds when applicable
- bug #4264 Uncheck "Ignore" while inserting, upon leaving a textarea
- bug #4260 reCaptcha is ignoring language settings
-- bug #4259 reCaptcha sound session expired problem
- bug #4263 Japanese character encoding not working properly when exporting
- bug #4269 Notice on table relation page
- bug #4270 Bad text-color for table comments
diff -Nru phpmyadmin-4.2.10.1/import.php phpmyadmin-4.2.12/import.php
--- phpmyadmin-4.2.10.1/import.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/import.php 2014-11-20 16:41:00.000000000 +0100
@@ -373,19 +373,14 @@
// before opening it.
if (! empty($open_basedir)) {
-
- /**
- * @todo make use of the config's temp dir with fallback to the
- * system's tmp dir
- */
$tmp_subdir = ini_get('upload_tmp_dir');
if (empty($tmp_subdir)) {
$tmp_subdir = sys_get_temp_dir();
}
-
+ $tmp_subdir = rtrim($tmp_subdir, DIRECTORY_SEPARATOR);
if (is_writable($tmp_subdir)) {
-
- $import_file_new = $tmp_subdir . basename($import_file) . uniqid();
+ $import_file_new = $tmp_subdir . DIRECTORY_SEPARATOR
+ . basename($import_file) . uniqid();
if (move_uploaded_file($import_file, $import_file_new)) {
$import_file = $import_file_new;
$file_to_unlink = $import_file_new;
diff -Nru phpmyadmin-4.2.10.1/js/common.js phpmyadmin-4.2.12/js/common.js
--- phpmyadmin-4.2.10.1/js/common.js 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/js/common.js 2014-11-20 16:41:00.000000000 +0100
@@ -204,9 +204,9 @@
href != PMA_commonParams.get('pma_absolute_uri') + url
) {
if (PMA_commonParams.get('safari_browser')) {
- querywindow.location.href = targeturl;
+ querywindow.location.href = url;
} else {
- querywindow.location.replace(targeturl);
+ querywindow.location.replace(url);
}
querywindow.focus();
}
diff -Nru phpmyadmin-4.2.10.1/js/jquery/jquery.menuResizer-1.0.js phpmyadmin-4.2.12/js/jquery/jquery.menuResizer-1.0.js
--- phpmyadmin-4.2.10.1/js/jquery/jquery.menuResizer-1.0.js 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/js/jquery/jquery.menuResizer-1.0.js 2014-11-20 16:41:00.000000000 +0100
@@ -51,7 +51,8 @@
.removeClass('tabactive');
}
});
- $container.children('.clearfloat').before($submenu);
+ $container.children('.clearfloat').remove();
+ $container.append($submenu).append("<div class='clearfloat'></div>");
setTimeout(function () {
self.resize();
}, 4);
diff -Nru phpmyadmin-4.2.10.1/js/makegrid.js phpmyadmin-4.2.12/js/makegrid.js
--- phpmyadmin-4.2.10.1/js/makegrid.js 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/js/makegrid.js 2014-11-20 16:41:00.000000000 +0100
@@ -1102,6 +1102,9 @@
$('td.to_be_saved').parents('tr').each(function () {
var $tr = $(this);
var where_clause = $tr.find('.where_clause').val();
+ if (typeof where_clause === 'undefined') {
+ where_clause = '';
+ }
full_where_clause.push(PMA_urldecode(where_clause));
var condition_array = jQuery.parseJSON($tr.find('.condition_array').val());
diff -Nru phpmyadmin-4.2.10.1/js/rte.js phpmyadmin-4.2.12/js/rte.js
--- phpmyadmin-4.2.10.1/js/rte.js 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/js/rte.js 2014-11-20 16:41:00.000000000 +0100
@@ -298,13 +298,17 @@
/**
* Display the dialog to the user
*/
- that.$ajaxDialog = $('<div>' + data.message + '</div>').dialog({
+ that.$ajaxDialog = $('<div id="rteDialog">' + data.message + '</div>').dialog({
width: 700,
minWidth: 500,
+ maxHeight: $(window).height(),
buttons: that.buttonOptions,
title: data.title,
modal: true,
open: function () {
+ if ($('#rteDialog').parents('.ui-dialog').height() > $(window).height()) {
+ $('#rteDialog').dialog("option", "height", $(window).height());
+ }
$(this).find('input[name=item_name]').focus();
$(this).find('input.datefield').each(function () {
PMA_addDatepicker($(this).css('width', '95%'), 'date');
diff -Nru phpmyadmin-4.2.10.1/js/sql.js phpmyadmin-4.2.12/js/sql.js
--- phpmyadmin-4.2.10.1/js/sql.js 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/js/sql.js 2014-11-20 16:41:00.000000000 +0100
@@ -101,6 +101,7 @@
$('th.column_heading.marker').die('click');
$(window).unbind('scroll');
$(".filter_rows").die("keyup");
+ $('body').off('click', '#resultsForm.ajax button[name="submit_mult"], #resultsForm.ajax input[name="submit_mult"]');
});
/**
@@ -437,6 +438,18 @@
$target_table.find("th.dummy_th").remove();
});
// Filter row handling. --ENDS--
+
+ /**
+ * Handles mutli submits of results browsing page such as edit, delete and export
+ */
+ $('body').on('click', '#resultsForm.ajax button[name="submit_mult"], #resultsForm.ajax input[name="submit_mult"]', function (e) {
+ e.preventDefault();
+ var $button = $(this);
+ var $form = $button.parent('form');
+ var submitData = $form.serialize() + '&ajax_request=true&ajax_page_request=true&submit_mult=' + $button.val();
+ PMA_ajaxShowMessage();
+ $.get($form.attr('action'), submitData, AJAX.responseHandler);
+ });
}); // end $()
/**
diff -Nru phpmyadmin-4.2.10.1/js/tbl_chart.js phpmyadmin-4.2.12/js/tbl_chart.js
--- phpmyadmin-4.2.10.1/js/tbl_chart.js 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/js/tbl_chart.js 2014-11-20 16:41:00.000000000 +0100
@@ -17,12 +17,12 @@
matches = dateTimeRegExp.exec(dateString);
if (matches !== null && matches.length > 0) {
match = matches[0];
- return new Date(match.substr(0, 4), match.substr(5, 2), match.substr(8, 2), match.substr(11, 2), match.substr(14, 2), match.substr(17, 2));
+ return new Date(match.substr(0, 4), parseInt(match.substr(5, 2), 10) - 1, match.substr(8, 2), match.substr(11, 2), match.substr(14, 2), match.substr(17, 2));
} else {
matches = dateRegExp.exec(dateString);
if (matches !== null && matches.length > 0) {
match = matches[0];
- return new Date(match.substr(0, 4), match.substr(5, 2), match.substr(8, 2));
+ return new Date(match.substr(0, 4), parseInt(match.substr(5, 2), 10) - 1, match.substr(8, 2));
}
}
return null;
diff -Nru phpmyadmin-4.2.10.1/js/tbl_structure.js phpmyadmin-4.2.12/js/tbl_structure.js
--- phpmyadmin-4.2.10.1/js/tbl_structure.js 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/js/tbl_structure.js 2014-11-20 16:41:00.000000000 +0100
@@ -78,6 +78,7 @@
$("a.add_unique_anchor.ajax").die('click');
$("#move_columns_anchor").die('click');
$(".append_fields_form.ajax").unbind('submit');
+ $('body').off('click', '#fieldsForm.ajax button[name="submit_mult"], #fieldsForm.ajax input[name="submit_mult"]');
});
AJAX.registerOnload('tbl_structure.js', function () {
@@ -500,6 +501,21 @@
}
});
});
+
+ /**
+ * Handles mutli submits in table structure page such as browse, drop, primary etc.
+ * However this does not handle multiple field changes. It is handled by a seperate handler.
+ */
+ $('body').on('click', '#fieldsForm.ajax button[name="submit_mult"], #fieldsForm.ajax input[name="submit_mult"]', function (e) {
+ var $button = $(this);
+ if (! $button.is('.change_columns_anchor.ajax')) {
+ e.preventDefault();
+ var $form = $button.parent('form');
+ var submitData = $form.serialize() + '&ajax_request=true&ajax_page_request=true&submit_mult=' + $button.val();
+ PMA_ajaxShowMessage();
+ $.get($form.attr('action'), submitData, AJAX.responseHandler);
+ }
+ });
});
/** Handler for "More" dropdown in structure table rows */
diff -Nru phpmyadmin-4.2.10.1/libraries/Config.class.php phpmyadmin-4.2.12/libraries/Config.class.php
--- phpmyadmin-4.2.10.1/libraries/Config.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/Config.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -114,7 +114,7 @@
*/
function checkSystem()
{
- $this->set('PMA_VERSION', '4.2.10.1');
+ $this->set('PMA_VERSION', '4.2.12');
/**
* @deprecated
*/
@@ -1761,7 +1761,7 @@
// for the case when there is no config file (this is supported)
if (empty($current_size)) {
if (isset($_COOKIE['pma_fontsize'])) {
- $current_size = $_COOKIE['pma_fontsize'];
+ $current_size = htmlspecialchars($_COOKIE['pma_fontsize']);
} else {
$current_size = '82%';
}
diff -Nru phpmyadmin-4.2.10.1/libraries/core.lib.php phpmyadmin-4.2.12/libraries/core.lib.php
--- phpmyadmin-4.2.10.1/libraries/core.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/core.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -222,7 +222,13 @@
/* Load gettext for fatal errors */
if (!function_exists('__')) {
- include_once GETTEXT_INC;
+ // It is possible that PMA_fatalError() is called before including vendor_config.php
+ // which defines GETTEXT_INC. See bug #4557
+ if (defined(GETTEXT_INC)) {
+ include_once GETTEXT_INC;
+ } else {
+ include_once './libraries/php-gettext/gettext.inc';
+ }
}
// these variables are used in the included file libraries/error.inc.php
diff -Nru phpmyadmin-4.2.10.1/libraries/DatabaseInterface.class.php phpmyadmin-4.2.12/libraries/DatabaseInterface.class.php
--- phpmyadmin-4.2.10.1/libraries/DatabaseInterface.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/DatabaseInterface.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -1904,7 +1904,8 @@
. ', EVENT_OBJECT_TABLE, ACTION_TIMING, ACTION_STATEMENT'
. ', EVENT_OBJECT_SCHEMA, EVENT_OBJECT_TABLE, DEFINER'
. ' FROM information_schema.TRIGGERS'
- . ' WHERE TRIGGER_SCHEMA= \'' . PMA_Util::sqlAddSlashes($db) . '\'';
+ . ' WHERE TRIGGER_SCHEMA ' . PMA_Util::getCollateForIS() . '='
+ . ' \'' . PMA_Util::sqlAddSlashes($db) . '\'';
if (! empty($table)) {
$query .= " AND EVENT_OBJECT_TABLE = '"
diff -Nru phpmyadmin-4.2.10.1/libraries/display_export.lib.php phpmyadmin-4.2.12/libraries/display_export.lib.php
--- phpmyadmin-4.2.10.1/libraries/display_export.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/display_export.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -136,12 +136,12 @@
. htmlspecialchars($cfg['Export']['method']) . '" />';
- if (isset($_GET['sql_query'])) {
- $html .= '<input type="hidden" name="sql_query" value="'
- . htmlspecialchars($_GET['sql_query']) . '" />' . "\n";
- } elseif (! empty($sql_query)) {
+ if (! empty($sql_query)) {
$html .= '<input type="hidden" name="sql_query" value="'
. htmlspecialchars($sql_query) . '" />' . "\n";
+ } elseif (isset($_GET['sql_query'])) {
+ $html .= '<input type="hidden" name="sql_query" value="'
+ . htmlspecialchars($_GET['sql_query']) . '" />' . "\n";
}
return $html;
diff -Nru phpmyadmin-4.2.10.1/libraries/DisplayResults.class.php phpmyadmin-4.2.12/libraries/DisplayResults.class.php
--- phpmyadmin-4.2.10.1/libraries/DisplayResults.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/DisplayResults.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -1808,11 +1808,20 @@
&& isset($comments_map[$fields_meta->table])
&& isset($comments_map[$fields_meta->table][$fields_meta->name])
) {
- $comments = '<span class="tblcomment">'
- . htmlspecialchars(
- $comments_map[$fields_meta->table][$fields_meta->name]
- )
- . '</span>';
+ $sanitized_comments = htmlspecialchars(
+ $comments_map[$fields_meta->table][$fields_meta->name]
+ );
+
+ $comments = '<span class="tblcomment" title="'
+ . $sanitized_comments . '">';
+ $limitChars = $GLOBALS['cfg']['LimitChars'];
+ if ($GLOBALS['PMA_String']->strlen($sanitized_comments) > $limitChars) {
+ $sanitized_comments = $GLOBALS['PMA_String']->substr(
+ $sanitized_comments, 0, $limitChars
+ ) . '…';
+ }
+ $comments .= $sanitized_comments;
+ $comments .= '</span>';
}
return $comments;
} // end of the '_getCommentForRow()' function
diff -Nru phpmyadmin-4.2.10.1/libraries/error_report.lib.php phpmyadmin-4.2.12/libraries/error_report.lib.php
--- phpmyadmin-4.2.10.1/libraries/error_report.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/error_report.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -177,6 +177,19 @@
return $LINE_COUNT[$filename];
}
+ // ensure that the file is inside the phpMyAdmin folder
+ $depath = 1;
+ foreach (explode('/', $filename) as $part) {
+ if ($part == '..') {
+ $depath--;
+ } elseif ($part != '.') {
+ $depath++;
+ }
+ if ($depath < 0) {
+ return 0;
+ }
+ }
+
$linecount = 0;
$handle = fopen('./js/' . $filename, 'r');
while (!feof($handle)) {
@@ -279,7 +292,7 @@
. __('You may examine the data in the error report:')
. '</p></label></div>'
. '<pre class="report-data">'
- . PMA_getReportData()
+ . htmlspecialchars(PMA_getReportData())
. '</pre>';
$html .= '<div class="label"><label><p>'
diff -Nru phpmyadmin-4.2.10.1/libraries/gis/GIS_Factory.class.php phpmyadmin-4.2.12/libraries/gis/GIS_Factory.class.php
--- phpmyadmin-4.2.10.1/libraries/gis/GIS_Factory.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/gis/GIS_Factory.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -33,7 +33,9 @@
include_once './libraries/gis/GIS_Geometry.class.php';
$type_lower = strtolower($type);
- if (! file_exists('./libraries/gis/GIS_' . ucfirst($type_lower) . '.class.php')) {
+ if (! PMA_isValid($type_lower, PMA_Util::getGISDatatypes())
+ || ! file_exists('./libraries/gis/GIS_' . ucfirst($type_lower) . '.class.php')
+ ) {
return false;
}
if (include_once './libraries/gis/GIS_' . ucfirst($type_lower) . '.class.php') {
diff -Nru phpmyadmin-4.2.10.1/libraries/Header.class.php phpmyadmin-4.2.12/libraries/Header.class.php
--- phpmyadmin-4.2.10.1/libraries/Header.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/Header.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -374,6 +374,9 @@
$this->_scripts->addFile('config.js');
}
$retval .= $this->_scripts->getDisplay();
+ $retval .= '<noscript>';
+ $retval .= '<style>html{display:block}</style>';
+ $retval .= '</noscript>';
$retval .= $this->_getBodyStart();
if ($this->_menuEnabled && $GLOBALS['server'] > 0) {
$nav = new PMA_Navigation();
diff -Nru phpmyadmin-4.2.10.1/libraries/mult_submits.lib.php phpmyadmin-4.2.12/libraries/mult_submits.lib.php
--- phpmyadmin-4.2.10.1/libraries/mult_submits.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/mult_submits.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -554,13 +554,14 @@
foreach ($selected as $sval) {
switch ($what) {
case 'row_delete':
- $full_query .= 'DELETE FROM ' . PMA_Util::backquote($db)
- . '.' . PMA_Util::backquote($table)
+ $full_query .= 'DELETE FROM '
+ . PMA_Util::backquote(htmlspecialchars($db))
+ . '.' . PMA_Util::backquote(htmlspecialchars($table))
// Do not append a "LIMIT 1" clause here
// (it's not binlog friendly).
// We don't need the clause because the calling panel permits
// this feature only when there is a unique index.
- . ' WHERE ' . urldecode($sval)
+ . ' WHERE ' . urldecode(htmlspecialchars($sval))
. ';<br />';
break;
case 'drop_db':
diff -Nru phpmyadmin-4.2.10.1/libraries/navigation/Nodes/Node_Database.class.php phpmyadmin-4.2.12/libraries/navigation/Nodes/Node_Database.class.php
--- phpmyadmin-4.2.10.1/libraries/navigation/Nodes/Node_Database.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/navigation/Nodes/Node_Database.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -117,7 +117,8 @@
$db = PMA_Util::sqlAddSlashes($db);
$query = "SELECT COUNT(*) ";
$query .= "FROM `INFORMATION_SCHEMA`.`ROUTINES` ";
- $query .= "WHERE `ROUTINE_SCHEMA`='$db'";
+ $query .= "WHERE `ROUTINE_SCHEMA` "
+ . PMA_Util::getCollateForIS() . "='$db'";
$query .= "AND `ROUTINE_TYPE`='PROCEDURE' ";
if (! empty($searchClause)) {
if ($singleItem) {
@@ -140,7 +141,8 @@
$db = PMA_Util::sqlAddSlashes($db);
$query = "SELECT COUNT(*) ";
$query .= "FROM `INFORMATION_SCHEMA`.`ROUTINES` ";
- $query .= "WHERE `ROUTINE_SCHEMA`='$db' ";
+ $query .= "WHERE `ROUTINE_SCHEMA` "
+ . PMA_Util::getCollateForIS() . "='$db' ";
$query .= "AND `ROUTINE_TYPE`='FUNCTION' ";
if (! empty($searchClause)) {
if ($singleItem) {
@@ -163,7 +165,8 @@
$db = PMA_Util::sqlAddSlashes($db);
$query = "SELECT COUNT(*) ";
$query .= "FROM `INFORMATION_SCHEMA`.`EVENTS` ";
- $query .= "WHERE `EVENT_SCHEMA`='$db' ";
+ $query .= "WHERE `EVENT_SCHEMA` "
+ . PMA_Util::getCollateForIS() . "='$db' ";
if (! empty($searchClause)) {
if ($singleItem) {
$query .= "AND `EVENT_NAME` = '";
@@ -250,7 +253,8 @@
$escdDb = PMA_Util::sqlAddSlashes($db);
$query = "SELECT `ROUTINE_NAME` AS `name` ";
$query .= "FROM `INFORMATION_SCHEMA`.`ROUTINES` ";
- $query .= "WHERE `ROUTINE_SCHEMA`='$escdDb'";
+ $query .= "WHERE `ROUTINE_SCHEMA` "
+ . PMA_Util::getCollateForIS() . "='$escdDb'";
$query .= "AND `ROUTINE_TYPE`='PROCEDURE' ";
if (! empty($searchClause)) {
$query .= "AND `ROUTINE_NAME` LIKE '%";
@@ -267,7 +271,8 @@
$escdDb = PMA_Util::sqlAddSlashes($db);
$query = "SELECT `ROUTINE_NAME` AS `name` ";
$query .= "FROM `INFORMATION_SCHEMA`.`ROUTINES` ";
- $query .= "WHERE `ROUTINE_SCHEMA`='$escdDb' ";
+ $query .= "WHERE `ROUTINE_SCHEMA` "
+ . PMA_Util::getCollateForIS() . "='$escdDb' ";
$query .= "AND `ROUTINE_TYPE`='FUNCTION' ";
if (! empty($searchClause)) {
$query .= "AND `ROUTINE_NAME` LIKE '%";
@@ -284,7 +289,8 @@
$escdDb = PMA_Util::sqlAddSlashes($db);
$query = "SELECT `EVENT_NAME` AS `name` ";
$query .= "FROM `INFORMATION_SCHEMA`.`EVENTS` ";
- $query .= "WHERE `EVENT_SCHEMA`='$escdDb' ";
+ $query .= "WHERE `EVENT_SCHEMA` "
+ . PMA_Util::getCollateForIS() . "='$escdDb' ";
if (! empty($searchClause)) {
$query .= "AND `EVENT_NAME` LIKE '%";
$query .= PMA_Util::sqlAddSlashes(
diff -Nru phpmyadmin-4.2.10.1/libraries/navigation/Nodes/Node_Table.class.php phpmyadmin-4.2.12/libraries/navigation/Nodes/Node_Table.class.php
--- phpmyadmin-4.2.10.1/libraries/navigation/Nodes/Node_Table.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/navigation/Nodes/Node_Table.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -98,8 +98,10 @@
$table = PMA_Util::sqlAddSlashes($table);
$query = "SELECT COUNT(*) ";
$query .= "FROM `INFORMATION_SCHEMA`.`TRIGGERS` ";
- $query .= "WHERE `EVENT_OBJECT_SCHEMA`='$db' ";
- $query .= "AND `EVENT_OBJECT_TABLE`='$table'";
+ $query .= "WHERE `EVENT_OBJECT_SCHEMA` "
+ . PMA_Util::getCollateForIS() . "='$db' ";
+ $query .= "AND `EVENT_OBJECT_TABLE` "
+ . PMA_Util::getCollateForIS() . "='$table'";
$retval = (int)$GLOBALS['dbi']->fetchValue($query);
break;
default:
@@ -161,8 +163,10 @@
$table = PMA_Util::sqlAddSlashes($table);
$query = "SELECT `TRIGGER_NAME` AS `name` ";
$query .= "FROM `INFORMATION_SCHEMA`.`TRIGGERS` ";
- $query .= "WHERE `EVENT_OBJECT_SCHEMA`='$db' ";
- $query .= "AND `EVENT_OBJECT_TABLE`='$table' ";
+ $query .= "WHERE `EVENT_OBJECT_SCHEMA` "
+ . PMA_Util::getCollateForIS() . "='$db' ";
+ $query .= "AND `EVENT_OBJECT_TABLE` "
+ . PMA_Util::getCollateForIS() . "='$table' ";
$query .= "ORDER BY `TRIGGER_NAME` ASC ";
$query .= "LIMIT " . intval($pos) . ", $maxItems";
$retval = $GLOBALS['dbi']->fetchResult($query);
diff -Nru phpmyadmin-4.2.10.1/libraries/operations.lib.php phpmyadmin-4.2.12/libraries/operations.lib.php
--- phpmyadmin-4.2.10.1/libraries/operations.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/operations.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -686,7 +686,7 @@
}
$html_output .= ' <strong>.</strong> ';
$html_output .= '<input class="halfWidth" type="text" size="20" name="new_name"'
- . ' onfocus="this.select()" required="required" '
+ . ' required="required" '
. 'value="' . htmlspecialchars($GLOBALS['table']) . '" /><br />';
// starting with MySQL 5.0.24, SHOW CREATE TABLE includes the AUTO_INCREMENT
@@ -789,7 +789,7 @@
//Change table name
$html_output .= '<tr><td>' . __('Rename table to') . '</td>'
. '<td>'
- . '<input type="text" size="20" name="new_name" onfocus="this.select()"'
+ . '<input type="text" size="20" name="new_name" '
. 'value="' . htmlspecialchars($GLOBALS['table'])
. '" required="required" />'
. '</td>'
@@ -798,7 +798,7 @@
//Table comments
$html_output .= '<tr><td>' . __('Table comments') . '</td>'
. '<td><input type="text" name="comment" maxlength="60" size="30"'
- . 'value="' . htmlspecialchars($comment) . '" onfocus="this.select()" />'
+ . 'value="' . htmlspecialchars($comment) . '" />'
. '<input type="hidden" name="prev_comment" value="'
. htmlspecialchars($comment) . '" />'
. '</td>'
@@ -1018,7 +1018,7 @@
}
$html_output .= ' <strong>.</strong> ';
$html_output .= '<input class="halfWidth" type="text" required="required" '
- . 'size="20" name="new_name" onfocus="this.select()" '
+ . 'size="20" name="new_name" '
. 'value="' . htmlspecialchars($GLOBALS['table']) . '"/><br />';
$choices = array(
diff -Nru phpmyadmin-4.2.10.1/libraries/plugins/auth/AuthenticationCookie.class.php phpmyadmin-4.2.12/libraries/plugins/auth/AuthenticationCookie.class.php
--- phpmyadmin-4.2.10.1/libraries/plugins/auth/AuthenticationCookie.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/plugins/auth/AuthenticationCookie.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -245,11 +245,12 @@
</noscript>
<script type="text/javascript">
$(function() {
- $("#recaptcha_reload_btn").addClass("disableAjax");
- $("#recaptcha_switch_audio_btn").addClass("disableAjax");
- $("#recaptcha_switch_img_btn").addClass("disableAjax");
- $("#recaptcha_whatsthis_btn").addClass("disableAjax");
- $("#recaptcha_audio_play_again").live("mouseover", function() {
+ $("#recaptcha_reload_btn," +
+ "#recaptcha_switch_audio_btn," +
+ "#recaptcha_switch_img_btn," +
+ "#recaptcha_whatsthis_btn," +
+ "#recaptcha_audio_play_again")
+ .live("mouseover", function() {
$(this).addClass("disableAjax");
});
});
diff -Nru phpmyadmin-4.2.10.1/libraries/relation.lib.php phpmyadmin-4.2.12/libraries/relation.lib.php
--- phpmyadmin-4.2.10.1/libraries/relation.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/relation.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -1583,7 +1583,7 @@
$column_status['isReferenced'] = false;
$column_status['isForeignKey'] = false;
$column_status['references'] = array();
- $foreigners = PMA_getForeigners($db, $table, $column);
+ $foreigners = PMA_getForeigners($db, $table, $column, 'foreign');
$child_references = PMA_getChildReferences($db, $table, $column);
if (sizeof($child_references, 0) > 0
diff -Nru phpmyadmin-4.2.10.1/libraries/rte/rte_events.lib.php phpmyadmin-4.2.12/libraries/rte/rte_events.lib.php
--- phpmyadmin-4.2.10.1/libraries/rte/rte_events.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/rte/rte_events.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -64,7 +64,8 @@
* Display a list of available events
*/
$columns = "`EVENT_NAME`, `EVENT_TYPE`, `STATUS`";
- $where = "EVENT_SCHEMA='" . PMA_Util::sqlAddSlashes($db) . "'";
+ $where = "EVENT_SCHEMA " . PMA_Util::getCollateForIS() . "="
+ . "'" . PMA_Util::sqlAddSlashes($db) . "'";
$query = "SELECT $columns FROM `INFORMATION_SCHEMA`.`EVENTS` "
. "WHERE $where ORDER BY `EVENT_NAME` ASC;";
$items = $GLOBALS['dbi']->fetchResult($query);
@@ -191,7 +192,8 @@
$response = PMA_Response::getInstance();
if ($message->isSuccess()) {
$columns = "`EVENT_NAME`, `EVENT_TYPE`, `STATUS`";
- $where = "EVENT_SCHEMA='" . PMA_Util::sqlAddSlashes($db) . "' "
+ $where = "EVENT_SCHEMA " . PMA_Util::getCollateForIS() . "="
+ . "'" . PMA_Util::sqlAddSlashes($db) . "' "
. "AND EVENT_NAME='"
. PMA_Util::sqlAddSlashes($_REQUEST['item_name']) . "'";
$query = "SELECT " . $columns
@@ -325,7 +327,8 @@
$columns = "`EVENT_NAME`, `STATUS`, `EVENT_TYPE`, `EXECUTE_AT`, "
. "`INTERVAL_VALUE`, `INTERVAL_FIELD`, `STARTS`, `ENDS`, "
. "`EVENT_DEFINITION`, `ON_COMPLETION`, `DEFINER`, `EVENT_COMMENT`";
- $where = "EVENT_SCHEMA='" . PMA_Util::sqlAddSlashes($db) . "' "
+ $where = "EVENT_SCHEMA " . PMA_Util::getCollateForIS() . "="
+ . "'" . PMA_Util::sqlAddSlashes($db) . "' "
. "AND EVENT_NAME='" . PMA_Util::sqlAddSlashes($name) . "'";
$query = "SELECT $columns FROM `INFORMATION_SCHEMA`.`EVENTS` WHERE $where;";
$item = $GLOBALS['dbi']->fetchSingleRow($query);
diff -Nru phpmyadmin-4.2.10.1/libraries/rte/rte_routines.lib.php phpmyadmin-4.2.12/libraries/rte/rte_routines.lib.php
--- phpmyadmin-4.2.10.1/libraries/rte/rte_routines.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/rte/rte_routines.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -55,7 +55,8 @@
*/
$columns = "`SPECIFIC_NAME`, `ROUTINE_NAME`, `ROUTINE_TYPE`, ";
$columns .= "`DTD_IDENTIFIER`, `ROUTINE_DEFINITION`";
- $where = "ROUTINE_SCHEMA='" . PMA_Util::sqlAddSlashes($db) . "'";
+ $where = "ROUTINE_SCHEMA " . PMA_Util::getCollateForIS() . "="
+ . "'" . PMA_Util::sqlAddSlashes($db) . "'";
if (PMA_isValid($type, array('FUNCTION','PROCEDURE'))) {
$where .= " AND `ROUTINE_TYPE`='" . $type . "'";
}
@@ -392,7 +393,8 @@
if ($message->isSuccess()) {
$columns = "`SPECIFIC_NAME`, `ROUTINE_NAME`, `ROUTINE_TYPE`,"
. " `DTD_IDENTIFIER`, `ROUTINE_DEFINITION`";
- $where = "ROUTINE_SCHEMA='" . PMA_Util::sqlAddSlashes($db) . "' "
+ $where = "ROUTINE_SCHEMA " . PMA_Util::getCollateForIS() . "="
+ . "'" . PMA_Util::sqlAddSlashes($db) . "' "
. "AND ROUTINE_NAME='"
. PMA_Util::sqlAddSlashes($_REQUEST['item_name']) . "'"
. "AND ROUTINE_TYPE='"
@@ -625,7 +627,8 @@
$fields = "SPECIFIC_NAME, ROUTINE_TYPE, DTD_IDENTIFIER, "
. "ROUTINE_DEFINITION, IS_DETERMINISTIC, SQL_DATA_ACCESS, "
. "ROUTINE_COMMENT, SECURITY_TYPE";
- $where = "ROUTINE_SCHEMA='" . PMA_Util::sqlAddSlashes($db) . "' "
+ $where = "ROUTINE_SCHEMA " . PMA_Util::getCollateForIS() . "="
+ . "'" . PMA_Util::sqlAddSlashes($db) . "' "
. "AND SPECIFIC_NAME='" . PMA_Util::sqlAddSlashes($name) . "'"
. "AND ROUTINE_TYPE='" . PMA_Util::sqlAddSlashes($type) . "'";
$query = "SELECT $fields FROM INFORMATION_SCHEMA.ROUTINES WHERE $where;";
diff -Nru phpmyadmin-4.2.10.1/libraries/sql.lib.php phpmyadmin-4.2.12/libraries/sql.lib.php
--- phpmyadmin-4.2.10.1/libraries/sql.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/sql.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -1294,15 +1294,6 @@
$GLOBALS['querytime'] = $querytime_after - $querytime_before;
- // If a stored procedure was called, there may be more results that are
- // queued up and waiting to be flushed from the buffer. So let's do that.
- do {
- $GLOBALS['dbi']->storeResult();
- if (! $GLOBALS['dbi']->moreResults()) {
- break;
- }
- } while ($GLOBALS['dbi']->nextResult());
-
return $result;
}
@@ -1428,7 +1419,7 @@
false
);
/**
- * @todo Can we know at this point that this is InnoDB,
+ * @todo Can we know at this point that this is InnoDB,
* (in this case there would be no need for getting
* an exact count)?
*/
@@ -1437,7 +1428,7 @@
// is less than MaxExactCount
/**
* @todo In countRecords(), MaxExactCount is also verified,
- * so can we avoid checking it twice?
+ * so can we avoid checking it twice?
*/
$unlim_num_rows = PMA_Table::countRecords(
$db,
@@ -1880,15 +1871,61 @@
$analyzed_sql_results
) {
$printview = isset($_REQUEST['printview']) ? $_REQUEST['printview'] : null;
- if (! empty($sql_data) && ($sql_data['valid_queries'] > 1)
- || $analyzed_sql_results['is_procedure']
- ) {
+ $table_html = '';
+ if (! empty($sql_data) && ($sql_data['valid_queries'] > 1)) {
$_SESSION['is_multi_query'] = true;
- $table_html = PMA_getTableHtmlForMultipleQueries(
+ $table_html .= PMA_getTableHtmlForMultipleQueries(
$displayResultsObject, $db, $sql_data, $goto,
$pmaThemeImage, $printview, $url_query,
$disp_mode, $sql_limit_to_append, $editable
);
+ } elseif ($analyzed_sql_results['is_procedure']) {
+
+ do {
+ if (! isset($result)) {
+ $result = $GLOBALS['dbi']->storeResult();
+ }
+ $num_rows = $GLOBALS['dbi']->numRows($result);
+
+ if ($result !== false && $num_rows > 0) {
+
+ $fields_meta = $GLOBALS['dbi']->getFieldsMeta($result);
+ $fields_cnt = count($fields_meta);
+
+ $displayResultsObject->setProperties(
+ $num_rows,
+ $fields_meta,
+ $analyzed_sql_results['is_count'],
+ $analyzed_sql_results['is_export'],
+ $analyzed_sql_results['is_func'],
+ $analyzed_sql_results['is_analyse'],
+ $num_rows,
+ $fields_cnt,
+ $GLOBALS['querytime'],
+ $pmaThemeImage,
+ $GLOBALS['text_dir'],
+ $analyzed_sql_results['is_maint'],
+ $analyzed_sql_results['is_explain'],
+ $analyzed_sql_results['is_show'],
+ $showtable,
+ $printview,
+ $url_query,
+ $editable
+ );
+
+ $disp_mode = 'nnnn110111'; // uneditable
+ $table_html .= $displayResultsObject->getTable(
+ $result,
+ $disp_mode,
+ $analyzed_sql_results['analyzed_sql']
+ );
+ }
+
+ $GLOBALS['dbi']->freeResult($result);
+ unset($result);
+
+ } while ($GLOBALS['dbi']->moreResults() && $GLOBALS['dbi']->nextResult());
+
} else {
if (isset($result) && $result) {
$fields_meta = $GLOBALS['dbi']->getFieldsMeta($result);
@@ -1905,7 +1942,7 @@
$editable
);
- $table_html = $displayResultsObject->getTable(
+ $table_html .= $displayResultsObject->getTable(
$result, $disp_mode, $analyzed_sql_results['analyzed_sql']
);
$GLOBALS['dbi']->freeResult($result);
diff -Nru phpmyadmin-4.2.10.1/libraries/structure.lib.php phpmyadmin-4.2.12/libraries/structure.lib.php
--- phpmyadmin-4.2.10.1/libraries/structure.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/structure.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -2017,7 +2017,7 @@
);
}
$html_output .= PMA_getHtmlForDistinctValueAction($url_query, $row, $titles);
- $html_output .= '<div class="clearfloat"></div></ul></td>';
+ $html_output .= '</ul></td>';
return $html_output;
}
diff -Nru phpmyadmin-4.2.10.1/libraries/tbl_printview.lib.php phpmyadmin-4.2.12/libraries/tbl_printview.lib.php
--- phpmyadmin-4.2.10.1/libraries/tbl_printview.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/tbl_printview.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -107,7 +107,7 @@
$html .= ' ' . $field_name . "\n";
}
$html .= '</td>';
- $html .= '<td>' . $type . '<bdo dir="ltr"></bdo></td>';
+ $html .= '<td>' . htmlspecialchars($type) . '<bdo dir="ltr"></bdo></td>';
$html .= '<td>';
$html .= (($row['Null'] == '' || $row['Null'] == 'NO')
? __('No')
diff -Nru phpmyadmin-4.2.10.1/libraries/tbl_tracking.lib.php phpmyadmin-4.2.12/libraries/tbl_tracking.lib.php
--- phpmyadmin-4.2.10.1/libraries/tbl_tracking.lib.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/tbl_tracking.lib.php 2014-11-20 16:41:00.000000000 +0100
@@ -364,7 +364,7 @@
// Prepare delete link content here
$drop_image_or_text = '';
- if (PMA_Util::showIcons('ActionsLinksMode')) {
+ if (PMA_Util::showIcons('ActionLinksMode')) {
$drop_image_or_text .= PMA_Util::getImage(
'b_drop.png', __('Delete tracking data row from report')
);
diff -Nru phpmyadmin-4.2.10.1/libraries/Theme.class.php phpmyadmin-4.2.12/libraries/Theme.class.php
--- phpmyadmin-4.2.10.1/libraries/Theme.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/Theme.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -434,7 +434,7 @@
return $fs;
}
if (isset($_COOKIE['pma_fontsize'])) {
- return $_COOKIE['pma_fontsize'];
+ return htmlspecialchars($_COOKIE['pma_fontsize']);
}
return '82%';
}
diff -Nru phpmyadmin-4.2.10.1/libraries/Util.class.php phpmyadmin-4.2.12/libraries/Util.class.php
--- phpmyadmin-4.2.10.1/libraries/Util.class.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/libraries/Util.class.php 2014-11-20 16:41:00.000000000 +0100
@@ -4380,6 +4380,24 @@
}
return 'none';
}
+
+ /**
+ * Provide COLLATE clause, if required, to perfrom case sensitice comparisons
+ * for queries on information_schema.
+ *
+ * @return string COLLATE clause if needed or empty string.
+ */
+ public static function getCollateForIS()
+ {
+ $lowerCaseTableNames = $GLOBALS['dbi']->fetchValue(
+ "SHOW VARIABLES LIKE 'lower_case_table_names'", 0, 1
+ );
+
+ if ($lowerCaseTableNames === '0') {
+ return "COLLATE utf8_bin";
+ }
+ return "";
+ }
}
?>
diff -Nru phpmyadmin-4.2.10.1/pmd_general.php phpmyadmin-4.2.12/pmd_general.php
--- phpmyadmin-4.2.10.1/pmd_general.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/pmd_general.php 2014-11-20 16:41:00.000000000 +0100
@@ -283,7 +283,7 @@
onclick="Start_tab_upd('<?php echo $GLOBALS['PMD_URL']["TABLE_NAME_SMALL"][$i]; ?>');">
<img src="<?php echo $_SESSION['PMA_Theme']->getImgPath('pmd/exec_small.png'); ?>" alt="" /></td>
<td id="id_zag_<?php echo $t_n_url ?>" class="tab_zag nowrap"
- onmousedown="cur_click=document.getElementById('<?php echo $t_n_url ?>');"/
+ onmousedown="cur_click=document.getElementById('<?php echo $t_n_url ?>');"
onmouseover="Table_onover('<?php echo $t_n_url ?>',0,<?php echo (isset($_REQUEST['query'])? 1 : 0 )?> )"
onmouseout="Table_onover('<?php echo $t_n_url ?>',1,<?php echo (isset($_REQUEST['query']) ? 1 : 0 )?>)">
<span class='owner'>
diff -Nru phpmyadmin-4.2.10.1/README phpmyadmin-4.2.12/README
--- phpmyadmin-4.2.10.1/README 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/README 2014-11-20 16:41:00.000000000 +0100
@@ -1,7 +1,7 @@
phpMyAdmin - Readme
===================
-Version 4.2.10.1
+Version 4.2.12
A set of PHP-scripts to manage MySQL over the web.
diff -Nru phpmyadmin-4.2.10.1/server_privileges.php phpmyadmin-4.2.12/server_privileges.php
--- phpmyadmin-4.2.10.1/server_privileges.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/server_privileges.php 2014-11-20 16:41:00.000000000 +0100
@@ -290,7 +290,7 @@
* Displays the links
*/
if (isset($_REQUEST['viewing_mode']) && $_REQUEST['viewing_mode'] == 'db') {
- $_REQUEST['db'] = $_REQUEST['checkprivsdb'];
+ $GLOBALS['db'] = $_REQUEST['db'] = $_REQUEST['checkprivsdb'];
$url_query .= '&goto=db_operations.php';
diff -Nru phpmyadmin-4.2.10.1/tbl_export.php phpmyadmin-4.2.12/tbl_export.php
--- phpmyadmin-4.2.10.1/tbl_export.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/tbl_export.php 2014-11-20 16:41:00.000000000 +0100
@@ -38,6 +38,26 @@
// Need to generate WHERE clause?
if (isset($where_clause)) {
+ // If a table alias is used, get rid of it since
+ // where clauses are on real table name
+ if ($analyzed_sql[0]['table_ref'][0]['table_alias']) {
+ // Exporting seleted rows is only allowed for queries involving
+ // a single table. So we can safely assume that there is only one
+ // table in 'table_ref' array.
+ $temp_sql_array = preg_split('/\bfrom\b/i', $sql_query);
+ $sql_query = $temp_sql_array[0] . 'FROM ';
+ if (! empty($analyzed_sql[0]['table_ref'][0]['db'])) {
+ $sql_query .= PMA_Util::backquote(
+ $analyzed_sql[0]['table_ref'][0]['db']
+ );
+ $sql_query .= '.';
+ }
+ $sql_query .= PMA_Util::backquote(
+ $analyzed_sql[0]['table_ref'][0]['table_name']
+ );
+ }
+ unset($temp_sql_array);
+
// Regular expressions which can appear in sql query,
// before the sql segment which remains as it is.
$regex_array = array(
diff -Nru phpmyadmin-4.2.10.1/tbl_zoom_select.php phpmyadmin-4.2.12/tbl_zoom_select.php
--- phpmyadmin-4.2.10.1/tbl_zoom_select.php 2014-10-21 16:43:10.000000000 +0200
+++ phpmyadmin-4.2.12/tbl_zoom_select.php 2014-11-20 16:41:00.000000000 +0100
@@ -81,7 +81,7 @@
}
$key = array_search($field, $table_search->getColumnNames());
$properties = $table_search->getColumnProperties($_REQUEST['it'], $key);
- $response->addJSON('field_type', $properties['type']);
+ $response->addJSON('field_type', htmlspecialchars($properties['type']));
$response->addJSON('field_collation', $properties['collation']);
$response->addJSON('field_operators', $properties['func']);
$response->addJSON('field_value', $properties['value']);
Reply to: