~ubuntu-branches/ubuntu/lucid/phpmyadmin/lucid

Committer: Bazaar Package Importer
Author(s): Thijs Kinkhorst
Date: 2008-07-15 20:41:25 UTC
mfrom: (1.1.22 upstream)
Revision ID: james.westby@ubuntu.com-20080715204125-l55hj3njg6bhjkaj

Tags: 4:2.11.7.1-1

* New upstream release.
* Fixes security issue: XSRF/CSRF by manipulating the
db, convcharset and collation_connection parameters.

files added:
RELEASE-DATE-2.11.7.1

files removed:
RELEASE-DATE-2.11.7

files modified:
ChangeLog

Documentation.html

Documentation.txt

README

db_create.php

debian/changelog

debian/copyright

debian/patches/040-fix-documentation-links.dpatch

index.php

js/querywindow.js

libraries/Config.class.php

libraries/common.inc.php

libraries/display_create_database.lib.php

libraries/footer.inc.php

translators.html

Show diffs side-by-side

added added

removed removed

db_create.php

/* vim: set expandtab sw=4 ts=4 sts=4: */

/**

* @version $Id: db_create.php 10469 2007-06-29 14:22:48Z lem9 $

* @version $Id: db_create.php 11389 2008-07-15 14:04:44Z lem9 $

/**

$js_to_run = 'functions.js';

require_once './libraries/mysql_charsets.lib.php';

PMA_checkParameters(array('db'));

PMA_checkParameters(array('new_db'));

/**

* Defines the url to return to in case of error in a sql statement

/**

* Builds and executes the db creation sql query

$sql_query = 'CREATE DATABASE ' . PMA_backquote($db);

$sql_query = 'CREATE DATABASE ' . PMA_backquote($new_db);

if (!empty($db_collation) && PMA_MYSQL_INT_VERSION >= 40101) {

list($db_charset) = explode('_', $db_collation);

if (in_array($db_charset, $mysql_charsets) && in_array($db_collation, $mysql_collations[$db_charset])) {

require_once './libraries/header.inc.php';

require_once './main.php';

} else {

$message = $strDatabase . ' ' . htmlspecialchars($db) . ' ' . $strHasBeenCreated;

$message = $strDatabase . ' ' . htmlspecialchars($new_db) . ' ' . $strHasBeenCreated;

$GLOBALS['db'] = $new_db;

require_once './libraries/header.inc.php';

require_once './' . $cfg['DefaultTabDatabase'];

}

Older »