Add input field to specify a database for the login process.

.gitattributes

@@ -1,4 +1,3 @@
 /tests export-ignore
 .gitattributes export-ignore
 .gitignore export-ignore
-.build_tests.php export-ignore

CREDITS

@@ -21,15 +21,15 @@ Translators
 - Tadashi Jokagi (Japanese)
 - Rafal Slubowski (Polish)
 - Alexander Khodorisky (Russian)
-- Martin Marqu�s (Spanish)
+- Martin Marqués (Spanish)
 - Andrej Misovic (Slovak)
 - Devrim Gunduz (Turkish)
 - Libor Vanek (Czech)
-- Marek Cernock� (Czech)
+- Marek Černocký (Czech)
 - Stefan Malmqvist (Swedish)
 - Nicola Soranzo (Italian)
 - Petri Jooste (Afrikaans)
-- Sulyok P�ter (Hungarian)
+- Sulyok Péter (Hungarian)
 - Zaki Almuallim (Arabic)
 - Erdenemandal Bat-Erdene (Mongolian)
 - Alex Rootoff (Ukrainian)
@@ -40,9 +40,8 @@ Translators
 - Bernat Pegueroles (Catalan)
 - Fernando Wendt (Brazilan Portuguese)
 - Adamantios Diamantidis (Greek)
-- Marek �ernock� (Czech)
 - Alexey Baturin (Russian UTF8)
-- Adri�n Chaves Fern�ndez (Galician)
+- Adrián Chaves Fernández (Galician)
 
 Look & Feel
 
@@ -79,7 +78,7 @@ Contributors
 - Leonardo Augusto Sapiras (Improve phpPgAdmin ergonomy during the GSoC 2010, with ioguix as mentor)
 - Julien Rouhaud, aka. rjuju (nested groups)
 - Felipe Figueroa aka. amenadiel
-
+- Jean-Michel Vourgère (nirgal)
 
 Third Party Libraries
 
@@ -97,5 +96,6 @@ Past Feature Sponsors:
 - Google Summer of Code (http://code.google.com/soc/2006/pgsql/appinfo.html?csaid=DB096D908B948D89) - phpPgAdmin Improvements
 - Google Summer of Code (http://code.google.com/soc/2007/postgres/appinfo.html?csaid=E89B3D5E2DC4170A) - Full Text Search in PostgreSQL GUI Tools
 - Google Summer of Code (http://code.google.com/p/google-summer-of-code-2010-postgres/downloads/detail?name=Leonardo_Augusto_Sapiras.tar.gz) - Improve phpPgAdmin ergonomy
-- Dalibo ( http://dalibo.com ) - sponsored development as Jehan-Guillaume (ioguix) de Rorthais employer
-- OmniTI (https://omniti.com ) - sponsored development as Robert Treat employer 
+- Dalibo (http://dalibo.com) - sponsored development as Jehan-Guillaume (ioguix) de Rorthais employer
+- OmniTI (https://omniti.com) - sponsored development as Robert Treat employer 
+- credativ (https://credativ.com) - sponsored php development / review

HISTORY

@@ -1,13 +1,40 @@
 phpPgAdmin History
 ------------------
 
+Version 7.13.0
+--------------
+
+Released: November 7th, 2020
+
+Features:
+* Add support for Postgres 13
+* Add provisional support for Postgres 14
+* Upgrade Jquery library to 3.4.1 (Nirgal)
+* Allow users to see group owned databases when using "owned only"
+
+Bugs:
+* Fix bug where sorting on selects dumped you to the table screen (MichaMEG)
+
+Incompatibilities:
+* This release drops support for PHP 7.1
+* This will be the last release to support PHP 7.2
+
+
 Version 7.12.1
 --------------
 
+Released: December 10th, 2019
+
+Features:
+* Add support for granting USAGE on sequences
+* Update French translation 
+
 Bugs: 
+* Fix issues with OID removal in Postgres 12+
 * Remove broken tree branch from table/view browse option
 * Properly escape identifiers when browsing tables/views/schemas
 * Fix truncation of long multibyte strings 
+* Clean up a number of misspellings and typos from codespell report
 
 Incompatabilities:
 * Require mbstring module support in PHP

INSTALL

@@ -24,26 +24,7 @@ phpPgAdmin Installation Guide
    If you mess up the configuration file, you can recover it from the
    config.inc.php-dist file.
 
-3. If you run your PHP installation in safe mode, in order that the database
-   dump feature can work correctly, you need to set the 'safe_mode_allowed_env_vars'
-   php.ini variable to include the PGPASSWORD and PGUSER environmental variables
-   and the safe_mode_exec_dir to include /usr/bin (or wherever the pg_dump
-   binaries are found).
-
-   	eg. safe_mode_allowed_env_vars = PHP_,PG
-   	    safe_mode_exec_dir = /usr/bin
-
-   Given that you usually don't want to allow everything in /usr/bin to
-   be executed, you might want to copy the pg_dump and pg_dumpall utilities
-   to a directory by themselves.
-
-   Also, you will need to ensure that your 'pg_dump' and 'pg_dumpall' utilities
-   are executable by the PHP process, if you want dump support in phpPgAdmin.
-
-   Lastly, if you run phpPgAdmin in safe mode, very long running imports,
-   exports and transactions may time out and be aborted.
-
-4. Ensure the statistics collector is enabled in PostgreSQL.  phpPgAdmin will 
+3. Ensure the statistics collector is enabled in PostgreSQL.  phpPgAdmin will 
    display table, index performance, and usage statistics if you have enabled
    the PostgreSQL statistics collector.  While this is normally enabled by 
    default, to ensure it is running, make sure the following lines in your 
@@ -52,10 +33,10 @@ phpPgAdmin Installation Guide
     track_activities
     track_counts 
 
-5. Browse to the phpPgAdmin installation using a web browser.  You might
+4. Browse to the phpPgAdmin installation using a web browser.  You might
    need cookies enabled for phpPgAdmin to work.
 
-6. IMPORTANT - SECURITY
+5. IMPORTANT - SECURITY
 
    PostgreSQL by default does not require you to use a password to log in.
    We STRONGLY recommend that you enable md5 passwords for local connections

all_db.php

@@ -303,27 +303,31 @@ function doExport($msg = '') {
 		echo "<table>\n";
 		echo "<tr><th class=\"data\">{$lang['strformat']}</th><th class=\"data\">{$lang['stroptions']}</th></tr>\n";
 		// Data only
-		echo "<tr><th class=\"data left\" rowspan=\"2\">";
+		echo "<tr><th class=\"data left\" rowspan=\"". ($data->hasServerOids() ? 2 : 1) ."\">";
 		echo "<input type=\"radio\" id=\"what1\" name=\"what\" value=\"dataonly\" checked=\"checked\" /><label for=\"what1\">{$lang['strdataonly']}</label></th>\n";
 		echo "<td>{$lang['strformat']}\n";
 		echo "<select name=\"d_format\">\n";
 		echo "<option value=\"copy\">COPY</option>\n";
 		echo "<option value=\"sql\">SQL</option>\n";
 		echo "</select>\n</td>\n</tr>\n";
-		echo "<tr><td><input type=\"checkbox\" id=\"d_oids\" name=\"d_oids\" /><label for=\"d_oids\">{$lang['stroids']}</label></td>\n</tr>\n";
+		if ($data->hasServerOids()) {
+			echo "<tr><td><input type=\"checkbox\" id=\"d_oids\" name=\"d_oids\" /><label for=\"d_oids\">{$lang['stroids']}</label></td>\n</tr>\n";
+		}
 		// Structure only
 		echo "<tr><th class=\"data left\"><input type=\"radio\" id=\"what2\" name=\"what\" value=\"structureonly\" /><label for=\"what2\">{$lang['strstructureonly']}</label></th>\n";
 		echo "<td><input type=\"checkbox\" id=\"s_clean\" name=\"s_clean\" /><label for=\"s_clean\">{$lang['strdrop']}</label></td>\n</tr>\n";
 		// Structure and data
-		echo "<tr><th class=\"data left\" rowspan=\"3\">";
+		echo "<tr><th class=\"data left\" rowspan=\"". ($data->hasServerOids() ? 3 : 2) ."\">";
 		echo "<input type=\"radio\" id=\"what3\" name=\"what\" value=\"structureanddata\" /><label for=\"what3\">{$lang['strstructureanddata']}</label></th>\n";
 		echo "<td>{$lang['strformat']}\n";
 		echo "<select name=\"sd_format\">\n";
 		echo "<option value=\"copy\">COPY</option>\n";
 		echo "<option value=\"sql\">SQL</option>\n";
 		echo "</select>\n</td>\n</tr>\n";
 		echo "<tr><td><input type=\"checkbox\" id=\"sd_clean\" name=\"sd_clean\" /><label for=\"sd_clean\">{$lang['strdrop']}</label></td>\n</tr>\n";
-		echo "<tr><td><input type=\"checkbox\" id=\"sd_oids\" name=\"sd_oids\" /><label for=\"sd_oids\">{$lang['stroids']}</label></td>\n</tr>\n";
+		if ($data->hasServerOids()) {
+			echo "<tr><td><input type=\"checkbox\" id=\"sd_oids\" name=\"sd_oids\" /><label for=\"sd_oids\">{$lang['stroids']}</label></td>\n</tr>\n";
+		}
 		echo "</table>\n";
 
 		echo "<h3>{$lang['stroptions']}</h3>\n";

classes/Misc.php

@@ -545,7 +545,7 @@ function printHeader($title = '', $script = null, $frameset = false) {
 				echo "<link rel=\"icon\" type=\"image/png\" href=\"images/themes/{$conf['theme']}/Introduction.png\" />\n";
 				echo "<script type=\"text/javascript\" src=\"libraries/js/jquery.js\"></script>";
 				echo "<script type=\"text/javascript\">// <!-- \n";
-				echo "$(document).ready(function() { \n";
+				echo "$(function() { \n";
 				echo "  if (window.parent.frames.length > 1)\n";
 				echo "    $('#csstheme', window.parent.frames[0].document).attr('href','themes/{$conf['theme']}/global.css');\n";
 				echo "}); // --></script>\n";
@@ -1416,25 +1416,25 @@ function printTopbar() {
 				$history_window_id = htmlentities('history:'.$_REQUEST['server']);
 
 				echo "<script type=\"text/javascript\">
-						$('#toplink_sql').click(function() {
+						$('#toplink_sql').on('click', function() {
 							window.open($(this).attr('href'),'{$sql_window_id}','toolbar=no,width=700,height=500,resizable=yes,scrollbars=yes').focus();
 							return false;
 						});
 
-						$('#toplink_history').click(function() {
+						$('#toplink_history').on('click', function() {
 							window.open($(this).attr('href'),'{$history_window_id}','toolbar=no,width=700,height=500,resizable=yes,scrollbars=yes').focus();
 							return false;
 						});
 
-						$('#toplink_find').click(function() {
+						$('#toplink_find').on('click', function() {
 							window.open($(this).attr('href'),'{$sql_window_id}','toolbar=no,width=700,height=500,resizable=yes,scrollbars=yes').focus();
 							return false;
 						});
 						";
 
 				if (isset($_SESSION['sharedUsername'])) {
 					printf("
-						$('#toplink_logout').click(function() {
+						$('#toplink_logout').on('click', function() {
 							return confirm('%s');
 						});", str_replace("'", "\'", $lang['strconfdropcred']));
 				}
@@ -1796,7 +1796,7 @@ function setWindowName($name, $addServer = true) {
 		function inisizeToBytes($strIniSize) {
 			// This function will take the string value of an ini 'size' parameter,
 			// and return a double (64-bit float) representing the number of bytes
-			// that the parameter represents. Or false if $strIniSize is unparseable.
+			// that the parameter represents. Or false if $strIniSize is unparsable.
 			$a_IniParts = array();
 
 			if (!is_string($strIniSize))

classes/database/Connection.php

@@ -76,9 +76,11 @@ function getDriver(&$description) {
 
 		// Detect version and choose appropriate database driver
         switch (substr($version,0,2)) {
-            case '10': return 'Postgres10';break;
+            case '14': return 'Postgres';break;
+            case '13': return 'Postgres13';break;
+            case '12': return 'Postgres12';break;
             case '11': return 'Postgres11';break;
-            case '12': return 'Postgres';break;
+            case '10': return 'Postgres10';break;
         }    
 
 		switch (substr($version,0,3)) {

classes/database/Postgres.php

@@ -11,7 +11,7 @@
 
 class Postgres extends ADODB_base {
 
-	var $major_version = 12;
+	var $major_version = 14;
 	// Max object name length
 	var $_maxNameLen = 63;
 	// Store the current schema
@@ -109,7 +109,7 @@ class Postgres extends ADODB_base {
 	var $privlist = array(
   		'table' => array('SELECT', 'INSERT', 'UPDATE', 'DELETE', 'REFERENCES', 'TRIGGER', 'ALL PRIVILEGES'),
   		'view' => array('SELECT', 'INSERT', 'UPDATE', 'DELETE', 'REFERENCES', 'TRIGGER', 'ALL PRIVILEGES'),
-  		'sequence' => array('SELECT', 'UPDATE', 'ALL PRIVILEGES'),
+  		'sequence' => array('USAGE', 'SELECT', 'UPDATE', 'ALL PRIVILEGES'),
   		'database' => array('CREATE', 'TEMPORARY', 'CONNECT', 'ALL PRIVILEGES'),
   		'function' => array('EXECUTE', 'ALL PRIVILEGES'),
   		'language' => array('USAGE', 'ALL PRIVILEGES'),
@@ -419,7 +419,7 @@ function getHelp($help) {
 	}
 
 	function getHelpPages() {
-		include_once('./help/PostgresDoc95.php');
+		include_once('./help/PostgresDoc14.php');
 		return $this->help_page;
 	}
 
@@ -450,7 +450,7 @@ function getDatabases($currentdatabase = NULL) {
 		if (isset($conf['owned_only']) && $conf['owned_only'] && !$this->isSuperUser()) {
 			$username = $server_info['username'];
 			$this->clean($username);
-			$clause = " AND pr.rolname='{$username}'";
+			$clause = " AND pg_has_role('{$username}'::name,pr.rolname,'USAGE')";
 		}
 		else $clause = '';
 
@@ -519,10 +519,9 @@ function getDatabaseEncoding() {
 	 * @return default_with_oids setting
 	 */
 	function getDefaultWithOid() {
-
-		$sql = "SHOW default_with_oids";
-
-		return $this->selectField($sql, 'default_with_oids');
+		// OID support was removed in PG12
+		// But this function is referenced when browsing data
+		return false;
 	}
 
 	/**
@@ -698,7 +697,7 @@ function findObject($term, $filter) {
 		if (!$conf['show_system']) {
 			// XXX: The mention of information_schema here is in the wrong place, but
 			// it's the quickest fix to exclude the info schema from 7.4
-			$where = " AND pn.nspname NOT LIKE \$_PATERN_\$pg\_%\$_PATERN_\$ AND pn.nspname != 'information_schema'";
+			$where = " AND pn.nspname NOT LIKE \$_PATTERN_\$pg\_%\$_PATTERN_\$ AND pn.nspname != 'information_schema'";
 			$lan_where = "AND pl.lanispl";
 		}
 		else {
@@ -712,7 +711,7 @@ function findObject($term, $filter) {
 			$sql = "SELECT * FROM (";
 		}
 
-		$term = "\$_PATERN_\$%{$term}%\$_PATERN_\$";
+		$term = "\$_PATTERN_\$%{$term}%\$_PATTERN_\$";
 
 		$sql .= "
 			SELECT 'SCHEMA' AS type, oid, NULL AS schemaname, NULL AS relname, nspname AS name
@@ -1039,19 +1038,9 @@ function getSearchPath() {
 	 * @return null error
 	 **/
 	function hasObjectID($table) {
-		$c_schema = $this->_schema;
-		$this->clean($c_schema);
-		$this->clean($table);
-
-		$sql = "SELECT relhasoids FROM pg_catalog.pg_class WHERE relname='{$table}'
-			AND relnamespace = (SELECT oid FROM pg_catalog.pg_namespace WHERE nspname='{$c_schema}')";
-
-		$rs = $this->selectSet($sql);
-		if ($rs->recordCount() != 1) return null;
-		else {
-			$rs->fields['relhasoids'] = $this->phpBool($rs->fields['relhasoids']);
-			return $rs->fields['relhasoids'];
-		}
+		// OID support is gone since PG12
+		// But that function is required by table exports
+		return false;
 	}
 
 	/**
@@ -1737,7 +1726,7 @@ function createTable($name, $fields, $field, $type, $array, $length, $notnull,
 	 *			'table' => table name,
 	 *			'schema' => the schema name,
 	 *		)
-	 * @param $defaults if true, copy the defaults values as well
+	 * @param $defaults if true, copy the default values as well
 	 * @param $constraints if true, copy the constraints as well (CHECK on table & attr)
 	 * @param $tablespace The tablespace name ('' means none/default)
 	 */
@@ -2366,7 +2355,7 @@ function dumpRelation($relation, $oids) {
 
 	/**
 	 * Returns all available autovacuum per table information.
-	 * @param $table if given, return autovacuum info for the given table or return all information for all table
+	 * @param $table if given, return autovacuum info for the given table or return all information for all tables
 	 *   
 	 * @return A recordset
 	 */
@@ -3126,7 +3115,7 @@ function getViews() {
 
 	/**
 	 * Updates a view.
-	 * @param $viewname The name fo the view to update
+	 * @param $viewname The name of the view to update
 	 * @param $definition The new definition for the view
 	 * @return 0 success
 	 * @return -1 transaction error
@@ -3557,7 +3546,7 @@ function getConstraintsWithFields($table) {
 
 		// get the max number of col used in a constraint for the table
 		$sql = "SELECT DISTINCT
-			max(SUBSTRING(array_dims(c.conkey) FROM  \$patern\$^\\[.*:(.*)\\]$\$patern\$)) as nb
+			max(SUBSTRING(array_dims(c.conkey) FROM  \$pattern\$^\\[.*:(.*)\\]$\$pattern\$)) as nb
 		FROM pg_catalog.pg_constraint AS c
 			JOIN pg_catalog.pg_class AS r ON (c.conrelid=r.oid)
 			JOIN pg_catalog.pg_namespace AS ns ON (r.relnamespace=ns.oid)
@@ -7004,7 +6993,7 @@ function setPrivileges($mode, $type, $object, $public, $usernames, $groupnames,
 	}
 
 	/**
-	 * Helper function that computes encypted PostgreSQL passwords
+	 * Helper function that computes encrypted PostgreSQL passwords
 	 * @param $username The username
 	 * @param $password The password
 	 */
@@ -8082,6 +8071,7 @@ function hasQueryKill() { return true; }
 	function hasConcurrentIndexBuild() { return true; }
 	function hasForceReindex() { return false; }
 	function hasByteaHexDefault() { return true; } 
+	function hasServerOids() { return false; }
 
 }
 ?>

classes/database/Postgres10.php

@@ -47,7 +47,7 @@ function findObject($term, $filter) {
 		if (!$conf['show_system']) {
 			// XXX: The mention of information_schema here is in the wrong place, but
 			// it's the quickest fix to exclude the info schema from 7.4
-			$where = " AND pn.nspname NOT LIKE \$_PATERN_\$pg\_%\$_PATERN_\$ AND pn.nspname != 'information_schema'";
+			$where = " AND pn.nspname NOT LIKE \$_PATTERN_\$pg\_%\$_PATTERN_\$ AND pn.nspname != 'information_schema'";
 			$lan_where = "AND pl.lanispl";
 		}
 		else {
@@ -61,7 +61,7 @@ function findObject($term, $filter) {
 			$sql = "SELECT * FROM (";
 		}
 
-		$term = "\$_PATERN_\$%{$term}%\$_PATERN_\$";
+		$term = "\$_PATTERN_\$%{$term}%\$_PATTERN_\$";
 
 		$sql .= "
 			SELECT 'SCHEMA' AS type, oid, NULL AS schemaname, NULL AS relname, nspname AS name