July 22, 2017

Raghuram Vadapalli

Weekly update

This week, there is nothing much to update. It turned out that my previous task i.e., to consolidate table sorter libraries used by phpMyAdmin is not needed. The reason being the two libraries mentioned in the task are independent of each other and do not do the same task. I am getting code reviews on my previously submitted patches. I will be working on them those patches this week and hopefully get some of them merged.

The following are the patches I submitted so far:

 


by Raghuram Vadapalli at July 22, 2017 09:01 AM

July 21, 2017

Michal Čihař

Making Weblate more secure and robust

Having publicly running web application always brings challenges in terms of security and in generally in handling untrusted data. Security wise Weblate has been always quite good (mostly thanks to using Django which comes with built in protection against many vulnerabilities), but there were always things to improve in input validation or possible information leaks.

When Weblate has joined HackerOne (see our first month experience with it), I was hoping to get some security driven core review, but apparently most people there are focused on black box testing. I can certainly understand that - it's easier to conduct and you need much less knowledge of the tested website to perform this.

One big area where reports against Weblate came in was authentication. Originally we were mostly fully relying on default authentication pipeline coming with Python Social Auth, but that showed some possible security implications and we ended up with having heavily customized authentication pipeline to avoid several risks. Some patches were submitted back, some issues reported, but still we've diverged quite a lot in this area.

Second area where scanning was apparently performed, but almost none reports came, was input validation. Thanks to excellent XSS protection in Django nothing was really found. On the other side this has triggered several internal server errors on our side. At this point I was really happy to have Rollbar configured to track all errors happening in the production. Thanks to having all such errors properly recorded and grouped it was really easy to go through them and fix them in our codebase.

Most of the related fixes have landed in Weblate 2.14 and 2.15, but obviously this is ongoing effort to make Weblate better with every release.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at July 21, 2017 10:00 AM

July 18, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W28

Last week was quite busy and that can be seen from number of issues. Some of them are coming from our error reporting server, where I've focused on the most frequently happening ones for last releases. Still there is about 30000 reports to handle there.

There were several fixes to our SQL parser as well, apparently it's already being used by some other tools, for example by php-sqllint, so we're getting more bug reports :-).

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at July 18, 2017 10:00 AM

July 17, 2017

Deven Bansod

GSoC 2017 : Weekly Report #7

Week #7

Key accomplishments last week:

  • Fixed selenium tests related to Login, Normalization, ChangePassword, ServerSettings

Key tasks worked on:

  • Fixed table-related, tracking-related and export-related tests (partially)

Key tasks stalled:

NA

Tasks in the upcoming week:

  • Work on and fix remaining set of broken selenium tests

Details:

 

I spent the last week fixing the selenium tests related to Login, Normalization, ChangePassword, ServerSettings. The related PR was made and merged at #13476.

In the later part of the week, I spent some time fixing the table-related tests, tracking-related tests and export-related tests. Though, they are not in a consistently fixed state (i.e. they sometimes do misbehave, leading to a failure), I expect them to be ready for a PR soon.

For the next week, I plan to continue working to fixing the next set of broken selenium tests.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #6, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at July 17, 2017 07:40 AM

July 16, 2017

Manish Bisht

Week 7: Google Summer of Code’ 17 with phpmyadmin

This week I have spent my time working on following issue:

Nice view for JSON data

https://github.com/phpmyadmin/phpmyadmin/issues/12944

Show data in json format for datatype other than json

https://github.com/phpmyadmin/phpmyadmin/pull/13435

This is how to check the string is in JSON format of not.

function isJsonString(str) {
try {
JSON.parse(str);
} catch (e) {
return false;
}
return true;
}

Removed inline Javascript

https://github.com/phpmyadmin/phpmyadmin/issues/12261

removed inline onclick javascript

https://github.com/phpmyadmin/phpmyadmin/pull/13446

I uses the following code to remove remove javascript.

$(selector).click(function() {
//do something
});

Import/Export Progress bar

https://github.com/phpmyadmin/phpmyadmin/issues/6311

https://github.com/phpmyadmin/phpmyadmin/issues/12401

I tried solving this issue by setting the cookie and the retriving the cookie to show the progress but the setcookie() in php failed when used after setting the header.

So as this doesn’t worked I have now created a new table in phpMyAdmin Configuration Storage database. I am running behind my timeline as this seems to be difficult compared to my expectations.

This next week issue https://github.com/phpmyadmin/phpmyadmin/issues/12718 has already been resolved my me during the community bonding period so I expect this to complete it by this week.

Next Steps

This was my seventh week progress. I will post an update for this week soon.

by Manish Bisht at July 16, 2017 09:31 AM

July 14, 2017

Raghuram Vadapalli

2-factor authentication for phpMyAdmin

This week, I worked on adding two-factor authentication support for phpMyAdmin. This is by far the most interesting feature I worked on. I never really worked keenly on the security aspect of any software. This indeed has been a very good learning experience.           DuoScreen_740.png

Here is the process:

  1. Log in to your account normally.
  2. Access setup2FA.php. I have not figured out where to place the link which directly takes you to the page. That is more of a user-experience issue and I leave it for the team to advise me on that.                                                                                                                                      Screenshot_20170714_121959.png
  3. Open Google Authenticator (or Authy or whatever you prefer). Scan the barcode with your app. It now starts generating TOTP on your app.                                                               Screenshot_20170714-124414.png
  4. Enter the TOTP in the text field and click submit. Done!!. You now have successfully added 2-factor authentication to you PMA account.                                                Screenshot_20170714_122950.png
  5. When you log in next time, after you enter your credentials, you will be asked for TOTP.Screenshot_20170714_123431.png
  6. Enter the TOTP generated. You will not be logged in unless you clear this step. That’s it!! :D.

I am yet to add a way to delete 2-factor authentication. You can check-out the code from my branch. I will make a pull request after I add the deletion part also.

Since this is a security feature, I feel this requires thorough testing.

Special thanks to TwoFactorAuth library.

Edit: Submitted pull request – https://github.com/phpmyadmin/phpmyadmin/pull/13495


by Raghuram Vadapalli at July 14, 2017 07:11 AM

July 10, 2017

Deven Bansod

GSoC 2017 : Weekly Report #6

Week #6

Key accomplishments last week:

  • Improved the test coverage for the Error Reporting server from 47% to 83%
  • Fixed selenium tests related to CreateDropDatabase, CreateRemoveUser, Database-related operations

Key tasks stalled:

NA

Tasks in the upcoming week:

  • Work on and fix next set of broken selenium tests

Details:

Based on Michal’s review in the first GSoC evaluations, I worked on improving the test coverage of the Error Reporting Server codebase. The code coverage has improved significantly from 47% to 83% during this week. It now covers most of the important functionalities and we should be able to catch any breakages due to code changes in future.

Apart from that, I started on the second part of my proposal which deals with fixing the broken selenium testing suite in phpMyAdmin. I have fixed around fifteen tests of around fifty five tests which we have. I have made a PR at #13462. Once all the selenium tests are fixed, I plan on adding a few more to cover some other important actions that have not been covered till now.

For the next week, I plan to continue working to fixing the next set of broken selenium tests.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #6, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at July 10, 2017 05:34 AM

July 09, 2017

Manish Bisht

Week 6: Google Summer of Code’ 17 with phpmyadmin

This week also I have submitted the PR and worked on fixing few small issues for the following responsive task:

Improve responsive/mobile interface

https://github.com/phpmyadmin/phpmyadmin/issues/6241

Regenerate sprites to include left and right icons

https://github.com/manishbisht/phpmyadmin/commit/b4a0c8a2b74b827a8e4cab7e8d7af30d874023a8 https://github.com/phpmyadmin/phpmyadmin/wiki/Icons_Sprites_Usage

cd /path/to/phpmyadmin ./scripts/generate-sprites .

Removed unwanted comments and console.log() used for debugging

https://github.com/manishbisht/phpmyadmin/commit/a06521247519bc079cbb3b7df47a9e606ac5b108

Menu Re-sizer Callback removed for mobile devices

https://github.com/manishbisht/phpmyadmin/commit/375530e799c378c7fbc225c2ad2aa04b22a4e3f2

Fixes Tests

https://github.com/manishbisht/phpmyadmin/commit/7195846c83c971adca68913388594457259bcac5

https://github.com/phpmyadmin/phpmyadmin/wiki/Unit_Testing

./vendor/bin/phpunit -c phpunit.xml.nocoverage --exclude-group selenium

Navigation bar fix on widow resize

https://github.com/manishbisht/phpmyadmin/commit/bdee1b401d67562f3e75eee118f89d6646032e51

Navigation bar fix if vertical scrollbar present

https://github.com/manishbisht/phpmyadmin/commit/3bd50986b4463f7b055c2d4e37ea4a0b29dea422

Left navigation fix and more button fix

https://github.com/manishbisht/phpmyadmin/commit/11c95a1292753ba7a8e8e514de7030fb870e0613

Table structure page navigation fix

https://github.com/manishbisht/phpmyadmin/commit/26c37531edcc00c2db66876b7cd35ee1933a5b95

I have submitted the PR so that the code can be reviewed and merged into master. https://github.com/phpmyadmin/phpmyadmin/pull/13422

Next Steps

From now onward I will be working on fixing the other bugs while in parallel fixing any bugs that will come in responsive task during review.

This was my sixth week progress. I will post an update for this week soon.

by Manish Bisht at July 09, 2017 03:16 PM

July 05, 2017

Raghuram Vadapalli

Cross-DB relations in designer and other updates

I am late to update the blog this week. Sorry for that.

First, I want to talk about first evaluations whose results came out on 30th. I have successfully passed the evaluations. My mentor gave me a very postive feedback which is really motivating.

Few updates about past work: 

  • Multi-table query UI: When I submitted this patch, it had a few problems about which I notified my mentor. He helped me fix them and I believe the patch is almost ready for merge. We also decided to remove old code in a different pull request.
  • Default options for transformations: Under review. Code-review of this will probably be addressed after dealing Multi-table query UI.

Allow designer to show other Databases: This is the issue I am working on currently. I must say this is what also caused my delayed posting. Earlier this week, while meddling with some server-related stuff, I accidentally lost my repository. I was able to retain all the branches I pushed online. Since I didn’t push this one, I was unable to recover my work. Anyway, I am able to catch up after that.  Learnt a lesson to push the code as soon as I am done for the day.

meme.jpg

Cutting to the chase, here is the screenshot:Screenshot_20170705_110220.png

So, as discussed, I added an option in designer side menu (I copied some other icon since we didn’t decide on one) which on clicking opens a dialog. You can select the db and the table you want to add. When you submit it, your new table is added. You can create relationships like any other table and the created relationships get stored. This is the basic functionality and it is done. The problem is that once the page is saved or reloaded, only the tables in current db appear back. According to the solution we decided, we need to show the tables in other db to which there are relations by default from the beginning. That should solve everything. This is not a big problem and I will fix it by the weekend.


by Raghuram Vadapalli at July 05, 2017 06:01 AM

July 04, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W26

Last week was really about solving bug and pull request. I've managed to go through many of long pending pull requests and most of them were merged either directly or with additional fixes.

I always feel bad when it takes too long to merge pull request, but most of them were actually waiting for some fixes which didn't arrive and I had to fix them on my own. This is often what happens to GSoC students pull requests once they realize they were not accepted in the end...

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at July 04, 2017 10:00 AM

July 03, 2017

Manish Bisht

Week 5: Google Summer of Code’ 17 with phpmyadmin

This week also I have spent my time working on following issue:

Improve responsive/mobile interface

https://github.com/phpmyadmin/phpmyadmin/issues/6241

I have made the following pages responsive.

Table relation page:

https://github.com/manishbisht/phpmyadmin/commit/65edfc8f5b5f278205ddcdf450dd8a3a862fc7b6

While working with this page I found one issue that if there are multiple div which I have to make responsive on the same page then working with div id will failed so I replaced all the div with id=”responsivetable” with class=”jsresponsive”

https://github.com/manishbisht/phpmyadmin/commit/b39dcf2ffc34c55acbbc7c66ffe74a0806ee6735

Create Table page:

https://github.com/manishbisht/phpmyadmin/commit/0f7cbab62e9a756214bc2c60966eedead026dd24

db central page responsive:

https://github.com/manishbisht/phpmyadmin/commit/94a13cae88a2318ce915716b227d52fa0ef05485

Database Events page:

https://github.com/manishbisht/phpmyadmin/commit/7fe13bc8e05852176b14a9589e655d4d0842ff50

Server status page(charts):

https://github.com/manishbisht/phpmyadmin/commit/85003f61a167d72130fe1123d3f7228d1f279dc4

Server status queries chart:

https://github.com/manishbisht/phpmyadmin/commit/0435674c2d33e98c67a923f0940a3e0fa71ceb41

Dialog box responsive

https://github.com/manishbisht/phpmyadmin/commit/66db4a1f29c9ac69052d5e7ab53a8219218076ef

Table select page:

https://github.com/manishbisht/phpmyadmin/commit/a154015623f6e41c8f9664c4008a886caf44f96a

Insert Table Page:

https://github.com/manishbisht/phpmyadmin/commit/1a6479b311b88264889854cbaa1b35035758ae4a

Table Privileges Page:

https://github.com/manishbisht/phpmyadmin/commit/74119c5cd55a75515edd6bb430c29067f0bbb042

Server Replication Page:

https://github.com/manishbisht/phpmyadmin/commit/bd887d8464db824e273d2900e1781dee7564eeb7

Next Steps

I will submit the PR soon after doing little bit fixing on navigation bar.

This was my fifth week progress. I will post an update for this week soon.

by Manish Bisht at July 03, 2017 03:06 PM

Deven Bansod

GSoC 2017 : Weekly Report #5

Week #5

Key accomplishments last week:

Key tasks stalled:

NA

Tasks in the upcoming week:

  • Increasing test coverage for Error Reporting server
  • Start research and ground-work on selenium testing improvements in phpMyAdmin

Note: All these tasks were related to phpMyAdmin’s Error Reporting System (Github).

Details:

#159 brings the functionality of updating report status according to the Github issue’s state to which it is being linked to. Thus, if we link the report to a Github issue which is closed, we should automatically update the Report status to ‘Resolved’.

#160 implements a controller action (which should be run as cron job from command line) to synchronise the statues of existing linked reports to statues of the linked Github issues. This action can be (and should be) only run from shell.

#74 implements a read-only public interface which allows non-team developers and contributors to look at the submitted error incidents and reports, though they would not be able to make any changes to the reports such as changing its status, linking/unlinking from a Github issue etc.

For the next week, based on Michal’s review, I would be adding some tests to the Error reporting server so that we add a few more controller/models/shells to the test coverage. I have already made two PRs at #168 and #170 in those directions. Once these (and a few more to come) are merged, I would be moving to starting to fix broken selenium testing in phpMyAdmin.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #5, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at July 03, 2017 06:51 AM

June 30, 2017

Michal Čihař

Weblate 2.15

Weblate 2.15 has been released today. It is slightly behind schedule what was mostly caused by my vacation. As with 2.14, there are quite a lot of security improvements based on reports we got from HackerOne program and various new features.

Full list of changes:

  • Show more related translations in other translations.
  • Add option to see translations of current unit to other languages.
  • Use 4 plural forms for Lithuanian by default.
  • Fixed upload for monolingual files of different format.
  • Improved error messages on failed authentication.
  • Keep page state when removing word from glossary.
  • Added direct link to edit secondary language translation.
  • Added Perl format quality check.
  • Added support for rejecting reused passwords.
  • Extended toolbar for editing RTL languages.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at June 30, 2017 09:00 AM

June 27, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W25

Last week was a bit less intensive for me, still there were some bugs fixed.

Most of the time was spent on investigating one report from error reporting server. These errors do not come from our code, but we see them in thousands, so apparently something widely spread. The feature seems to come from DirectAdmin, but I've found occurrences elsewhere as well.

I think this exactly shows why you should upstream your patches - it would get proper upstream review and you would not have to maintain it over years (apparently they have five versions of the patch in their patches directory).

Anyway pretty much same will be possible to achieve with single line of configuration in the 4.8.0 release.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at June 27, 2017 10:00 AM

June 26, 2017

Deven Bansod

GSoC 2017 : Weekly Report #4

Week #4

Key accomplishments last week:

NA

Key tasks worked on:

Key tasks that stalled:

NA

Tasks in the upcoming week:

Note: All these tasks were related to phpMyAdmin’s Error Reporting System (Github).

Details:

#159 aims to bring the functionality of updating report status according to the Github issue’s state to which it is being linked to. Thus, if we link the report to a Github issue which is closed, we should automatically update the Report status to ‘Resolved’. I have made a PR at #163 which is open for review.

#160 aims to implement a controller action (which should be run as cron job from command line) to synchronise the statues of existing linked reports to statues of the linked Github issues. We could have also implemented a shell to do this task but I could not easily figure out how to use GithubApiComponent (without requiring to do the additional refactoring of moving it to a Utility class). So I added a cron-dispatcher which can be run from command line and takes command line argument to run the specified controller action.

For the next week, I would be making changes based on Michal’s review for on my PRs for the above mentioned tasks. I have already started initial discussion and ground work towards the last task on Error Reporting Server (after which I would be moving to fixing selenium testing in phpMyAdmin) of #74.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #4, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at June 26, 2017 07:05 AM

June 25, 2017

Manish Bisht

Week 4: Google Summer of Code’ 17 with phpmyadmin

This week also I have spent my time working on following issue:

Improve responsive/mobile interface

https://github.com/phpmyadmin/phpmyadmin/issues/6241

I have made the following pages responsive.

Plugins and server variables page:

https://github.com/manishbisht/phpmyadmin/commit/6ddc30d0c95e8a65d0fafc1d1450339b970f605a

https://github.com/manishbisht/phpmyadmin/commit/00326d7f256cc191a80f2294a0c40c146c871f25

Database search, database privileges and table structure page:

https://github.com/manishbisht/phpmyadmin/commit/3cea93bbae74cdfa350fcd69ab898f8557d2f897

https://github.com/manishbisht/phpmyadmin/commit/31d7f7efb1f72f25165fa1c364126374eaf11804

https://github.com/manishbisht/phpmyadmin/commit/4c4904d6638e1f04ce61f4d58e6c2ae7d1d7e5e8

Next Steps

I will spend my next week also on improve responsive/mobile interface task.

This was my fourth week progress. I will post an update for this week soon.

by Manish Bisht at June 25, 2017 05:44 PM

June 23, 2017

Manish Bisht

Week 3: Google Summer of Code’ 17 with phpmyadmin

This week also I have spent my time working on following issue:

Improve responsive/mobile interface

https://github.com/phpmyadmin/phpmyadmin/issues/6241

I have added vertical scrolling in tables for the small screens.

For database, structure and browse pages:

https://github.com/manishbisht/phpmyadmin/commit/c34a44a37bb9b08bba7ae0ab173fe8559e6fe590

For table structure page:

https://github.com/manishbisht/phpmyadmin/commit/3e1d1bf3dbe739607a8de34995d2d356894b2622

For Server Status Page:

https://github.com/manishbisht/phpmyadmin/commit/f44a6138510806354a47f0b2ef4ab2c4252219a6

https://github.com/manishbisht/phpmyadmin/commit/90615dcfcc9dc5042fc8b268d1e09983435fbe5d

https://github.com/manishbisht/phpmyadmin/commit/f7a8ff8a4b56ef93b673874dad10680abeda15f1

Next Steps

I will spend my next week also on improve responsive/mobile interface task

This was my third week progress. I will post an update for this week soon.

by Manish Bisht at June 23, 2017 03:40 PM

Week 2: Google Summer of Code’ 17 with phpmyadmin

I have explored the codebase and now I have started working on the major issue of the project.

1. Improve responsive/mobile interface

https://github.com/phpmyadmin/phpmyadmin/issues/6241

This is main work for the first 3 weeks. This is my progress till now

a) Added viewport meta tag: https://github.com/manishbisht/phpmyadmin/commit/7e557cd444f59a614e95cf1d99c5607b9f008bce

b) Basic responsive navigation implemented: Code cleanup and more improvements is required as suggested on mailing list https://github.com/manishbisht/phpmyadmin/commit/eedfbe0703fca2add226c7eddca3454470f85506

c) Made main_pane_left and main_pane_right responsive: https://github.com/manishbisht/phpmyadmin/commit/84f4fd8bb9b4f90185a4ebfbe0c840de0cd8fc94

d) Made pma_navigation / left sidebar responsive: https://github.com/manishbisht/phpmyadmin/commit/cc7f65549ea06645186ef432d2d76f3e41a221b4

Next Steps

I will spend my next week on Improve responsive/mobile interface task

This was my second week progress. I will post an update for this week soon.

by Manish Bisht at June 23, 2017 03:40 PM

Week 1: Google Summer of Code’ 17 with phpmyadmin

I have started working on the phpmyadmin codebase from 22 May, 2017. I have spend 5 days in familiarize myself with the phpmyadmin core functionality and architecture. Below are the details of the issues that I have fixed in first week or in community bonding period.

1. Remove inline javascript

https://github.com/phpmyadmin/phpmyadmin/issues/12261

I have started working on the code and submitted first pull request on 22 May, 2017 that removes inline onsubmit functions from the codebase https://github.com/phpmyadmin/phpmyadmin/pull/13291

  • onmouseover (completed and merged on 14 March, 2017)
  • onmouseout (completed and merged on 14 March, 2017)
  • onmousedown (completed and merged on 16 March, 2017)
  • onsubmit (completed and merged on 22 May, 2017)
  • onchange (completed and under review on 23 May, 2017)
  • onclick (incomplete)

2. Password “No” shown for user not in user table

https://github.com/phpmyadmin/phpmyadmin/issues/12718

My PR submitted for this improvement was https://github.com/phpmyadmin/phpmyadmin/issues/13305. But the commit was merged with the main code by making a small change by the project owner (Michal Čihař) https://github.com/phpmyadmin/phpmyadmin/commit/253c9bed0ed210d4569d7909291ed2e588a97cfb

3. Nice view for JSON data

https://github.com/phpmyadmin/phpmyadmin/issues/12944

I have split this into 2 parts:

a) The data type is already json : The PR is under review https://github.com/phpmyadmin/phpmyadmin/pull/13317

b) Data is in JSON format but the data type is different (incomplete)

Next Steps

I will start working on Improve responsive/mobile interface task

This was my first week progress. I will post an update for this week soon.

by Manish Bisht at June 23, 2017 03:39 PM

Google Summer of Code’ 17 with phpmyadmin

This summer, I was selected for the prestigious Google Summer of Code ’17 program with the phpmyadmin organization. phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB. Frequently used operations (managing databases, tables, columns, relations, indexes, users, permissions, etc) can be performed via the user interface, while you still have the ability to directly execute any SQL statement.

Introduction

phpmyadmin currently has a large number of open issues (~210 at time of writing this). To maintain and improve phpmyadmin core project the numbers of issues should be lower down. This project aims to resolving the major issues and improvements to be done in phpmyadmin. I have selected a list of issues on which I will be working this summer.

Community Bonding

Before the beginning of the official program period, Google allows students one month to get familiar with the organization they will contribute to, to get familiar with the programming practices, source code, get doubts cleared etc. phpMyAdmin is a PHP project that provides wide range of operations that can be performed via the user interface. The project code is available on GitHub at this link https://github.com/phpmyadmin/phpmyadmin

phpmyadmin/phpmyadmin

Week 1–4

Improve responsive/mobile interface

As the world is going more mobile everyday, so It would be a good idea to make phpMyAdmin responsive, so it works on smartphones and tablets too instead of desktop only.

Consolidate tablesorter libraries

Currently phpmyadmin have two javascript plugins for table sorting so it’s better to replace it with simply one. I will be replacing jquery.sortableTable.js with jquery.tablesorter.js

Nice view for JSON data

It will add the feature to have an easy view of the JSON data of a column of a table. Right now it shows in only one line, without any kind of format, so we can have an option to show when you are viewing a table with JSON data or when editing a nice JSON view.

Also, If the team decides they still don’t want to pursue the responsive interface enhancement, I’m prepared to replace that part of my summer with the solving these issues.

Support for large monitors

For this one I will set the right padding to the div that contains [Edit inline], [Edit], etc options for the very large screens.

Inconsistency with submit buttons

I will show all the buttons on the right side. And its implementation part is also similar to the above task

Error popup

The problem with this is we are unable to copy/paste stuff because as soon as we click on the popup it is closed.

Add export option to drop user security definers from views

For the last one during export option I have to make a change so that the security definition should not be included in the export file.

Week 5–8

Remove inline javascript

There are several places which uses inline javascript (onclick, onsubmit and onchange). These should be removed and placed into javascript files. After removal we can get rid of ‘unsafe-inline’ for scripting in CSP.

Disable charset conversion when importing with SET NAMES

According to the communication on issue link the charset handling seems to be broken on the import

Import/Export Progress bar-1 and Import/Export Progress bar-2

It would be really nice to have a progress bar showing import and export progress in real time in terms of percentage and having some more detailed information like which step/table it is processing.

Password “No” shown for user not in user table

When a user has access to a db (or table), but is not in the user table he’s shown as not having a password. Even after successfully running the query delete from mysql.user where user = ‘test’ I was still able to login with the test account.

Week 9–12

Configuration storage — fallback to default table names when pmadb config is set

The PMA should fallback to default table names if controluser + pmadb options are set while other like ‘relation’, ‘column_info’ are NOT in config.inc.php.

Facilitate drag and drop of columns between tables

I will implement this feature by allowing user to drag and drop the existing column from the “structure page” as well as from the navigation tree table column entry, to the “New” column entry in the navigation tree columns section of the target table.

Update 1

I will work on the forked repository and submit the Pull Request as soon it is completed. I will also post the weekly update about the project on medium. This is my GSoC’17 proposal.

by Manish Bisht at June 23, 2017 03:38 PM

Google Firebase Appfest 2017 Delhi, India — Summary

Mobile platforms are centered around speed and agility. And yet, building for mobile can sometimes feel clunky and slow. It doesn’t have to be that way.

Google Firebase Team came at New Delhi to show how you to build an app in a day. We can do this by having the application code talk directly to Firebase’s managed back-end services. This means we spend less time on infrastructure and more time on building the features that the users care about. And in the cases where we need server-side logic, use Cloud Functions — Firebase’s scaleable serverless solution.

Welcome Note

The event started with the welcome note by Jadeja Dushyantsinh (Program Manager, Google). He started with giving introduction to various programs like Google Developer Group, Google Startup Launchpad and Google Developer Training. Then he moved to give the small intro on firebase.

What is Firebase ?

Firebase is a mobile and web application development platform acquired by Google on October 13, 2015.

Talk: What’s new in Firebase ?

This talk was given by James Daniels (Developer Programs Engineer, Google). Recently Google acquired fabric.

https://firebase.googleblog.com/2017/01/FabricJoinsGoogle17.html

Then he talked about the various features offered by firebase like

  1. Realtime database — To save the data
  2. Authentication — To add authenticate users using Google, Facebook, Github, etc.
  3. Cloud functions — To add custom backend code without needing to manage and scale your own servers.
  4. Hosting — To serve static assets
  5. Cloud storage — To Store and share images, audio, video, or other user-generated content easily with powerful, simple, and cost-effective object storage built for Google scale

Firebase now supports multiple bucket support plus region selection so you deploy your app where your customers are.

  1. Firebase Test Lab — To run automatic and customized tests for your app on virtual and physical devices hosted by Google.
  2. Crash Reporting — To diagnose problems in your mobile app with detailed reports of bugs and crashes.
  3. Performance Monitoring — To diagnose app performance issues occurring on your users’ devices.
  4. Google Analytics — Its free + unlimited and can be used to analyze user attributions and behavior in a single dashboard to make informed decisions on your product roadmap.
  5. Cloud Messaging — To send messages and notifications to users across platforms like Android, iOS, and the web for free.
  6. Remote Config — To customize how your app renders for each user.
  7. Invites — To enable your users to share all aspects of your app, from referral codes to favorite content, via email or SMS.
  8. App Indexing — To re-engage users with their installed apps with this Google Search integration.
  9. Admob — To earn money by displaying engaging ads to a global audience.

Fastlane joined firebase — https://krausefx.com/blog/fastlane-is-joining-google

How to learn ?

  1. Firebase in a weekend by Udacity.
  2. Alpha Program —To access the firebase pre-release products and features.
  3. Code Samples on Github.

Talk: Google Cloud Functions for Firebase

This talk was given by Doug Stevenson (Developer Advocate, Google). He gives the information on What we can do with Cloud Functions in firebase.

  1. Notify users when something interesting happens — To use cloud Functions to keep users engaged and up to date with relevant information about an app.

2. Resize image — To take advantage of Cloud Functions to offload to the Google cloud resource-intensive work (heavy CPU or networking) that wouldn’t be practical to run on a user’s device.

3. Perform Realtime Database sanitization and maintenance to block offensive language — With Cloud Functions database event handling, you can modify the Realtime Database in response to user behavior, keeping the system up to date and clean.

He showcased a small demo on how to replace text with emoji using cloud function.

After this talk the Hackathon was open for hacking using firebase.

Test your app using Firebase

This talk was again given by Doug Stevenson (Developer Advocate, Google). In this talk he has given the overview on some more fetaures.

  1. Firebase Test Lab for Android — It provides cloud-based infrastructure for testing Android apps. With one operation, you can initiate testing of your app across a wide variety of devices and device configurations. Test results — including logs, videos, and screenshots — are made available in your project in the Firebase console. Even if you haven’t written any test code for your app, Test Lab can exercise your app automatically, looking for crashes.
  2. Performance Monitoring — To diagnose app performance issues occurring on your users’ devices. Use traces to monitor the performance of specific parts of your app and see a summarized view in the Firebase console. Stay on top of your app’s startup time and monitor HTTP requests without writing any code.

Talk by Kushagra Gour

Kushagra Gour is currently working as a front-end developer at an awesome startup called Wingify building VWO.

Side Projects = More Self Improvement

He has developed a lot of side projects that are available on Github. He has given an overview on some of his side projects.

  1. hint.css — A CSS only tooltip library for your lovely websites.

2. screenlog.js — Bring console.log on the screen.

3. superplaceholder.js — Super charge your input placeholders.

4. Tolks — Put your stories up on the Internet.

5. Web Maker — Chrome extension for a fast & offline web playground.

Hackathon

After that 7 teams were shortlisted for presenting their idea on stage for 3 minutes.

After that the judges selected team Decoder as the Hackathon winner. They have made a smart travel application that helps to plan your travel and share it with your friends/family.

What Next

They are coming to Pune (24 June 2017 — Novotel Pune Nagar Road), Bangalore (28 June 2017 — Vivanta by Taj, MG Road) and Hyderabad (1 July 2017 — Hyderabad International Convention Center). So you can register for them here: https://events.withgoogle.com/in-firebase-appfest/

by Manish Bisht at June 23, 2017 02:26 PM

June 22, 2017

Manish Bisht

Download videos using ngDownloader.tk without ads

ngDownloader is a web application that gives the download links of the videos from various websites like youtube, facebook, udemy etc with no ads. I have made this application for AngularAttack 2017 Hackathon and selected as winner in Fun/Utility Category.

Here is my full interview after hackathon http://developer.telerik.com/announcements/manish-bisht-wins-angular-attack-kendo-ui/

How to use ?

  1. Open https://ngdownloader.tk/
  2. Enter the URL-address of videos of the supported websites in the input field at the top of the page.
  3. Press Enter or click on the “Download” button to the right of the input field.

Technology Stack

Frontend

The frontend was built using AngularJS 1 and Kendo UI.

Backend

I have used Amazon AWS Lamda function and API gateway to host and run the backend. Here is the link of the backend code. Also it uses youtube-dl library to fetch download links.

Support

If you find any issue report it on https://github.com/manishbisht/ngDownloader or submit the PR fixing that bug; I would be happy to merge it.

Bugs or feature request ? Drop email at hi@manishbisht.me I would be happy to make it available for you.

I will keep making more improvements and adding features in the future. I am using my Kendo UI Professional license so that I can improve the UI and use more components.

There is the yearly renewal is charge for the domain per year and pay per use charge for Amazon AWS for backend. If you want to contribute a year or pay for hosting, send me an email and I’ll add the years on. Of course I’ll do my best to continue running the domain and hosting, but this is your chance to contribute to the community project.

Talk to me

If anyone would like to get in touch with me I am not too hard to reach. Just drop an email at hi@manishbisht.me I would be happy to have a chat with you.

by Manish Bisht at June 22, 2017 02:06 PM

June 21, 2017

Raghuram Vadapalli

Configuration options for default transformations

I submitted pull request for my second task i.e., adding configuration options for default transformations. As I explained in the proposal. I thought I will have to add configuration for every transformation. But I realised not all of the transformations make use of options. So, I added configuration only for those that looked like they make use of paramaeters. I have a feeling that a better option would be to add empty arrays for those transformations that don’t make use of options because in future, the transformations may be modified to make use of parameters and they can modify these empty arrays. Anyway, I raised this question in comments on my pull request. I will act according to response.

I also thought I will have to add configuration options in page-wise settings and setup script separately. But, I realised any change in configuration directives reflects in both setup script and page-wise settings. Awesome!!

Screenshots of new configuration directives:

Screenshot_20170621_152030.png

Screenshot_20170621_152202.png

I will be moving on to my 3rd task this week – Allow designer to show other Databases. According to my plan, I will be submitting code for my 3rd task after first evaluation, but I have to start discussing design with my mentor now. I guess this puts me in a good position for my first evaluation as I submitted all required code. From now on, I will be addressing reviews on the submitted code and plan for my 3rd task.


by Raghuram Vadapalli at June 21, 2017 10:02 AM

June 20, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W24

Besides usual bug screening and pull requests merging, I've spent quite some amount in digging reports in our error reporting server and fixed the most visible ones.

The error reporting server collects errors happening in phpMyAdmin installations worldwide (this is opt-in reporting) and gives us insights where our users suffer most. Some of the errors are really weird and probably indicate PHP bug, but as we don't collect more information than is necessary, we really can not say for sure and we can not find person to reproduce the bug. Anyway if something has happened hundredth times on several installations, it's probably worth fixing in our code base.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at June 20, 2017 10:00 AM

June 19, 2017

Deven Bansod

GSoC 2017 : Weekly Report #3

Week #3

Key accomplishments last week:

Key tasks that stalled:

NA

Tasks in the upcoming week:

Note: All these tasks were related to phpMyAdmin’s Error Reporting System (Github).

Details:

#98 aimed to bring back the ability of the Error Reporting Server to follow the status of report-linked Github issues and update the same for the reports that it is linked with. Github provides a interface to listen to events through webhooks. Webhooks allow developers to listen to a variety of events like push, issues etc. I added a controller in the Error Reporting Server which listens to all the issues events and if it receives an event for an issue which is linked to by any of the reports, it updates the status of the linked reports accordingly.

For the next week, I would be taking on two tasks #159 and #160, which were not originally part of the proposal, but seem to be natural extensions to the task in #98.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #3, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at June 19, 2017 03:44 PM

Manish Bisht

Thanks :) I have faced some issues while adding left and right scrolling icon and its functionality…

Thanks :) I have faced some issues while adding left and right scrolling icon and its functionality but with little more debugging I have made it possible.

Next while working on table structure page when I have written this in js/menu-resizer.js the icons are loading n number of times where n is number of columns in the table. It was working fine on all pages except table structure page.

$(PMA_getImage('b_right.png').toString()).prependTo($('.scrollindicator--right'));
$(PMA_getImage('b_left.png').toString()).prependTo($('.scrollindicator--left'));

I think this might be an bug or it is there to make some functionality working. I am not sure about this.

So to keep it working I replaced it with below lines.

$('.scrollindicator--right').html($(PMA_getImage('b_right.png').toString()));
$('.scrollindicator--left').html($(PMA_getImage('b_left.png').toString()));

Last issue that I faced was while adding scrolling inside the fieldset tag seems like the width in percentage was not working so I used javascript here to implement this.

var windowwidth = $(window).width();
$('#responsivetable').css('max-width', (windowwidth - 35 ) + 'px');

Rest all implementation were straight forward. Just needed some debugging on browser developer tools.

Also I have made some standards for how I am naming the new classes the details of which I will add after completing it because I think more will come as I keep working on it.

by Manish Bisht at June 19, 2017 02:57 PM

Michal Čihař

Call for Weblate translations

Weblate 2.15 is almost ready (I expect no further code changes), so it's really great time to contribute to it's translations! Weblate 2.15 should be released early next week.

As you might expect, Weblate is translated using Weblate, so the contributions should be really easy. In case there is something unclear, you can look into Weblate documentation.

I'd especially like to see improvements in the Italian translation which was one of the first in Weblate beginnings, but hasn't received much love in past years.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at June 19, 2017 04:00 AM

June 18, 2017

Michal Čihař

python-gammu for Windows

It has been few months since I'm providing Windows binaries for Gammu, but other parts of the family were still missing. Today, I'm adding python-gammu.

Unlike previous attempts which used crosscompilation on Linux using Wine, this is also based on AppVeyor. Still I don't have to touch Windows to do that, what is nice :-). This has been introducted in python-gammu 2.9 and depend on Gammu 1.38.4.

What is good on this is that pip install python-gammu should now work with binary packages if you're using Python 3.5 or 3.6.

Maybe I'll find time to look at option providing Wammu as well, but it's more tricky there as it doesn't support Python 3, while the python-gammu for Windows can currently only be built for Python 3.5 and 3.6 (due to MSVC dependencies of older Python versions).

Filed under: Debian English Gammu python-gammu Wammu

by Michal Čihař (michal@cihar.com) at June 18, 2017 04:00 PM

June 16, 2017

Michal Čihař

New projects on Hosted Weblate

Hosted Weblate provides also free hosting for free software projects. The hosting requests queue was over one month long, so it's time to process it and include new project.

This time, the newly hosted projects include:

We now also host few new Minetest mods:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do them on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at June 16, 2017 04:00 PM

June 14, 2017

Raghuram Vadapalli

UI for Multi-Table query complete (almost!!)

As mentioned in my previous post, I am working on making new UI for multi-table query for phpMyAdmin. I believe I can safely say it is in good shape as of now, although code review is still pending. I have added most of the features from earlier interfaces. Some of the examples of queries which you can construct are:

  • Basic queries.
    • select `wp_posts`.`*` from `wp_posts`;

    • select `wp_posts`.`ID` from `wp_posts`;

  • Aliases.
    • select `a`.`ID` from `wp_posts` as `a`;

    • select `a`.`ID` as `id_col` from `wp_posts` as `a`;

  • WHERE clause
    • select `wp_posts`.`ID`, `wp_posts`.`post_title` from `wp_posts` WHERE `wp_posts`.`ID` > 49 AND `wp_posts`.`ID` < 74;

  • ORDER BY clause
    • select `wp_posts`.`ID`, `wp_posts`.`post_title` from `wp_posts` WHERE `wp_posts`.`ID` > 49 AND `wp_posts`.`ID` < 7 ORDER BY `wp_posts`.`post_date`;

Following is a screenshot of the UI:

Screenshot_20170614_105916.png

I had a plan to add filtering and pagination of queries, but luckily they are built-in for query response HTML. You can checkout code from the PR and try it yourself. As always, any feedback and suggestions are more than welcome.

According to my timeline, I am supposed to complete this with code-review by 15th June. But I understand that other developers may be busy right now. So, I will be moving on to my next task this week i.e. Default options for transformations.

I will update the code for Multi-Table querying once I get code reviews.


by Raghuram Vadapalli at June 14, 2017 05:40 AM

June 13, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W23

Last week was again quite busy on the issue tracker and pull requests. I start to think that I barely get to real development over handling flow of incoming reports and pull requests.

I've manged to fix some issues with parsing comments in SQL parser, which probably was not that much visible in phpMyAdmin, but was quite annoying when using SQL parser as library. Generally it seems that people are starting to use it, so at least one of our separate libraries is getting some user base outside phpMyAdmin.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at June 13, 2017 10:00 AM

June 12, 2017

Deven Bansod

GSoC 2017 : Weekly Report #2

Week #2

Key accomplishments last week:

Key tasks that stalled:

NA

Tasks in the upcoming week:

Note: All these tasks were related to phpMyAdmin’s Error Reporting System (Github).

Details:

Issue #106 focussed on adding better functionality of notifications handling. I added a ‘Select all’ check box to select all the notifications on a single page. The pagination was not working before and was fixed.  I also added a ‘Mark All Notifications as Read’ button which would ask the user to confirm and if confirmed will mark all his notifications read (unrecoverable).

Issue #31 was about providing email notifications to the developers whenever a new report is added on the Error reporting system. A tricky part was to test sending of emails in unit testing, it needed me to add a new custom email transport.

For the next week, I would be targeting to implement #98 which aims to bring back the ability of the Error Reporting Server to follow the status of report-linked Github issues and update the same for the reports that it is linked with.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #2, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at June 12, 2017 09:03 AM

June 07, 2017

Michal Čihař

Gammu family releases

During last weeks I was finally able to push out some releases of Gammu and related tools. Those were mostly waiting for quite some time in Git, but still will be useful for many users.

Gammu 1.38.3 brings several SMSD performance improvements (I'd like to hear feedback here how much it helped in real world workloads), fixes USSD related crashes and adds support for new devices.

python-gammu 2.8 finally brings emoji fixes to Python users as well. Those were fixed in Gammu quite some time ago, but the Python API still didn't handle them properly. There was also simplification in the calls API.

Wammu release will follow shortly in next days, the most important change there being license change to GPLv3 or later.

Filed under: Debian English Gammu python-gammu Wammu

by Michal Čihař (michal@cihar.com) at June 07, 2017 04:00 PM

June 05, 2017

Raghuram Vadapalli

Weekly update: New UI for Multi-table querying for PMA

As mentioned in my timeline, I am working on building a New UI for Multi-table querying. The following is the mockup of what I put forward to community. My mentor Isaac Bennetch expressed that he is happy with it.

mockup.png

I made an implementation for the UI and added support for basic queries which don’t involve any criteria (WHERE clause is not supported yet). This is what it looks like right now.

Screenshot_20170605_150220.png

You can checkout the code from this PR and test it yourself. For the following week, I will be adding support for WHERE clause. I should also enable saving of queries. Last UI has that feature and I also feel it is very useful for users as it is very common for database admins to need to run same queries repeatedly. I look forward to any feedback regarding this feature.


by Raghuram Vadapalli at June 05, 2017 09:50 AM

June 04, 2017

Deven Bansod

GSoC 2017 : Weekly Report #1

Week #1

Key accomplishments last week:

Key tasks that stalled:

Tests coverage for code touched in #151 to be added

Tasks in the upcoming week:

Note: All these tasks were related to phpMyAdmin’s Error Reporting System (Github).

Details:

Before the coding period started, I started out with moving the code-base for Error Reporting server to more phpMyAdmin-like coding styles (which is in fact quite similar to PSR-4 with few exceptions) in #131 and #132.

I had talked to Michal and actually started the work on the project a few weeks before the actual GSoC coding period started. Initially I spent time fixing bugs from the production logs (ex. #134, #135, #139, #141, #142), which helped to get started with the codebase.

The first task from the proposal that I implemented turned out to be #129. The views were strayed with control structures with a lot of opening and corresponding closing braces. This PR changed the view files to use alternative syntax for the control structures.

The next task (#123) that I picked up was to allow searching/filtering reports (on Reports listing page) using Filename. This helps the developer in differentiating between all the similar errors/exceptions but originating from different files.

The tasks #119 and #120 were related in a sense both were related with the interactions that our error reporting system has with Github. #119 focused on improving the content that we add while creating a new linked-issue for a report or while adding a link of an report to an existing issue on Github.

#120 helped to simplify the long list of existing issue states and they were mapped to a simpler (and more Github-related statuses) as ‘New’, ‘Forwarded’, ‘Resolved’.

For the next week, I would be targeting to implement #31 which aims to provide an email notification (to developers at phpmyadmin.net) about new reports being added on the Error Reporting Server.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #1, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at June 04, 2017 06:00 AM

May 30, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W21

Last week was a bit shorter for me, but still there was quite some bugfixes done.

Most of the time was spent of fixing handling malformed mo files in motranslator, where the issues were reported by Emanuel Bronshtein. The library is now way more fault tolerant than it used to be if it gets corrupted file.

There was also quite some pull requests on phpMyAdmin to review and merge, but that seems to be usual in last weeks :-).

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at May 30, 2017 10:00 AM

May 26, 2017

Michal Čihař

Running Bitcoin node on Turris Omnia

For quite some I'm happy user of Turris Omnia router. The router has quite good hardware, so I've decided to try if I can run Bitcoin node on that and ElectrumX server.

To make the things easier to manage, I've decided to use LXC and run all these in separate container. First of all you need LXC on the router. This is the default setup, but in case you've removed it, you can add it back in the Updater settings.

Now we will create Debian container. There is basic information on using in Turris Documentation on how to create the container, in latter documentation I assume it is called debian.

It's also good idea to enable LXC autostart, to do so add your container to cat /etc/config/lxc-auto on :

config container
    option name debian

You might also want to edit lxc container configration to enable clean shutdown:

# Send SIGRTMIN+3 to shutdown systemd (37 on Turris Omnia)
lxc.haltsignal = SIGRTMIN+3

To make the system more recent, I've decided to use Debian Stretch (one of reasons was that ElectrumX needs Python 3.5.3 or newer). Which is anyway probably sane choice right now given that it's already frozen and will be soon stable. As Stretch is not available as a download option in Omnia, I've chosen to use Debian Jessie and upgrate it later:

$ lxc-attach  --name debian
$ sed -i s/jessie/stretch/ /etc/apt/sources.list
$ apt update
$ apt full-upgrade

Now you have up to date system and we can start installing dependencies. First thing to install is Bitcoin Core. Just follow the instructions on their website to do that. Now it's time to set it up and wait for downloading full blockchain:

$ adduser bitcoin
$ su - bitcoin
$ bitcoind -daemon

Depending on your connection speed, the download will take few hours. You can monitor the progress using bitcoin-cli, you're waiting for 450k blocks:

$ bitcoin-cli getinfo
{
  "version": 140000,
  "protocolversion": 70015,
  "walletversion": 130000,
  "balance": 0.00000000,
  "blocks": 301242,
  "timeoffset": -1,
  "connections": 8,
  "proxy": "",
  "difficulty": 8853416309.1278,
  "testnet": false,
  "keypoololdest": 1490267950,
  "keypoolsize": 100,
  "paytxfee": 0.00000000,
  "relayfee": 0.00001000,
  "errors": ""
}

Depending how much memory you have (mine has 2G) and what all you run on the router, you will have to tweak bitcoind configuration to consume less memory. This can be done by editing .bitcoin/bitcoin.conf, I've ended up with following settings:

par=1
dbcache=150
maxmempool=150

You can also create startup unit for Bitcoin daemon (place that as /etc/systemd/system/bitcoind.service):

[Unit]
Description=Bitcoind
After=network.target

[Service]
ExecStart=/opt/bitcoin/bin/bitcoind
User=bitcoin
TimeoutStopSec=30min
Restart=on-failure
RestartSec=30

[Install]
WantedBy=multi-user.target

Now we can enable services to start on container start:

systemctl enable bitcoind.service

Then I wanted to setup ElectrumX as well, but I've quickly realized that it uses way more memory that my router has, so there is no option to run it without using swap, what will probably make it quite slow (I haven't tried that).

Filed under: Debian English OpenWrt

by Michal Čihař (michal@cihar.com) at May 26, 2017 10:00 AM

May 25, 2017

Raghuram Vadapalli

Summer Of Code with phpMyAdmin

I am excited to say that I will be working with phpMyAdmin this summer on the project ‘Enhancements collection for phpMyAdmin’. Here is the detailed project proposal including timeline.

Synopsis

The project aims at enhancing phpMyAdmin by implementing several features. The following are github links to respective issues:

Benefits to users

  1. New UI for Multi-table query generator: Currently, we have two ways of building multi-table queries in order to reduce user effort while querying multiple tables – one is designer (db_designer.php) and the other is a form-based query builder (db_qbe.php) which is redundant. The new UI replaces these two interfaces. This UI helps in reducing the learning curve for users who are new to managing databases and also to make multi-table querying faster and easier.
  2. Default options for transformations: While browsing a table, the way in which a user interacts with output is formatted by PMA to visualize output in an intuitive way (for eg. showing formatted JSON). These transformations can be set and edited in tbl_structure.php page. These transformations accept parameters (for eg. what is the length of substring to be shown if col value is a large string). The defaults for these parameters are hard-coded in PMA. It will be better if we enable user to configure these defaults, preferably in page related settings modal (also in configuration directives if necessary).
  3. Allow designer to show other Databases: Adding foreign key constraint from ‘Relation view’ has option of choosing a different database. Right now, users cannot create foreign key constraints with other databases using designer. This task involves showing tables from other databases and allowing to add foreign key constraints.
  4. Google Authenticator: Two factor authentication provides an additional layer of security and makes it harder for attackers to gain access to user accounts. We have also had some users complain that the only weak spot in their environments is access to phpMyAdmin which does not support two-factor authentication.
  5. Consolidate tablesorter libraries: Remove redundant libraries being used for sorting tables. From this task, there is no benefit directly reflecting to users, except loading one less library. This will help us (developers) to maintain sanity of the code.
  6. Facilitate drag and drop of columns between tables: Users will be able to copy columns across tables which they cannot do now. Example case: Engines like InnoDB allow only 64 columns to be indexed in a table due to which users are forced to split tables. Such users will find it very helpful to be able move columns across tables.
  7. Setup improvements: Many potentially very useful features like auto-update are not implemented right now as it would require filesystem access. With this solution in place, we can add features like Editing configuration file, Auto-update PMA installation, Theme downloader etc.

Project Details

The following is a more detailed description of the features which will be implemented:

  1. New UI for Multi-table query generator:
    • Right now, after result of submitted query is fetched, a lot of space is occupied on top with various options pushing the actual builder down (image). This is unfriendly as it is common to want to modify the query soon. The new interface will ensure that builder itself will take much less amount of space on top leaving room for result to be shown below builder.
    • Inherit most of the functionality provided by both of the existing interfaces.
    • I have made a mockup of what I planned to implement. Criteria will be entered as free text (we can provide interface for basic criteria like ‘AND’, ‘OR’ etc.)
    • I also have a plan to add additional filters after results are displayed, as reflected in the mockup referred above.
  2. Default options for transformations: We currently have pagewise settings and a setup script where configuration options are available. A form for ‘Default options for transformations’ will be added in one (or both) of these places. All the transformation plugins are in $PMA_HOME/libraries/plugins/transformations/ directory. Results are created by $PMA_HOME/libraries/DisplayResults.php where applyTransformation function is called. This function uses hard-coded defaults (eg: substring-transformation ). We have to:
    • Replace these hard-coded parameters with parameters obtained from $cfg. These parameters can either be set in page related settings or in configuration options in standalone settings page.
    • The existing hard-coded defaults will be added to config.defaults.php.
  3. Allow designer to show other Databases: As discussed on the issue on Github, adding all databases by default to the designer doesn’t make sense. A better suggested UI to reduce cluttering would be:
    • To include all the tables where foreign key constraints of current database are pointing.
    • Provide interface to add more tables.
  4. Google Authenticator:
    • Users will have an interface (a separate page) which they can access through settings page to set up 2FA.
    • We will be generating a QR code which a user can scan through Google Authenticator app (or any 2FA app) and enter the code (TOTP). If this is successful, we store the seed for the user in a database. We will be using this seed to verify code (TOTP) entered by user at every login attempt. A good option here is to use an existing library like TwoFactorAuth (MIT license).
    • We have to decide what happens if a user loses access to his/her Google Authenticator app. One option here is to follow what github does. Github provides recovery codes when you set up 2FA and these can be used instead if you lost your device or app. You can read about it here.
  5. Consolidate tablesorter libraries:
    • Identify the places where the two libraries (jquery.sortableTable.js and jquery.tablesorter.js) are used. Doing a simple grep, I was able to see that tablesorter is used much more than sortableTable (44 times vs 14 times).
    • Refactor the code base in those areas so that finally only one library is used. I am assuming I have to replace those 14 instances of sortableTable are to be replaced (other way is also fine if we decide that tablesorter is better). They also have decent documentation available.
  6. Facilitate drag and drop of columns between tables: In the tbl_structure.php page, an option will be added to append the columns from other table clicking on which displays list of tables and columns in selected table. User will be able to drag a particular column from this and add it to current table. This has issues like mismatch of no of rows in the column being added and current table. This needs to be further discussed.
  7. Setup improvements:
    • We will be adding a special option where users are requested for credentials for setting up these additional features. In future, these features can only be accessed by using these credentials.
    • The features which will be added include editing configuration file (config.inc.php), an option to update PMA to latest stable release (or re-install current version), PMA configuration storage setup (files in $PMA_HOME/sql/ directory).
    • Since these features affect only server side filesystem, having write access on $PMA_HOME/ directory to server should suffice.

The exact flow for any of the above features is subject to change on discussion with mentor and community during implementation. All the implemented features will be clearly documented. As mentioned in the timeline below, if time permits I will be taking up more feature requests and bugs.

Deliverables

  • New UI for Multi-table query generator: A new interface for multi-table queries which replaces the two existing interfaces.
  • Default options for transformations: A configuration option (a form) where default options for transformation can be configured.
  • Allow designer to show other Databases: An interface to enable users to add other tables (tables from other databases) to designer.
  • Google Authenticator: An optional two-factor-authentication while logging in.
  • Consolidate tablesorter libraries: Removed redundant libraries used for sorting tables.
  • Facilitate drag and drop of columns between tables: Added functionality to drag and drop columns between tables
  • Setup improvements: An interface to add features which require filesystem access such as PMA installation updater, PMA configuration storage setup, editing configuration file etc. I will try to implement as many of these features as possible.

Project Schedule

Span

Task

May 4th – May 29th

  • Bonding with community.
  • Understand the code base clearly.
  • Work on some feature requests and bugs.
  • Discuss and clear the ambiguities and implementation details.

May 30th – Jun 5th

  • New UI for Multi-table query generator.
    • Formalize the exact UI design.
    • Create and finalize UI.

Jun 6th – Jun 15th

  • New UI for Multi-table query generator.
    • Complete UI with backend.
    • Get the code reviewed.

Jun 16th – Jun 20th

  • Implement Default options for transformations.
    • Formalize the interface for configuration.
    • Implement the interface and code-review.

Jun 21st – Jun 24th

  • Implement showing tables from other databases in designer.
    • Formulate and design the UI which allows this functionality.

Jun 25th – Jun 29th

  • Submitting work for phase-1 evaluations.
  • Make up week.
  • Fix any bugs/issues in the work till now.

Jun 30th

  • Phase-1 evaluations.

Jul 1st – Jul 7th

  • Implement showing tables from other databases in designer.
    • Complete the backend part.
    • Get the code reviewed.

Jul 8th – Jul 13th

  • Add support for 2FA.

Jul 14th – Jul 20th

  • Remove redundant libraries used for sorting tables.
    • Identify where both libraries are used.
    • Refactor the code to ensure only one library is used.
    • Get the code reviewed.

Jul 21st – Jul 27th

  • Make-up week.
  • Fix any bugs/issues in the work till now.
  • Submit work for phase-2 evaluations

Jul 28th

  • Phase-2 evaluations

Jul 29th – Aug 4th

  • Setup improvements
    • Credentials setting up
    • Editing configuration file

Aug 5th – Aug 13th

  • Setup improvements
    • Other features such as PMA updater, Theme downloader, Configuration storage editor

Aug 14th – Aug 22nd

  • Facilitate drag and drop of columns across tables
    • Discuss and finalize the UI design.
    • Implement the finalized design.
    • Code-review.

Aug 23rd – Aug 28th

  • Make up week.
  • Wrap up the work.
  • Fix any bugs and do required documentation.
  • Work on more features if time permits.

Aug 29th

  • Final evaluation.

Time

I will be able to spend up to 30-40 hours a week on average.

Bio

I have been programming since my 11th standard (2011). I open-source most of my assignments and course projects which can be found on my github profile. The following are some of the relevant courses I have completed:

  • Computer Programming
  • Data Structures
  • Algorithms
  • Database Systems
  • Structured Systems Analysis and Design
  • IT workshop

I was Teaching Assistant for ITWS course at my university for two semesters which involves teaching HTML, CSS, JS, Introduction to PHP, encryption, git etc.

I am familiar with the technologies used by phpMyAdmin project, namely PHP, MySQL, JS, jQuery, HTML and CSS.

My other interests include NLP, Machine Learning and Research.

Blog

https://raghuramvadapalli.wordpress.com/ I will be continuing in this blog.

Open-source contributions

Other than phpMyAdmin, I contributed to an organization called Catrobat. My other open-source work can be found on my github.

phpMyAdmin contributions

I’ve contributed to phpMyAdmin for some months in the past. I’ve fixed few bugs and also added some features. These are my contributions.

Favorite phpMyAdmin feature

I find Navigation tree and autocomplete most useful. The one I liked the most is normalizing databases.

phpMyAdmin improvement

I feel the layout of phpMyAdmin can be further improved. For example, It can be centrally aligned (vaguely speaking) so that interface experience remains consistent with varying monitor resolutions. I found that this issue addresses whatever I am saying. I would really like to see this being taken up.


by Raghuram Vadapalli at May 25, 2017 04:44 AM

May 24, 2017

Michal Čihař

Weblate 2.14.1

Weblate 2.14.1 has been released today. It is bugfix release fixing possible migration issues, search results navigation and some minor security issues.

Full list of changes:

  • Fixed possible error when paginating search results.
  • Fixed migrations from older versions in some corner cases.
  • Fixed possible CSRF on project watch and unwatch.
  • The password reset no longer authenticates user.
  • Fixed possible captcha bypass on forgotten password.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at May 24, 2017 08:00 AM

May 23, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W20

Last week I was again quite active on development side bringing several improvements to master branch.

The biggest news is probably that phpMyAdmin no longer relies on eval() function. We've used it to run advisory rules on server configuration, but that is now done using Symfony ExpressionLanguage (which we anyway need due to motranslator).

When looking at things this does pull in, I've noticed that there is mbstring polyfill, which can be used instead of the one we ship (and was never completed). Thanks to this the mbstring dependency is now optional, but still recommended for performance reasons.

Another quite visible change is adding JSON metadata to our themes. Right now it covers basic things like theme compatibility and authorship, but more can be added later. This is also covered in our documentation.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at May 23, 2017 10:00 AM

May 22, 2017

Michal Čihař

HackerOne experience with Weblate

Weblate has started to use HackerOne Community Edition some time ago and I think it's good to share my experience with that. Do you have open source project and want to get more attention of security community? This post will answer how it looks from perspective of pretty small project.

I've applied with Weblate to HackerOne Community Edition by end of March and it was approved early in April. Based on their recommendations I've started in invite only mode, but that really didn't bring much attention (exactly none reports), so I've decided to go public.

I've asked for making the project public just after coming from two weeks vacation, while expecting the approval to take some time where I'll settle down things which have popped up during vacation. In the end that was approved within single day, so I was immediately under fire of incoming reports:

Reports on HackerOne

I was surprised that they didn't lie - you will really get huge amount of issues just after making your project public. Most of them were quite simple and repeating (as you can see from number of duplicates), but it really provided valuable input.

Even more surprisingly there was second peak coming in when I've started to disclose resolved issues (once Weblate 2.14 has been released).

Overall the issues could be divided to few groups:

  • Server configuration such as lack of Content-Security-Policy headers. This is certainly good security practice and we really didn't follow it in all cases. The situation should be way better now.
  • Lack or rate limiting in Weblate. We really didn't try to do that and many reporters (correctly) shown that this is something what should be addressed in important entry points such as authentication. Weblate 2.14 has brought lot of features in this area.
  • Not using https where applicable. Yes, some APIs or web sites did not support https in past, but now they do and I didn't notice.
  • Several pages were vulnerable to CSRF as they were using GET while POST with CSRF protection would be more appropriate.
  • Lack of password strength validation. I've incorporated Django password validation to Weblate hopefully avoiding the weakest passwords.
  • Several issues in authentication using Python Social Auth. I've never really looked at how the authentication works there and there are some questionable decisions or bugs. Some of the bugs were already addressed in current releases, but there are still some to solve.

In the end it was really challenging week to be able to cope with the incoming reports, but I think I've managed it quite well. The HackerOne metrics states that there are 2 hours in average to respond on incoming incidents, what I think will not work in the long term :-).

Anyway thanks to this, you can now enjoy Weblate 2.14 which more secure than any release before, if you have not yet upgraded, you might consider doing that now or look into our support offering for self hosted Weblate.

The downside of this all was that the initial publishing on HackerOne made our website target of lot of automated tools and the web server was not really ready for that. I'm really sorry to all Hosted Weblate users who were affected by this. This has been also addressed now, but the infrastructure really should have been prepared before on this. To share how it looked like, here is number of requests to the nginx server:

nxing requests

I'm really glad I could make Weblate available on HackerOne as it will clearly improve it's security and security of hosted offering we have. I will certainly consider providing swag and/or bounties on further severe reports, but that won't be possible without enough funding for Weblate.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at May 22, 2017 10:00 AM

May 18, 2017

Michal Čihař

phpMyAdmin available in Packagist

For quite some time, we did provide Composer packages for phpMyAdmin, though they were available only in separate repository and not in the main Packagist repository, but now it's there!

The reason why we didn't do that was that it really doesn't integrate well with our release process - we release ready to use tarballs, while the VCS doesn't contain all things end users expect (eg. byte compiled localization files). Putting generated content to VCS didn't sound right and there is no option of using own tarballs on Packagist repo.

That's why we've ended up providing own channel with release tarballs. However this approach is not good either as that already bundles dependencies installable by composer, possibly causing problems when trying to upgrade these.

Therefore I've decided to generate separate VCS for composer packages. This way it doesn't pollute development VCS, but still Composer gets what it expects. The phpmyadmin/phpmyadmin is now using separate VCS and is updated daily using shell script. There might be some glitches during initial runs, so please report me any problems you see.

You can find more information on installing phpMyAdmin using Composer in our documentation.

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at May 18, 2017 10:00 AM

May 17, 2017

Michal Čihař

Weblate 2.14

Weblate 2.14 has been released today slightly ahead of the schedule. There are quite a lot of security improvements based on reports we got from HackerOne program, API extensions and other minor improvements.

Full list of changes:

  • Add glossary entries using AJAX.
  • The logout now uses POST to avoid CSRF.
  • The API key token reset now uses POST to avoid CSRF.
  • Weblate sets Content-Security-Policy by default.
  • The local editor URL is validated to avoid self-XSS.
  • The password is now validated against common flaws by default.
  • Notify users about imporant activity with their account such as password change.
  • The CSV exports now escape potential formulas.
  • Various minor improvements in security.
  • The authentication attempts are now rate limited.
  • Suggestion content is stored in the history.
  • Store important account activity in audit log.
  • Ask for password confirmation when removing account or adding new associations.
  • Show time when suggestion has been made.
  • There is new quality check for trailing semicolon.
  • Ensure that search links can be shared.
  • Included source string information and screenshots in the API.
  • Allow to overwrite translations through API upload.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at May 17, 2017 02:00 PM

May 16, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W19

Last week I finally got to doing something else than bug screening and fixing.

First of all the daily snapshots were improved in order to indicate the snapshot detail on our website, so that it's clear when it has been built and from which Git commit.

I've also looked at long outstanding issue of removing eval() usage from our codebase. The last piece where it has been used for Advisor and there is now my pull request to get rid of that.

Second long annoying thing is that we really don't have theme metadata in some easy to read format. Some of the information is set by PHP code and that's not really something you want to use to just get theme name, author or compatibility (actually the last bit is not really there). I've rewritten this to use JSON and there is pull request to implement the changes.

Probably both pull requests will land into master this week.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at May 16, 2017 10:00 AM

May 15, 2017

Michal Čihař

New projects on Hosted Weblate

Hosted Weblate provides also free hosting for free software projects. The hosting requests queue was over one month long, so it's time to process it and include new project.

This time, the newly hosted projects include:

We now also host few new Minetest mods:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do them on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at May 15, 2017 04:00 PM

May 14, 2017

Deven Bansod

Project Details: GSoC 2017 with phpMyAdmin

As I had posted earlier, my proposal for ‘Improving phpMyAdmin’s Selenium testsuite and Error Reporting Server’ got accepted in Google Summer of Code with phpMyAdmin.

The project aims to provide some added and improved functionality in the areas of functional/selenium testing and phpMyAdmin’s error reporting server.

The project details are presented under two broad headings:

  1. Tasks related to Error Reporting Server
  2. Tasks related to Selenium testing

Tasks related to Error Reporting Server

This involves implementing these tasks over the summer:

  1. Issue #98: Follow Github issue state
  • Current behaviour: No such option. Prior to migration of our issue tracker, the state of reports were synced with the linked SourceForge issues. On migration, this functionality has been lost.
  • Expected behaviour: The error reporting server should be able to follow state of linked issues and update state of the reports linked to that issue according to them.
  • Implementation Procedure:
    1. Github provides event webhooks for any repository which can be listened by a controller on our reporting server.
    2. Once an issue (close) event is received, the controller will set the state of all the reports linked with that issue to ‘closed’. This way we would not have to run a cron job, and this would ideally be tracking changes in real time.
    3. If the operation takes a lot of time, we might have to use queueing mechanisms to hold these event payloads received from Github.
    4. Security aspects have to be considered as mentioned here
  • Alternate Implementation Procedure:
    1. Github developer APIs provides a rich way of interacting with the issues on a repository. We could use the APIs provided, for example:
      GET /repos/:owner/:repo/issues/:number
      to get the current state of the linked issue for a report and update the same on server
    2. This can be implemented as a shell, which could be run as a cron-job using the console tool that CakePHP provides.

      2. Issue #31 : Provide email notification for new reports

  • Current Behaviour: New reports are not reported to the developers via emails. This leads to the developer manually checking the error reporting server to check, if new relevant reports have been added.
  • Expected behaviour: New report generation would be accompanied by emailing a small summary of the new report’s details to the developer community (maybe through a new ‘bugs’ mailing list).
  • Implementation Procedure:
    1. Cakephp3 has a core library included for custom emails through cakephp. The ReportsController.php, in its creation of the report, would also include a function call to mail the summary of new report’s details to the bugs mailing list.
      Reference – http://book.cakephp.org/3.0/en/core-libraries/email.html

      3. Issue #106 : Notifications handling

  • Current Behaviour: We don’t provide any option to clear all notifications. Moreover, there is not even a ‘Select all’ checkbox to select all the notifications on a page.
  • Expected behaviour: The missing ‘Clear all notifications’ button (and the corresponding action) should be provided so that the developer can start with a clean slate. Moreover, a ‘Check all’ checkbox would enable the developers to quickly filter and clear the notifications shown currently on the page
  • Implementation Procedure:
    1. We use Data tables to populate, order and enable search queries (though order and search are actually run in with SQL queries) in the tables on Notifications page.
    2. A check-all box can be added similar to what is present on the reports page
    3. The ‘Clear all notification button can added above the table header (may be right-aligned in the same row as ‘Action for Selected Notifications’)

      4. Issue #119 : Improve generated issues content

  • Current Behaviour: Once a report on the error reporting server is linked to an issue, a comment is posted with the error type, error message, exception type and the link to the report.
  • Expected behaviour: It would be really help the developers looking at the comment in the issue tracker if affected phpMyAdmin version, script name and number of incidents are also included in the generated comment.
  • Implementation Procedure:
    1. The changes have to made in the src/Controller/GithubController.php file
    2. We would have to fetch the required information related to the report from the database using appropriate models.
    3. This extra information can be included in the data being posted in the request to the Github server while posting the comment (while linking to existing issue) or while creating a new issue.

      5. Issue #120 : Simplify Issue states

  • Current Behaviour: Since we used to track the issue state from SourceForge through a cron job, we had adapted to the issue states available in SourceForge’s issue tracker and had added corresponding issue state for our reports.
  • Expected behaviour: Since we have moved to Github issue tracker, we would need only three states namely: opened, closed and forwarded. Opened is the default when a new report is generated, it is set to forwarded when the report is linked to a new or existing issue. Once an issue gets closed on Github, the linked reports are also marked as closed.
  • Implementation Procedure:
    1. The changes would be involved to the $state array in the src/Model/ReportsTable.php
    2. Then changes would be required in the flow which creates a new issue and/or links a report to an existing issue on Github, so that the state of the linked report can be changed to forwarded.
    3. The other change required would be that the state of the report should be updated once we receive a issue-closed event from the Github webhook.

      6. Issue #123 : Allow search by filename

  • Current Behaviour: We allow the search in data tables on reports page based on exception name, message, phpMyAdmin version affected, state, exception type.
  • Expected behaviour: The search functionality does not help much when the exception name and the message are very similar but are actually present in different files. We should have a column stating the filename and allow search by that column to help distinguish such reports.
  • Implementation Procedure:
    1. Adding a column involves changes to the template, the view action in src/Controller/ReportsController.php by changing the $aColumns array.
    2. Moreover, the searchable property for this newly added column in the data table would be automatically enabled. (It can be disabled by specifying in the webroot/js/custom.js aoColumnDefs field, but we don’t have to touch it in this case)

      7. Issue #74 : Read-only public interface

  • Current Behaviour: For accessing the error reporting server, one needs to have commit access to the phpmyadmin/phpmyadmin repository on Github. This prevents contributors (non-team members) to access the application. Currently, any issue on the tracker that has been forwarded from a report on error reporting server might be incomprehensible (or at least a pain to work on a fix for) to any non-team developer, since (s)he can’t even take a look at the actual report/incidents.
  • Expected behaviour: We should allow for public read-only interface so that anyone can take a look at the error reports. This would enable democratization of the technology and help in increasing the developer engagement in the community.
  • Implementation Procedure:
    1. The reports main page (i.e. the index action in ReportsController) can remain as it is, while the view action can be changed to have the action buttons like ‘Mark same as’, ‘Create new issue’, ‘Link to an existing issue’ made conditional on whether the user is logged in (ideally only team members)
    2. The currently unused function ‘canCommitTo’ in the Github API can be used to check whether the user is authorized to access the report actions. Moreover, the $whitelist in src/AppController.php would have to be altered to allow for anonymous users to access the read-only interface

      8. Issue #129 : Use cleaner alternative syntax for control structures in View templates

  • Current Behaviour: The templates, in the current code, use the standard syntax for the control structures that is used in the .php files. It makes it very inconvenient to read and comprehend the code, since there are a lot of braces and they may not be correctly indented etc.
  • Expected behaviour: Use alternative syntax in template files
  • Implementation Procedure:
    1. Rewrite the control structures in the template files using the alternative syntax, of course, without breaking any existing functionality.

Tasks related to Selenium testing

These tasks are broadly divided into 2 major sub-lists:

  1. Fixing existing tests: This involves fixing the existing set of broken selenium tests. This would help in making the overall test suite reliable, so that it can be run on every  commit.

 

S. No.

Test name Current status
1 CreateDropDatabaseTest Works
2 CreateRemoveUserTest Works
3 DbEventsTest Inconsistent
4 DbOperationsTest Broken
5 DbProceduresTest Broken
6 DbStructureTest Broken
7 DbTriggersTest Broken
8 ExportTest Broken
9 LoginTest Works
10 NormalizationTest Broken
11 PrivilegesTest Broken
12 ServerSettingsTest Broken
13 TableBrowseTest Broken
14 TableCreateTest Broken
15 TableInsertTest Broken
16 TableOperationsTest Broken
17 TableStructureTest Broken
18 TableTrackingTest Broken
19 XSSTest Broken
20 ImportTest Broken

 

Assuming that each test and its test-cases can be fixed in a day’s work (on an average), fixing all the current tests would require 3 weeks of time.

Adding new tests: The selenium testsuite will be extended to common operations by adding a new set of tests and improve the selenium testsuite coverage.

S. No. Feature Covered Expected duration
1 Typing and executing SQL query – Server SQL 1-2 day(s)
2 Typing and executing SQL query – Database SQL 1-2 day(s)
3 Typing and executing SQL query – Table SQL 1-2 day(s)
4 Granting an user access to a database 1-2 day(s)
5 Import tests 1-2 week(s)
6 Exports tests (expand to test more options, for Server-level, Db-level, table-level) 4 days

 

I would be posting weekly updates every Monday, about the work undertaken during the previous week as soon as the coding period starts.

Looking forward to another exciting summer with phpMyAdmin. 🙂


Filed under: GSoC 2017, phpMyAdmin Tagged: GSoC, Open Source, phpMyAdmin

by Deven Bansod at May 14, 2017 03:22 AM

May 09, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W18

Last week I finally got back to work after mostly two weeks of vacation, so there was quite a lot of things to do. I've merged several pull requests, gone through incoming bugs and generally did some cleanup in our issue trackers.

I've also worked on new daily snapshots of our code, which are now available for download of for use from Docker Hub.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at May 09, 2017 10:00 AM

May 05, 2017

Deven Bansod

Selected for GSoC 2017 with phpMyAdmin

The list of accepted projects for Google Summer of Code (GSoC), 2017 was published yesterday. My proposal on ‘Improving phpMyAdmin’s Selenium testsuite and Error Reporting Server’ submitted to phpMyAdmin has been selected.

This is the second time that I would be participating in GSoC and my second time with phpMyAdmin. This time I would be mentored by Michal Čihař. I would soon be adding a separate blog post about the project details.

Congratulations to all those whose proposals were selected. Cheers!

Looking forward to a great summer ahead with phpMyAdmin again! 🙂


Filed under: GSoC 2017, phpMyAdmin Tagged: GSoC, Open Source, phpMyAdmin

by Deven Bansod at May 05, 2017 07:04 PM

Michal Čihař

New daily snapshots for phpMyAdmin

We have stopped providing daily snapshots for phpMyAdmin pretty much at time we've moved to GitHub, which allowed to download any branch as zip file. However since introduction of Composer to manage our dependencies, additional steps were required to get working copy of phpMyAdmin out of the snapshots.

Since today the ready to use snapshots are available again. They will be updated every day and are built in exactly same way as our releases, so all you need to do is download them and start using.

These snapshots can be also used from Docker - the phpMyAdmin image now has brand new tags edge-4.7 and edge-4.8 which are updated with every snapshot and contain latest changes from development branches.

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at May 05, 2017 04:00 PM

April 15, 2017

Manish Bisht

This is how you should make a GOOD Resume

After getting a lots of questions from my friends and social channels about “how to make my resume”. These are my suggestions to make your resume GOOD that can help you to get your dream job or Internship. You are free to use these suggestions and make changes according to your needs.

KISS — Keep it Simple and Stupid

What to include ?

Everything that you want to tell to your recruiter. This is the sequence that I should suggest you to follow keeping below points in mind but you can definitely reorder it.

For Beginners

  1. Name and Contact Details.
  2. Education
  3. Projects
  4. Skills and/or Technologies known
  5. Languages known (position specific)
  6. Honors and Awards

For Experienced Peoples

  1. Name and Contact Details.
  2. Work Experience
  3. Education
  4. Projects
  5. Skills and/or Technologies known
  6. Languages known (position specific)
  7. Honors and Awards

Plus point (Common)

  1. Freelancing work
  2. Online Portforlio
  3. Volunteer or nonprofit work
  4. Internships

Plus point for Developers

  1. Open Source Contributions
  2. Competitive Programming
  3. Contest Participation/Winners in regular contests or Hackathons
  4. GitHub Profile Link
  5. Host all your projects online

Plus point for Designers

  1. Behance Profile Link
  2. Creativity (Make resume info-graphic)

Plus point for Marketing

  1. Google Certifications

I don’t know much about this field. :)

What NOT to include?

Content that seems that looks irrelevant for the position you are applying. For Example if you lives in Jaipur and writes “I know Hindi” then it doesn’t make any sense as almost all people knows it. It’s just consuming the useful space.

One Page Resume

Now most of you will ask why ?

Short Answer

Do you really think that the recruiters will be going to read your entire resume ? Big “NO” because every company receives lots of applications daily so like every people they also don’t have time to read it from the starting till the end.

Long Answer

Recruiters do not read your resume. They just scan it for 15–30 second. When your resume is too long, then you have written everything about you and it may possible that you have include things that not required or irrelevant. Now two things can happen in those 15–30 seconds, the recruiter sees the best/good part in your resume or some irrelevant stuff. If the worst case happen they will see the worst part and makes their decision as no hire. It will dilute your best/good part from your resume. Lengthy resumes do not make you more impressive. And if you think you can’t get your resume to just one page, trust me, you can! You just need to think about what is really important for a recruiter to see.

Introduction and Contact Details

This should be the very first part of your resume. As it will helps recruiters to know more about you and how they can contact you. Name, Mobile Number and E-Mail is must to be mentioned in this section. Also make sure your email looks professional not like toohottohandle@gmail.com At least your first name should be included in your email. You can also place the links to your social profiles or that can be included in footer. This thing is optional but it depends for example you are developer or graphic designer then they expect GitHub and Behance profile links respectively.

No Objectives

The company already knows that because you applied for a particular position. It will just waste useful space. Also it may limit your profile to considered it for other positions that might be interesting for you.

Use a Resume Template with Columns

Use a template that has multiple columns. It makes your resume easier to read and saves space.

Use Tables

Use tables with 0(zero) border to manage content on resume.

Short Bullets

If there are paragraphs then they is a high possibility that they will just skip it. They are also normal persons so who wants to reads those paragraphs. So adding bullets points increases readability. Make sure that all the bullet point start with action verbs like organised, developed etc. Here are the list of Action Verbs. https://github.com/manishbisht/Competitive-Programming/blob/master/Resources/Action_Verbs_POR.txt https://github.com/manishbisht/Competitive-Programming/blob/master/Resources/Action_Verbs_Others.txt https://github.com/manishbisht/Competitive-Programming/blob/master/Resources/Action_Verbs_Projects.txt

Accomplishment Oriented

Your bullets should focus on your accomplishments rather than your responsibilities.

Quantify

Whenever possible, you should quantify your accomplishments. For example If you won an award, out of how many people?

Education

Add all your education related stuff in this section. Name of College/School, Session and percentage/GPA (percentage/GPA is optional try to not mention it if you have too low percentage/GPA). Make it more organised either write percentage for all schools/colleges or for none because mentioning the good percentage/GPA and not mentioning the bad ones makes the negative impact. This section can also includes the courses that you have taken online. For most of the good recruiters this section doesn’t plays important role in their decision. (For IIT, NIT, IIM etc sometimes it works because they also know how hard it is to get into those institutes)

Projects

Select top 2–3 projects to list on your resume. These can be academic required project or independent projects. They do not need to be completed or launched either. As long as you’ve done a good amount of work on them, that’s good enough! because in your Interviews they will defiantly going to ask questions on it.

Additional Experience

You can put additional experience, like leadership activities or awards, in a section like this (changing the name of the section depending on what you list). Be careful here to focus on what really matters.

Skills and Technologies (Only for technical positions)

It’s a good idea to list your skills and technologies that you know, but remember that anything you list here interviewer will going to test it. Also mention it with level of expertise For Example C++ (Proficient), C# (Prior Experience), etc

Languages

If you know any language that will help company in any way then make sure to mention it with more details like can talk in English or can write in English. For Example if you are applying for automobile companies that are Germany based and you know German then it is worth mentioning it.

Interests

This isn’t really necessary, but if you are applying for a job and want them to know you have interests related to the job this would be a good place to mention them. I would suggest you to keep this section at the very end of the resume.

Make it easy for Applicant tracking system

An applicant tracking system (ATS) is a software application that enables the electronic handling of recruitment needs. Now a days most of the companies uses it as everyone wants automation. So add things in organised way is that it can be easy for machine to filter details about you.

NOTE: Images can’t be parsed through these systems so make sure not to include images in your resume.

Extra Tips

1. Never lie on resume

Never lie on your resume because if you do this and get caught then company will be definitely going to blacklist you. They will never going to take the second chance.

2. Choose your fonts wisely

It is generally a good idea to stick to simple and readable fonts. If you make it hard for them to read then they will make it hard for you to get the job. ;)

3. Keep document size as A4

It will be easy for take print out and will easy for the company too when they take printout after sending them through email (I have once made this mistake after that I have changed default page settings to A4).

4. Grammar and spelling

If you’re applying for a job as a designer, does it matter how well you write? The simple answer is yes. Spelling and grammar mistakes will make you appear uneducated, ignorant and/or lazy

5. Make it early and then update monthly

If you are not planing to apply in next 1 month then also I will suggest you to start making it early. Because the resume that is made day earlier is far better then the one that is made few time ago and modified multiple times. Try to modify resume on regular basic and add more relevant and exciting things to it.

6. Remove repetitive information

Never write the same thing multiple times in your resume even not your name. Trust me this is not your exam answer sheet where you write the same thing multiple times to get passed ;)

7. Use space wisely

Play with page margins, borders and font sizes because you only have one page to write.

This is the link to my current resume http://goo.gl/Rro9Sk. Hope this post helps you to make your resume better.

Need help in something else. Feel free to ping me anywhere. I am not too hard to reach. Please do your homework before reaching out to me so you don’t end up asking some random question. :)

by Manish Bisht at April 15, 2017 03:14 PM

April 13, 2017

Michal Čihař

Weblate 2.13.1

Weblate 2.13.1 has been released quickly after 2.13. It fixes few minor issues and possible upgrade problem.

Full list of changes:

  • Fixed listing of managed projects in profile.
  • Fixed migration issue where some permissions were missing.
  • Fixed listing of current file format in translation download.
  • Return HTTP 404 when trying to access project where user lacks privileges.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Aptoide, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at April 13, 2017 04:00 AM

April 06, 2017

Manish Bisht

Google Developer Day 2017 Ahmadabad, India (Cloud Track) — Summary

Google Developer Days are interactive conferences, providing the latest updates on Google technologies and open platforms for developers and industry leaders. Google Developer Days 2017 will be held throughout year at various cities in India. They are excited to share their thoughts on innovative technologies and encourage developers to build the next big mobile, web, cloud or machine learning solutions.

KeyNote

The event started with the welcome note by Manoranjan Padhy(Community Manager — Google Developer Relations, India)

Session #1

The first session was on Google Cloud Platform by Romin Irani(Google Developer Expert — Cloud Platform) He started with telling key updates from Google Cloud Next 2017 Event.

100 announcements (!) from Google Cloud Next '17

Then he gives the update about new website of Google for all its open source projects. Here is the link

Google Open Source - opensource.google.com

Here is the link of the shared presentation.

Google Cloud Platform - Updates - Next 2017 - Dev Day AHM

#Session 2

Next session was by Rohit Gupta(Solution Engineer — Google Cloud Platform) on Big Data. This was the very interactive session. He told us why Google is data oriented company through his own example.

Also he also told us that the “Hadoop” most trending thing in Data Science was derived from the “MapReduce” research that was done by Google.

Google Research Publication: MapReduce

#Session 3

Next session was on Firebase overview by Manoranjan Padhy(Community Manager — Google Developer Relations, India). He showed us how to get started with Firebase and how to use the API to store the data. He also showed the example of the Chat Application on Firebase.

Firebase Web Codelab

#Session 4

Next session was by Romin Irani(Google Developer Expert — Cloud Platform) on Machine Learning then the more updates about the Google cloud machine learning APIs

Announcing Google Cloud Video Intelligence API, and more Cloud Machine Learning updates | Google Cloud Big Data and Machine Learning Blog | Google Cloud Platform

As most of the peoples are from startups so he gives an update about Google Cloud Machine Learning Startup Competition

Google Cloud Machine Learning Startup Competition | Google Cloud Platform

And at the last the new Google Cloud Platform Community

Google Cloud Platform Community | Google Cloud Platform Community | Google Cloud Platform

Here is the link of the shared presentation.

Introduction to Cloud ML APIs - Dev Day AHM - March 2017

#Session 5

Then an another session by Manoranjan Padhy on Tenserflow. He tell us the things how to start Machine Learning with tenserflow. Tenserflow requires maths as an prerequisite.

If you want to use already created Machine Learning models then you can use Google Cloud Machine Learning and if you want to build your own Machine Learning model then use tenserflow.

TensorFlow

#Session 6

Next session was again on Firebase by Manoranjan Padhy(Community Manager — Google Developer Relations, India) This session was more on server less development which doesn’t means there are no servers but it means we don’t have to manage them.

Firebase | App success made simple

#Session 7

Next session was by Rohit Gupta(Solution Engineer — Google Cloud Platform) on GCP Deveoper and Management tools.

He tell us why we never see “We are on maintenance” like messages on Google products. The difference between 99.99% and 99.999% up-time. Google Storage is 99.999999999999% reliable which means their is very low chances of losing your files if you save it in Google storage like drive, Google Photos. so this session was quite Interesting. He tell us about various new tools that Google internally use in their products.

Stackdriver

Stackdriver - Hybrid Monitoring | Google Cloud Platform

Google also learns from other technology companies. And recently they learnt from Netflix a new way to deploy the updates that are more reliable and very less chances of failure.

Research at Google

At the last the event ended with the open house discussion with the GDG Ahmadabad team and Networking with GDG Ahmadabad teams and Speakers.

by Manish Bisht at April 06, 2017 02:15 PM

April 01, 2017

'Manish Bisht'

My Software Engineering Internship Interview Experience for Summer 2017 with Google Japan

On 9 December, 2016 It was my last fifth semester practical exam so after giving that one of my friend asked for the videos of Udacity FrontEnd Nanodegree I opened my laptop and here is the email from Google Japan with subject “ Google Japan — Next steps on your application” I was so excited thinking that yes finally my resume passed from their ATS (When you apply in any company the resume is saved in their Application Tracking System which is used by the recruiter to select candidates by searching through all the resumes using some keywords because no one has that much time to look through every resume because they receive more than 75,000 job applications every week).

This is not the first time I have applied in Google I have applied in my second year also for the EP Intern but received no response from them because I think I was late that time because they complete all interns hiring by January for summers as answers written on Quora. So I check their job portal in every 15–20 days and apply for the positions relevant to me and update my resume on the monthly basis. I have received response after applying more than 30+ times through their portal so Yes, patience pays…

As the first step in the process I have to fill one survey form asking some basic details. After that on 16 December, 2016 received the email with subject “ Google Japan — Confirmation of Online Quiz”. They have scheduled the online test on 20 December, 2016 and I have to submit the code on the portal. It was something like Google APAC but with no scoreboards.

On 20 December, 2016 There were 2 questions on the quiz out of which I am able to pass 33/101 test cases for first question and 11/100 test cases for second question. The questions were of medium level out of which one was on graph. Also It was written on the on instructions that they will make the next steps based on the code that I have submitted and my resume.

Finally today 22 December, 2016 2:21 P.M. got the email with subject “ Google Japan — Update on your application” This was the rejection email from them. :(

I missed the awesome opportunity this year and will try again next year

For those who want to prepare for the Internship/Full Time this resource (https://github.com/jwasham/google-interview-university) is more than enough to crack interviews at Google. Here Google doesn’t means only Google it means the company which builds cool products using the concepts of Computer Science in a highly creative way.

by Manish Bisht at April 01, 2017 11:23 AM

March 14, 2017

December 25, 2016

Raghuram Vadapalli

CS224d: A great startpoint for Deep Learning in NLP

Even though I am in in Search and Information Extraction Lab, my research work focuses more on NLP. If you are into NLP, you will know that most of the major recent advances in NLP are using Deep Learning. Initially, I had a very tough time understanding most of the papers which used Deep NLP techniques such as LSTMs, Recursive Neural Networks, Attention models etc. This is when I came across this course offered by Richard Socher at Stanford. I am not done with this course completely yet, but doing a part of it itself gave me a lot of confidence. Best part about it is that all their assignments and material, which are very elegantly designed, are publicly available. Hopefully, this will also help someone who has similar interests.

You can find more details about it on its homepage.

Cheers.


by Raghuram Vadapalli at December 25, 2016 09:31 AM

Subscriptions

Planet phpMyAdmin aggregates blogs of following phpMyAdmin contributors.

Last updated

July 22, 2017 12:30 PM
All times are UTC.

Feeds

[RSS 1.0 Feed] [RSS 2.0 Feed] [Atom Feed] [FOAF Subscriptions] [OPML Subscriptions] [Venus]

Planetarium