Merge branch 'MAINT_4_4_15' into STABLE

ChangeLog

@@ -1,6 +1,20 @@
 phpMyAdmin - ChangeLog
 ======================
 
+4.4.15.0 (2015-09-20)
+- issue #11411 Undefined "replace" function on numeric scalar
+- issue #11421 Stored-proc / routine - broken parameter parsing
+- issue        Missing name for configuration read_as_multibytes
+- issue #11431 Incorrect "No row selected" message
+- issue #11447 MySQL 5.5 and the language system variable
+- issue #11452 Semantics of export and import icons are mixed up
+- issue #11451 Designer-Bug in move.js on multiple server configuration
+- issue #11458 Invalid UTF-8 sequence in argument
+- issue #11457 Request URI too large
+- issue        Invalid argument supplied for foreach()
+- issue #11461 Foreign key constraints for InnoDB tables with upper-case letters disabled
+- issue #11487 Warning when entering Query page
+
 4.4.14.1 (2015-09-08)
 - issue        [security] reCaptcha bypass
 

README

@@ -1,7 +1,7 @@
 phpMyAdmin - Readme
 ===================
 
-Version 4.4.14.1
+Version 4.4.15
 
 A set of PHP-scripts to manage MySQL over the web.
 

doc/conf.py

@@ -51,7 +51,7 @@
 # built documents.
 #
 # The short X.Y version.
-version = '4.4.14.1'
+version = '4.4.15'
 # The full version, including alpha/beta/rc tags.
 release = version
 

doc/require.rst

@@ -12,7 +12,7 @@ web server (such as Apache, :term:`IIS`) to install phpMyAdmin's files into.
 PHP
 ---
 
-* You need PHP 5.3.0 or newer, with ``session`` support, the Standard PHP Library
+* You need PHP 5.3.7 or newer, with ``session`` support, the Standard PHP Library
   (SPL) extension, JSON support, and the ``mbstring`` extension.
 
 * To support uploading of ZIP files, you need the PHP ``zip`` extension.

js/functions.js

@@ -144,6 +144,7 @@ function PMA_tooltip($elements, item, myContent, additionalOptions)
 function escapeHtml(unsafe) {
     if (typeof(unsafe) != 'undefined') {
         return unsafe
+            .toString()
             .replace(/&/g, "&")
             .replace(/</g, "&lt;")
             .replace(/>/g, "&gt;")

js/pmd/move.js

@@ -676,6 +676,7 @@ function Save3(callback)
         };
 
         var $form = $('<form action="db_designer.php" method="post" name="save_page" id="save_page" class="ajax"></form>')
+            .append('<input type="hidden" name="server" value="' + server + '" />')
             .append('<input type="hidden" name="db" value="' + db + '" />')
             .append('<input type="hidden" name="token" value="' + token + '" />')
             .append('<input type="hidden" name="operation" value="savePage" />')
@@ -718,7 +719,7 @@ function Edit_pages()
         };
 
         var $msgbox = PMA_ajaxShowMessage();
-        var params = 'ajax_request=true&dialog=edit&token=' + token + '&db=' + db;
+        var params = 'ajax_request=true&dialog=edit&server=' + server + '&token=' + token + '&db=' + db;
         $.get("db_designer.php", params, function (data) {
             if (data.success === false) {
                 PMA_ajaxShowMessage(data.error, false);
@@ -798,7 +799,7 @@ function Delete_pages()
     };
 
     var $msgbox = PMA_ajaxShowMessage();
-    var params = 'ajax_request=true&dialog=delete&token=' + token + '&db=' + db;
+    var params = 'ajax_request=true&dialog=delete&server=' + server + '&token=' + token + '&db=' + db;
     $.get("db_designer.php", params, function (data) {
         if (data.success === false) {
             PMA_ajaxShowMessage(data.error, false);
@@ -897,7 +898,7 @@ function Save_as()
     };
 
     var $msgbox = PMA_ajaxShowMessage();
-    var params = 'ajax_request=true&dialog=save_as&token=' + token + '&db=' + db;
+    var params = 'ajax_request=true&dialog=save_as&server=' + server + '&token=' + token + '&db=' + db;
     $.get("db_designer.php", params, function (data) {
         if (data.success === false) {
             PMA_ajaxShowMessage(data.error, false);
@@ -974,7 +975,7 @@ function Export_pages()
         $(this).dialog('close');
     };
     var $msgbox = PMA_ajaxShowMessage();
-    var params = 'ajax_request=true&dialog=export&token=' + token + '&db=' + db + '&selected_page=' + selected_page;
+    var params = 'ajax_request=true&dialog=export&server=' + server + '&token=' + token + '&db=' + db + '&selected_page=' + selected_page;
     $.get("db_designer.php", params, function (data) {
         if (data.success === false) {
             PMA_ajaxShowMessage(data.error, false);
@@ -1015,7 +1016,7 @@ function Load_page(page) {
         if (page !== null) {
             param_page = '&page=' + page;
         }
-        $('<a href="db_designer.php?db=' + db + '&token=' + token + param_page + '"></a>')
+        $('<a href="db_designer.php?server=' + server + '&db=' + db + '&token=' + token + param_page + '"></a>')
             .appendTo($('#page_content'))
             .click();
     } else {

libraries/Config.class.php

@@ -114,7 +114,7 @@ function __construct($source = null)
      */
     function checkSystem()
     {
-        $this->set('PMA_VERSION', '4.4.14.1');
+        $this->set('PMA_VERSION', '4.4.15');
         /**
          * @deprecated
          */

libraries/DatabaseInterface.class.php

@@ -228,42 +228,43 @@ public function tryMultiQuery($multi_query = '', $link = null)
     public function convertMessage($message)
     {
         // latin always last!
+        // @todo some values are missing,
+        // see https://mariadb.com/kb/en/mariadb/server-locale/
+
         $encodings = array(
-            'japanese'      => 'EUC-JP', //'ujis',
-            'japanese-sjis' => 'Shift-JIS', //'sjis',
-            'korean'        => 'EUC-KR', //'euckr',
-            'russian'       => 'KOI8-R', //'koi8r',
-            'ukrainian'     => 'KOI8-U', //'koi8u',
-            'greek'         => 'ISO-8859-7', //'greek',
-            'serbian'       => 'CP1250', //'cp1250',
-            'estonian'      => 'ISO-8859-13', //'latin7',
-            'slovak'        => 'ISO-8859-2', //'latin2',
-            'czech'         => 'ISO-8859-2', //'latin2',
-            'hungarian'     => 'ISO-8859-2', //'latin2',
-            'polish'        => 'ISO-8859-2', //'latin2',
-            'romanian'      => 'ISO-8859-2', //'latin2',
-            'spanish'       => 'CP1252', //'latin1',
-            'swedish'       => 'CP1252', //'latin1',
-            'italian'       => 'CP1252', //'latin1',
-            'norwegian-ny'  => 'CP1252', //'latin1',
-            'norwegian'     => 'CP1252', //'latin1',
-            'portuguese'    => 'CP1252', //'latin1',
-            'danish'        => 'CP1252', //'latin1',
-            'dutch'         => 'CP1252', //'latin1',
-            'english'       => 'CP1252', //'latin1',
-            'french'        => 'CP1252', //'latin1',
-            'german'        => 'CP1252', //'latin1',
+            'ja' => 'EUC-JP', //'ujis',
+            'ko' => 'EUC-KR', //'euckr',
+            'ru' => 'KOI8-R', //'koi8r',
+            'uk' => 'KOI8-U', //'koi8u',
+            'sr' => 'CP1250', //'cp1250',
+            'et' => 'ISO-8859-13', //'latin7',
+            'sk' => 'ISO-8859-2', //'latin2',
+            'cz' => 'ISO-8859-2', //'latin2',
+            'hu' => 'ISO-8859-2', //'latin2',
+            'pl' => 'ISO-8859-2', //'latin2',
+            'ro' => 'ISO-8859-2', //'latin2',
+            'es' => 'CP1252', //'latin1',
+            'sv' => 'CP1252', //'latin1',
+            'it' => 'CP1252', //'latin1',
+            'no' => 'CP1252', //'latin1',
+            'pt' => 'CP1252', //'latin1',
+            'da' => 'CP1252', //'latin1',
+            'nl' => 'CP1252', //'latin1',
+            'en' => 'CP1252', //'latin1',
+            'fr' => 'CP1252', //'latin1',
+            'de' => 'CP1252', //'latin1',
         );
 
         $server_language = $this->fetchValue(
-            'SHOW VARIABLES LIKE \'language\';',
+            'SELECT @@lc_messages;',
             0,
-            1
+            0
         );
+
         if ($server_language) {
             $found = array();
             $match = preg_match(
-                '&(?:\\\|\\/)([^\\\\\/]*)(?:\\\|\\/)$&i',
+                '&([a-z][a-z])_&i',
                 $server_language,
                 $found
             );
@@ -321,7 +322,8 @@ private function _getTableCondition($table, $tbl_is_group, $table_type)
                     )
                     . '%\'';
             } else {
-                $sql_where_table = 'AND t.`TABLE_NAME` = \''
+                $sql_where_table = 'AND t.`TABLE_NAME` '
+                    . PMA_Util::getCollateForIS() . ' = \''
                     . PMA_Util::sqlAddSlashes($table) . '\'';
             }
         } else {
@@ -423,7 +425,7 @@ private function _getSqlForTablesFull($this_databases, $sql_where_table)
                     `CREATE_OPTIONS`     AS `Create_options`,
                     `TABLE_COMMENT`      AS `Comment`
                 FROM `information_schema`.`TABLES` t
-                WHERE ' . (PMA_IS_WINDOWS ? '' : 'BINARY') . ' `TABLE_SCHEMA`
+                WHERE `TABLE_SCHEMA` ' . PMA_Util::getCollateForIS() . '
                     IN (\'' . implode("', '", $this_databases) . '\')
                     ' . $sql_where_table;
         }
@@ -1410,16 +1412,16 @@ public function getColumnsSql($database, $table, $column = null, $full = false)
      * @param boolean $full     whether to return full info or only column names
      * @param mixed   $link     mysql link resource
      *
-     * @return false|array   array indexed by column names or,
-     *                        if $column is given, flat array description
+     * @return array array indexed by column names or,
+     *               if $column is given, flat array description
      */
     public function getColumns($database, $table, $column = null, $full = false,
         $link = null
     ) {
         $sql = $this->getColumnsSql($database, $table, $column, $full);
         $fields = $this->fetchResult($sql, 'Field', null, $link);
         if (! is_array($fields) || count($fields) == 0) {
-            return null;
+            return array();
         }
         // Check if column is a part of multiple-column index and set its 'Key'.
         $indexes = PMA_Index::getFromTable($table, $database);

libraries/Scripts.class.php

@@ -82,12 +82,17 @@ private function _includeFiles($files)
             }
         }
         $separator = PMA_URL_getArgSeparator();
-        $url = 'js/get_scripts.js.php?' . implode($separator, $scripts);
+        $static_scripts = '';
+        // Using chunks of 20 files to avoid too long URLs
+        $script_chunks = array_chunk($scripts, 20);
+        foreach ($script_chunks as $script_chunk) {
+            $url = 'js/get_scripts.js.php?' . implode($separator, $script_chunk);
 
-        $static_scripts = sprintf(
-            '<script data-cfasync="false" type="text/javascript" src="%s"></script>',
-            htmlspecialchars($url)
-        );
+            $static_scripts .= sprintf(
+                '<script data-cfasync="false" type="text/javascript" src="%s"></script>',
+                htmlspecialchars($url)
+            );
+        }
         return $first_dynamic_scripts . $static_scripts . $dynamic_scripts;
     }
 

libraries/Util.class.php

@@ -4517,7 +4517,9 @@ public static function getCollateForIS()
             "SHOW VARIABLES LIKE 'lower_case_table_names'", 0, 1
         );
 
-        if ($lowerCaseTableNames === '0') {
+        if ($lowerCaseTableNames === '0' // issue #10961
+            || $lowerCaseTableNames === '2' // issue #11461
+        ) {
             return "COLLATE utf8_bin";
         }
         return "";

libraries/config/messages.inc.php

@@ -360,6 +360,7 @@
 $strConfigImport_sql_compatibility_name = __('SQL compatibility mode');
 $strConfigImport_sql_no_auto_value_on_zero_name
     = __('Do not use AUTO_INCREMENT for zero values');
+$strConfigImport_sql_read_as_multibytes_name = __('Read as multibytes');
 $strConfigImport_xls_col_names_name = __('Column names in first row');
 $strConfigImport_xlsx_col_names_name = __('Column names in first row');
 $strConfigInitialSlidersState_name = __('Initial state for sliders');

libraries/dbi/DBIDummy.class.php

@@ -25,6 +25,10 @@
         'query' => 'SELECT CURRENT_USER();',
         'result' => array(array('pma_test@localhost')),
     ),
+    array(
+        'query' => "SHOW VARIABLES LIKE 'lower_case_table_names'",
+        'result' => array(array('lower_case_table_names', '1'))
+    ),
     array(
         'query' => 'SELECT 1 FROM mysql.user LIMIT 1',
         'result' => array(array('1')),
@@ -122,7 +126,7 @@
         )
     ),
     array(
-        'query' => 'SHOW VARIABLES LIKE \'language\';',
+        'query' => 'SELECT @@lc_messages;',
         'result' => array(),
     ),
     array(
@@ -258,7 +262,7 @@
             . ' `CHECKSUM` AS `Checksum`, `CREATE_OPTIONS` AS `Create_options`,'
             . ' `TABLE_COMMENT` AS `Comment`'
             . ' FROM `information_schema`.`TABLES` t'
-            . ' WHERE BINARY `TABLE_SCHEMA` IN (\'pma_test\')'
+            . ' WHERE `TABLE_SCHEMA` IN (\'pma_test\')'
             . ' AND t.`TABLE_NAME` = \'table1\' ORDER BY Name ASC',
         'columns' => array(
             'TABLE_CATALOG', 'TABLE_SCHEMA', 'TABLE_NAME', 'TABLE_TYPE', 'ENGINE',

libraries/plugins/auth/AuthenticationCookie.class.php

@@ -764,7 +764,7 @@ public function cookieDecrypt($encdata, $secret)
         if (is_null($this->_cookie_iv)) {
             $this->_cookie_iv = base64_decode($_COOKIE['pma_iv-' . $GLOBALS['server']], true);
         }
-        if (strlen($this->_cookie_iv) < $this->getIVSize()) {
+        if (mb_strlen($this->_cookie_iv,'8bit') < $this->getIVSize()) {
                 $this->createIV();
         }
 

libraries/rte/rte_routines.lib.php

@@ -105,6 +105,11 @@ function PMA_RTN_parseOneParameter($value)
                     4 => '');
     $parsed_param = PMA_SQP_parse($value);
     $pos = 0;
+    while ($pos < $parsed_param['len']
+        && $parsed_param[$pos]['type'] == 'white_newline'
+    ) {
+        $pos++;
+    }
     if (in_array(
         /*overload*/mb_strtoupper($parsed_param[$pos]['data']),
         $param_directions

libraries/server_privileges.lib.php

@@ -815,7 +815,7 @@ function PMA_getHtmlForRequires($row)
     $html_output .= '<input type="radio" name="ssl_type" id="ssl_type_X509"'
         . ' value="X509" title="'
         . __(
-            'Requires a valid X509 cetrificate.'
+            'Requires a valid X509 certificate.'
         )
         . '"'
         . ((isset($row['ssl_type']) && $row['ssl_type'] == 'X509')

libraries/tbl_relation.lib.php

@@ -384,12 +384,14 @@ function PMA_getHtmlForForeignKeyForm($columns, $existrel_foreign, $db,
 
     $odd_row = true;
     $i = 0;
-    foreach ($existrel_foreign as $key => $one_key) {
-        $html_output .= PMA_getHtmlForForeignKeyRow(
-            $one_key, $odd_row, $columns, $i++, $options_array, $tbl_storage_engine,
-            $db
-        );
-        $odd_row = ! $odd_row;
+    if (! empty($existrel_foreign)) {
+        foreach ($existrel_foreign as $key => $one_key) {
+            $html_output .= PMA_getHtmlForForeignKeyRow(
+                $one_key, $odd_row, $columns, $i++, $options_array,
+                $tbl_storage_engine, $db
+            );
+            $odd_row = ! $odd_row;
+        }
     }
     $html_output .= PMA_getHtmlForForeignKeyRow(
         array(), $odd_row, $columns, $i++, $options_array, $tbl_storage_engine,

po/af.po

@@ -12002,7 +12002,7 @@ msgid "Requires that a valid X509 certificate with this subject be presented."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:818
-msgid "Requires a valid X509 cetrificate."
+msgid "Requires a valid X509 certificate."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:867

po/ar.po

@@ -12204,7 +12204,7 @@ msgid "Requires that a valid X509 certificate with this subject be presented."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:818
-msgid "Requires a valid X509 cetrificate."
+msgid "Requires a valid X509 certificate."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:867

po/az.po

@@ -11387,7 +11387,7 @@ msgid "Requires that a valid X509 certificate with this subject be presented."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:818
-msgid "Requires a valid X509 cetrificate."
+msgid "Requires a valid X509 certificate."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:867

po/be.po

@@ -12604,7 +12604,7 @@ msgid "Requires that a valid X509 certificate with this subject be presented."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:818
-msgid "Requires a valid X509 cetrificate."
+msgid "Requires a valid X509 certificate."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:867

po/be@latin.po

@@ -12660,7 +12660,7 @@ msgid "Requires that a valid X509 certificate with this subject be presented."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:818
-msgid "Requires a valid X509 cetrificate."
+msgid "Requires a valid X509 certificate."
 msgstr ""
 
 #: libraries/server_privileges.lib.php:867