Wednesday, May 27, 2015

phpMyAdmin work during thirty third week

Similar to the last week I spent most of the time working on bug fixes. Additionally I spent more time on general code improvements during the week. It was mostly the bugs that led to these code improvements, i.e. while fixing bugs I went on to do some related improvements. The list of bugs fixed during the week is as follows.

Bugs fixed
#4910 Insane slow
#4911 Lock page icon is not shown after fresh reload
#4912 "Highlight pointer" and "Row marker" doesn't work properly
#4913 GROUP_CONCAT is shown as GROUPBY_CONCAT in the autocomplete in SQL Query editor
#4917 Changing time with datetime picker gives JS error
#4918 Date field popup dialog position bug
Allow accessing visual query builder when pmadb is not configured
Browse foreigners window goes out of the window

Additionally the following bugs were investigated during the week.

Bugs investigated
#4914 Navigation pane highlighting issue when in database view
#4916 Autocomplete either doesn't function at all or auto completes the original table name when joining multiple aliased tables

Bugs #4913 and #4916 were infact CodeMirror bugs and I sent pull requests to the upstream project fixing these bugs. When CodeMirror 5.3 was released with a fix for #4913 I upgraded CodeMirror to this new version. This needed some effort as CodeMirror had not been updated for some time. Moreover, custom style affecting CodeMirror was in tangle with library's CSS and this is now resolved. The same bugs also led to refactoring code segments related to syntax highlighted SQL editors across phpMyAdmin. Moreover, bug #4910 led to improve routines, triggers and event fetching code to adhere to DisableIS directive.

General coding improvements
Improve JavaScript codes related to the query chart page
Improve routines, triggers and event fetching code to adhere to DisableIS directive
Upgrade CodeMirror to version 5.3.0
Refactor code segments related to syntax highlighted SQL editors across phpMyAdmin

Following feature requests were also implemented during the period.

Feature requests implemented
#1242 Work with --skip-grant-tables
#1619 Show databases as list instead of as dropdown when no database is selected - update
#1671 Directly show table comments in structure view

Sunday, May 17, 2015

phpMyAdmin work during thirty second week

The main highlight of the week was the two security issues handled during the week. I was after some time a security issue was reported and in fact there was only on security issue reported prior to these in 2015. As the security coordinator I handle communicating with reporters, obtaining CVE IDs, preparing security announcements and part of the fixing as well. We had to port the changes to 4.0, 4.2, 4.3 and 4.4 since all these series are supported for security fixes. The issues were,

Security issues
#4899 CSRF in setup
#4900 Man-In-the-Middle - Github API

The usual bug fixing continued during the week. An old bug, #4367 Import status infinite loop, received attention and was fixed sine it was reported to be still present in the current stable version. Moreover, a couple of bugs related to designer was fixed.

Bugs fixed
#4367 Import status infinite loop
#4512 ForceSSL Redirect Check
#4898 JS error after selecting a field and press Enter
#4902 Designer: Loading does not work
#4904 Setup: Overview > Display does not work
#4906 Designer: pages from all databases
Escape database and table names for partition maintenance

Feature request #1242 Work with --skip-grant-tables, was investigated and this seems to work for most part in the current master branch. Additionally, following feature requests were fixed,

Feature requests implemented
#1668 Procedures window shift-click should select multiple rows
#1669 Designer: "Sticky" menu option
Allow truncating partitions in partition maintenance

Feature requests investigated
#1242 Work with --skip-grant-tables

Improvements were done to the code segments related to partition maintenance. Further, filter_input s were removed from code since they bypass token check, posing a security threat.

Code improvements
Improve partition maintenance functionality
Quit using filter_input since they bypass token check

phpMyAdmin work during thirty first week

I am sorry this post comes quite late, almost a week after the thirty first week has ended. I thought of combining this with the next week report but later decided to have separate posts for each week to be able to track work done during individual weeks.

Again, bug fixes were the predominant operation during the week and some of these bugs were reported by myself. So, following are the bugs fixed during the period.

Bugs fixed
#4885 Some icons are above the overlay of jQuery dialogs
#4886 Clicking on external links in advisor rules give JS error
#4887 Name column excluded from quick filters in central columns
#4888 Filter in central columns does not work in other languages
#4890 'window.webkitStorageInfo' & 'webkitIndexedDB' is deprecated
#4891 CSV Import ignores "Replace table data with file" checkbox
#4892 Undefined variable: unique_conditions
#4894 Deleting without confirmation
#4896 Non-styled error page when following results link

I also engaged in implementing new features. 
MariaDB website offers a service to analyze the output of 'Explain' queries. So, as requested in rfe #1413, phpMyAdmin now allows to post the output of 'Explain' queries to this service and get a better understanding. The new link is shown when you click on 'Explain SQL' link is clicked. I also added multi submit operations to the routines, triggers and events pages. With this the user is able to export and delete muple rte items.

Feature requests implemented
#1413 Explain analyzer
UI improvements to the `Processes' page
Multi submits for RTE pages
Use CodeMirror editor in query

Feature requests investigated
#548  Cross-tablulation/pivot table
#1451 HTML5 input tag enhancements

I investigated a quite old rfe #548 which requested for a pivot table functionality in phpMyAdmin. I found a couple of interesting third party pivot table libraries that operate on JavaScript level which can be integrated with phpMyAdmin. However, these libraries would not be able to handle large datasets and break the purpose of a pivot table. Moreover, since there are quite a lot of applications that does this work now a days we thought this is out of scope for phpMyAdmin.

Friday, May 1, 2015

phpMyAdmin work during thirtieth week

The highlight of this week was the coding style improvements I undertook. During the last upgrade to the CheckStyle rules, there were couple of new rules added and these had increased the number of style violations. Moreover, day to day coding had introduced new violations and the violation count was 800+. I spent pretty much two days fixing these issue and the following graph shows the improvements to the code.

I also worked on improving the Designer during the week. While working on this I found a number of issues with the designer and went on to report them and eventually fix them. The list of bugs fixed during the week consists mostly of these bugs. Following bugs were fixed/investigated during the week.

Bugs fixed
#4878 Column list of central columns is not cleared
#4879 Exit full screen in Designer does not change the button text
#4880 Designer icons missing when using original theme
#4881 jQuery dialogs in Designer are not displayed in full screen
#4883 Search function breaks when searching for certain combinations of backslashes and slashes
Fix resize icon in Designer
Fix inconsistent icons

Bugs investigated
#4872 Drop table doesn't remove the table name from navigation bar
#4874 Username like john_smith is split to two names in dropdown list

I also worked on a couple of feature requests during the week. One of them was on supporting MariaDB virtual columns. However this was postponed as our current parser was unable to recognize virtual column syntax and this was vital for extracting column details. This will hopefully be implemented during the summer when one of the GSoC students attend to the parser. See https://github.com/phpmyadmin/phpmyadmin/pull/1657.

With the implementation of feature request #1380, the SQL editor support parametrized queries. Now you can simply copy paste queries from your code and bind parameters before query execution. Additionally, towards the end of the week I went on to improve the original theme. The jQuery dialogs in original theme always looked alien to me and with the latest style changes they are in better harmony.

Feature requests implemented
#1380 Support for Parameters with raw SQL
Improve table maintenance page
jQuery-ui style updates for original theme

Feature requests investigated
#1517 Support for virtual/persistent columns
#1628 need "display binary as hex/string" option in Settings UI
#1633 User Preferences reset should clear the value in pma__userconfig