Merge branch 'QA_4_9' into STABLE

.travis.yml

@@ -11,7 +11,6 @@ services:
   - mysql
 
 php:
-  - "7.4snapshot"
   - "7.3"
   - "7.2"
   - "7.1"
@@ -64,23 +63,37 @@ matrix:
   include:
     - php: "7.1"
       env: CI_MODE=selenium
+      before_install: phpenv config-rm xdebug.ini
     - php: "7.0"
       node_js: 10
       env: CI_MODE=release
     - php: "7.1"
       env: CI_MODE=docs
     - php: "7.1"
       env: CI_MODE=apidocs
+      before_install: phpenv config-rm xdebug.ini
     - os: osx
-      name: "PHP 7.3"
+      name: "PHP 7.4"
       language: node_js
       node_js: 10
       env: CI_MODE=test
       before_install:
         - brew link --force gettext
-        - echo "memory_limit=-1" > /usr/local/etc/php/7.3/conf.d/50-travis.ini
-        - echo "pcre.jit=0" >> /usr/local/etc/php/7.3/conf.d/50-travis.ini
+        - echo "memory_limit=-1" > /usr/local/etc/php/7.4/conf.d/50-travis.ini
+        - echo "pcre.jit=0" >> /usr/local/etc/php/7.4/conf.d/50-travis.ini
         - mysql.server start
+        - sleep 5
+        # Enable password access
+        - mysql -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('');"
+      install:
+        - composer require --no-interaction php>=7.1
+        - composer remove phpunit/phpunit-selenium --dev --no-interaction
+        - composer remove phpunit/phpunit --dev --no-interaction
+        - composer require --dev --no-interaction phpunit/phpunit ^8
+        - rm -rf test/selenium
+        - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i.bak~ 's/function setUpBeforeClass()/function setUpBeforeClass(): void/g'"
+        - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i.bak~ 's/function setUp()/function setUp(): void/g'"
+        - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i.bak~ 's/function tearDown()/function tearDown(): void/g'"
       addons:
         homebrew:
           packages:
@@ -100,24 +113,48 @@ matrix:
        - composer remove phpunit/phpunit --dev --no-interaction
        - composer require --dev --no-interaction phpunit/phpunit ^8
        - rm -rf test/selenium
-       - "find test/ -type f -print0 | xargs -0 sed -i 's/function setUpBeforeClass()/function setUpBeforeClass(): void/g'"
-       - "find test/ -type f -print0 | xargs -0 sed -i 's/function setUp()/function setUp(): void/g'"
-       - "find test/ -type f -print0 | xargs -0 sed -i 's/function tearDown()/function tearDown(): void/g'"
+       - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i 's/function setUpBeforeClass()/function setUpBeforeClass(): void/g'"
+       - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i 's/function setUp()/function setUp(): void/g'"
+       - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i 's/function tearDown()/function tearDown(): void/g'"
+    - php: "7.4"
+      env: CI_MODE=test
+      name: "PHP: 7.4"
+      install:
+       - composer require --no-interaction php>=7.1
+       - composer remove phpunit/phpunit-selenium --dev --no-interaction
+       - composer remove phpunit/phpunit --dev --no-interaction
+       - composer require --dev --no-interaction phpunit/phpunit ^8
+       - rm -rf test/selenium
+       - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i 's/function setUpBeforeClass()/function setUpBeforeClass(): void/g'"
+       - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i 's/function setUp()/function setUp(): void/g'"
+       - "find test/ -type f -iname '*.php' -print0 | xargs -0 sed -i 's/function tearDown()/function tearDown(): void/g'"
+       - phpenv config-rm xdebug.ini
     - php: "7.1"
       env: CI_MODE=test DBASE=true
       install:
         - pecl channel-update pecl.php.net
-        - pecl install dbase-7.0.0beta1
+        - pecl install dbase
         - test/ci-install-test
     - php: "5.6"
       env: CI_MODE=test DBASE=true
       install:
         - pecl channel-update pecl.php.net
-        - pecl install dbase
+        - pecl install dbase-5.1.1
         - test/ci-install-test
+    - php: "nightly"
+      env: CI_MODE=test
+      install:
+        - composer install --no-interaction --ignore-platform-reqs
+    - php: "7.1"
+      before_script: skip
+      after_script: skip
+      after_success: skip
+      script:
+        - test/ci-lint
+        - vendor/bin/phpcs --standard=phpcs.xml.dist
 
   allow_failures:
-    - php: "7.4snapshot"
+    - php: "nightly"
     - env: CI_MODE=test DBASE=true
 
 cache:

ChangeLog

@@ -1,6 +1,27 @@
 phpMyAdmin - ChangeLog
 ======================
 
+4.9.3 (2019-12-26)
+- issue #15570 Fix page contents go underneath of floating menubar in some cases
+- issue #15591 Fix php notice 'Undefined index: foreign_keys_data' on relations view when the user has column access
+- issue #15592 Fix php warning "error_reporting() has been disabled for security reasons"
+- issue #15434 Fix middle click on table sort column name shows a blank page
+- issue        Fix php notice "Undefined index table_create_time" when setting displayed columns on results of a view
+- issue #15571 Fix fatal error when trying to edit row with row checked and button under the table
+- issue #15633 Fix designer set display field broken for php 5.x versions
+- issue #15621 Support CloudFront-Forwarded-Proto header for Amazon CloudFront proxy
+- issue        Fix php 8.0 php notices - Undefined index on login page
+- issue #15640 Fix php 7.4 error when trying to access array offset on value of type null on table browse
+- issue #15641 Fix replication actions where broken (start slave, stop slave, reset, ...)
+- issue #15608 Fix DisableIS is broken when with controluser configured (database list broken)
+- issue #15614 Fix undefined offset on index page for MySQL 5.7.8 (server charset)
+- issue #15692 Fix JavaScript error when user has not enough privilege to view query statistics.
+- issue #14248 Fixed date selection in search menu missing higher Z-index value
+- issue        Fix Uncaught php TypeError on php 8.0 when adding a column to table create form
+- issue #15682 Fix calendar not taking current time as default value
+- issue #15636 Fix php error trying to access array offset on value o type null on replication GUI
+- issue #15695 Fix input field for the time in datetime picker is disabled
+
 4.9.2 (2019-11-21)
 - issue #14184 Change the cookie name from phpMyAdmin to phpMyAdmin_https for HTTPS, fixes many "Failed to set session cookie" errors
 - issue #15304 Fix ssl_use php error

README

@@ -1,7 +1,7 @@
 phpMyAdmin - Readme
 ===================
 
-Version 4.9.2
+Version 4.9.3
 
 A web interface for MySQL and MariaDB.
 

composer.json

@@ -93,5 +93,11 @@
         "branch-alias": {
             "dev-master": "4.9.x-dev"
         }
+    },
+    "scripts": {
+        "test": [
+            "phpcs",
+            "phpunit --color=always"
+        ]
     }
 }

db_designer.php

@@ -64,10 +64,10 @@
         $success = $designerCommon->saveTablePositions($page);
         $response->setRequestStatus($success);
     } elseif ($_POST['operation'] == 'setDisplayField') {
-        [
+        list(
             $success,
             $message,
-        ] = $designerCommon->saveDisplayField(
+        ) = $designerCommon->saveDisplayField(
             $_POST['db'],
             $_POST['table'],
             $_POST['field']

doc/conf.py

@@ -51,7 +51,7 @@
 # built documents.
 #
 # The short X.Y version.
-version = '4.9.2'
+version = '4.9.3'
 # The full version, including alpha/beta/rc tags.
 release = version
 
@@ -313,6 +313,8 @@
     r'https://pecl.php.net/.*',
     # 403 Client Error: Forbidden
     r'https://authy.com/.*',
+    # Site often changes links and reverts changes (9362bde02d0535a2f8cb74a18797249cb734c4b0)
+    r'https://www.yubico.com/.*',
     # 500 Server Error: Internal Server Error
     r'http://www.scriptalicious.com/.*',
 ]

doc/config.rst

@@ -709,7 +709,7 @@ Server connection settings
 
     More information on regular expressions can be found in the `PCRE
     pattern syntax
-    <https://secure.php.net/manual/en/reference.pcre.pattern.syntax.php>`_ portion
+    <https://www.php.net/manual/en/reference.pcre.pattern.syntax.php>`_ portion
     of the PHP reference manual.
 
 .. config:option:: $cfg['Servers'][$i]['verbose']
@@ -1450,7 +1450,7 @@ Server connection settings
     An associative array of session cookie parameters of other authentication system.
     It is not needed if the other system doesn't use session_set_cookie_params().
     Keys should include 'lifetime', 'path', 'domain', 'secure' or 'httponly'.
-    Valid values are mentioned in `session_get_cookie_params <https://secure.php.net/manual/en/
+    Valid values are mentioned in `session_get_cookie_params <https://www.php.net/manual/en/
     function.session-get-cookie-params.php>`_, they should be set to same values as the
     other application uses. Takes effect only if
     :config:option:`$cfg['Servers'][$i]['SignonScript']` is not configured.
@@ -1580,14 +1580,14 @@ Generic settings
     :type: boolean
     :default: false
 
-    Whether `persistent connections <https://secure.php.net/manual/en/features
+    Whether `persistent connections <https://www.php.net/manual/en/features
     .persistent-connections.php>`_ should be used or not. Works with
     following extensions:
 
-    * mysql (`mysql\_pconnect <https://secure.php.net/manual/en/function.mysql-
+    * mysql (`mysql\_pconnect <https://www.php.net/manual/en/function.mysql-
       pconnect.php>`_),
     * mysqli (requires PHP 5.3.0 or newer, `more information
-      <https://secure.php.net/manual/en/mysqli.persistconns.php>`_).
+      <https://www.php.net/manual/en/mysqli.persistconns.php>`_).
 
 .. config:option:: $cfg['ForceSSL']
 
@@ -1624,7 +1624,7 @@ Generic settings
     :default: ``''``
 
     Path for storing session data (`session\_save\_path PHP parameter
-    <https://secure.php.net/session_save_path>`_).
+    <https://www.php.net/session_save_path>`_).
 
     .. warning::
 
@@ -1781,7 +1781,7 @@ Cookie authentication options
 
     Define how long a login cookie is valid. Please note that php
     configuration option `session.gc\_maxlifetime
-    <https://secure.php.net/manual/en/session.configuration.php#ini.session.gc-
+    <https://www.php.net/manual/en/session.configuration.php#ini.session.gc-
     maxlifetime>`_ might limit session validity and if the session is lost,
     the login cookie is also invalidated. So it is a good idea to set
     ``session.gc_maxlifetime`` at least to the same value of

doc/faq.rst

@@ -212,7 +212,7 @@ your server - as mentioned in :ref:`faq1_17`. This problem is
 generally caused by using MySQL version 4.1 or newer. MySQL changed
 the authentication hash and your PHP is trying to use the old method.
 The proper solution is to use the `mysqli extension
-<https://secure.php.net/mysqli>`_ with the proper client library to match
+<https://www.php.net/mysqli>`_ with the proper client library to match
 your MySQL installation. More
 information (and several workarounds) are located in the `MySQL
 Documentation <https://dev.mysql.com/doc/refman/5.7/en/common-errors.html>`_.
@@ -823,7 +823,7 @@ Here are a few points to check:
 ---------------------------------
 
 To be able to see a progress bar during your uploads, your server must
-have the `APC <https://secure.php.net/manual/en/book.apc.php>`_ extension, the
+have the `APC <https://www.php.net/manual/en/book.apc.php>`_ extension, the
 `uploadprogress <https://pecl.php.net/package/uploadprogress>`_ one, or
 you must be running PHP 5.4.0 or higher. Moreover, the JSON extension
 has to be enabled in your PHP.
@@ -1052,7 +1052,7 @@ is no way for PHP to set the charset before authenticating.
 .. seealso::
 
     `phpMyAdmin issue 12232 <https://github.com/phpmyadmin/phpmyadmin/issues/12232>`_,
-    `MySQL documentation note <https://secure.php.net/manual/en/mysqli.real-connect.php#refsect1-mysqli.real-connect-notes>`_
+    `MySQL documentation note <https://www.php.net/manual/en/mysqli.real-connect.php#refsect1-mysqli.real-connect-notes>`_
 
 .. _faqmultiuser:
 
@@ -1788,7 +1788,7 @@ in Browse mode or on the Structure page.
 -----------------------------------
 
 In all places where phpMyAdmin accepts format strings, you can use
-``@VARIABLE@`` expansion and `strftime <https://secure.php.net/strftime>`_
+``@VARIABLE@`` expansion and `strftime <https://www.php.net/strftime>`_
 format strings. The expanded variables depend on a context (for
 example, if you haven't chosen a table, you can not get the table
 name), but the following variables can be used:

doc/glossary.rst

@@ -208,7 +208,7 @@ From Wikipedia, the free encyclopedia
 
        If you have troubles installing this extension, please follow :ref:`faqmysql`, it provides useful hints.
 
-       .. seealso:: <https://secure.php.net/manual/en/book.mbstring.php>
+       .. seealso:: <https://www.php.net/manual/en/book.mbstring.php>
 
     MCrypt
       a cryptographic library.
@@ -218,7 +218,7 @@ From Wikipedia, the free encyclopedia
     mcrypt
       the MCrypt PHP extension.
 
-      .. seealso:: <https://secure.php.net/mcrypt>
+      .. seealso:: <https://www.php.net/mcrypt>
 
     MIME
       Multipurpose Internet Mail Extensions is
@@ -243,12 +243,12 @@ From Wikipedia, the free encyclopedia
     mysqli
       the improved MySQL client PHP extension.
 
-      .. seealso:: <https://secure.php.net/manual/en/book.mysqli.php>
+      .. seealso:: <https://www.php.net/manual/en/book.mysqli.php>
 
     mysql
       the MySQL client PHP extension.
 
-      .. seealso:: <https://secure.php.net/manual/en/book.mysql.php>
+      .. seealso:: <https://www.php.net/manual/en/book.mysql.php>
 
     OpenDocument
       an open standard for office documents.
@@ -276,7 +276,7 @@ From Wikipedia, the free encyclopedia
       Perl Compatible Regular Expressions is the perl-compatible regular
       expression functions for PHP
 
-      .. seealso:: <https://secure.php.net/pcre>
+      .. seealso:: <https://www.php.net/pcre>
 
     PHP
       short for "PHP: Hypertext Preprocessor", is an open-source, reflective

doc/require.rst

@@ -24,19 +24,19 @@ PHP
   ("image/jpeg: inline") with their original aspect ratio.
 
 * When using the cookie authentication (the default), the `openssl
-  <https://secure.php.net/openssl>`_ extension is strongly suggested.
+  <https://www.php.net/openssl>`_ extension is strongly suggested.
 
 * To support upload progress bars, see :ref:`faq2_9`.
 
 * To support XML and Open Document Spreadsheet importing, you need the
-  `libxml <https://secure.php.net/libxml>`_ extension.
+  `libxml <https://www.php.net/libxml>`_ extension.
 
 * To support reCAPTCHA on the login page, you need the
-  `openssl <https://secure.php.net/openssl>`_ extension.
+  `openssl <https://www.php.net/openssl>`_ extension.
 
 * To support displaying phpMyAdmin's latest version, you need to enable
   ``allow_url_open`` in your :file:`php.ini` or to have the
-  `curl <https://secure.php.net/curl>`_ extension.
+  `curl <https://www.php.net/curl>`_ extension.
 
 .. seealso:: :ref:`faq1_31`, :ref:`authentication_modes`
 

doc/setup.rst

@@ -1008,7 +1008,7 @@ are always ways to make your installation more secure:
 * Serve phpMyAdmin on HTTPS only. Preferably, you should use HSTS as well, so that
   you're protected from protocol downgrade attacks.
 * Ensure your PHP setup follows recommendations for production sites, for example
-  `display_errors <https://secure.php.net/manual/en/errorfunc.configuration.php#ini.display-errors>`_
+  `display_errors <https://www.php.net/manual/en/errorfunc.configuration.php#ini.display-errors>`_
   should be disabled.
 * Remove the ``test`` directory from phpMyAdmin, unless you are developing and need a test suite.
 * Remove the ``setup`` directory from phpMyAdmin, you will probably not

doc/transformations.rst

@@ -134,9 +134,9 @@ The applyTransformation() method always gets passed three variables:
    function as an array.
 #. **$meta** - Contains an object with information about your column. The
    data is drawn from the output of the `mysql\_fetch\_field()
-   <https://secure.php.net/mysql_fetch_field>`_ function. This means, all
+   <https://www.php.net/mysql_fetch_field>`_ function. This means, all
    object properties described on the `manual page
-   <https://secure.php.net/mysql_fetch_field>`_ are available in this
+   <https://www.php.net/mysql_fetch_field>`_ are available in this
    variable and can be used to transform a column accordingly to
    unsigned/zerofill/not\_null/... properties. The $meta->mimetype
    variable contains the original MIME-type of the column (i.e.

index.php

@@ -376,7 +376,7 @@
         $GLOBALS['cfg']['Server']['DisableIS']
     );
 
-    echo '           ' , $charsets[$charset], ' (' . $charset, ')';
+    echo '           ' , (isset($charsets[$charset]) ? $charsets[$charset] : '') , ' (' . $charset, ')';
     echo '        </span>'
        . '    </li>'
        . '  </ul>'

js/functions.js

@@ -98,7 +98,14 @@ function PMA_addDatepicker ($this_element, type, options) {
         showTimepicker = false;
     }
 
+    // Getting the current Date and time
+    var currentDateTime = new Date();
+
     var defaultOptions = {
+        timeInput : true,
+        hour: currentDateTime.getHours(),
+        minute: currentDateTime.getMinutes(),
+        second: currentDateTime.getSeconds(),
         showOn: 'button',
         buttonImage: themeCalendarImage, // defined in js/messages.php
         buttonImageOnly: true,