ChangeLog 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277
  1. phpMyAdmin - ChangeLog
  2. ======================
  3. 5.2.2 (2025-01-21)
  4. - issue [security] Fix for a path disclosure leak in the Monitoring tab
  5. - issue Prevent the user from deleting system databases
  6. - issue [security] Fix an XSS vulnerability when checking tables (PMASA-2025-1)
  7. - issue [security] Fix an XSS vulnerability on the Insert tab (PMASA-2025-2)
  8. - issue [security] Fix a possible glibc/iconv vulnerability (CVE-2024-2961, assigned PMASA-2025-3 but please note that phpMyAdmin is not vulnerable by default)
  9. - issue Fix for sql-parser relating to quadratic complexity in certain queries, which could have caused long execution times.
  10. - issue #17851 Fix total count of rows in not accurate
  11. - issue #17766 Allow to open in a new tab copy and edit row actions
  12. - issue #17599 Fix error when handling an user that is not in privileges table
  13. - issue #17364 Fix error when trying to import a status monitor chart arrangement
  14. - issue #18106 Fix renaming database with a view
  15. - issue #18120 Fix bug with numerical tables during renaming database
  16. - issue #16851 Fix ($cfg['Order']) default column order doesn't have have any effect since phpMyAdmin 4.2.0
  17. - issue #18138 Fix some issues with numerical table names
  18. - issue #18112 Fix open base dir warning on git version class
  19. - issue #18211 Fix the themes route missing the server ID
  20. - issue Do not show "Original length undefined" on binary hex columns
  21. - issue Fix wrong time zone when handling Git information
  22. - issue #18195 Fix warning on non-existent table for XML export
  23. - issue #18196 Fix errors of import notification
  24. - issue #18093 Fix JS errors around "new user account" in some edge cases
  25. - issue #16451 Increase password characters limit to 2000 during login
  26. - issue #18177 Fix "IS NULL" is shown for non-nullable columns on search page
  27. - issue #16199 Fix dragging of tables in designer
  28. - issue #18268 Fix UI issue the theme manager is disabled
  29. - issue #18258 Speed improvements when exporting a database
  30. - issue #17702 Fix performance issue when handling large number of tables in a single database
  31. - issue #18324 Fix UI defect on tracking versions table first column
  32. - issue #18266 Fix disabling features (like `$cfg['Servers'][$i]['tracking'] = false;`) did not work
  33. - issue #18296 Fixed query time measurement - measure time only for user queries
  34. - issue #18235 Fix columns are misaligned for the "sys" database
  35. - issue #18249 Speed improvements when browsing a database with multiple tables
  36. - issue #18060 Fix Console height "Not a non-negative number" error
  37. - issue #18188 Fix issue when editing GIS data
  38. - issue Fix width/height of create routines modal and width of routines/triggers/events modals
  39. - issue Stop pmadb database detection when all features are disabled
  40. - issue Upgrade slim/psr7 to 1.4.1 for CVE-2023-30536 - GHSA-q2qj-628g-vhfw
  41. - issue #17654 Fix unprivileged user cannot change password on MySQL >= 5.7.37
  42. - issue #18385 Add CVE MITRE link to allowed domains and use cve.org
  43. - issue #18330 Fix TypeError when no-datetime field is modified
  44. - issue #18212 Fix Query Builder doesn't replace a table name with it's alias in the `WHERE` block
  45. - issue #18221 Keep the criteria box collapsed by the user when un-checking the criteria checkbox
  46. - issue #18363 Fix colspan for actions column on database table list
  47. - issue Fix double encoding on User Groups pages
  48. - issue Fix list of users of an user group not showing up
  49. - issue Fix duplicate query params in the SQL message card
  50. - issue #18314 Fix dragged row in index form
  51. - issue #17392 Fix the actions not being hidden in the Triggers, Routines, Events pages
  52. - issue #18441 Fix execute routine page not working when not in a modal
  53. - issue #18471 Fix SQL statement not being displayed correctly on RTL languages
  54. - issue Fix state times not getting summed in the profiling table
  55. - issue Fix a case where a fatal error message was not displayed
  56. - issue #17420 Fix profiling chart not loading when profiling is activated
  57. - issue #18159 Fix error when changing the number of chart columns in the monitor page
  58. - issue #18403 Fix Uncaught SyntaxError: JSON.parse on makegrid conditions
  59. - issue #17528 Fix double escaping of database group names in the navigation tree
  60. - issue #18473 Fix the NULL not applied after clearing nullable field
  61. - issue #18454 Fix date field calendar display when changing NULL state
  62. - issue #18481 Fix missing pagination when using SELECT DISTINCT
  63. - issue #18325 Allow hex representations for integers in the search box validation
  64. - issue #14411 Fixed double tap to edit on mobile devices
  65. - issue Update documentation to reflect that Node >= 12 is required to compile the JS and CSS files
  66. - issue #18578 Fixed PDF export NULL values gives a type error
  67. - issue #18605 Fixed issue when executing a stored procedure
  68. - issue #18650 Fixed double escaping on foreign key relation link title
  69. - issue #18533 Fixed wrong count for simulated queries
  70. - issue #18611 Fixed an error when searching a table without conditions
  71. - issue #18663 Fixed case where triggers are dropped when moving a table
  72. - issue #17404 Fixed an error message after dropping a database
  73. - issue #18714 Fixed incorrect formatting of the amount of table rows
  74. - issue #18717 Fixed issue when deleting bookmarks
  75. - issue #18713 Fixed some issues with the GIS editor
  76. - issue #18722 Fixed generic error message in the home page
  77. - issue #18693 Fixed enum/set value escaping
  78. - issue #18769 Improved collations support for MariaDB 10.10
  79. - issue #17381 Fixed JS errors when editing indexes on create table
  80. - issue #14402 Fix the PRIMARY label still shown when using two columns for a PK on create table
  81. - issue #17347 Fixed JS errors when changing index settings on create table
  82. - issue #18762 Fixed truncating tables when a VIEW is included
  83. - issue Fix BETWEEN search does not validate input because of spaces
  84. - issue Fix JS number validation does not validate when the input is empty or emptied
  85. - issue #18561 Fix issue when adding System Monitor charts
  86. - issue #17363 Fix duplicate route parameter after logging in
  87. - issue #15670 Fix case where the data is truncated after changing a longtext column's collation
  88. - issue #18797 Fixed support for ampersand as a arg separator
  89. - issue #18834 Fixed case where column hash is empty in table relation page
  90. - issue #17538 Fixed error when renaming an index
  91. - issue #18865 Fix missing text-nowrap for timestamps columns
  92. - issue #18613 Fixed routine editor showing wrong parameter type
  93. - issue #18890 Fixed wrong row count when query has UNION
  94. - issue #18949 Fixed natural sorting for items in the navigation section
  95. - issue #18930 Fixed import of empty tables from MediaWiki
  96. - issue #18940 Fixed issue when creating an unique key
  97. - issue #19022 Fix case where tables from wrong database is loaded in navigation tree
  98. - issue #18782 Fixed issue with role based auth for MySQL 8
  99. - issue #18593 Fix drop db line included in server export if exporting only data
  100. - issue #18049 Also check that curl_exec is enabled for the new version check
  101. - issue #19023 Fixed table size for ROCKSDB engine showing as unknown
  102. - issue #18451 Fix when editing inline central column, Null is always preselected
  103. - issue #18495 Fixed database export missing routines
  104. - issue #19117 Allow changing the virtuality of a column without any other changes
  105. - issue #18566 Fixed error when importing exported view with USE INDEX hint
  106. - issue #17920 Fixed moving column with empty default value will replace it with ''
  107. - issue #18006 Fixed moving columns causes the default uuid() value to get quotes around it
  108. - issue #18962 Fixed move columns with ENUM() & DEFAULT causes invalid SQL
  109. - issue #18276 Fix on update CURRENT_TIMESTAMP doesn't show as default in attributes
  110. - issue #18240 Fix inserting value with UNIX_TIMESTAMP() without a parameter
  111. - issue #19125 Fixed CodeMirror tooltip is below modals
  112. - issue #18674 Fix formatted sql in browse table result has a linebreak after each token
  113. - issue #18210 Fixed add replica replication user on MariaDB doesn't work (SQL syntax)
  114. - issue #19041 Fix footer.twig gets printed to Binary File Download
  115. - issue #19091 Fix to stop processing queries on error
  116. - issue #18241 Fix copy SQL query button on error messages
  117. - issue #17190 Fix an error with SELECT ... FOR UPDATE queries
  118. - issue #19145 Remove duplicate server and lang parameters from links
  119. - issue #19158 Fix an issue with backticks on the query generator
  120. - issue #19174 Fix an issue with column alias with asterisk on the query generator
  121. - issue #19146 Fix column sorting with limit subquery
  122. - issue #19152 Fix the number of lines being ignored in GIS visualization after a search
  123. - issue #19189 Fix issue with column sorting when using 'group by'
  124. - issue #19188 Fix issue with simulated queries reporting syntax errors
  125. - issue #19141 Add cookie prefix '-__Secure-' to cookies to help prevent cookie smuggling
  126. - issue #19218 Fix textarea horizontal resizing with Bootstap theme
  127. - issue #19199 Add support for fractional seconds to current_timestamp()
  128. - issue #19221 Fix query statistics for queries with count(*)
  129. - issue #19203 Fix single quotes and backslashes for the query generator
  130. - issue #19163 Fix queries with IS NULL or IS NOT NULL for the query generator
  131. - issue #19181 Fix query generator support for IN() and NOT IN()
  132. - issue #19167 Fix criteria on column '*' for the query generator
  133. - issue #19213 Fix possible issue when exporting a large data set
  134. - issue #19217 Fix issue when editing a cell of a JSON column
  135. - issue #19244 Add yarn 1.22 to the package.json's packageManager field
  136. - issue #19185 Fix visual issue when a row has only empty cells
  137. - issue #19257 Fix issue when adding an index with an invalid name
  138. - issue #19276 Fix compatibility with Twig 3.12
  139. - issue #19283 Fix issue when the server starts with skip-innodb option
  140. - issue #19299 Fix charset in procedure's parameter type
  141. - issue #19316 Fix input size for hexadecimal values
  142. - issue #19321 Suppress deprecation message of E_STRICT constant
  143. - issue Fix PHP 8.4 `str_getcsv` `$escape` parameter deprecation
  144. - issue #19426 Fix PHP warnings when the column is a `COMPRESSED BLOB`
  145. - issue Allow opening server breadcrumb links in new tab with Ctrl/Meta key
  146. - issue #19500 Use `KILL` instead of `CALL mysql.rds_kill` for non super users
  147. - issue Fix "copy to clipboard" was adding a blank row for each repeating header row
  148. - issue Fix TCPDF translations
  149. - issue Remove underline for links on Bootstrap theme
  150. - issue Fix sql editor height on multi-table query
  151. - issue #18852 Fix notification color scheme on the Bootstrap dark theme
  152. - issue #14542 Show the query even if no results are found in the Table search
  153. - issue #16936 Fixed import (e.g. ods) doesn't respect database default collation
  154. - issue #19000 Disable autocomplete for the create table/db name inputs
  155. 5.2.1 (2023-02-07)
  156. - issue #17522 Fix case where the routes cache file is invalid
  157. - issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick
  158. - issue Fix blank page when some error occurs
  159. - issue #17519 Fix Export pages not working in certain conditions
  160. - issue #17496 Fix error in table operation page when partitions are broken
  161. - issue #17386 Fix system memory and system swap values on Windows
  162. - issue #17517 Fix Database Server panel not getting hidden by ShowServerInfo configuration directive
  163. - issue #17271 Fix database names not showing on Processes tab
  164. - issue #17424 Fix export limit size calculation
  165. - issue #17366 Fix refresh rate popup on Monitor page
  166. - issue #17577 Fix monitor charts size on RTL languages
  167. - issue #17121 Fix password_hash function incorrectly adding single quotes to password before hashing
  168. - issue #17586 Fix statistics not showing for empty databases
  169. - issue #17592 Clicking on the New index link on the sidebar does not throw an error anymore
  170. - issue #17584 It's now possible to browse a database that includes two % in its name
  171. - issue Fix PHP 8.2 deprecated string interpolation syntax
  172. - issue Some languages are now correctly detected from the HTTP header
  173. - issue #17617 Sorting is correctly remembered when $cfg['RememberSorting'] is true
  174. - issue #17593 Table filtering now works when action buttons are on the right side of the row
  175. - issue #17388 Find and Replace using regex now makes a valid query if no matching result set found
  176. - issue #17551 Enum/Set editor will not fail to open when creating a new column
  177. - issue #17659 Fix error when a database group is named tables, views, functions, procedures or events
  178. - issue #17673 Allow empty values to be inserted into columns
  179. - issue #17620 Fix error handling at phpMyAdmin startup for the JS SQL console
  180. - issue Fixed debug queries console broken UI for query time and group count
  181. - issue Fixed escaping of SQL query and errors for the debug console
  182. - issue Fix console toolbar UI when the bookmark feature is disabled and sql debug is enabled
  183. - issue #17543 Fix JS error on saving a new designer page
  184. - issue #17546 Fix JS error after using save as and open page operation on the designer
  185. - issue Fix PHP warning on GIS visualization when there is only one GIS column
  186. - issue #17728 Some select HTML tags will now have the correct UI style
  187. - issue #17734 PHP deprecations will only be shown when in a development environment
  188. - issue #17369 Fix server error when blowfish_secret is not exactly 32 bytes long
  189. - issue #17736 Add utf8mb3 as an alias of utf8 on the charset description page
  190. - issue #16418 Fix FAQ 1.44 about manually removing vendor folders
  191. - issue #12359 Setup page now sends the Content-Security-Policy headers
  192. - issue #17747 The Column Visibility Toggle will not be hidden by other elements
  193. - issue #17756 Edit/Copy/Delete row now works when using GROUP BY
  194. - issue #17248 Support the UUID data type for MariaDB >= 10.7
  195. - issue #17656 Fix replace/change/set table prefix is not working
  196. - issue Fix monitor page filter queries only filtering the first row
  197. - issue Fix "Link not found!" on foreign columns for tables having no char column to show
  198. - issue #17390 Fix "Create view" modal doesn't show on results and empty results
  199. - issue #17772 Fix wrong styles for add button from central columns
  200. - issue #17389 Fix HTML disappears when exporting settings to browser's storage
  201. - issue #17166 Fix "Warning: #1287 'X' is deprecated [...] Please use ST_X instead." on search page
  202. - issue Use jquery-migrate.min.js (14KB) instead of jquery-migrate.min.js (31KB)
  203. - issue #17842 Use jquery.validate.min.js (24 KB) instead of jquery.validate.js (50 KB)
  204. - issue #17281 Fix links to databases for information_schema.SCHEMATA
  205. - issue #17553 Fix Metro theme unreadable links above navigation tree
  206. - issue #17553 Metro theme UI fixes and improvements
  207. - issue #17553 Fix Metro theme login form with
  208. - issue #16042 Exported gzip file of database has first ~73 kB uncompressed and rest is gzip compressed in Firefox
  209. - issue #17705 Fix inline SQL query edit FK checkbox preventing submit buttons from working
  210. - issue #17777 Fix Uncaught TypeError: Cannot read properties of null (reading 'inline') on datepickers when re-opened
  211. - issue Fix Original theme buttons style and login form width
  212. - issue #17892 Fix closing index edit modal and reopening causes it to fire twice
  213. - issue #17606 Fix preview SQL modal not working inside "Add Index" modal
  214. - issue Fix PHP error on adding new column on create table form
  215. - issue #17482 Default to "Full texts" when running explain statements
  216. - issue Fixed Chrome scrolling performance issue on a textarea of an "export as text" page
  217. - issue #17703 Fix datepicker appears on all fields, not just date
  218. - issue Fix space in the tree line when a DB is expanded
  219. - issue #17340 Fix "New Table" page -> "VIRTUAL" attribute is lost when adding a new column
  220. - issue #17446 Fix missing option for STORED virtual column on MySQL and PERSISTENT is not supported on MySQL
  221. - issue #17446 Lower the check for virtual columns to MySQL>=5.7.6 nothing is supported on 5.7.5
  222. - issue Fix column names option for CSV Export
  223. - issue #17177 Fix preview SQL when reordering columns doesn't work on move columns
  224. - issue #15887 Fixed DROP TABLE errors ignored on multi table select for DROP
  225. - issue #17944 Fix unable to create a view from tree view button
  226. - issue #17927 Fix key navigation between select inputs (drop an old Firefox workaround)
  227. - issue #17967 Fix missing icon for collapse all button
  228. - issue #18006 Fixed UUID columns can't be moved
  229. - issue Add `spellcheck="false"` to all password fields and some text fields to avoid spell-jacking data leaks
  230. - issue Remove non working "Analyze Explain at MariaDB.org" button (MariaDB stopped this service)
  231. - issue #17229 Add support for Web Authentication API because Chrome removed support for the U2F API
  232. - issue #18019 Fix "Call to a member function fetchAssoc() on bool" with SQL mode ONLY_FULL_GROUP_BY on monitor search logs
  233. - issue Add back UUID and UUID_SHORT to functions on MySQL and all MariaDB versions
  234. - issue #17398 Fix clicking on JSON columns triggers update query
  235. - issue Fix silent JSON parse error on upload progress
  236. - issue #17833 Fix "Add Parameter" button not working for Add Routine Screen
  237. - issue #17365 Fixed "Uncaught Error: regexp too big" on server status variables page
  238. - issue [security] Fix an XSS attack through the drag-and-drop upload feature (PMASA-2023-01)
  239. 5.2.0 (2022-05-10)
  240. - issue #16521 Upgrade Bootstrap to version 5
  241. - issue #16521 Drop support for Internet Explorer and others
  242. - issue Upgrade to shapefile 3
  243. - issue #16555 Bump minimum PHP version to 7.2
  244. - issue Remove the phpseclib dependency
  245. - issue Upgrade Symfony components to version 5.2
  246. - issue Upgrade to Motranslator 4
  247. - issue #16005 Improve the performance of the Export logic
  248. - issue #16829 Add "NOT LIKE %...%" operator to Table search
  249. - issue #16845 Fixed some links not passing through url.php
  250. - issue #16382 Remove apc upload progress method (all upload progress code was removed from the PHP extension)
  251. - issue #16974 Replace zxcvbn by zxcvbn-ts
  252. - issue #15691 Disable the last column checkbox in the column list dropdown instead of not allowing un-check
  253. - issue #16138 Ignore the length of integer types and show a warning on MySQL >= 8.0.18
  254. - issue Add support for the Mroonga engine
  255. - issue Double click column name to directly copy to clipboard
  256. - issue #16425 Add "DELETE FROM" table on table operations page
  257. - issue #16482 Add a select all link for table-specific privileges
  258. - issue #14276 Add support for account locking
  259. - issue #17143 Use composer/ca-bundle to manage the CA cert file
  260. - issue #17143 Require the openssl PHP extension
  261. - issue #17171 Remove the printview.css file from themes
  262. - issue #17203 Redesign the export and the import pages
  263. - issue #16197 Replace the master/slave terminology
  264. - issue #17257 Replace libraries/vendor_config.php constants with an array
  265. - issue Add the Bootstrap theme
  266. - issue #17499 Remove stickyfilljs JavaScript dependency
  267. --- Older ChangeLogs can be found on our project website ---
  268. https://www.phpmyadmin.net/old-stuff/ChangeLogs/
  269. # vim: et ts=4 sw=4 sts=4
  270. # vim: ft=changelog fenc=utf-8
  271. # vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>4&&getline(v\:lnum)!~'^#'
  272. # vim: fdn=1 fdm=expr