phpMyAdmin 5.2.1

phpMyAdmin is a tool intended to handle the administration of MySQL over the Web. It can create, rename, and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, create dumps of tables and databases, export/import CSV data, and administrate one single database and multiple MySQL servers.

Tags database system-administration php mysql mariadb
License GNU GPL
State development

Recent Releases

5.2.108 Feb 2023 03:15 minor bugfix: case where the routes cache file is invalid. error when configuring 2FA without XMLWriter or Imagick. blank page when some error occurs. Export pages not working in certain conditions. error in table operation page when partitions are broken. system memory and system swap values on Windows. Database Server panel not getting hidden by ShowServerInfo configuration directive. database names not showing on Processes tab. export limit size calculation. refresh rate popup on Monitor page. monitor charts size on RTL languages. password_hash function incorrectly adding single quotes to password before hashing. statistics not showing for empty databases. Clicking on the New index link on the sidebar does not throw an error anymore. It's now possible to browse a database that includes two in its name. PHP 8.2 deprecated string interpolation syntax. Some languages are now correctly detected from the HTTP header. Sorting is correctly remembered when cfg 'RememberSorting' is true. Table filtering now works when action buttons are on the right side of the row. Find and Replace using regex now makes a valid query if no matching result set found. Enum/Set editor will not fail to open when creating a new column. error when a database group is named tables, views, functions, procedures or events. Allow empty values to be inserted into columns. error handling at phpMyAdmin startup for the JS SQL console. dequeries console broken UI for query time and group count. escaping of SQL query and errors for the deconsole. console toolbar UI when the bookmark feature is disabled and sql deis enabled. JS error on saving a new designer page. JS error after using save as and open page operation on the designer. PHP warning on GIS visualization when there is only one GIS column. Some select HTML tags will now have the correct UI style. PHP deprecations will only be shown when in a development environment. server e
5.2.012 May 2022 03:16 major bugfix: Upgrade Bootstrap to version 5. Drop support for Internet Explorer and others. Upgrade to shapefile 3. Bump minimum PHP version to 7.2. Remove the phpseclib dependency. Upgrade Symfony components to version 5.2. Upgrade to Motranslator 4. Improve the performance of the Export logic. Add "NOT LIKE ... " operator to Table search. some links not passing through url.php. Remove apc upload progress method (all upload progress code was removed from the PHP extension). Replace zxcvbn by zxcvbn-ts. Disable the last column checkbox in the column list dropdown instead of not allowing un-check. Ignore the length of integer types and show a warning on MySQL = 8.0.18. Add support for the Mroonga engine. Double click column name to directly copy to clipboard. Add "DELETE FROM" table on table operations page. Add a select all link for table-specific privileges. Add support for account locking. Use composer/ca-bundle to manage the CA cert file. Require the openssl PHP extension. Remove the printview.css file from themes. Redesign the export and the import pages. Replace the master/slave terminology. Replace libraries/vendor_config.php constants with an array. Add the Bootstrap theme. Remove stickyfilljs JavaScript dependency. 5.1.4 (not yet released). sorting the database list with "statistics" enabled on "Data" column creates a PHP type error. for invalid cache when losing access to config storage after it being cached. session cookie not respecting the CookieSameSite configuration directive in PHP 7.2. create index form accepting too many columns. Disable editing to system schemas. Add better error handling when IndexedDB is not working. incorrect escaping of special MySQL characters on some pages. GIS visualization with an edited query. Remove the use of the deprecated `strftime` function in OpenDocument exports. Enable tabindex recompute on preview button while insert new rows. inva
5.1.312 Feb 2022 03:25 minor bugfix: Broken pagination links in the navigation sidebar. MariaDB has no support for system variable "disabled_storage_engines". Unsupported operand types in Results.php when running "SHOW PROCESSLIST" SQL query. Importing browser settings question box after login when having no pmadb. "First day of calendar" user override has no effect. Repeating headers are not working. Import of email-adresses or links from ODS results in empty contents. a type error on ODS import with non string values. Header row show/hide columns buttons on each line after hover are shown on each row. security for path disclosure under certain server configurations (if display_errors is on, for instance).
5.1.222 Jan 2022 03:16 minor bugfix: Replaced MySQL documentation redirected links. JS error on Designer visual builder on some modal buttons. Re-build openlayers JS dependency from the source files and provide a smaller JS bundle. Imports and theme detection depending on the current working dir. Update JavaScript dependencies. Remove hardcoded row length for " cfg 'CharTextareaRows' " to allow back values 7. Encoding of enum and set values on edit value. Set value as selected when it has special chars on edit value enum. Distinct URLs broken on nullable text fields. Two possible PHP errors using INT data. Possible warning "Undefined index: output_format" on export. Warning "Undefined index: ods_recognize_percentages" on Import ODS. Warning "Undefined array key "ods_recognize_currency" on Import ODS. "Notice: Undefined index: foreign_keys_data" on Designer remove relation. Backquote phpMyAdmin table name on internal relation delete query for Designer. Do not try to delete internal relations if they are not configured. Show success messages on Designer for add and remove relation operations. Possible "Undefined index: clause_is_unique" on replace value in cell. Case where _SERVER 'REQUEST_METHOD' is undefined. Configuration error handler registration. Server variables get/set value not working on multi server server 1. Multi table query submit on server 1 logged out user. Multi edit on central columns on server 1 logged out user. PHP error on query submit without a table name on multi table query box. Multi table query results shows for 1 sec and then page refreshes. a non translated button text on central columns add. Table width on Query by example page for large screens. NULL default had a value on insert with datatime fields. Missing privilege escaping when assigning multiple databases with '_' to an user. The margin on the last database of the tree on all themes w
5.1.105 Jun 2021 07:05 minor bugfix: Created procedure shows up in triggers and events and vice-versa. Adding an event shows an empty row. a PHP error when visualizing a nullable geometry column. a PHP type error when exporting triggers to ODF. The Column Drop arrow to make it responsive. Improved the Font size of an executed SQL query. Metro theme DB tree background. "PhpMyAdmin Url::getFromRoute" PHP error for old config values. Add a legacy fallback for the old config value of " cfg 'DefaultTabDatabase' " and others. Relative fallback URL to './' instead of '/'. Yaml export to quote strings even when they are numeric. PHP type errors on the substring transformation. Error messages and conditions for MD5 and AES_ functions. PHP "Uncaught TypeError: hash_hmac()" on double quick edit. TCPDF open_basedir due to internal guessing code from TCPDF. The silencing error management for PHP = 8.0. Set back tables width like in 5.0 versions. Rename button disappears after a column drop on table structure page. "JSON encoding failed: Malformed UTF-8 characters" when browsing data that uses binary to IP transformation. Display chart with timeline series name column trigger JS error. Quick search submit is not working on multi server server 1. Main drawer js call slowing down the page and remove the reflow effect. a PHP notice "Undefined index: pred_username". "Uncaught TypeError: XMLWriter::writeAttribute()" on Designer SVG export. an PHP undefined index notice on export. JavaScript error when auto completion is open (upgraded CodeMirror to 5.60.0). Preferences form not showing texts and not respecting TabsMode config. Escape_mysql_wildcards Twig filter. Change text from "Null" to "NULL" on grid edit popup. Translate a non translated string on a change password page. Designer modal buttons sizes for pmahomme and bootstrap themes. "Triggers" page not visible for user table specific privileges. Execute button is disabled for routines. SQL option to Export specific rows from a t
5.1.025 Feb 2021 10:45 major bugfix: Change Media (MIME) type references to Media type. Add a request router. Automatically focus input in the two-factor authentication window. Replace gender-specific pronouns with gender-neutral pronouns. Improve complexity of generated passwords. Add a configuration option to define the 1st day of week. Made user names clickable in user accounts overview. Improve virtuality dropdown for MariaDB 10.1. Added an option to perform ALTER ONLINE (ALGORITHM=INPLACE) when editing a table structure. Added missing 'IF EXISTS' to 'DROP EVENT' when exporting databases. Improve the padding in query result tool links. Support exporting raw SQL queries. Added ip2long transformation. horizontal scroll on structure edit page. Move table hide buttons in navigation to avoid hiding a table by mistake. Use correct MySQL version if the version is 8.0 or above for documentation links. Use "MariaDB Documentation" instead of "MySQL Documentation" on a MariaDB server. Change "Show Query" link to a button. Automatically toggle the radio button to "Create a page and save it" on Designer. Tap and hold will not dismiss the error box anymore, you can now copy the error. Don't disable "Empty" table button after clicking it. Stay on the structure page after editing/adding/dropping indexes. show structure after adding a column. Remove symfony/yaml dependency. Improve performance of dependency injection system by removing yaml parsing. Disable phpMyAdmin storage database checkbox on databases list. Add autocomplete attributes on login form. Add "Preview SQL" option on Index dialog box when creating a new table. export maximal length of created query input is too small. Redesign the server status advisor page. Use same height for SQL query textarea and Columns select in SQL page. Add a new vendor constant "CACHE_DIR" that defaults to "libraries/cache/" and store routing cache into this folder. Warm-up the routing cache before building the release. Use --optimize-autol
5.0.416 Oct 2020 06:45 minor bugfix: Failed Zoom search clears existing values. a PHP error when reporting a particular JS error. Latitude and longitude swap for geometries in edit mode. CREATE TABLE not being tracked when auto tracking is enabled. Compatibility problems with older PHP versions. Broken two-factor authentication.
5.0.311 Oct 2020 16:25 minor bugfix: Require twig 2.9. Option to import files locally appearing as not available. to allow NULL as a default bit value. "htmlspecialchars() expects parameter 1 to be string, null given" on Export xml. no charts in monitor when using a decimal separator ",". IN(...) clause doesn't permit multiple values on "Search" page. Support double tap to edit on mobile. Php error "Use of undefined constant MYSQLI_TYPE_JSON" when using the mysqlnd extension. Fatal JS error on index creation after using Enter key to submit the form. Set "axis-order" to swap lon and lat on MySQL = 8.1. Overwriting a bookmarked query causes a PHP fatal error. Typo in a condition in the Sql class. Local setup doc links pointing to a wrong location. Error importing utf-8 with bom sql file. FA UX enhancement: autofocus 2FA input. Table column description PHP error when 'DisableIS' = true;. Local documentation links display when a PHP extension is missing. Some twig code deprecations for php 8. ENUM and SET display when editing procedures and functions. Keep full query state on "auto refresh" process list. Keep columns order on "auto refresh" process list. Editing a failed query from the error message. The alter user privileges query to make it MySQL 8.0.11+ compatible. Copy table to another database when the nbr of DBs is cfg 'MaxDbList' . Relations of tables having spaces or special chars not showing in the Designer. a very rare JS error occuring on mousemove event. Make a foreign key link clickable in a new tab after the value was saved and replaced. a PHP notice "Undefined index: column_info" on views. The data stream when exporting data in file mode. Templates/ directory not found error. Remove chdir logic to PHP fatal error "Uncaught TypeError: chdir()". Support for Twig 3. Allow phpmyadmin/twig-i18n-extension 3.0. Trim spaces for integer values in table search. Cannot edit or export TIMESTAMP column with default CURRENT_TIMESTAMP in MySQL = 8.0.13. Error 500
5.0.222 Mar 2020 03:15 minor bugfix: Deprecation warning "implode(): Passing glue string after array is deprecated." function on export page. Can not copy user account since 5.0 - "error #1133". Error code 500 during pagination of the tables in a database. Php error "Trying to access array offset on value of type null" on column distinct values feature. Fatal javascript error on clicking "Pick from Central Columns". a view named "views" adds an expand button. Names of the pages in the designer should be unique. Column selector "See more" removes "Preview SQL" and "Save" area. Wrong jQuery function call in table search page. Uncaught TypeError when using " cfg 'ServerDefault' = 0;". Unexpected UI of action links (text only mode). Replace twig/extensions with phpmyadmin/twig-i18n-extension. Change location of profiling state documentation to column ordering. Designer adding all available tables to a designer page after adding a new relationship. Replace facebook/webdriver by php-webdriver/webdriver. Removed SET AUTOCOMMIT=0 from SQL export. Table borders missing on theme original since 5.0.0. ENUM's radiobuttons reset on "Continue insertion with" changes. Browse foreign values doesn't show a modal with grid edit. "new table" layout on original theme. Not needed prompt before abandoning changes on SQL tab after only changing a checkbox. Php TypeError when submitting unchanged data. Php notice "Trying to access array offset on value of type bool" on Designer. Added integer validations on search page. Server-side HTTPS detection misses support for Forwarded HTTP Extension (RFC 7239). DB names starting with "b" being cut off in , User account page. Display content from "information_schema.PROCESSLIST". "has no type" error on export and import pages for "Chinese traditional" users. Designer move menu icon not changing directions and tables menu list resize button. Black borders for full screen mode on Designer. "Uncaught TypeError: mb_strtoupper()" on the re
5.0.109 Jan 2020 09:25 minor bugfix: Error 500 when browsing a table when cfg 'LimitChars' used a string and not an int value. Display NULL on numeric fields has showing empty string since 5.0.0. Get Database structure fails with PHP error on replicated server. Can't browse certain tables since 5.0.0 update. Prevent line wrap in DB structure size column. Remove extra line break from downloaded blob content. Error 500 when exporting - set time limit when cfg 'ExecTimeLimit' used a string and not an int value. Double delete icons on enum editor. Warning popup not dissapearing on table stucture when using actions without any column selection. Focus of active tab is lost by clicking refresh option on browse tab. Uncaught TypeError: http_build_query() in setup. Double slash in path when cfg 'TempDir' has a trailing slash. Shp file import tests where failing when php dbase extension was enabled. JS error "PMA_makegrid is not defined" when clicking on a table from the "Insert" tab opened in a new tab. FA setting removed each time the user edits another configuration setting. security SQL injection vulnerability on the user accounts page (PMASA-2020-1).
5.0.028 Dec 2019 06:05 major feature: Drop support for PHP 5.5, PHP 5.6, PHP 7.0 and HHVM. Enable columns names by default for CSV exports. Remove font size feature. Add Metro theme. Add move columns preview SQL button. Enable strict mode in PHP files. Increase field width for editing varchar fields. Show warning for users with the default values for controluser and controlpass. rendering of column comments in Safari, improve display in all browsers. New features for csv import plugin. Automatically add index while editing an existing row and setting auto increment. Add export option to drop user security definers from views. Drop view and or replace added to exporting view. Database "Search" selects all tables by default. Auto expand the single database. Inconsistency with submit buttons. Improper message in Show Hidden Navigation Tree Items. Remove unlabeled default collation from the bottom of the database list; this information is available elsewhere. Security confirm() before running UPDATE statement without WHERE condition. Show errors at the bottom of the page and add copy query button for errors in processing sql queries. Use Sass instead of PHP to compile CSS. Add initial support for Bootstrap 4. Change table column comment field from input to textarea. Console: ctrl+l clear line and ctrl+u clear console. Use charset 'windows-1252' when format is MS Excel. Move 'More settings' link from 'Appearance settings' to 'General settings'. Remove the redundant 'i' help/tool tip in page settings "Query History Length" area. Importing CSV now uses file name as the table name instead of 'TABLE #'. Add an Edit link for each view in tables list. Display column details in navigation bar. Add title for group in navigation bar. Show InnoDB table overhead (free space). Add '' button to the Monitor Instructions modal. Improved filter method in server variables page. Add an external dependency injection system. Change MIME type references to Media (MIME) type. url.php crashing b
4.9.223 Nov 2019 03:15 minor bugfix: Change the cookie name from phpMyAdmin to phpMyAdmin_https for HTTPS, many "Failed to set session cookie" errors. Ssl_use php error. Undefined index: ssl_ variables. Mysql 8.0.3 and above fails on advisor. Unparenthesized php deprecation. URL encoding plus sign (+) in the table or DB name when configuring foreign keys. Bottom table in list in left panel blocked by horizontal scroll bar. Text area overflows its parent element on "Query" page. Exporting users after a delete will delete all selected users on "Users" page. Checking referencial integrity on "Operations" page. "You do not have privileges to manipulate with the users!" on root superadmin. GIS polygon of a geometry field is not drawn on "GIS visualization". Adjust privileges on copy database fails with MariaDB. Display referential integrity check for InnoDB. Support phpunit 8 in our test suite to help packaging phpMyAdmin on Debian. Missing image error fills logs, removed ic_b_info icon from icon list. Some with the sort by key selectors. Operators precedence in DatabaseInterface class. Test test suite on 32-bit systems. Long2IP transformation with PHP 7.1. Moving columns with DEFAULT NULL doesn't work on MariaDB 10.2+. Moving columns with INT AND DEFAULT CURRENT_TIMESTAMP doesn't work on MariaDB. Table alias is removed when exporting a query. Cross join clause is removed on export. Error "is_uploaded_file() expects parameter 1 to be string" when inserting blobs from files. White square when refreshing designer or browsing other pages. Detect when phpMyAdmin storage tables are not accessible, help users browse corrupt DBs. Display profiling when query outputs no rows. Setting and removing display field on Designer. Added a warning when trying to set a display field on Designer and configuration storage is not setup. Shift-click in Export misses a checkbox. security improperly sanitized data when showing the Git branch. security security
4.9.122 Sep 2019 03:15 minor bugfix: Added support for Twig 2. Cannot edit or export column with default CURRENT_TIMESTAMP in MySQL = 8.0.13. a TypeError in Import class with PHP 8. Middle-click on foreign key link broken. Broken relational links in tables. Weird error for empty collation. Export of GIS visualisation not working (PNG, PDF, SVG). Use hex for the phpMyAdmin session token. Added GB18030 Chinese collations description. Added Russian, Swedish, Slovak and Chinese UCA 9.0.0 collations description. Added description for the _ks (kana-sensitive) collation suf- Added description for the _nopad (NO PAD) collation suf- Remove array/string curly braces access. "FilterLanguages" option does not work (configuration). Creating user with single quote in password results in no password user. Left database overview "add column" triggers error. Remove unexpected quotes on text fields (structure and insert). NULL wrongly checked on field change. Allow to rollback an empty statement. Incorrect linkage from one table's value to another table. Tables added from other databases are not collapsing in the designer section. Designer page save fails if dB name contains period. Display an error when trying to import in designer a table that's already imported. Many when adding new tables to designer. Update CodeMirror to v5.48.4. Update jQuery Migrate to v3.1.0. Update jQuery Validation to v1.19.1. Update jQuery to v3.4.1. Update js-cookie to v2.2.1. Remove fieldset closing tag when setting global privileges. Backslash in column name resulting an error in editing. Status - Advisor error. Designer page status not updated when added a new table from another database. Page number is not being updated in the URL after saving a designer's page. Reloading a designer's page. Designer full screen mode button and text stuck when exiting full-screen mode. Reduced possibilit Jun 2019 03:15 minor bugfix: PhpMyAdmin no longer streams the export data. Tables with SYSTEM VERSIONING show up as views instead of tables. Values cannot be edited in SYSTEM VERSIONING tables with INVISIBLE timestamps. Header icon on server plugins page. Error 500 on MultiTableQuery page when a empty query is passed. Fatal javascript error while adding index to a new column. With plus/minus icon when refreshing an expanded database. Json encode error in export. Missing query time in German. JavaScript events not activating on input (sql bookmark ). Bottom table is blocked in database list (left panel). Null Checkbox automatically unmarked. Display correct date and time in Zip files. The loading symbol not appearing when refreshing the navigation. Count rows only if needed. Show Designer combo boxes when adding a constraint. Change password is not showing password strength difference at the second attempt. Edit view. Loading Forever when creating new view without filling any field. Bookmark::get() id matching SQL. Invalid default value for bit field. Undefined index in setup script. TypeError in GIS editor. GIS data editor for multi server setup. Type error in setup script when adding new server. Missed padding on query results. Javascript error PMA_messages is not defined. Show error message if config-set fails and not "loading..." forever. Prevent multiple error modals, and error-report request spamming from script. Error reporting javascript errors on multi server setup. Wrong property name on TableStructureController. SHOW FULL TABLES FROM when a table is locked. When creating or editing views. Php error when using a query like SELECT 1 INTO @a; SELECT @a; in inline query edit. Make the server logo visible on theme "original". Incorrect page numbers. "No tables found in database" when you delete all tables from last page. Virtuality is not selected when editing generated column (added virtuality(stored) option for maria
4.8.413 Dec 2018 07:25 minor bugfix: Remove hash param in edit query URL. in Changing theme. Ensure that database names with '.' are handled properly when DisableIS is true. Invisible Icon "Show Full Queries". CSS in Designer. Error while copying database (pma__column_info). "No database selected" - DROP a view. Move operation causes SELECT FROM `undefined`. Enum '0' produces incorrect search SQL. TypeError in database designer. QBE selenium tests broken since merge of #13342. When logging with cfg 'AuthLog' to syslog, successful login messages were not logged even if cfg 'AuthLogSuccess' was true. infinite loop when sorting table rows by key. Regression on multi table query functionality (foreign keys). designer errors when database is empty. designer errors when database contains special chars. designer javascript errors. left/right icons hidden. security Local file inclusion flaw in the Transformation feature (PMASA-2018-6). security Multiple CSRF/XSRF vulnerabilities (PMASA-2018-7). security XSS vulnerability in the navigation tree (PMASA-2018-8).
4.8.323 Aug 2018 03:15 minor bugfix: Error when naming a database '0'. NULL as default not shown. with recent table list. slow performance on DB structure filtering. Editing server variable not showing save or cancel option. Populate options for view create and edit. FA configuration fails if PHP doesn't have GD support. Can't unhide tables. "Visualize GIS data" icon missing. Event scheduler status toggle doesn't work. View not working on multiple servers. Partition actions in table structure do not work. ERR_BLOCKED_BY_XSS_AUDITOR on export table. Blank message shown instead of MySQL error when adding trigger and other locations. PHP 7.3 warning: "continue" in "switch" is equal to "break". Icon missing when creating a new trigger, routine, and event. Table comment not showing since 4.8.1. Drop table doesn't work when you copy tables to another database. Escaped HTML in 'Add a new server' setup. security HTML injection in import warning messages, see PMASA-2018-5.
4.8.224 Jun 2018 03:45 minor security: WHERE 0 causes Fatal error. Missing index icon. security XSS vulnerability in Designer, see PMASA-2018-3. security File inclusion and remote code execution vulnerability, see PMASA-2018-4.
4.8.126 May 2018 08:25 minor bugfix: case where the central columns attributes don't get filled in. case where the query builder doesn't work when selected column is *. Revert "Browse" table CSS overflow. Dropping indexes and foreign keys fail. Relational linking broken. error in configuration storage zero config. Show 2FA Secret next to QR code. XML Export from single table throws fatal error. Line and some other charts ignore result set order of values chosen for the x-axis. configuration for DefaultLang and Lang. Linking for 'Distinct values' broken. MariaDB 10.2 current_timestamp(). for missing go button in view edit. for with spatial fields. Remember table's sorting broken. multi-column sorting. central columns in-line edit - AUTO_INCREMENT error when only exporting table structure in database-level exports. Simulating queries produces unexpected results. Setup script icons missing.
4.8.009 Apr 2018 03:15 major feature: Allow to export JSON with unescaped unicode chars. Disable login button without solved reCaptcha. Allow to remove individual segments from pie charts. Change label from "Improve table structure" to "Normalize" to match standard terminology. Offer login as different user on access denied from MySQL. Indicate when HTTPS is not properly reported on the server. No database selected error when adding foreign key. Improved database search to allow search for exact phrase match. Report error when trying to copy database to same name. Themes now have to contain metadata in theme.json. phpMyAdmin no longer requires eval() in PHP. The mbstring dependency is now optional. Small refactoring in preparation to CSP. Database link broken in Databases Page. Configurable authentication logging using cfg 'AuthLog' . Add support for Google Invisible Captcha. Improved error reporting for reCAPTCHA. Improved rendering of server variables table. javascript editor for TIME values. alignment of foreign keys editing. Improved inline editor for JSON. Improved layout of operations pages. Add "format" query button in edit view form. Implement Responsive Design/mobile interface. Use a single location for classes under PhpMyAdmin namespace. Indicate SSL status on main page. Configuration directives for defaults of Transformation options. Remove inline JavaScript. Show MySQL warnings when executing SQL queries. Allow Designer to show tables from other databases. Replace Query-By-Example with multi-table query generator interface. Add privileges export to per-database listing. Consolidate functions into class files. Add support for changing collation for all tables and columns in database. Add support for creating fulltext index from table structure. Lower default value for cfg 'MaxExactCount' . DisableIS is not fully honored. Added support for authentication using U2F and 2FA. Avoid removing cookies on upgrade. Remember state of navigat
4.7.906 Mar 2018 03:15 minor bugfix: Browsing tables with more results. "Not an integer" when browsing a table. "Input variables exceeded 1000" error relating to PHP's max_input_vars directive.
4.7.823 Feb 2018 03:15 minor bugfix: Resetting default setting values. Fallback value for collation connection. Error handling in PHP 7.2. security XSS in Central Columns Feature, See PMASA-2018-01.
4.7.709 Jan 2018 08:45 minor bugfix: displaying of formatted numeric values for some locales. Ensure datetimepicker is always loaded for datetime fields. PHP error when browsing certain results. security XSRF/CSRF vulnerability, see PMASA-2017-09.
4.7.602 Dec 2017 03:15 minor bugfix: check all interaction with filtering. Add SJIS-win to default list of allowed charsets. Improve detection that MySQL server needs SSL connection. Support JSON datatype on MariaDB 10.2.7 and newer. constructing ALTER query with AFTER. Lock page when changes are done in the SQL editor. Prefer iconv for encoding conversions. changing password on MariaDB cluster.
4.7.524 Oct 2017 03:15 minor bugfix: Avoid problems with browsing unknown query types. Integrate tooltip into datetime pickers. Javascript error in server monitor. Server monitor on non Linux and Windows systems. Reload javscript messages when changing language. Crash on invalid ordering data. Error when browsing non SELECT results. Saving column to display. Export of tables with VIRTUAL columns. Selecting multiple rows accidentally selects the next row too. Edit index Column alignment - rendering of add index dialog. Possible error in server advisor. Setting input transformations. IPv4/IPv6 To Binary input transformation. Clicking on column name to trigger sort with an active search leads to logout. Copying tables with specific PARTITION definition. Listing of bookmarks for a database.
4.7.425 Aug 2017 06:05 minor bugfix: Remove shadow from the logo. Per server theme feature. Missing newline in ALTER exports. Several compatibility with PHP 7.2. Copy results to clipboard. Add limitation for user group length. Edit variable link in advisor. Optimize table link should not be visible in print page. Improved error handling on corrupted tables. Rendering of add index dialog. Refreshing server variables.
4.7.322 Jul 2017 03:15 minor bugfix: Large multi-line query removes Export operation and blanks query box options. Rendering of query results. Version check when not connected to a database. Creating relation. Export without backquotes. Improved handling of uploaded files with open_basedir. Inline editing of hex values. Size of index edit dialog. Rendering SQL lint errors. Avoid breakage if set_time_limit is disabled. Fail if ini_set/ini_get are disabled. Automatically connect using SSL when server is configured so. Usage of some browser transformations.
4.7.201 Jul 2017 06:25 minor bugfix: Make theme selection keep current server. Direct login for accounts without password. Check for mbstring.func_overload. Wrong encoding of table at triggers. Natural sorting in several places. Show warning for users removed from mysql.user table. Loading additional javascripts. Editing QBE. Improved documentation on user settings. Gracefully handle early fatal errors in AJAX requests. Incorrect NavigationTreeEnableExpansion default value in the documentation. Export of database with a lot of tables. Improved performance when importing with enabled tracking. Avoid PHP errors with non existing configuration on OS X. Show only supported charsets for conversion. Operation with session.auto_start enabled. "Create PHP code" is broken. Links to resume timeouted import.
4.7.102 Jun 2017 03:15 minor bugfix: Always execute tracking queries as controluser. Focus on SQL editor after inserting field name. Broken links in setup. Database list Tooltips: Show wrong value. Pagination while browsing resuls. Outbound links in changelog.php. Do not include devel dependencies in the release. Do not show New as a database in database dropdown. Handling of errors in AJAX requests. PHP error in case of invalid table preferences. PHP error on password change. Refresh of Process List. Refresh of long queries. Improved handling of logout with disabled LoginCookieDeleteAll. Add support for MySQL 8.0 collations. Rendering of phpMyAdmin logos. Properly report not working sessions. Password check on server replication. Grid editing time column. Detection of Amazon RDS. Redirect user to last page that has any tables to display. Link to User accounts overview page. Error in query builder. Grid editing repeats action after error.
4.7.031 Mar 2017 03:15 major bugfix: patch #12233 Display Improve message when renaming database to same name. Log authentication attempts to syslog. Remove support for Swekey authentication. Remove code for no longer supported MSIE versions. Remove embedded PHP libraries, use composer to install them. Cannot easily select multiple tables when exporting. Add javascript filtering for databases. More compact rendering of navigation tree. Improve performance with SkipLockedTables. Do not hide indexes under a slider. Improve performance of zip file import. Removed cfg 'ThemePath' . Add support for export user settings as snippet. Better report query errors while generating SQL exports. Produce valid JSON on export. Setup script icons broken. Support IPv6 proxies. Removed MySQL connection retry without password. Allow to specify further parameters for control connection. Show charset for each table on Database structure page. Incorrect link in the href of icon at Hide/Show unhide links. Shortcut for closing console. Improved handling of http requests. Broken links in Setup forms Navigation. Can't add a new User. Add 'token' Parameter in all POST requests ('Token mismatch' errors). Improved usage of number_format. Server selection not working. NULL results in dataset are colored grey. Create Bookmark broken. Use unsigned int for storing bookmark ID. Added password strength indicator. Correctly handle HTTP status when doing requests. Add option to delete settings from browser storage. Remove unused PMA_addJSCode function. Add table filtering to database structure. Allow to configure signon session parameters. Drop database is broken. Can't toggle Event Scheduler on. Finish removing dead code references to xls/xlsx import and export, which was removed some time ago. Rename "Relations" to "Relationships" in many places as it's the more proper term. margins in central columns feature. Document more export configuration options. Use consis Nov 2016 05:45 minor bugfix: Incorrect parameters to escapeString in Node.php. PHP error when mbstring is not installed. Don't force partition count to be specified when creating a new table.
4.6.526 Nov 2016 03:15 minor bugfix: Remove potentionally license problematic sRGB profile. Display read only fields as read only when editing. expanding of navigation pane when clicking on database. Impove partitioning support. Reintroduced simplified PmaAbsoluteUri configuration directive. Always use UTC time in HTTP headers. Simplified validation of external links. browsing tables with built in transformations. Do not show warning about short blowfish_secret if none is set. random logouts due to wrong cookie path. editing of ENUM/SET/DECIMAL fields structure. Missing escaping of configuration used in SQL (hide_db and only_db). Add error checking in reading advisory rules file. Add checking missing elements and confirming element types from json_decode. Automatically save SQL query in browser local storage rather than in cookie. Unable to edit transformations. Remove unused paramenter when connecting to MySQLi. number formatting with different settings of precision in PHP. Use single quotes in PHP code. Option for the dropped column is not removed from 'after_field' select, after the column is dropped. Properly detect DROP DATABASE queries. possible race condition in setting URL hash. Remove caching of server information. Proper parsing of INSERT... ON DUPLICATE KEY queries. Proper parsing of CREATE TABLE... PARTITION queries. Code can throw unhandled exception. Do not try to keep alive session even after expiry. rendering BBCode links in setup. copy of table with generated columns. export of table with generated columns. Copying a user does not copy usergroup. Adding a new row with default enum goes to no selection when you want to add more then 2 rows. Drag and drop import prevents file dropping to blob column file selector on the insert tab. Absence of scrolling makes it impossible to read longer text values in grid editing. "Edit routine" crashes when the current user is not the definer, even if privileges are adequate. Export selective tables by-d
4.6.418 Aug 2016 06:45 minor security: security Weaknesses with cookie encryption, see PMASA-2016-29. security Improve session cookie code for openid.php and signon.php example files. security Full path disclosure in openid.php and signon.php example files. security Multiple XSS vulnerabilities, see PMASA-2016-30. security Multiple XSS vulnerabilities, see PMASA-2016-31. security Unsafe generation of BlowfishSecret (when not supplied by the user). security Referrer leak when phpinfo is enabled. security PHP code injection, see PMASA-2016-32. security Full path disclosure, see PMASA-2016-33. security SQL injection attack, see PMASA-2016-34. security Local file exposure through LOAD DATA LOCAL INFILE, see PMASA-2016-35. security Local file exposure through symlinks with UploadDir, see PMASA-2016-36. security Path traversal with SaveDir and UploadDir, see PMASA-2016-37. security Multiple XSS vulnerabilities, see PMASA-2016-38. security SQL injection vulnerability as control user, see PMASA-2016-39. security SQL injection vulnerability, see PMASA-2016-40. security Denial-of-service attack through transformation feature, see PMASA-2016-41. security SQL injection vulnerability as control user, see PMASA-2016-42. security Verify data before unserializing, see PMASA-2016-43. security Use HTTPS for wiki links. Remove Swekey support. security SSRF in setup script, see PMASA-2016-44. security Denial-of-service attack with cfg 'AllowArbitraryServer' = true and persistent connections, see PMASA-2016-45. security Improve SSL certificate handling. security full path disclosure in deging code. security Possible circumvention of IP-based allow/deny rules with IPv6 and proxy server, see PMASA-2016-47. security Detect if user is logged in, see PMASA-2016-48. security Bypass URL redirection protection, see PMASA-2016-49. security Referrer leak, see PMASA-2016-50. security Reflected File Download, see PMASA-2016-51. security Arbitrary
4.6.324 Jun 2016 03:15 minor security: Cookie path on Windows. Error reporting on connect problems. Export of tables without explicitly set engine. Designer JavaScript error: Show/Hide tables list. MySQL SSL connection with some PHP versions. MySQL connection error on version mismatch. Keep user attributes (privileges, authentication mode, etc) when copying a user. Division by zero in case of misconfigured MySQL server. Editing server variables. Table size calculation in some circumstances. Listing routines for non privileged user. Escape generated query in exporting a database. Setup script doesn't use input type 'password' in all relevant locations. security BBCode injection in setup script, see PMASA-2016-17. security Cookie attribute injection attack, see PMASA-2016-18. Redirect loop when directly calling url.php. security SQL injection attack, see PMASA-2016-19. security XSS attack in Table Structure page, see PMASA-2016-20. security XSS attack in Server Privileges page, see PMASA-2016-21. security DOS attack vulnerability, see PMASA-2016-22. security Multiple full path disclosure vulnerabilities, see PMASA-2016-23. security Full path disclosure when running in demode. security XSS attack with partition range and table structure, see PMASA-2016-25. security XSS attack when checking database privileges, see PMASA-2016-26. security XSS attack when MySQL server is using a specific payload log_bin directive, see PMASA-2016-26. security XSS vulnerabilities in Transformation feature, see PMASA-2016-26.
4.6.226 May 2016 03:15 minor bugfix: security User SQL queries can be revealed through URL GET parameters, see PMASA-2016-14. security Self XSS vulneratbility, see PMASA-2016-16. Use https for documentation links. schema export with too many tables. Avoid parsing non JSON responses as JSON. Avoid using too log URLs when getting javascripts. setting mixed case languages. Avoid storing objects in session when deging SQL. cookie path on IIS. occassional 200 errors on Windows. locking when importing SQL. Avoid confusing warning when mysql extension is missing. Improve handling of logout. Safer handling of sessions during authentication. server selection on main page. Avoid storing full error data in session. export of ARCHIVE tables with keys. Add session reload for config authentication. Do not fail on errors stored in session. loading of APC based upload progress bar.
4.6.110 May 2016 03:15 minor bugfix: PMA_Util not found in insert_edit.lib.php. Activation of some languages. Error in 3NF step of normalization. Offering JSON datatype in incompatible MySQL versions. Can not open table with JSON field. Cannot highlight a column if I scroll down from the top of the table. Possible PHP error in SQL parser. SQL quoting in SQL export. Improve performance of database structure page. PHP error if user did unpack new version over old one. Parsing of expression 0. Document setup with Google Cloud SQL. Parsing of queries with double . Setting of language from user configuration. Check for ndb version. Loading of configuration file. Check if sessions are working and report failures. Non-clickable initial letter for users / and can't modify users with MySQL 5.7.12. Config tab persistence errors. Javascript erros on user creation. Parsing of some AS clauses. Parsing of FULL OUTER JOIN queries. Editing of VIEW structure. Avoid printing executed queries on import. Mar 2016 03:15 major bugfix: Disabled storage engines. Allow setting routine wise privileges. Hide Insert tab for non-updatable views. UI for defining partitioning in create table window. Support JSON data type. Editing partitions in table Structure. Tracking does not make sense for information_schema. Regression in Find and replace. TokuDB Tables Show Size as "unknown". Use a slider for Internal relations. Ability to disable the navigationhiding Feature. Restrict configuration NavigationTreeDbSeparator to strings. Disable the tooltip in the navigation panel's filter box. Copy results to clipboard. Reactivate cut paste possibility in print view. Extraneous message after edit + grid-edit. Table header is empty with browsing an empty table. Allow changing parameter order of routines. Remove no password warning. Clarify the meaning of "Stand-in structure for view" in SQL export. HTML line break shown after a MySQL connection error message. CSV import skip row count after. displaying of SQL query on table operations. Display binary strings as text if they are valid UTF-8. Display routine specific privileges. Copy multiple tables to database. Support Cloudflare Flexible SSL. Handle empty TABLE_COMMENT. Drop support for old Internet Explorer versions. Use modals for displaying forms in db structure page. Show MySQL error messages in user language. Add 'ssl_verify' configuration directive for self-signed certificates with mysqlnd and PHP = 5.6. Show more used PHP extensions. Report when version check and error reporting are disabled. PDF schema export. Remove ForceSSL configuration directive. Remove support for Mozilla Prism. Remove PmaAbsoluteUri configuration directive. autoloading of phpseclib. rendering of missing extension error. Errors on Structure tab when user only has select access on certain columns. Missing documentation for cfg 'Servers' i 'favorite' and cfg 'NumFavoriteTables Mar 2016 00:45 minor security: CREATE UNIQUE INDEX index type is not recognized by parser. Row count wrong when grouping joined tables. Column definition with default value and comment in CREATE TABLE expoerted faulty. New statement but no delimiter and unexpected token with REPLACE. incorrect usage of SQL parser context in SQL export. security XSS vulnerability in SQL parser, see PMASA-2016-10. security Multiple XSS vulnerabilities, see PMASA-2016-11. security Multiple XSS vulnerabilities, see PMASA-2016-12. security Vulnerability allowing man-in-the-middle attack on API call to GitHub, see PMASA-2016-13. inclusion of gettext library from SQL parser. Feb 2016 09:05 major bugfix: Undefined index: is_ajax_request. password change on MariaDB 10.1 and newer. Validate version information before further processing it. Full processlist lost on refresh. Adjust privileges fails if database name contains underscores. 'Loading...' banner shows on login screen. changing of table parameters, eg. AUTO_INCREMENT. Call to undefined function SqlParser ctype_alnum(). .5.3.1 - NOW() function not recognized by parser. Gracefully handle the DESC statement. Fractional timestamp causes corrupted SQL export. Static analysis error for valid WHERE condition with IF keyword. Syntax Verifier error using REGEXP in SQL statement. Backslashes in comments are being interpreted as escape characters. Can't insert row into table that contains generated column. sql-parser and php-gettext collide. Can't disable backquotes in export. Inserts via tbl_change.php in VARBINARY columns does not allow using HEX() and MD5(). Correct content type for uploaded error reports. Silent errors from checking local documentation. error on servers with disabled php_uname. Correctly store and report file upload errors. Avoid javascript errors on invalid location hash. PHP warning on configuration errors. Silent errors on checking for writable folders. Silent warning on invalid file upload. Do not fail getting filename with open_basedir limitations. unrecognized keyword interval. Field names and aliases are being correctly parsed now. javascript error in setup. Undefined index: TABLE_COMMENT in database structure page. PHP error on loading invalid XML or ODS file. Missing confirmation while dropping a view in view_operations.php. export of index comments in SQL. DECLARE not accepted as valid SQL. Jan 2016 14:05 major security: live data edit of big sets is not working. Table list not saved in db QBE bookmarked search. While 'changing a column', query fails with a syntax error after the 'CHARSET=' keyword. Avoid syntax error in javascript messages on invalid PHP setting for max_input_vars. Properly handle errors in upacking zip archive. Set PHP's internal encoding to UTF-8. Kanji encoding in some specific cases. Check whether iconv works before using it. Avoid conversion of MySQL error messages. Undefined index: parameters. Undefined index: field_name_orig. Undefined index: host. 'Add to central columns' (per column button) does nothing. SQL duplicate entry error trying to INSERT in designer_settings table. handling of databases with dot in a name. hiding of page content behind menu. FROM clause not generated after loading search bookmark. creating/editing VIEW with DEFINER containing special chars. Do not invoke FLUSH PRIVILEGES when server in --skip-grant-tables. Misleading message for configuration storage. Table pagination does nothing when session expired. Index comments not working properly. Better handle local storage errors. Improve detection of privileges for privilege adjusting. Undefined property: stdClass:: releases at version check when disabled in config. SQL comment and variable stripped from bookmark on save. Gracefully handle errors in regex based javascript search. Security Multiple full path disclosure vulnerabilities, see PMASA-2016-1. Security Unsafe generation of CSRF token, see PMASA-2016-2. Security Multiple XSS vulnerabilities, see PMASA-2016-3. Security Insecure password generation in JavaScript, see PMASA-2016-4. Security Unsafe comparison of CSRF token, see PMASA-2016-5. Security Multiple full path disclosure vulnerabilities, see PMASA-2016-6. Security XSS vulnerability in normalization page, see PMASA-2016-7. Security Full path disclosure vulnerability in SQL parser, see PMASA-2016-8. Security XSS vulnerabili Dec 2015 06:25 major bugfix: Incomplete results of UNION ALL. MATCH AGAINST keywords not recognized. syntax verifier is not knowing "STRAIGHT_JOIN". REPLACE() function confused with REPLACE statement. FLUSH word not recognized by parser. Online syntax verifier - "IF" on SELECT statement. Format breaks query with COUNT(). Undefinex index: SendErrorReports. Incorrect script name in include. Warning: Invalid argument supplied for foreach(). Delimiter missing while exporting multiple db routines. mysql_native_password with MariaDB - Flush privileges overusage - related to #11597. Query was empty on creating User in 4.5.2. PMA_getDataForDeleteUsers() warning. Cannot create user on Percona Server. Properly report error on connecting. Database export template not saving compression option. single quote export for servers in ANSI_QUOTES mode. Avoid duplicite fetching of table information. Temporary for live data edit of big sets is not working. IE 8 compatibility in console. Exporting feature does not work with union table. Cannot export results of some queries. Message "An account already exists..." incorrectly displayed. Missing quoting of table in ALTER CONVERT query. PMA 4.5.2 breaks MySQL Master-Master Cluster. Export and preview show different SQL for character set. possible undefined variables in table operations. Nov 2015 06:45 major feature: Incorrect parameter in mysqli_fetch_fields(). Missing headers in zipped export. Parser: Array to string conversion. Huge binary log growth on 4.5.x. 'only_db' config option when db names contain underscore and are grouped. Unable to change password from Login information tab. Undefined variable: res_rel. Warning while exporting schema to PDF. Undefined index: new_row_format. Changing hostname kills password. Undefined variable: db. CREATE TABLE/INSERT INTO executed twice (ctrl+enter). Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given. Exporting GIS visualization ignores start and row count. Errors instead of git info when PHP has no gzip support. CodeMirror tooltip shows below modal window. with the MainBackground Color. Profiling checkbox is missing. Properly handle session expiry after POST requests. Notice in./export.php#214 Undefined index: quick_or_custom. Unrecognized keywords. Sql not executed properly. Linter warnings when creating new user. wrong row count for query results. Analyzer doesn't recognize GRANT statements. Parser warnings (subqueries). Collation column is empty in table Structure. Error changing table's column encoding. Oct 2015 07:05 major feature: Invalid argument supplied for foreach(). array_key_exists() expects parameter 2 to be array. Notice Undefined index: drop_database. Server variable edition in ANSI_QUOTES sql_mode: losing current value. Propose table structure broken. phpMyAdmin suggests upgrading to newer version not usable on that system. 'PMA_Microhistory' is undefined. Incorrect definition for getTablesWhenOpen(). Error when creating new user on MariaDB 10.0.21. Notice on htmlspecialchars(). Notice in Structure page of views. AUTO_INCREMENT always exported when IF NOT EXISTS is on. Some partitions are missing in copied table. Notice of undefined variable when performing SHOW CREATE. Error exporting sql query results with table alias. SQL editing window does not recognise 'OUTER' keyword in 'LEFT OUTER JOIN'. "NOT IN" clause not recognized (MySQL 5.6 and 5.7). Yellow star does not change in database Structure after add/remove from favorites. Invalid SQL in table definition when exporting table. Foreign key to other database's tables fails. while exporting results when a joined table field name is in SELECT query. Strange behavior on table rename. Rename table does not result in refresh in left panel. Missing arguments for PMA_Table::generateAlter(). Notices about undefined indexes on structure pages of information_schema tables. Change minimum PHP version for Composer. Import parser and backslash. "Visualize GIS data" seems to be broken. Confirm box on "Reset slave" option. cookies clearing on version change. Cannot execute SQL with subquery. Incorrect syntax creating a user using mysql_native_password with MariaDB. Cannot use third party auth plugins. Sep 2015 16:45 major bugfix: Undefined "replace" function on numeric scalar. Stored-proc / routine - broken parameter parsing. Missing name for configuration read_as_multibytes. Incorrect "No row selected" message. MySQL 5.5 and the language system variable. Semantics of export and import icons are mixed up. Designer-in move.js on multiple server configuration. Invalid UTF-8 sequence in argument. Request URI too large. Invalid argument supplied for foreach(). Foreign key constraints for InnoDB tables with upper-case letters disabled. Warning when entering Query page. Aug 2015 10:45 major documentation: Export after search, missing WHERE clause. Incomplete message after import. Incorrect scalar type declaration (reported under PHP 7). ReCaptcha produces deprecated messages under PHP 7. phpseclib 2.0 produces deprecated messages on PHP 7. "Switch to copied table" doesn't work. Missing quotes after calling "distinct values". Cannot import database with long data in one column. SPATIAL index option is not clickable. Aug 2015 07:25 minor feature: "Improve table structure" generates invalid SQL. issue Once checked "Show only active" checkbox is always checked. Delete rows using "Check All" is broken. issue Fix PHP 7 possible binding ambiguity. Exported schema includes all the tables of the database. Results not displayed if query ends in delimiter and comment. Live edit of data fields is not working always. issue Table list in navigation collapses when entering into a table in another page. JS error while trying to auto navigate to db structure page when db creation has failed. Jul 2015 08:25 minor feature: Saved chart image did not have a proper name or an extension. Timepicker CSS issues in Original theme. Move/Copy/Rename operations on Table/Db fail on Drizzle server. Two inline edit windows. Problem when import *.ods file. Add missing head tag. Column headers move when scrolling. Jul 2015 22:05 minor feature: bug Missing selected/entered values when editing active options in visual query builder. Autoload from prefs_storage not behaving properly. Incorrect length computed for binary data. bug Remove character set from create_tables_drizzle.sql. Users overview needs clarification. Creating a database from console doesn't update navigation panel. FAQ 1.17 needs an update. Jun 2015 15:45 minor feature: Issues in database selection for replication. Trying to save chart as image crashes the browser. cant drag sql.gz file onto import input. Table creation results in GET request with missing server parameter that invalidates the session. Javascript error when Designer is opened. Insert by foreign key scrolls page to top. Clicking on the navi logo does not always work. bug External URL for cfg 'NavigationLogoLink' causes JavaScript error when clicked. Jun 2015 13:25 minor feature: relation view doesn't list fields of table in other database. Sorting by an alias. False error before entering reCAPTCHA. central column with multiple server. Custom export with backquotes off is not working. Reverse proxy: infinite internal redirect (added warning in doc). Export to gzip saves plain text under Chrome. May 2015 03:16 minor feature: Settings issues (Favorite tables shown twice in Settings). Non-styled error page when following results link. Deleting without confirmation. Issues with SQL autocomplete. Column hint in SQL autocomplete is sometimes not shown. JS error after selecting a field and press Enter. bug Honor proxy settings when getting Git commit information. bug Missing title on link. ForceSSL Redirect Check. bug Undefined index collation_connection. bug Error when the reporting server is down. bug Escape database and table names for partition maintenance. bug Invalid value for CURLOPT_SSL_VERIFYPEER. Import status infinite loop. Designer: Loading does not work. Setup: Overview Display does not work. Designer: pages from all databases. May 2015 03:45 minor feature: webkitStorageInfo and webkitIndexedDB is deprecated. Undefined variable: unique_conditions. CSV Import ignores "Replace table data with file" checkbox. May 2015 20:05 minor bugfix: Table overhead stats: missing space before the unit. Fix resize icon in Designer. Exit fullscreen in Designer does not change the button text. Designer icons missing when using original theme. Column list of central columns is not cleared. jQuery dialogs of the Designer are not displayed in fullscreen. Search function breaks when searching for certain combinations of backslashes and slashes. Maximum execution time exceeded in Util.class.php (better fix). Some icons are above the overlay of jQuery dialogs. Clicking on external links in advisor rules give JS error. Filter in central columns does not work in other languages. Apr 2015 02:45 minor bugfix: Don't scroll (to bottom) when editing multiple rows. Misaligned Inline edit field. Use of undefined constant PMA_DRIZZLE. sprintf(): Too few arguments. Limit column ordering in index edit dialog. Incorrect ALTER TABLE statement generated. Inconsistency in 'Ignore' checkbox in insert page. Drop column action not asking to confirm. Error on creating table. Bugfux for Undefined index: Rows. Apr 2015 14:05 minor feature: PHP errors in login dialogue. json_encode error due to strftime returning non utf8 chars in Windows 8.1 Chinese version. White screen (Cloudflare). Server error viewing table content. bug Fix issues related to number of decimal places in time. Relation view between 1600 and 1780 px. bug PHP 7 compatibility in php-gettext. bug PHP 7 compatibility in bfShapeFiles. bug PHP 7 session_regenerate_id() warning. Alter table after changing column name error. Maximum execution time exceeded in Util.class.php. Apr 2015 13:05 minor feature: Fixed changing the password for another user. Request URI too large. MySQL 5.7.6 and Databases: Use 'server' parameter in console to work in multi server environments. Missing tooltip in monitor. Missing sort icons in monitor. Inline edit broken when using functions in query. Timed-out import fails to restart when file represented. pMA DB not detected properly. Datepicker missing when changing number of rows on Insert page. INNODB STATUS page is empty. JavaScript is loaded in wrong order. TEXT formatting doesn't work after inline editing. Compress when php.ini output_buffering is active. Sorting distinct values result loses links. Do not attach token to css requests to improve caching. Apr 2015 03:16 minor feature: rfe InnoDB presently supports one FULLTEXT index creation at a time. rfe Allow tracking multiple table at once from database level tracking page. rfe Improve action message on Tracking page. rfe Change value of "Number of rows:" when "Show all" is checked. rfe Focus console by clicking on white space. rfe Part 1: Cycle through console history with keyboard up/down arrows. rfe Default to primary key when adding relation. rfe User prefs: Diff-friendly JSON for config. rfe Sever Variables Table UI Improvements. phpMyAdmin should be able to work without 'examples' DIR - move SQL scripts to sql directory. rfe Warn about reserved word only when a column is created. rfe Recaptcha API v2. rfe Individual Zeroconf PMA tables support. rfe Generate keys one per line. rfe allow table with transformed column anywhere in FROM clause. rfe Shortcut link to search page. rfe Fold Add Column After / Before into dropdown. Table structure: adding primary key doesn't refresh page. rfe SQL formatter. rfe Fast filter improvement: remove "x other results found". No error message on Missing extension mbstring. rfe Builtin transformations and relations. rfe USING BTREE support for HEAP/MEMORY tables. rfe Make "Options Relational" configurable. rfe More details in PDF relation view. rfe Cannot enter connection for federated engine table. rfe Allow SALT in ENCRYPT function. rfe Setting LoginCookieValidity session.gc_maxlifetime. rfe Transformation for JSON. bug Fix isCanvasSupported for new window. rfe Clarify the "Inline" link. rfe Speed up slow triggers by using EVENT_OBJECT_SCHEMA. rfe ON DUPLICATE KEY UPDATE for loading CSV. bug Cannot execute command from console (multi-server installation). rfe linking from information_schema. rfe Relation view: move to main "Structure" page. rfe Designer menu with explicit text. rfe Relations with views like with tables. rfe Browse Field - Search. rfe Provide sanity check for table/column Mar 2015 19:25 hidden: "Show hidden items" is sometimes hidden. Breaks when sorting by multiple columns while using UNION. Missing column when exporting in sql. Broken find and replace. Undefined Index after export schema. Changelog page is not working. Infinite calls to index.php. Invalid links to simulate query fails, but actual query does not. Mar 2015 06:25 minor feature: bug #4746 Right-aligned columns have left-aligned header bug #4779 PMA_Util::parseEnumSetValues fails on enums with UTF-8 values bug Undefined index savedsearcheswork bug #4788 Inline edit of DATE fields with NULL, NULL checkbox is under datepicker bug #4790 DROP TABLE/VIEW IF EXISTS are not tracked bug Compatibility with central columns of version 4.4 bug #4758 Firefox with auth_type to http with multiple server doesn't work anymore bug #4789 Views aren't dropped when copying a database bug #4784 Incomplete bookmark saving bug #4786 SELECT width on relations page Mar 2015 19:25 security: Risk of BREACH attack, see PMASA-2015-1 Mar 2015 20:05 minor feature: SQL links are completely wrong. MariaDB: version mismatch. Some images are missing in Designer for original theme. Drizzle: undefined index in Normal field and multi-line field have different margins. Cannot re-import settings from local storage. SQL error when database list is sorted by additional columns. Notice when timestamp column does not have default value. Feb 2015 04:05 minor feature: bug Undefined index navwork bug #4744 Opening console scroll down the page bug Remove extra column heading in view structure page bug Add missing confirmation when deleting central columns bug Undefined index DisableIS bug #4763 Database export with more than 512 tables fails bug #4769 Previously set column aliases are destroyed if returned to the same table bug #4752 Incorrect page after creating table bug #4771 Central Columns not working, showing error Feb 2015 03:17 minor feature: bug #4728 Incorrect headings in routine editor bug #4730 Notice while browsing tables when phpmyadmin pma database exists, but not all the tables bug #4729 Display original field when using "Relational display column" option and display column is empty bug #4734 Default values for binary fields do not support binary values bug #4736 Changing display options breaks query highlighting bug Undefined index submit_type bug #4738 Header lose align when scrolling in Firefox bug #4741 in ./libraries/Advisor.class.php#184 vsprintf: Too few arguments bug #4743 Unable to move cursor with keyboard in filter rows box bug Incorrect link in doc bug #4745 Tracking does not handle views properly bug #4706 Schema export doesn't handle dots in db/table name bug #3935 Table Header not displayed correct bug #4750 Disable renaming referenced columns bug #4748 Column name center-aligned instead of left-aligned in Relations Jan 2015 07:05 minor feature: bug Undefined constant PMA_DRIZZLE bug #4712 Wrongly positioned date-picker while Grid-Editing bug #4714 Forced ORDER BY for own sql statements bug #4721 Undefined property: stdClass:: version bug #4719 'only_db' not working bug #4700 Error text: Internal Server Error bug #4722 Incorrect width table summary when favorite tables is disabled bug #4716 Collapse all in navigation panel is sometimes broken bug #4724 Cannot navigate in filtered table list bug #4717 Database navigation menu broken when resolution/screen is changing bug #4727 Collation column missing in database list when DisableIS is true bug Undefined index central_columnswork bug Undefined index favorite_tables Jan 2015 04:25 minor feature: bug #4694 js error on marking table as favorite in Safari bug #4695 Changing cfg doesn't update link and title bug Undefined index menuswork bug Undefined index navwork bug Undefined index central_columnswork bug #4697 Server Status refresh not behaving as expected bug Null argument in array_multisort bug #4699 Navigation panel should not hide icons based on 'TableNavigationLinksMode' bug #4703 Unsaved schema page exported as pdf.pdf bug #4707 Call to undefined method PMA_Schema_PDF::dieSchema bug #4702 URL is non RFC-2396 compatible in get_scripts.js.php Dec 2014 03:25 minor feature: bug #4653 Always connection error was shown, on /setup at tab "configuration storage" bug #4661 Drag and drop file import always fails bug #4651 don't open console with esc bug #4664 select min displays 1 row, but reports the table amount of rows returned bug #4666 Undefined indexes in table stucture print view of a view bug #4663 Export missing back ticks for order table name bug #4668 Remove from central columns error bug #4670 CSV import reads both commas and values into first column after first row bug #4642 phpmyadmin often fails to load due to specific load order bug #4671 Unable to move all columns bug #4645 Import of export created with mysqldump bug #4672 "Distinct values" does not page bug #4667 Consistency in borders bug #4658 Illegal string offset bug #4655 Undefined index: collation_connection bug #4673 Delimiter causing page lock Dec 2014 03:15 minor feature: bug The "Recently used tables" setting should be with Nav panel bug #4647 Can't disable Favorites bug #4646 Version Check Broken bug #4630 AJAX request infinite loop bug #4649 Attributes field size smaller than others bug #4622 Cannot remove table ordering on a Mac bug Fix initial replication configuration bug Undefined index central_columnswork bug #4657 Don't have default blowfish_secret bug #4656 Some error popups fade away too quickly bug #4648 Consistency in borders bug cfg no longer necessary bug #4659 Leading and trailing whitespace in column name Dec 2014 13:45 minor feature: bug #4628 PHP error while exporting schema as PDF bug #4631 Server selector submits two server parameter values bug #4629 Problem with custom SQL queries using cookie authentication bug Undefined index central_columnswork bug #4632 Notice in ./libraries/Util.class.php#1916 Undefined index: query bug #4633 Wrong parameter in fetchValue bug #4634 Error reporting creates an infinite loop bug #4635 Token mismatch while creating configuration storage bug #4640 Incorrect reference to PHP 6 bug #3794 failure to handle repeating empty columns when importing ODS bug #4638 Default Export Method setting broken bug #4639 Export SQL missing indentation first field bug #4637 Field Alignment bug #4644 Error when browsing tables Dec 2014 03:15 minor feature: bug #4609 'Show all' checkbox label is not clickable bug #4610 JS error reporting: Hash fragment is reset bug Undefined index menuswork bug #4614 Separator between "Show All" and "Number of rows" disappears bug #4615 SQL highlighting in process list breaks on auto refresh bug #4616 Warning in db structure print view page bug Undefined index navwork, savedsearcheswork, fields bug #4620 Undefined index while adding to the central columns list bug #4618 Page scrolls while GIS visualization is zoomed in/out with mousewheel bug #4613 HHVM: method 'ob_gzhandler' not found bug #4593 Manual "SELECT" doesn't change active table bug #4623 Incomplete PHP OpenSSL support bug #4626 Ctrl + click on a column not in sort triggers a server call to erroneous url bug #4625 "Insufficient space to save the file" on export SQL to file on server bug #4627 "file_get_contents: failed to open stream" after update bug #4617 UI issues with sortable tables bug #4619 SELECT LENGTH FROM `table` does not sort Dec 2014 07:45 minor feature: bug #4604 Query history not being deleted bug #4057 db/table query string parameters no longer work bug #4605 Unseen messages in tracking bug #4606 Tracking report export as SQL dump does not work bug #4607 Syntax error during db_copy operation bug #4608 SELECT permission issues with relations and restricted access Nov 2014 03:15 security: bug #4574 Blank/white page when JavaScript disabled bug #4577 Multi row actions cause full page reloads bug ReferenceError: targeturl is not defined bug Incorrect text/icon display in Tracking report bug #4404 Recordset return from procedure display nothing bug #4584 Edit dialog for routines is too long for smaller displays bug #4586 Javascript error after moving a column bug #4576 Issue with long comments on table columns bug #4599 Input field unnecessarily selected on focus bug #4602 Exporting selected rows exports all rows of the query bug #4444 No insert statement produced in SQL export for queries with alias bug #4603 Field disabled when internal relations used bug #4596 XSS through exception stack bug #4595 Path traversal can lead to leakage of line count bug #4578 XSS vulnerability in table print view bug #4579 XSS vulnerability in zoom search page bug #4594 Path traversal in file inclusion of GIS factory bug #4598 XSS in multi submit bug #4597 XSS through pma_fontsize cookie Nov 2014 03:15 minor feature: bug ReferenceError: Table_onover is not defined bug #4552 Incorrect routines display for database due to case insensitive checks bug #4259 reCaptcha sound session expired problem bug #4557 PHP fatal error, undefined function __ bug #4568 Date displayed incorrectly when charting a timeline bug #4571 Database Privileges link does not work bug makegrid.js: where_clause is undefined bug #4572 missing trailing slash Oct 2014 03:15 security security: bug #4562 XSS in debug SQL output bug #4563 XSS in monitor query analyzer Oct 2014 03:16 minor feature: bug #4361 Can't change font size bug #4542 Tab key in column name not shown bug PDF export: title not present in PDF bug #4543 Changing column name can break saved "order by" clause bug #4545 trying to favorite table while browser localStorage is disabled throws JS error bug #4259 reCaptcha sound session expired problem bug #4548 Inline editing a field converts tab to spaces bug #4252 Database-level permission bug for db names containing underscores bug #3120 Events are not exported when using xml bug #4554 Grid-editing timestamp column forces datepicker bug #4556 Fast filters for tables, views etc. should be governed by NavigationTreeDisplayItemFilterMinimum Oct 2014 20:11 security: Security: XSS vulnerabilities in table search and table structure pages Sep 2014 03:15 minor feature: bug ajax.js responseHandler: cannot read property of null bug sql.js: str is undefined bug #4524 Allow for direct selection of "0" on the "user overview" page bug #4529 Undefined index: pos bug #4523 tbl_change.js: insert as new row submit type on multiple selected records does not set all AUTO_INCREMENTs to 0 value bug ajax.js responseHandler: another "cannot read property" bug tbl_structure.js "cannot read property" Sep 2014 23:49 security: DOM based XSS that results to a CSRF that creates a ROOT account in certain conditions Aug 2014 23:09 minor bugfix: This bug fix corrects some odd export behavior, an uncaught TypeError, sql.js/server_privileges.js/functions.js property accesses, chart types did not match selected data, ignored AUTO_INCREMENT option and partitioned table in exports, duplicate column names while assigning index, import ODS files with trailing spaces in column names, navigation error in search results. Aug 2014 22:36 security: XSS in table browse page. Self-XSS in enum value editor. Self-XSSes in monitor. Self-XSS in query charts. XSS in view operations page. XSS in relation view.
4.2.731 Jul 2014 18:14 minor bugfix: Broken links on home page. Overlap in navigation panel. Action icons not in horizontal order. s_attention.png is missing. Uncaught TypeError: Cannot call method 'substr' of undefined. PMA 4.2.x and HHVM. mysql_doc_template is not defined.
4.2.619 Jul 2014 19:00 security: Undefined index warning with referenced column. cfg 'MaxExactCount' is ignored when BROWSING is back. Multi Column sorting (improved user experience). Server validation does not work while in setup/mysqli. Undefined variable when grid editing a foreign key column. Undefined variable Error. Sorting breaks the copy column feature. JavaScript error when renaming table. 'New window' link (selflink) disappears, causing JavaScript error. Incorrect detection of privileges for routine creation. First few characters of database name aren't clickable when expanded. XSS injection due to unescaped table comment. XSS injection due to unescaped table name (triggers). XSS in AJAX confirmation messages. Missing validation for accessing User groups feature.
4.2.508 Jul 2014 05:34 minor bugfix: shell_exec() has been disabled for security reasons. Error while submitting empty query. Fatal error: Class 'PMA_DatabaseInterface' not found. Fixed cookie based login for installations without mcrypt. Incorrect result count when having clause is used. Mcrypt: remove the requirement (64-bit) and the related warning.