欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  数据库

phpMyAdmin 3.4.8 新版中修复的BUG_MySQL

程序员文章站 2024-01-04 18:44:52
...
phpmyadmin bitsCN.com phpMyAdmin是PHP编写的WEB版本的MYSQL管理工具
优点:Web 的 phpMyAdmin 工具。这是一种 MySQL 数据库前台的基于PHP的工具。   
缺点:必须安装在 Web 服务器中,所以如果没有合适的访问权限,其它用户有可能损害到 SQL 数据。但这已不是什么问题了,现在众多的IDC公司都采用PHPmyadmin来作为客户的自助管理工具,并且多数都禁用GUI 的程序的访问,可以说是解决MYSQL使用的一大难题。类似的MSSQL的WEB版本笔者也用过几个,但明显没有MYSQL这么方便。这当然也跟MSYQL的开源性质有着直接的关系。


phpMyAdmin 3.4.8主要修复了一些XSS安全漏洞,其中包括:


数据库名称同步、重命名导致的Self-XSS安全问题
列类型(创建索引、表搜索)导致的Self-XSS安全问题
无效查询导致的Self-XSS安全问题
该版本添加了几个补丁,主要针对:

使php-gettext的location可配置
在open_basedir状态下的冲突处理
多服务器配置中的内联编辑
PHP 5.4中的数组/字符串转换


3.4.8.0 BUG修复列表
- bug #3425230 [interface] enum data split at space char (more space to edit)
- bug #3426840 [interface] ENUM/SET editor can't handle commas in values
- bug #3427256 [interface] no links to browse/empty views and tables
- bug #3430377 [interface] Deleted search results remain visible
- bug #3428627 [import] ODS import ignores memory limits
- bug #3426836 [interface] Visual column separation
- bug #3428065 [parser] TRUE not recognized by parser
+ patch #3433770 [config] Make location of php-gettext configurable
- patch #3430291 [import] Handle conflicts in some open_basedir situations
- bug #3431427 [display] Dropdown results - setting NULL does not work
- patch #3428764 [edit] Inline edit on multi-server configuration
- patch #3437354 [core] Notice: Array to string conversion in PHP 5.4
- [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the
view name in main panel db Structure page
- bug #3439292 [core] Fail to synchronize column with name of keyword
- bug #3425156 [interface] Add column after drop
- [interface] Avoid showing the password in phpinfo()'s output
- bug #3441572 [GUI] 'newer version of phpMyAdmin' message not shown in IE8
- bug #3407235 [interface] Entering the key through a lookup window does not res
et NULL
- [security] Self-XSS on database names (Synchronize), see PMASA-2011-18
- [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18
- [security] Self-XSS on column type (Create index), see PMASA-2011-18
- [security] Self-XSS on column type (table Search), see PMASA-2011-18
- [security] Self-XSS on invalid query (table overview), see PMASA-2011-18


下载地址:http://www.phpmyadmin.net/home_page/downloads.php

本文转载自:http://www.mwinds.net/read.php?lmid=30&id=680

bitsCN.com
相关标签: 管理工具 用户

上一篇:

下一篇: