Isaac Bennetch ibennetch

## themegen.diff
diff --git a/libraries/classes/ThemeGenerator.php b/libraries/classes/ThemeGenerator.php
index 33c3d6d52b..15f219d9e1 100644
--- a/libraries/classes/ThemeGenerator.php
+++ b/libraries/classes/ThemeGenerator.php
@@ -98,12 +98,19 @@ class ThemeGenerator
             $common->createCommonFile($name);
             $out['layout'] = $layout->createLayoutFile($post);
             $nav->createNavigationFile($name);
-        } else {
-            trigger_error("The 'themes' directory is not writable by the webserver process. You must change permissions for the theme generator to be able to write the generated theme.", E_USER_ERROR);

## PMASA-2019-5_prior_to_4.9.1.patch
From 98545d3e2ae3860e2010ff995c018ee6956d6c5d Mon Sep 17 00:00:00 2001
From: William Desportes <williamdes@wdes.fr>
Date: Mon, 28 Oct 2019 22:09:44 +0100
Subject: [PATCH] Security patch for Designer and Designer visual mode

Closes: https://github.com/phpmyadmin/phpmyadmin-security/issues/286
---
 js/designer/move.js                              | 4 ++--
 templates/database/designer/database_tables.twig | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

## versions_4.2-4.5.patch
diff --git a/libraries/server_privileges.lib.php b/libraries/server_privileges.lib.php
index 86c46ef6f7..1bf7b6e07b 100644
--- a/libraries/server_privileges.lib.php
+++ b/libraries/server_privileges.lib.php
@@ -2448,7 +2448,7 @@ function PMA_getExtraDataForAjaxBehavior(

     if (isset($_REQUEST['validate_username'])) {
         $sql_query = "SELECT * FROM `mysql`.`user` WHERE `User` = '"
-            . $_REQUEST['username'] . "';";
+            . PMA_Util::sqlAddSlashes($_REQUEST['username']) . "';";
	diff --git a/libraries/classes/ThemeGenerator.php b/libraries/classes/ThemeGenerator.php
	index 33c3d6d52b..15f219d9e1 100644
	--- a/libraries/classes/ThemeGenerator.php
	+++ b/libraries/classes/ThemeGenerator.php
	@@ -98,12 +98,19 @@ class ThemeGenerator
	$common->createCommonFile($name);
	$out['layout'] = $layout->createLayoutFile($post);
	$nav->createNavigationFile($name);
	- } else {
	- trigger_error("The 'themes' directory is not writable by the webserver process. You must change permissions for the theme generator to be able to write the generated theme.", E_USER_ERROR);
	From 98545d3e2ae3860e2010ff995c018ee6956d6c5d Mon Sep 17 00:00:00 2001
	From: William Desportes <williamdes@wdes.fr>
	Date: Mon, 28 Oct 2019 22:09:44 +0100
	Subject: [PATCH] Security patch for Designer and Designer visual mode

	Closes: https://github.com/phpmyadmin/phpmyadmin-security/issues/286
	---
	js/designer/move.js \| 4 ++--
	templates/database/designer/database_tables.twig \| 2 +-
	2 files changed, 3 insertions(+), 3 deletions(-)
	diff --git a/libraries/server_privileges.lib.php b/libraries/server_privileges.lib.php
	index 86c46ef6f7..1bf7b6e07b 100644
	--- a/libraries/server_privileges.lib.php
	+++ b/libraries/server_privileges.lib.php
	@@ -2448,7 +2448,7 @@ function PMA_getExtraDataForAjaxBehavior(

	if (isset($_REQUEST['validate_username'])) {
	$sql_query = "SELECT * FROM `mysql`.`user` WHERE `User` = '"
	- . $_REQUEST['username'] . "';";
	+ . PMA_Util::sqlAddSlashes($_REQUEST['username']) . "';";