phpMyAdmin is a free software tool written in PHP intended to handle the administration of MySQL over the World Wide Web. phpMyAdmin supports a wide range of operations with MySQL.
- Support for most MySQL features
- Browse and drop databases, tables, views, fields and indexes.
- Create, copy, drop, rename and alter databases, tables, fields and indexes.
- Maintenance server, databases and tables, with proposals on server configuration.
- Execute, edit and bookmark any SQL-statement, even batch-queries.
- Manage MySQL users and privileges.
- Manage stored procedures and triggers.
- Import data from CSV and SQL.
- Export data to various formats: CSV, SQL, XML, PDF, ISO/IEC 26300 - OpenDocument Text and Spreadsheet, Word, Excel, LATEX and others.
The security fixes involve:
Local file inclusion (https://www.phpmyadmin.net/security/PMASA-2018-6/).
XSRF/CSRF vulnerabilities allowing a specially-crafted URL to perform harmful operations (https://www.phpmyadmin.net/security/PMASA-2018-7/), and an XSS vulnerability in the navigation tree (https://www.phpmyadmin.net/security/PMASA-2018-8/).
In addition to the security fixes, this release also includes these bug fixes and more as part of our regular release cycle:
Issue with changing theme
Ensure that database names with a dot ('.') are handled properly when DisableIS is true.
Fix for message "Error while copying database (pma__column_info)".
Move operation causes "SELECT * FROM `undefined`" error.
When logging with $cfg['AuthLog'] to syslog, successful login messages were not logged when $cfg['AuthLogSuccess'] was true.
Multiple errors and regressions with Designer.
And several more. Complete notes are in the ChangeLog file included with this release.
Note that for this release, we experimented with a pre-release announcement so that hosting providers and package managers would have an opportunity to prepare for the security release. If this was helpful to you or if you have feedback about this technique, please let us know through the public list firstname.lastname@example.org or privately at email@example.com. We may or may not decide use this behavior in the future and your feedback will help us decide whether it's beneficial to the community.