Michal Čihař - Blog Archives for phpMyAdmin

Weekly phpMyAdmin contributions 2017-W49

Last week was a bit calmer, the most visible part probably being release of the SQL parser with several fixes with improved SQL context handling.

Handled issues:

Weekly phpMyAdmin contributions 2017-W48

Looking at list of handled issues, last week was extremely productive. Many of that are issues where I've been working on them for long time and I've managed to complete them last week. For example the user preferences cleanup to store less things in cookies or common.inc.php cleanup.

I've also gone through open pull requests and merged the ones which made sense or were basically good to merge, but needed some cleanups.

There was also some fun with phpseclib 2.0.8 which was mistakenly released from master branch instead of 2.0, what lead to API breakage. Fortunately this was really just a mistake and 2.0.9 reverted these changes.

Handled issues:

Weekly phpMyAdmin contributions 2017-W47

Last week was mostly spent on improving two factor authentication support. It turned out that Firefox 57 behaves differently than Firefox 56 with U2F extension. Also it behaves differently than Chrome (which was broken as well by the way). Anyway all of these should work fine, but there still seem to be some issues with the two factor auth, but those will be certainly addressed in next weeks.

Handled issues:

Weekly phpMyAdmin contributions 2017-W46

Last week was equally spent on refactoring, bugfixing and infrastructure. We're looking for replacement our oldish server and it seems that rented server or virtual hosts seems to be best fit for us these days. Still there are quite some choices to consider.

I've done quite some development as well - I'm most happy with Util::linkOrButton refactoring which helped to cleanup the code quite a lot, but there were other fixes and improvements as well.

Handled issues:

Weekly phpMyAdmin contributions 2017-W44

Most of last week was spent on bringing U2F and 2FA to phpMyAdmin. Besides that it was really just minor bug fixing.

We've had one pull request for the 2FA already open, however it was not really in quality to be merged and the original author really didn't come back to address our concerns. I was thinking to start over from his work, but in the end I've decided to start from scratch and come with code which will make easier to implement additional second authentication factors in the future.

Anyway what is now there is support for HOTP/TOTP authentication (Google Authenticator and similar) and FIDO U2F hardware tokens. The latter has been tested with TREZOR, but should work with any compliant device.

phpMyAdmin with TREZOR

Handled issues:

Weekly phpMyAdmin contributions 2017-W43

Last week was mostly focused on code cleanup. I've done quite some fixups in the database interface layer, which now has easier to use API and no more relies on global variables to store database links. Pretty much similar was done in the authentication layer, where many of the methods had names coming from historical reasons rather than their current functionality.

Handled issues:

Weekly phpMyAdmin contributions 2017-W42

Last week was mostly focused on refactoring and code cleanup. This time I've worked on authentication plugins, which now fully handle authentication (previously it was partly done in the mighty common.inc.php).

Handled issues:

Weekly phpMyAdmin contributions 2017-W41

Last week I've continued on cleaning up common.inc.php, but there were other bug fixes as well. Most notable probably being fixing SQL parser to better handle CREATE TABLE queries defining partitions.

Handled issues:

Weekly phpMyAdmin contributions 2017-W40

Last week I've finally got to common.inc.php cleanup which is assigned to me for more than year. I've again managed to cleanup some parts of it, but it's quite challenging task as whenever I touch this (mostly ancient) code, I found some issues with it and have to fix other things as well.

Another interesting topic was fixing operation with database or table called 0. This is well known PHP issue that empty function in string containing just 0 will return true, however some of our code was using that to test whether database or table are set. This should be now fixed in master branch.

Handled issues: