phpMyAdmin - ChangeLog ====================== 4.7.0 (2017-03-28) - patch #12233 [Display] Improve message when renaming database to same name - issue #6146 Log authentication attempts to syslog - issue #11981 Remove support for Swekey authentication - issue #11987 Remove code for no longer supported MSIE versions + issue #11962 Remove embedded PHP libraries, use composer to install them + issue #12017 Cannot easily select multiple tables when exporting + issue #12047 Add javascript filtering for databases - issue #12166 More compact rendering of navigation tree + issue #12129 Improve performance with SkipLockedTables - issue #12173 Do not hide indexes under a slider - issue Improve performance of zip file import - issue #12196 Removed $cfg['ThemePath'] - issue #6274 Add support for export user settings as config.inc.php snippet - issue #5555 Better report query errors while generating SQL exports - issue #12307 Produce valid JSON on export - issue #12325 Setup script icons broken - issue #12378 Support IPv6 proxies - issue Removed MySQL connection retry without password - issue #12218 Allow to specify further parameters for control connection - issue #12162 Show charset for each table on Database structure page - issue #12463 Incorrect link in the href of icon at Hide/Show unhide links - issue #12330 Shortcut for closing console - issue #12465 Improved handling of http requests - issue #12474 Broken links in Setup forms Navigation - issue #12494 Can't add a new User - issue #12523 Add 'token' Parameter in all POST requests (Fix 'Token mismatch' errors) - issue #12302 Improved usage of number_format - issue #12656 Server selection not working - issue #12543 NULL results in dataset are colored grey - issue #12664 Create Bookmark broken - issue #12688 Use unsigned int for storing bookmark ID - issue #12352 Added password strength indicator - issue #12713 Correctly handle HTTP status when doing requests - issue #12247 Add option to delete settings from browser storage - issue #12783 Remove unused PMA_addJSCode function - issue #12069 Add table filtering to database structure - issue #12799 Allow to configure signon session parameters - issue #12854 Drop database is broken - issue #12863 Can't toggle Event Scheduler on - issue #12742 Finish removing dead code references to xls/xlsx import and export, which was removed some time ago. - issue #12536 Rename "Relations" to "Relationships" in many places as it's the more proper term - issue #12834 Fixed margins in central columns feature - issue #12903 Document more export configuration options - issue #12897 Use consistent numeric format for table overhead - issue #12901 Use server returned table name on renaming table - issue #12918 Always use \r\n as newline when editing fields - issue #12923 Fixed server side search in navigation panel - issue #12929 Undefined index warning with ssl_ca_paths - issue #12924 Do not show errors from OpenSSL cookie encryption/decryption - issue #12945 Fixed hint rendering on adding new user - issue #12941 Fixed sorting of tables in relation view - issue #12936 Fixed tables pagination in navigation panel - issue #12904 Do not collapse add form for central columns if there are none - issue #12955 Fixed database renaming - issue #12954 Fixed export of tracking data - issue #12960 Enclose exports in transaction by default - issue #12966 After adding a column ADD INDEX option won't be displayed when enabling AI - issue #12972 Better error message when Composer has not been run - issue #12988 Do not show language selector without choices - issue #12993 Fixed external links to php documentation - issue #12990 Fixed error when loading favorite tables to console - issue #12981 Improved rendering of new version information - issue #12922 Fixed bookmarks ordering - issue #12964 Fixed table search in navigation - issue #12985 Fixed rendering of foreign key browsing - issue #12957 Fixed manipulation with GIS data having zero coordinates - issue #12804 Fixed various designer javascript errors - issue #12934 Fixed possible javascript error on server status page - issue #12927 Fixed javascript error on 3NF normalization - issue #12996 List all databses in navigation panel database dropdown - issue #12980 Better defaults when creating multi field foreign key - issue #12976 Improved foreign key editor behavior - issue #12958 Always show error reporting dialog on top - issue #12693 Improved support for TokuDB - issue #11231 Try harder to honor LoginCookieValidity setting - issue #13016 and #13017 Slight improvements to the table layout of Relation view - issue #12345 Correctly show affected rows for LOAD DATA queries - issue #13010 Copy database: SQL error for copying PMADB metadata - issue #13002 Fixed OpenDocument exports - issue #13000 Align NULL values according to the column alignment - issue #13021 Show phpMyAdmin errors even with error_reporting set to 0 - issue #13020 Removed warning about client and server versions mismatch - issue Hide comments on table Structure tab when no comment is set - issue Fixed submission of error reports - issue #13033 Use Referrer-Policy header to specify referrer policy - issue Fixed javascript confirmation of dangerous queries - issue #13040 Compatibility with hhvm 3.18 - issue #13031 Fixed displaying of all rows - issue #12967 Fixed related field selection for native relations - issue #13045 Properly escape MIME transformatoin names - issue #13028 Always show 100% in font selector - issue #13047 Fix query simulating for more servers - issue #12846 Fix new version check for sites with wrongly configured curl - issue #12951 When exporting to Excel, the default is now to include column names in the first row - issue #13059 Removed debugging code - issue #13029 Fixed table tracking for nested table groups - issue #13053 Fixed broken links in setup - issue #12708 Removed phpMyAdmin version from User-Agent header - issue #13084 Do not point users to setup when it is disabled - issue #12660 Delete only phpMyAdmin cookies on upgrade - issue #13088 Fixed editing of rows with text primary key - issue #13092 Do not try to sync favorite tables if configuration storage is not enabled - issue #13105 Fixed changing attribute for virtual field - issue #12757 Fixed setting password on recent MariaDB with non working plugins - issue #12349 Fixed undefined variable on import from some formats - issue #13103 Do not offer default names for copying/renaming databases - issue [security] Possible to bypass $cfg['Servers'][$i]['AllowNoPassword'], see PMASA-2017-08 4.6.6 (2017-01-23) - issue #12759 Fix Notice regarding 'Undefined index: old_usergroup' - issue #12760 Fix Notice regarding 'Undefined index: users' - issue #12762 Fixed parsing of SQL with BINARY function - issue #12588 ReCaptcha now works without allow_url_fopen - issue #12699 Show no local storage warning only on settings tab - issue #12778 Syntax Error in Adding/Changing TIMESTAMP columns with default value as NULL - issue #12769 Edit/Export links are not clickable under Routines tab - issue #12757 Fixed creating new user with older MariaDB - issue #12784 Remove ctype installation suggestion - issue #12780 Format button replaces all text with blank spaces - issue #12786 Fixed database searching - issue #12792 Fixed javascript error on new version link - issue #12785 Add information about required and suggested extensions to composer.json - issue #12801 Custom header shown twice with cookie login form - issue #12802 Custom footer not shown with auth_type http login failure - issue #12434 Improve documentation for servers running with Suhosin - issue #12800 Updated embedded phpSecLib to 2.0.4 - issue #12800 Fixed various issues with PHP 7.1 - issue #11816 Fixed operation with lower_case_table_names=2 - issue #12813 Fixed stored procedure execution - issue #12826 Honor user configured connection collation - issue #12293 Correctly report OpenSSL errors from cookie encryption - issue #12814 DateTime won't allow to input length in Routine editor - issue #12840 Fix Notice regarding 'Undefined index: row_format' when altering table options - issue #12841 Fixed moving of columns with whitespace in name - issue #12847 Fixed editing of virtual columns - issue #12859 Changed WHERE condition to 0 instead of 1 for SQL query window to avoid accidents - issue #12872 Use same query for display and execution when dropping index - issue #12868 Fix check for user groups freatures being enabled - issue #12876 Fix notices and warning related to dbs_to_test global - issue #12831 Fix table formatting on Insert tab, which mostly affected row highlighting - issue #12495 Reintroduced phpinfo page with limited capabilities - issue #12861 Fix renaming tables with lower_case_table_names=2 - issue #12876 Fix possible PHP error in navigation - issue #12881 Fix database search with newer php-gettext - issue #12894 Fix linter error on unterminated variable name - issue #12732 Fixed filtering for active processes - issue [security] Multiple vulnerabilities in setup script, see PMASA-2016-44. - issue [security] Open redirect, see PMASA-2017-1. - issue [security] php-gettext code execution, see PMASA-2017-2. - issue [security] DOS vulnerabiltiy in table editing, see PMASA-2017-3. - issue [security] CSS injection in themes, see PMASA-2017-4. - issue [security] Cookie attribute injection attack, see PMASA-2017-5. - issue [security] SSRF in replication, see PMASA-2017-6. - issue [security] DOS in replication status, see PMASA-2017-7. --- Older ChangeLogs can be found on our project website --- https://www.phpmyadmin.net/old-stuff/ChangeLogs/ # vim: et ts=4 sw=4 sts=4 # vim: ft=changelog fenc=utf-8 # vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>4&&getline(v\:lnum)!~'^#' # vim: fdn=1 fdm=expr