From 9bb9be04c4c40104646c48a738ca1133ebf34c5ffc0f41de08d0923bb2737138 Mon Sep 17 00:00:00 2001
From: Christian Wittmer <chris@computersalat.de>
Date: Wed, 25 May 2011 12:31:41 +0000
Subject: [PATCH] Accepting request 71293 from home:computersalat:devel:php

update to 3.4.1, some suhosin fixes

OBS-URL: https://build.opensuse.org/request/show/71293
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=5
---
 phpMyAdmin-3.3.10-all-languages.tar.bz2       |   3 -
 phpMyAdmin-3.4.1-all-languages.tar.bz2        |   3 +
 ...fig.patch => phpMyAdmin-3.4.1-config.patch | 209 ++++++------------
 phpMyAdmin.changes                            |  18 ++
 phpMyAdmin.spec                               |  29 ++-
 5 files changed, 103 insertions(+), 159 deletions(-)
 delete mode 100644 phpMyAdmin-3.3.10-all-languages.tar.bz2
 create mode 100644 phpMyAdmin-3.4.1-all-languages.tar.bz2
 rename phpMyAdmin-3.3.8-config.patch => phpMyAdmin-3.4.1-config.patch (64%)

diff --git a/phpMyAdmin-3.3.10-all-languages.tar.bz2 b/phpMyAdmin-3.3.10-all-languages.tar.bz2
deleted file mode 100644
index 35585fe..0000000
--- a/phpMyAdmin-3.3.10-all-languages.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:42fd27b941444f0469154408ba3ca8df9855c31602b1be369165476224e41718
-size 3675842
diff --git a/phpMyAdmin-3.4.1-all-languages.tar.bz2 b/phpMyAdmin-3.4.1-all-languages.tar.bz2
new file mode 100644
index 0000000..7d2be07
--- /dev/null
+++ b/phpMyAdmin-3.4.1-all-languages.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f4673a2d68499866e92d8b1d261aaf2ef7f5ecdb71fde4d71c2cc349ec84dfdd
+size 4612476
diff --git a/phpMyAdmin-3.3.8-config.patch b/phpMyAdmin-3.4.1-config.patch
similarity index 64%
rename from phpMyAdmin-3.3.8-config.patch
rename to phpMyAdmin-3.4.1-config.patch
index 95aa45d..42b2122 100644
--- a/phpMyAdmin-3.3.8-config.patch
+++ b/phpMyAdmin-3.4.1-config.patch
@@ -1,17 +1,10 @@
-diff -ruN phpMyAdmin-3.3.8-all-languages-orig/config.sample.inc.php phpMyAdmin-3.3.8-all-languages/config.sample.inc.php
---- phpMyAdmin-3.3.8-all-languages-orig/config.sample.inc.php	2010-10-25 18:21:44.000000000 +0200
-+++ phpMyAdmin-3.3.8-all-languages/config.sample.inc.php	2010-12-03 23:58:26.000000000 +0100
-@@ -2,71 +2,278 @@
- /* vim: set expandtab sw=4 ts=4 sts=4: */
- /**
-  * phpMyAdmin sample configuration, you can use it as base for
-- * manual configuration. For easier setup you can use setup/
-+ * manual configuration. For easier setup you can use scripts/setup.php
-  *
-  * All directives are explained in Documentation.html and on phpMyAdmin
-  * wiki <http://wiki.phpmyadmin.net>.
-+ */
-+
+diff -ruN phpMyAdmin-3.4.1-all-languages-orig/config.sample.inc.php phpMyAdmin-3.4.1-all-languages/config.sample.inc.php
+--- phpMyAdmin-3.4.1-all-languages-orig/config.sample.inc.php	2011-05-20 19:24:04.000000000 +0200
++++ phpMyAdmin-3.4.1-all-languages/config.sample.inc.php	2011-05-24 18:21:28.000000000 +0200
+@@ -10,55 +10,223 @@
+  * @package phpMyAdmin
+  */
+ 
 +/**
 + * Your phpMyAdmin url
 + *
@@ -20,9 +13,7 @@ diff -ruN phpMyAdmin-3.3.8-all-languages-orig/config.sample.inc.php phpMyAdmin-3
 + *
 + * It must contain characters that are valid for a URL, and the path is
 + * case sensitive on some Web servers, for example Unix-based servers.
-  *
-- * @version $Id$
-- * @package phpMyAdmin
++ *
 + * In most cases you can leave this variable empty, as the correct value
 + * will be detected automatically. However, we recommend that you do
 + * test to see that the auto-detection code works in your system. A good
@@ -31,22 +22,22 @@ diff -ruN phpMyAdmin-3.3.8-all-languages-orig/config.sample.inc.php phpMyAdmin-3
 + *
 + * If the auto-detection code does work properly, you can set to true the
 + * $cfg['PmaAbsoluteUri_DisableWarning'] variable below.
-  */
-+$cfg['PmaAbsoluteUri'] = 'https://@FQDN@/phpMyAdmin/';
- 
--/*
-- * This is needed for cookie based authentication to encrypt password in
-- * cookie
++ */
++$cfg['PmaAbsoluteUri'] = '';
 +
+ /*
+  * This is needed for cookie based authentication to encrypt password in
+  * cookie
+  */
+ $cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
+ 
 +/**
 + * Disable the default warning about $cfg['PmaAbsoluteUri'] not being set
 + * You should use this if and ONLY if the PmaAbsoluteUri auto-detection
 + * works perfectly.
-  */
--$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
++ */
 +$cfg['PmaAbsoluteUri_DisableWarning'] = false;
- 
--/*
++
 +/**
 + * Disable the default warning that is displayed on the DB Details Structure page if
 + * any of the required Tables for the relationfeatures could not be found
@@ -54,25 +45,21 @@ diff -ruN phpMyAdmin-3.3.8-all-languages-orig/config.sample.inc.php phpMyAdmin-3
 +$cfg['PmaNoRelation_DisableWarning']  = false;
 +
 +/**
-+ * The 'cookie' auth_type uses blowfish algorithm to encrypt the password. If
-+ * at least one server configuration uses 'cookie' auth_type, enter here a
-+ * passphrase that will be used by blowfish.
++ * Disable the default warning that is displayed if Suhosin is detected
++ *
++ * @global boolean $cfg['SuhosinDisableWarning']
 + */
-+$cfg['blowfish_secret'] = '';
++$cfg['SuhosinDisableWarning'] = true;
 +
-+
-+
-+/*******************************************************************************
+ /*
   * Servers configuration
   */
  $i = 0;
  
 -/*
-- * First server
 +/***************************************
-+ * First Server
+  * First server
   */
-+
  $i++;
 -/* Authentication type */
 -$cfg['Servers'][$i]['auth_type'] = 'cookie';
@@ -83,32 +70,11 @@ diff -ruN phpMyAdmin-3.3.8-all-languages-orig/config.sample.inc.php phpMyAdmin-3
 -/* Select mysqli if your server has it */
 -$cfg['Servers'][$i]['extension'] = 'mysql';
 -$cfg['Servers'][$i]['AllowNoPassword'] = false;
--
--/* rajk - for blobstreaming */
--$cfg['Servers'][$i]['bs_garbage_threshold'] = 50;
--$cfg['Servers'][$i]['bs_repository_threshold'] = '32M';
--$cfg['Servers'][$i]['bs_temp_blob_timeout'] = 600;
--$cfg['Servers'][$i]['bs_temp_log_threshold'] = '32M';
--
--/* User for advanced features */
--// $cfg['Servers'][$i]['controluser'] = 'pma';
--// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
--/* Advanced phpMyAdmin features */
--// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
--// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
--// $cfg['Servers'][$i]['relation'] = 'pma_relation';
--// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
--// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
--// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
--// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
--// $cfg['Servers'][$i]['history'] = 'pma_history';
--// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';
--// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
--/* Contrib / Swekey authentication */
--// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf';
 +// MySQL hostname or IP address
 +$cfg['Servers'][$i]['host']                = 'localhost';
-+
+ 
+-/*
+- * phpMyAdmin configuration storage settings.
 +// MySQL port - leave blank for default port
 +$cfg['Servers'][$i]['port']                = '';
 +
@@ -219,8 +185,26 @@ diff -ruN phpMyAdmin-3.3.8-all-languages-orig/config.sample.inc.php phpMyAdmin-3
 +
 +/***************************************
 + * Second Server
-+ */
-+
+  */
+ 
+-/* User used to manipulate with storage */
+-// $cfg['Servers'][$i]['controluser'] = 'pma';
+-// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
+-
+-/* Storage database and tables */
+-// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
+-// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
+-// $cfg['Servers'][$i]['relation'] = 'pma_relation';
+-// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
+-// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
+-// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
+-// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
+-// $cfg['Servers'][$i]['history'] = 'pma_history';
+-// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';
+-// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
+-// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';
+-/* Contrib / Swekey authentication */
+-// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf';
 +/**
 +$i++;
 +$cfg['Servers'][$i]['host']                = '';
@@ -265,93 +249,17 @@ diff -ruN phpMyAdmin-3.3.8-all-languages-orig/config.sample.inc.php phpMyAdmin-3
 +$cfg['ServerDefault'] = 1;
 +$cfg['Server']        = '0';
 +unset($cfg['Servers'][0]);
-+
  
- /*
+-/*
++
++/***************************************
   * End of servers configuration
   */
  
--/*
-- * Directories for saving/loading files from server
-+
-+/*******************************************************************************
-+ * Language and character set conversion settings
-  */
-+
-+// Default language to use, if not browser-defined or user-defined
-+$cfg['DefaultLang'] = 'utf-8';
-+
-+// Default connection collation (used for MySQL >= 4.1)
-+$cfg['DefaultConnectionCollation'] = 'utf8_unicode_ci';
-+
-+// Default character set to use for recoding of MySQL queries, does not take
-+// any effect when character sets recoding is switched off by
-+// $cfg['AllowAnywhereRecoding'] or in language file
-+// (see $cfg['AvailableCharsets'] to possible choices, you can add your own)
-+$cfg['DefaultCharset'] = 'utf-8';
-+
-+// Allow character set recoding of MySQL queries, must be also enabled in language
-+// file to make harder using other language files than Unicode.
-+// Default value is false to avoid problems on servers without the iconv
-+// extension and where dl() is not supported
-+$cfg['AllowAnywhereRecoding'] = false;
-+
-+// You can select here which functions will be used for character set conversion.
-+// Possible values are:
-+//      auto   - automatically use available one (first is tested iconv, then
-+//               recode)
-+//      iconv  - use iconv or libiconv functions
-+//      recode - use recode_string function
-+$cfg['RecodingEngine'] = 'auto';
-+
-+
-+/*******************************************************************************
-+ * Web server upload/save/import directories
-+ */
-+
-+// Directory for uploaded files that can be executed by phpMyAdmin.
-+// For example './upload'. Leave empty for no upload directory support.
-+// Use %u for username inclusion.
- $cfg['UploadDir'] = '';
-+
-+// Directory where phpMyAdmin can save exported data on server.
-+// For example './save'. Leave empty for no save directory support.
-+// Use %u for username inclusion.
- $cfg['SaveDir'] = '';
- 
-+// Directory where phpMyAdmin can save temporary files.
-+// This is needed for MS Excel export, see documentation how to enable that.
-+$cfg['TempDir'] = '';
-+
- ?>
-diff -ruN phpMyAdmin-3.3.8-all-languages-orig/libraries/common.inc.php phpMyAdmin-3.3.8-all-languages/libraries/common.inc.php
---- phpMyAdmin-3.3.8-all-languages-orig/libraries/common.inc.php	2010-10-25 18:21:44.000000000 +0200
-+++ phpMyAdmin-3.3.8-all-languages/libraries/common.inc.php	2010-12-03 23:56:45.000000000 +0100
-@@ -536,7 +536,7 @@
-  * force reading of config file, because we removed sensitive values
-  * in the previous iteration
-  */
--$_SESSION['PMA_Config'] = new PMA_Config('./config.inc.php');
-+$_SESSION['PMA_Config'] = new PMA_Config('@PMA_Config@');
- 
- if (!defined('PMA_MINIMUM_COMMON')) {
-     $_SESSION['PMA_Config']->checkPmaAbsoluteUri();
-diff -ruN phpMyAdmin-3.3.8-all-languages-orig/libraries/config.default.php phpMyAdmin-3.3.8-all-languages/libraries/config.default.php
---- phpMyAdmin-3.3.8-all-languages-orig/libraries/config.default.php	2010-10-25 18:21:44.000000000 +0200
-+++ phpMyAdmin-3.3.8-all-languages/libraries/config.default.php	2010-12-03 23:56:45.000000000 +0100
-@@ -136,7 +136,7 @@
-  *
-  * @global string $cfg['Servers'][$i]['extension']
-  */
--$cfg['Servers'][$i]['extension'] = 'mysql';
-+$cfg['Servers'][$i]['extension'] = 'mysqli';
- 
- /* rajk - added for blobstreaming */
- $cfg['Servers'][$i]['bs_garbage_threshold'] = '';
-diff -ruN phpMyAdmin-3.3.8-all-languages-orig/libraries/vendor_config.php phpMyAdmin-3.3.8-all-languages/libraries/vendor_config.php
---- phpMyAdmin-3.3.8-all-languages-orig/libraries/vendor_config.php	2010-10-25 18:21:44.000000000 +0200
-+++ phpMyAdmin-3.3.8-all-languages/libraries/vendor_config.php	2010-12-03 23:56:45.000000000 +0100
-@@ -15,18 +15,18 @@
+diff -ruN phpMyAdmin-3.4.1-all-languages-orig/libraries/vendor_config.php phpMyAdmin-3.4.1-all-languages/libraries/vendor_config.php
+--- phpMyAdmin-3.4.1-all-languages-orig/libraries/vendor_config.php	2011-05-20 19:24:04.000000000 +0200
++++ phpMyAdmin-3.4.1-all-languages/libraries/vendor_config.php	2011-05-24 17:24:15.000000000 +0200
+@@ -14,18 +14,18 @@
   * Path to changelog file, can be gzip compressed. Useful when you want to
   * have documentation somewhere else, eg. /usr/share/doc.
   */
@@ -373,3 +281,12 @@ diff -ruN phpMyAdmin-3.3.8-all-languages-orig/libraries/vendor_config.php phpMyA
  
  /**
   * Whether setup requires writable directory where config
+@@ -43,7 +43,7 @@
+ /**
+  * Filename of a configuration file.
+  */
+-define('CONFIG_FILE', CONFIG_DIR . 'config.inc.php');
++define('CONFIG_FILE', SETUP_CONFIG_FILE );
+ 
+ /**
+  * Filename of custom header file.
diff --git a/phpMyAdmin.changes b/phpMyAdmin.changes
index 6df1f97..a6f1372 100644
--- a/phpMyAdmin.changes
+++ b/phpMyAdmin.changes
@@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Tue May 24 16:06:05 UTC 2011 - chris@computersalat.de
+
+- update to 3.4.1
+  - bug sf#3301108 [interface] Synchronize and already configured host
+  - bug sf#3302457 Inline edit and $cfg['PropertiesIconic']
+  - Patch #3302313 Show a translated label
+  - bug sf#3300981 [navi] Table filter is case sensitive
+  - bug sf#3285929 [privileges] Revert temporary fix
+  - bug sf#3302872 [synchronize] Synchronize and user name
+  - bug sf#3302733 [core] Some browsers report an insecure https connection
+  - [security] Make redirector require valid token
+- rework config patch
+  - removed 3.3.8, added 3.4.1 config patch
+- added conftrib to doc
+- mod post section
+  o modify suhosin.ini
+
 -------------------------------------------------------------------
 Sat Mar 19 19:17:57 UTC 2011 - chris@computersalat.de
 
diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec
index a11a0f0..402c223 100644
--- a/phpMyAdmin.spec
+++ b/phpMyAdmin.spec
@@ -34,16 +34,14 @@ Name:           phpMyAdmin
 %endif
 
 Summary:        Administration of MySQL over the web
-Version:        3.3.10
+Version:        3.4.1
 Release:        1
 License:        GPLv2+
 Group:          Productivity/Networking/Web/Frontends
 Url:            http://www.phpMyAdmin.net
 Source0:        %{name}-%{version}-all-languages.tar.bz2
 Source1:        %{name}.http
-Patch0:         %{name}-3.3.8-config.patch
-#Patch1:         %{name}-2.11.0rc1-blowfish_secret.patch
-#Patch2:         %{name}-3.1.0-mysqli.patch
+Patch0:         %{name}-3.4.1-config.patch
 BuildArch:      noarch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         pwgen coreutils sed grep
@@ -98,7 +96,7 @@ Currently phpMyAdmin can:
 find . -type d -exec chmod 755 {} \;
 find . -type f -exec chmod 644 {} \;
 find . -type f -name '*.orig' -exec rm {} \;
-rm lang/*.sh
+#rm lang/*.sh
 %{__rm} libraries/.htaccess
 
 %build
@@ -106,7 +104,7 @@ rm lang/*.sh
 %install
 #%{__install} -d -m0750 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
 %{__install} -d -m0755 $RPM_BUILD_ROOT%{ap_docroot}/%{name}
-%{__cp} -dR *.css *.php *.html *.ico js lang libraries pmd themes \
+%{__cp} -dR *.css *.php *.html *.ico js libraries locale pmd themes \
   $RPM_BUILD_ROOT%{ap_docroot}/%{name}
 # install config to config dir
 %{__install} -D -m0640 $RPM_BUILD_ROOT%{ap_docroot}/%{name}/config.sample.inc.php \
@@ -116,8 +114,8 @@ rm lang/*.sh
 %{__sed} -i -e "s,@docdir@,%{_docdir}/%{name},g" -e "s,@sysconfdir@,%{_sysconfdir}/%{name},g" \
   $RPM_BUILD_ROOT%{ap_docroot}/%{name}/libraries/vendor_config.php
 # fix libraries/common.inc.php
-%{__sed} -i -e "s,@PMA_Config@,%{_sysconfdir}/%{name}/config.inc.php,g" \
-  $RPM_BUILD_ROOT%{ap_docroot}/%{name}/libraries/common.inc.php
+#%{__sed} -i -e "s,@PMA_Config@,%{_sysconfdir}/%{name}/config.inc.php,g" \
+#  $RPM_BUILD_ROOT%{ap_docroot}/%{name}/libraries/common.inc.php
 
 # generate file list
 find $RPM_BUILD_ROOT%{ap_docroot}/%{name} -mindepth 1 -maxdepth 1 -type d | sed -e "s@$RPM_BUILD_ROOT@@" > FILELIST
@@ -138,6 +136,16 @@ find $RPM_BUILD_ROOT%{ap_docroot}/%{name} -maxdepth 1 -type f | grep -v 'config.
 # set PmaAbsoluteUri ### generate blowfish secret
 %{__sed} -i -e "s,@FQDN@,$(cat /etc/HOSTNAME)," \
  -e "s/\\\$cfg\['blowfish_secret'\] = ''/\$cfg['blowfish_secret'] = '`pwgen -s -1 46`'/" %{pma_config}
+if [ -f /etc/php5/conf.d/suhosin.ini ]; then
+  %{__sed} -i \
+    -e "s/^;\(suhosin.post.max_array_index_length =\).*/\1 256/" \
+    -e "s/^;\(suhosin.post.max_totalname_length =\).*/\1 8192/" \
+    -e "s/^;\(suhosin.post.max_vars =\).*/\1 2048/" \
+    -e "s/^;\(suhosin.request.max_array_index_length =\).*/\1 256/" \
+    -e "s/^;\(suhosin.request.max_totalname_length =\).*/\1 8192/" \
+    -e "s/^;\(suhosin.request.max_vars =\).*/\1 2048/" \
+  %{_sysconfdir}/php5/conf.d/suhosin.ini
+fi
 
 %postun
 %restart_on_update apache2
@@ -148,8 +156,9 @@ find $RPM_BUILD_ROOT%{ap_docroot}/%{name} -maxdepth 1 -type f | grep -v 'config.
 %files -f FILELIST
 %defattr(644,root,root,755)
 %doc CREDITS ChangeLog Documentation.* docs.css
-%doc LICENSE README RELEASE-DATE* TODO translators.html
-%doc scripts/*.sql
+%doc LICENSE README RELEASE-DATE* TODO
+%doc contrib
+%doc scripts
 %dir %attr(0750,root,%{ap_grp}) %{_sysconfdir}/%{name}
 %config(noreplace) %{_sysconfdir}/%{name}/config.inc.php
 %dir %{ap_docroot}/%{name}