Skip to content

Instantly share code, notes, and snippets.

View versions_4.2-4.5.patch
diff --git a/libraries/server_privileges.lib.php b/libraries/server_privileges.lib.php
index 86c46ef6f7..1bf7b6e07b 100644
--- a/libraries/server_privileges.lib.php
+++ b/libraries/server_privileges.lib.php
@@ -2448,7 +2448,7 @@ function PMA_getExtraDataForAjaxBehavior(
if (isset($_REQUEST['validate_username'])) {
$sql_query = "SELECT * FROM `mysql`.`user` WHERE `User` = '"
- . $_REQUEST['username'] . "';";
+ . PMA_Util::sqlAddSlashes($_REQUEST['username']) . "';";
@ibennetch
ibennetch / PMASA-2019-5_prior_to_4.9.1.patch
Created Nov 25, 2019
PMASA-2019-5 patch for phpMyAdmin prior to 4.9.1
View PMASA-2019-5_prior_to_4.9.1.patch
From 98545d3e2ae3860e2010ff995c018ee6956d6c5d Mon Sep 17 00:00:00 2001
From: William Desportes <williamdes@wdes.fr>
Date: Mon, 28 Oct 2019 22:09:44 +0100
Subject: [PATCH] Security patch for Designer and Designer visual mode
Closes: https://github.com/phpmyadmin/phpmyadmin-security/issues/286
---
js/designer/move.js | 4 ++--
templates/database/designer/database_tables.twig | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
@ibennetch
ibennetch / themegen.diff
Created Jul 29, 2018
Suggestions for the theme generator
View themegen.diff
diff --git a/libraries/classes/ThemeGenerator.php b/libraries/classes/ThemeGenerator.php
index 33c3d6d52b..15f219d9e1 100644
--- a/libraries/classes/ThemeGenerator.php
+++ b/libraries/classes/ThemeGenerator.php
@@ -98,12 +98,19 @@ class ThemeGenerator
$common->createCommonFile($name);
$out['layout'] = $layout->createLayoutFile($post);
$nav->createNavigationFile($name);
- } else {
- trigger_error("The 'themes' directory is not writable by the webserver process. You must change permissions for the theme generator to be able to write the generated theme.", E_USER_ERROR);