phpMyAdmin work during thirty second week

The main highlight of the week was the two security issues handled during the week. I was after some time a security issue was reported and in fact there was only on security issue reported prior to these in 2015. As the security coordinator I handle communicating with reporters, obtaining CVE IDs, preparing security announcements and part of the fixing as well. We had to port the changes to 4.0, 4.2, 4.3 and 4.4 since all these series are supported for security fixes. The issues were,

Security issues
#4899 CSRF in setup
#4900 Man-In-the-Middle - Github API

The usual bug fixing continued during the week. An old bug, #4367 Import status infinite loop, received attention and was fixed sine it was reported to be still present in the current stable version. Moreover, a couple of bugs related to designer was fixed.

Bugs fixed
#4367 Import status infinite loop
#4512 ForceSSL Redirect Check
#4898 JS error after selecting a field and press Enter
#4902 Designer: Loading does not work
#4904 Setup: Overview > Display does not work
#4906 Designer: pages from all databases
Escape database and table names for partition maintenance

Feature request #1242 Work with --skip-grant-tables, was investigated and this seems to work for most part in the current master branch. Additionally, following feature requests were fixed,

Feature requests implemented
#1668 Procedures window shift-click should select multiple rows
#1669 Designer: "Sticky" menu option
Allow truncating partitions in partition maintenance

Feature requests investigated
#1242 Work with --skip-grant-tables

Improvements were done to the code segments related to partition maintenance. Further, filter_input s were removed from code since they bypass token check, posing a security threat.

Code improvements
Improve partition maintenance functionality
Quit using filter_input since they bypass token check