November 17, 2017

Michal Čihař

Running Bitcoin node and ElectrumX server

I've been tempted to run own ElectrumX server for quite some. First attempt was to run this on Turris Omnia router, however that turned out to be impossible due to memory requirements both Bitcoind and ElectrumX have.

This time I've dedicated host for this and it runs fine:

Electrum connecting to btc.cihar.com

The server runs Debian sid (probably it would be doable on stretch as well, but I didn't try much) and the setup was pretty simple.

First we need to install some things - Bitcoin daemon and ElectrumX dependencies:

# Bitcoin daemon, not available in stretch
apt install bitcoind

# We will checkout ElectrumX from git
apt install git

# ElectrumX deps
apt install python3-aiohttp

# Build environment for ElectrumX deps
apt install build-essentials python3-pip libleveldb-dev

# ElectrumX deps not packaged in Debian
pip3 install plyvel pylru

# Download ElectrumX sources
su - electrumx -c 'git clone https://github.com/kyuupichan/electrumx.git'

Create users which will run the services:

adduser bitcoind
adduser electrumx

Now it's time to prepare configuration for the services. For Bitcoin it's quite simple - we need to configure RPC interface and enable transaction index in /home/bitcoind/.bitcoin/bitcoin.conf:

txindex=1
listen=1
rpcuser=bitcoin
rpcpassword=somerandompassword

The ElectrumX configuration is quite simple as well and it's pretty well documented. I've decided to place it in /etc/electrumx.conf:

COIN=BitcoinSegwit
DB_DIRECTORY=/home/electrumx/.electrumx
DAEMON_URL=http://bitcoin:somerandompassword@localhost:8332/
TCP_PORT=50001
SSL_PORT=50002
HOST=::

DONATION_ADDRESS=3KPccmPtejpMczeog7dcFdqX4oTebYZ3tF

SSL_CERTFILE=/etc/letsencrypt/live/btc.cihar.com/fullchain.pem
SSL_KEYFILE=/etc/letsencrypt/live/btc.cihar.com/privkey.pem

REPORT_HOST=btc.cihar.com
BANNER_FILE=banner

I've decided to control both services using systemd, so it's matter of creating pretty simple units for that. Actually the Bitcoin one closely matches the one I've used on Turris Omnia and the ElectrumX the one they ship, but there are some minor changes.

Systemd unit for ElectrumX in /etc/systemd/system/electrumx.service:

[Unit]
Description=Electrumx
After=bitcoind.target

[Service]
EnvironmentFile=/etc/electrumx.conf
ExecStart=/home/electrumx/electrumx/electrumx_server.py
User=electrumx
LimitNOFILE=8192
TimeoutStopSec=30min

[Install]
WantedBy=multi-user.target

And finally systemd unit for Bitcoin daemon in /etc/systemd/system/bitcoind.service:

[Unit]
Description=Bitcoind
After=network.target

[Service]
ExecStart=/usr/bin/bitcoind
User=bitcoind
TimeoutStopSec=30min
Restart=on-failure
RestartSec=30

[Install]
WantedBy=multi-user.target

Now everything should be configured and it's time to start up the services:

# Enable services so that they start on boot 
systemctl enable electrumx.service bitcoind.service

# Start services
systemctl start electrumx.service bitcoind.service

Now you have few days time until Bitcoin fetches whole blockchain and ElectrumX indexes that. If you happen to have another Bitcoin node running (or was running in past), you can speedup the process by copying blocks from that system (located in ~/.bitcoin/blocks/). Only get blocks from sources you trust absolutely as it might change your view of history, see Bitcoin wiki for more information on the topic. There is also magnet link in the ElectrumX docs to download ElectrumX database to speed up this process. This should be safe to download from untrusted source.

The last think I'd like to mention is resources usage. You should have at least 4 GB of memory to run this, 8 GB is really preferred (both services consume around 4GB). On disk space, Bitcoin currently consumes 170 GB and ElectrumX 25 GB. Ideally all this should be running on the SSD disk.

You can however offload some of the files to slower storage as old blocks are rarely accessed and this can save some space on your storage. Following script will move around 50 GB of blockchain data to /mnt/btc/blocks (use only when Bitcoin daemon is not running):

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
#!/bin/sh
set -e

DEST=/mnt/btc/blocks

cd ~/.bitcoin/blocks/

find . -type f \( -name 'blk00[0123]*.dat' -o -name 'rev00[0123]*dat' \) | sed 's@^\./@@' | while read name ; do
        mv $name $DEST/$name
        ln -s $DEST/$name $name
done

Anyway if you would like to use this server, configure btc.cihar.com in your Electrum client.

If you find this howto useful, you can send some Satoshis to 3KPccmPtejpMczeog7dcFdqX4oTebYZ3tF.

Filed under: Crypto Debian English

by Michal Čihař (michal@cihar.com) at November 17, 2017 11:00 AM

November 16, 2017

Michal Čihař

New projects on Hosted Weblate

Hosted Weblate provides also free hosting for free software projects. The hosting requests queue has grown too long, so it's time to process it and include new project.

This time, the newly hosted projects include:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do that easily on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at November 16, 2017 05:00 PM

November 07, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W44

Most of last week was spent on bringing U2F and 2FA to phpMyAdmin. Besides that it was really just minor bug fixing.

We've had one pull request for the 2FA already open, however it was not really in quality to be merged and the original author really didn't come back to address our concerns. I was thinking to start over from his work, but in the end I've decided to start from scratch and come with code which will make easier to implement additional second authentication factors in the future.

Anyway what is now there is support for HOTP/TOTP authentication (Google Authenticator and similar) and FIDO U2F hardware tokens. The latter has been tested with TREZOR, but should work with any compliant device.

phpMyAdmin with TREZOR

Handled issues:

Filed under: Crypto English phpMyAdmin

by Michal Čihař (michal@cihar.com) at November 07, 2017 11:00 AM

November 06, 2017

Maurício Meneghini Fauth

Weekly phpMyAdmin contributions 2017-W44

Last week I fixed a few bugs in some templates, moved to templates HTML code in PHP files and replaced the globals of some classes with dependency injection.

Issues:

The post Weekly phpMyAdmin contributions 2017-W44 appeared first on mauriciofauth.com.

by Maurício Meneghini Fauth at November 06, 2017 01:27 PM

October 31, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W43

Last week was mostly focused on code cleanup. I've done quite some fixups in the database interface layer, which now has easier to use API and no more relies on global variables to store database links. Pretty much similar was done in the authentication layer, where many of the methods had names coming from historical reasons rather than their current functionality.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at October 31, 2017 11:00 AM

October 24, 2017

October 18, 2017

Michal Čihař

Gammu 1.38.5

Today, Gammu 1.38.5 has been released. After long period of bugfix only releases, this comes with several new noteworthy features.

The biggest feature probably is that SMSD can now handle USSD messages as well. Those are usually used for things like checking remaining credit, but it's certainly not limited to this. This feature has been contributed thanks to funding on BountySource.

You can read more information in the release announcement.

Filed under: Debian English Gammu

by Michal Čihař (michal@cihar.com) at October 18, 2017 10:00 AM

October 13, 2017

Michal Čihař

Weblate 2.17

Weblate 2.17 has been released today. There are quite some performance improvements, improved search, improved access control settings and various other improvements.

Full list of changes:

  • Weblate by default does shallow Git clones now.
  • Improved performance when updating large translation files.
  • Added support for blocking certain emails from registration.
  • Users can now delete their own comments.
  • Added preview step to search and replace feature.
  • Client side persistence of settings in search and upload forms.
  • Extended search capabilities.
  • More fine grained per project ACL configuration.
  • Default value of BASE_DIR has been changed.
  • Added two step account removal to prevent accidental removal.
  • Project access control settings is now editable.
  • Added optional spam protection for suggestions using Akismet.

Update: The bugfix 2.17.1 is out as well, fixing testsuite errors in some setups:

  • Fixed running testsuite in some specific situations.
  • Locales updates.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at October 13, 2017 01:00 PM

Using Trezor to store cryptocurencies

For quite some time I have some cryptocurrencies on hold. These mostly come from times it was possible to mine Bitcoin on the CPU, but I've got some small payments recently as well.

I've been using Electrum wallet so far. It worked quite well, but with increasing Bitcoin value, I was considering having some hardware wallet for that. There are few options which you can use, but I've always preferred Trezor as that device is made by guys I know. Also it's probably device with best support out of these (at least I've heard really bad stories about Ledger support).

In the end what decided is that they are also using Weblate to translate their user interface and offered me the wallet for free in exchange. This is price you can not beat :-). Anyway the setup was really smooth and I'm now fully set up. This also made me more open to accept other cryptocurrencies which are supported by Trezor, so you can now see more options on the Weblate donations page.

Filed under: Crypto Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at October 13, 2017 04:00 AM

October 11, 2017

Michal Čihař

New projects on Hosted Weblate

Hosted Weblate provides also free hosting for free software projects. The hosting requests queue has grown too long, so it's time to process it and include new project.

This time, the newly hosted projects include:

  • Hunspell - famous spell checker
  • Eolie - a web browser for GNOME
  • SkyTube - an open-source YouTube app for Android
  • Eventum - issue tracking system

Additionally there were some notable additions to existing projects:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do that easily on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at October 11, 2017 04:00 PM

October 10, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W40

Last week I've finally got to common.inc.php cleanup which is assigned to me for more than year. I've again managed to cleanup some parts of it, but it's quite challenging task as whenever I touch this (mostly ancient) code, I found some issues with it and have to fix other things as well.

Another interesting topic was fixing operation with database or table called 0. This is well known PHP issue that empty function in string containing just 0 will return true, however some of our code was using that to test whether database or table are set. This should be now fixed in master branch.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at October 10, 2017 10:00 AM

October 09, 2017

Michal Čihař

Better acess control in Weblate

Upcoming Weblate 2.17 will bring improved access control settings. Previously this could be controlled only by server admins, but now the project visibility and access presets can be configured.

This allows you to better tweak access control for your needs. There is additional choice of making the project public, but restricting translations, what has been requested by several projects.

You can see the possible choices on the UI screenshot:

Weblate overall experience

On Hosted Weblate this feature is currently available only to commercial hosting customers. Projects hosted for free are limited to public visibility only.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at October 09, 2017 04:00 PM

Better access control in Weblate

Upcoming Weblate 2.17 will bring improved access control settings. Previously this could be controlled only by server admins, but now the project visibility and access presets can be configured.

This allows you to better tweak access control for your needs. There is additional choice of making the project public, but restricting translations, what has been requested by several projects.

You can see the possible choices on the UI screenshot:

Weblate overall experience

On Hosted Weblate this feature is currently available only to commercial hosting customers. Projects hosted for free are limited to public visibility only.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at October 09, 2017 04:00 PM

stardicter 1.1

Stardicter 1.1, the set of scripts to convert some freely available dictionaries to StarDict format, has been released today. The biggest change is that it will also keep source data together with generated dictionaries. This is good for licensing reasons and will also allow to actually build these as packages within Debian.

Full list of changes:

  • Various cleanups for first stable release.
  • Fixed generating of README for dictionaries.
  • Added support for generating source tarballs.
  • Fixed installation on systems with non utf-8 locale.

As usual, you can install from pip, download source or download generated dictionaries from my website. The package should be soon available in Debian as well.

Filed under: Debian English StarDict

by Michal Čihař (michal@cihar.com) at October 09, 2017 01:15 PM

October 03, 2017

Maurício Meneghini Fauth

Weekly phpMyAdmin contributions 2017-W39

Last week I added a linter to the JavaScript files and fixed some code style issues. I changed the namespace of some classes to help with the organization and I moved several tests for the Util class methods to the UtilTest test class, and handled some issues and pull requests.

Handled issues:

The post Weekly phpMyAdmin contributions 2017-W39 appeared first on mauriciofauth.com.

by Maurício Meneghini Fauth at October 03, 2017 01:05 PM

August 29, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W34

Last week was again mostly spent on fixing bugs and going through reports on our error reporting server. This is really valuable tool for finding problems which hit our users, on the other side there is simply too many things there and sometimes it's hard to pinpoint something really important.

Besides that I've also ensured that all our libraries work well with upcoming PHP 7.2 and all are now tested on Travis CI against this version as well.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at August 29, 2017 10:00 AM

August 28, 2017

Manish Bisht

Summary — Google Summer of Code’ 17 with phpmyadmin

Here is the list of issues on which I have worked this summer.

#1: Implement responsive/mobile interface

https://github.com/phpmyadmin/phpmyadmin/issues/13023

As the number of mobile users are increasing day by day so responsive design should be implemented into phpMyAdmin.

  • Proposed Design
  • Added Viewport
  • Used CSS Media Queries
  • 30+ Pages
  • Fixed Tests Cases

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13422

Status: Merged

#2: Nice view for JSON data

https://github.com/phpmyadmin/phpmyadmin/issues/12944

It will add the feature to have an easy view of the JSON data of a column of a table. Right now it shows in only one line, without any kind of format, so we can have an option to show when you are viewing a table with JSON data or when editing a nice JSON view.

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13317

Status: Merged

#3: Remove inline javascript

https://github.com/phpmyadmin/phpmyadmin/issues/12261

There are several places which uses inline javascript (like onclick, onsubmit and onchange). These should be removed and placed into javascript files. After removal we can get rid of ‘unsafe-inline’ for scripting in CSP.

  • Removed onmouseover
  • Removed onmouseout
  • Removed onmousedown
  • Removed onsubmit
  • Removed onchange
  • Removed onclick

Pull Requests

Status: Merged

#4: Disable charset conversion during import when SET NAMES is present

https://github.com/phpmyadmin/phpmyadmin/issues/9419

If the import file is not in supported formats and it’s not ‘utf-8’ then it runs the SET NAMES for the selected charset during the import option. So I will disable the second time encoding if the selected charset is same as that of the charset mentioned in the SET NAMES.

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13457

Status: Review

#5: Import/Export Progress bar

https://github.com/phpmyadmin/phpmyadmin/issues/6311

https://github.com/phpmyadmin/phpmyadmin/issues/12401

It would be really nice to have a progress bar showing import and export progress in real time in terms of percentage and having some more detailed information like which step/table it is processing.

For Export (export.php will be used)

Export Status in Percentage (including how many tables and rows have been already processed and which is in progress right now)

For Import (import.php will be used)

Upload a file and Unzip it. Import into a database (including how many tables and rows have been already processed and which is in progress right now)

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13502

Status: Review

#6: Password “No” shown for user not in user table

https://github.com/phpmyadmin/phpmyadmin/issues/12718

When a user has access to a db (or table), but is not in the user table he’s shown as not having a password. Even after successfully running the query delete from mysql.user where user = ‘test’ I was still able to login with the test account.

I will show the message “NO” without red mark and with showing an information icon with a tooltip saying that the user exists in some tables but not the user table.

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13305

Status: Merged

#7: Fallback to default table names

https://github.com/phpmyadmin/phpmyadmin/issues/12887

The PMA should fallback to default table names if controluser + pmadb options are set while other like ‘relation’, ‘column_info’ are NOT in config.inc.php.

So if the above conditions are matched I will make all features that are listed as Enabled instead of Disabled.

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13524

Status: Merged

Weekly Blog Posts

I have also posted the weekly update for my project. Following are the links of every week that includes the details and links to pull requests.

Week 1

https://medium.com/@manishbisht/week-1-google-summer-of-code-17-with-phpmyadmin-dfa88d8bfb4a

Week 2

https://medium.com/@manishbisht/week-2-google-summer-of-code-17-with-phpmyadmin-415fb3d64483

Week 3

https://medium.com/@manishbisht/week-3-google-summer-of-code-17-with-phpmyadmin-906017806ac2

Week 4

https://medium.com/@manishbisht/week-4-google-summer-of-code-17-with-phpmyadmin-265521adaf57

Week 5

https://medium.com/@manishbisht/week-5-google-summer-of-code-17-with-phpmyadmin-e988b69d6a80

Week 6

https://medium.com/@manishbisht/week-6-google-summer-of-code-17-with-phpmyadmin-7a2621f1456a

Week 7

https://medium.com/@manishbisht/week-7-google-summer-of-code-17-with-phpmyadmin-74f202a73499

Week 8

https://medium.com/@manishbisht/week-8-google-summer-of-code-17-with-phpmyadmin-f186d502522f

Week 9

https://medium.com/@manishbisht/week-9-google-summer-of-code-17-with-phpmyadmin-90f3699459e8

Week 10

https://medium.com/@manishbisht/week-10-google-summer-of-code-17-with-phpmyadmin-6bf6fb791b49

Week 11

https://medium.com/@manishbisht/week-11-google-summer-of-code-17-with-phpmyadmin-72b4a18597a2

Week 12

https://medium.com/@manishbisht/week-12-google-summer-of-code-17-with-phpmyadmin-2f0a77f48c93

Project Presentation Link

I have also presented this project in my college also. So here it the link of the presentation https://docs.google.com/presentation/d/1-rnFgE1AIx82hgj41DfbVqflmWyyo0MOFw9L2ylF5kE/

Result

I have learned a lot of new things. This organisation have the best community I have seen it till now. I will keep on contributing to this organisation to make phpmyadmin better.

Thanks phpyadmin for the awesome summer and special thanks to my project mentor Isaac Bennetch :)

by Manish Bisht at August 28, 2017 03:24 PM

August 26, 2017

Deven Bansod

Google Summer of Code’ 17 with phpMyAdmin – Summary

This post summarizes the work done and tasks accomplished during the last twelve weeks. It was carried out as a part of Google Summer of Code 2017 with phpMyAdmin.

The project involved two separate sub-lists of tasks, one related to phpMyAdmin’s Error Reporting Server and the other related to phpMyAdmin’s selenium test-suite.

Tasks related to Error Reporting Server:

  1. Use cleaner syntax for control structures in views:
  2. Allow reports search by filename:
  3. Sanitize versions in reports:
  4. Simplify issue state:
  5. Improve generated issues content:
  6. Provide email notification for new reports:
  7. Read-only public interface:
  8. Follow linked Github-issue state:

 

Tasks related to selenium testing:

  1. Fix database-related selenium tests
  2. Fix selenium tests related to Login, Normalization, ChangePassword, ServerSettings
  3. Fix selenium tests related to Table, Export, XSS, Tracking
  4. Fix import-related selenium tests
  5. Add tests for typing and executing SQL query on phpMyAdmin
  6. Add tests for Query-by-example UI in phpMyAdmin
  7. Fix random failures in selenium tests
  8. Minor refactoring in selenium tests

Weekly reports

The detailed weekly reports are available on this blog at the following links:

  1. Week 1:
  2. Week 2:
  3. Week 3:
  4. Week 4:
  5. Week 5:
  6. Week 6:
  7. Week 7:
  8. Week 8:
  9. Week 9:
  10. Week 10-11:
  11. Week 12:

Conclusion

The project led to a few good improvements to phpMyAdmin’s error reporting server, which I hope would make it more developer-friendly and the public interface would help more non-team contributors in fixing the errors reported on it.

phpMyAdmin’s selenium test-suite has finally stabilized in green (i.e. passing), albeit some errors popping up once in about ten runs. I do hope to fix these as they are encountered. Improvement in selenium test-suite and moving it out of allowed failures in Travis has already started to show its impact as we could track a few errors introduced while refactoring. These would otherwise be missed as the refactored code was not well-covered by the unit tests.

Finally, it has been another wonderful summer working with phpMyAdmin and its wonderful community. I would like to thank my mentor, Michal Čihař and the entire phpMyAdmin team, for their continued support throughout this project.


Filed under: Development, GSoC 2017, phpMyAdmin Tagged: Final Submission, GSoC 2017, phpMyAdmin, Summary

by Deven Bansod at August 26, 2017 07:17 AM

August 25, 2017

Michal Čihař

New projects on Hosted Weblate

Hosted Weblate provides also free hosting for free software projects. The hosting requests queue has grown too long, so it's time to process it and include new project.

This time, the newly hosted projects include:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do them on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at August 25, 2017 04:00 PM

Deven Bansod

GSoC 2017 : Weekly Report #12

Week #12

Key accomplishments last week:

  • Add selenium tests to cover Query-by-example UI on phpMyAdmin
  • Made selenium test-suite more robust

Key tasks stalled:

NA

Tasks in the upcoming week:

Details:

I completed one of the tasks left in the proposal that was about adding selenium tests for covering phpMyAdmin’s Query by example UI. Additionally, I continued to try and make phpMyAdmin’s selenium test-suite more robust.

Another GSoC student Raghuram has been working on developing the new UI for Query by example as a part of his project. His PR with those changes just got merged yesterday, but the selenium tests might have to be adjusted to suit this new UI. Apart from this, the selenium test-suite is on the verge of running successfully over a set of continuous commits.

With this week coming to an end, the offical coding period for GSoC ’17 has also ended. I would be discussing with my mentor Michal to decide on what to submit as the final submission. It would mostly be a summary post with relevant links and description on this blog.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #12, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at August 25, 2017 05:25 AM

August 24, 2017

Michal Čihař

Taking over siphashc for Python

Since some time we're using siphash algorithm to speed up looking up strings in Weblate. Even though it is used by Python internally, it's not exposed in the standard library so several third party modules appeared in the PyPI. Out of all these siphashc or rather it's Python 3 fork siphashc3 seemed to perform best, so I've started to use that.

However it turned out that none of them is in active maintenance anymore. The original version lacks Python 3 support, while the siphashc3 uses odd versioning which causes problems to some pip versions.

After trying to get fix into siphashc3 without much of success, I've spoken to original author of siphashc and he has agreed to hand over maintainership to me. So it's new home is at https://github.com/WeblateOrg/siphashc and new release is already available on PyPI.

Note: Originally we were using MD5 in Weblate, but siphash has shown to be faster and fits into 64-bits, what makes it easier to store and index in SQL databases as LONGINT.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at August 24, 2017 04:00 PM

Raghuram Vadapalli

Closing GSoC.. Final code submission

So, finally I made it to the end of my project. It was a great experience working with phpMyAdmin through the summer. Since final evaluations are drawing close, Isaac suggested me to make a blog post of links to all the pull requests I submitted. That makes this post an official artifact of my GSoC project. I am glad that I was able to stick to the proposed plan for the most part. Towards the end, we had to re-plan slightly. I am thankful to my mentor for being very supportive during this time.

The following is the list of Pull Requests I submitted in chronological order:

As I mentioned in an earlier post, I was not able to implement one of the features. But the work I did towards it can be found at –

https://github.com/phpmyadmin/phpmyadmin/compare/master…Achilles-96:Setup-Improvements

One of the issues was resolved without any code submission –

 https://github.com/phpmyadmin/phpmyadmin/issues/12845


by Raghuram Vadapalli at August 24, 2017 10:26 AM

August 22, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W33

Last week was a bit less intensive on bug fixes, but I've spent quite a lot of time on improving our localized documentation and fixing various errors there. This is really something what should be automatically checked in Weblate in the long term, but right now it results in build failures in Travis.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at August 22, 2017 10:00 AM

August 19, 2017

Manish Bisht

Week 12: Google Summer of Code’ 17 with phpmyadmin

Previous week the tasks mentioned in my proposal was completed so this week was mostly spent in debugging, checking and fixing other issues. I have fixed one more issue this week.

Nothing on Export page when database is empty

https://github.com/phpmyadmin/phpmyadmin/issues/13572

This is the method to create the error message

$error = PhpMyAdmin\Message::error(__('No tables found in database.'));

So the following was the final result.

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13585

Next Steps

This was my last week progress. I will post an update for wrap up of the entire GSoC tasks in the upcoming week.

by Manish Bisht at August 19, 2017 07:11 PM

August 15, 2017

Deven Bansod

GSoC 2017 : Weekly Report #10 – 11

Week #10 – 11

Key accomplishments last week:

  • Made selenium test-suite more robust
  • Fix possible errors in unreliable test cases
  • Add selenium tests to type SQL query and execute it on phpMyAdmin

Key tasks stalled:

NA

Tasks in the upcoming week:

Details:

I spent some time last week to make the test-suite more robust. Last I had written it was throwing a lot of unrelated errors, but that has been fixed now. It felt really good to see the ‘Daily update’ mails from Browerstack for last two days which said ‘No builds had issues’, which seems to be pointing to suite been stabilized for a few consecutive builds.

Last week was spent at DebConf’17 in Montreal, Canada. Madhura, Michal and I were attending the conference and we managed to meet up with Marc for lunch on one of the days. I did manage to find some time and added selenium tests for typing and executing SQL queries. This covers the Server, Database and Table SQL pages and in-line editing of SQL queries on results page.

For this current week, I plan to continue working to making the selenium test-suite consistent to pass on every commit and prevent any non-deterministic errors. This coming week would be the last week working before pencils-down date. I do expect to continuing some work towards the test-suite to surely go on.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #10, #11, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at August 15, 2017 10:59 AM

August 14, 2017

Michal Čihař

New projects on Hosted Weblate

Hosted Weblate provides also free hosting for free software projects. The hosting requests queue was over one month long, so it's time to process it and include new project.

This time, the newly hosted projects include:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do them on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at August 14, 2017 10:00 AM

August 13, 2017

Manish Bisht

Week 11: Google Summer of Code’ 17 with phpmyadmin

This week I have spent my time working on following issue:

Import/Export Progress bar

https://github.com/phpmyadmin/phpmyadmin/issues/6311

https://github.com/phpmyadmin/phpmyadmin/issues/12401

The export and import progress bar is now complete. Here are the screenshots of the final result.

Export
Import

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13502

Next Steps

This was my eleventh week progress. I will post an update for this week soon.

by Manish Bisht at August 13, 2017 02:18 AM

August 11, 2017

Raghuram Vadapalli

So, I had a setback!!

First of all, I successfully passed my second evaluations. Thanks to my mentor. 🙂

The reason I didn’t blog since then is that there was not much progress. Reopening of my college and registration took up more time than expected. Adding to the trouble, my next task Setup improvements turned out be more challenging than expected. It was not suggested in the initial project enhancements collection. But I added it as I felt it is important feature and a good replacement for the other task – Filling random test data in database. Why I had to replace? That’s another story.

Coming to the point, allowing access to file-system is a sensitive issue. After a lot of discussion with Michal, we finally agreed on following scheme for allowing access to setup:

  • If there is no config.inc.php and it can be written to, redirect user to setup and force him creating config at least with setup password. This will make the attack window minimal as most people will try to access the tool just after installing.
  • For existing installs user has to manually add the password to the configuration. This is needed to avoid somebody remotely creating that.

Access to setup:

  • If there is no config file, access to setup is allowed for initial setup.
  • If there is config without password, access is rejected with link to documentation how to enable it.
  • If there is config with password, user has to enter the password prior entering setup.

And this was finalized just last week. Also, I came across a few existing bugs after starting to work on setting up the credential-setup. These bugs further added to delay. I had to fix them and proceed. Current standpoint is that credential-setup is still not completely done. There is one more issue I ran into. The config options which I applied are not reflecting in the generated config file. I and Isaac are working to resolve this. You can check out work in progress by checking out my branch. Now it is clear that my idea for Setup Improvements was ambitious. I talked with Isaac about this. He understood the situation as the pencils down time is approaching. Now I plan to just implement editable configuration completely for this task.


by Raghuram Vadapalli at August 11, 2017 05:17 PM

Michal Čihař

Weblate 2.16

Weblate 2.16 has been released today while I'm at DebConf17. There are quite some performance improvements (and more of that is scheduled for 2.17), new file formats support and various other improvements.

Full list of changes:

  • Various performance improvements.
  • Added support for nested JSON format.
  • Added support for WebExtension JSON format.
  • Fixed git exporter authentication.
  • Improved CSV import in certain situations.
  • Improved look of Other translations widget.
  • The max-length checks is now enforcing length of text in form.
  • Make the commit_pending age configurable per component.
  • Various user interface cleanups.
  • Fixed component/project/sitewide search for translations.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at August 11, 2017 01:30 PM

August 08, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W31

This week was quite productive in terms of bug fixes and various code improvements. One of most visible things is probably PHP 7.2 compatibility, but there were other fixes as well.

I've somehow failed to post this report on time, so sorry for late publishing.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at August 08, 2017 10:00 AM

August 06, 2017

Manish Bisht

Week 10: Google Summer of Code’ 17 with phpmyadmin

This week I have spent my time working on following issue:

Import/Export Progress bar

https://github.com/phpmyadmin/phpmyadmin/issues/6311

https://github.com/phpmyadmin/phpmyadmin/issues/12401

The export progress is completed and updated in the PR and currently working on the import progress.

For Import the data is saving in the configuration database. I am now looking for the way to update the import progress on the page.

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13502

The following issue was due to the responsive design. So I have fixed this also.

Server variables out of table

https://github.com/phpmyadmin/phpmyadmin/issues/13546

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13549

Next Steps

This was my tenth week progress. I will post an update for this week soon.

by Manish Bisht at August 06, 2017 02:59 AM

August 04, 2017

Michal Čihař

Changes to Docker container for Weblate

I've made several changes to the Weblate Docker container which are worth mentioning today.

First of all if you are still using nijel/weblate, you should switch to weblate/weblate. They both currently share same configuration, but it might happen that some future updates will go to the weblate owned container only.

Now back to the container changes. Since beginning we were using Django built in server. That's fine for development purposes, but it really doesn't work that well in production as it can handle only one request at time. Therefore we've switched to more robust approach using nginx + uwsgi + supervisor.

Thanks to this, the docker-compose no longer needs separate nginx server as everything is now sanely handled within the weblate container itself.

Filed under: Debian English Gammu phpMyAdmin SUSE Weblate

by Michal Čihař (michal@cihar.com) at August 04, 2017 10:00 AM

August 03, 2017

Michal Čihař

Going to DebConf17

After fours years, I will again make it to DebConf, I'm looking forward to meet many great people, so if you want to meet and happen to be in Montreal next week come and say hello to me :-).

It seems I've settled down on four year schedule - I've attended DebConf09 and DebConf13 so far. Let's see if next one will come in 2021 or earlier.

Filed under: Debian English Gammu phpMyAdmin Weblate

by Michal Čihař (michal@cihar.com) at August 03, 2017 04:00 AM

August 02, 2017

Deven Bansod

GSoC 2017 : Weekly Report #9

Week #9

Key accomplishments last week:

  • Made selenium test-suite more robust
  • Implemented marking of test failures on Browerstack
  • Researched over how to use php-webdriver

Key tasks stalled:

NA

Tasks in the upcoming week:

Details:

I spent some time last week to make the test-suite more robust and it actually did stabilize for a few consecutive builds. I also spent some time to add code in our test-suite so that the failed tests on Travis are actually marked with a failed status on Browerstack.

For this current week, I plan to continue working to making the selenium test-suite consistent to pass on every commit and prevent any non-deterministic errors. For the last two days, it has started to throw a lot of errors suddenly (which I am really not sure why it is happening). I might also start to implementing the new selenium tests to be added for typing and executing a sql query on table, database and server SQL pages.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #9, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at August 02, 2017 04:03 PM

July 29, 2017

Manish Bisht

Week 9: Google Summer of Code’ 17 with phpmyadmin

This week I have spent my time working on following issue:

Configuration storage — fallback to default values

https://github.com/phpmyadmin/phpmyadmin/issues/12887

I check the control user and control values and if both values are set the n I set the default values for table and database.

if ($GLOBALS['cfg']['Server']['controluser'] &&
$GLOBALS['cfg']['Server']['controlpass']) {
// Set the default table name and database
}

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13524

Import/Export Progress bar

https://github.com/phpmyadmin/phpmyadmin/issues/6311

https://github.com/phpmyadmin/phpmyadmin/issues/12401

The export progress bar is almost done. I am now waiting for the feedback on the PR and in parallel started working on the import progress bar.

Pull Request: https://github.com/phpmyadmin/phpmyadmin/pull/13502

Next Steps

This was my ninth week progress. I will post an update for this week soon.

by Manish Bisht at July 29, 2017 04:08 PM

July 27, 2017

Michal Čihař

Weblate 2.16: Call for translations

Weblate 2.16 is almost ready (I expect no further code changes), so it's really great time to contribute to it's translations! Weblate 2.16 will be probably released during my presence at DebConf 17.

As you might expect, Weblate is translated using Weblate, so the contributions should be really easy. In case there is something unclear, you can look into Weblate documentation.

I'd especially like to see improvements in the Italian translation which was one of the first in Weblate beginnings, but hasn't received much love in past years.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at July 27, 2017 10:00 AM

July 26, 2017

Deven Bansod

GSoC 2017 : Weekly Report #8

Week #8

Key accomplishments last week:

  • Fixed selenium tests related to Export, Table, Tracking, XSS

Key tasks stalled:

NA

Tasks in the upcoming week:

  • Make selenium test-suite run consistently (i.e. prevent timing issues non-deterministic errors)
  • Explore the possibility of migrating to use php-webdriver by Facebook

Details:

Last week was cut short since I was travelling to attend my convocation ceremony at the BITS Pilani, Pilani campus. I graduated in the first division with a dual degree in M. Sc. (Hons.) Economics and B. E. (Hons.) Computer Science.

I spent the last week fixing the selenium tests related to Export, Table, Tracking, XSS. The related PR was made and merged at #13520. The test-suite is able to run successfully and finally I got a few successful selenium travis jobs after a long time, though I am still fixing some or the other error that keeps popping up on some jobs.

For this current week, I plan to continue working to making the selenium test-suite consistent to pass on every commit and prevent any non-deterministic errors. I would also want to explore a possibility to migrate the selenium tests to use Facebook’s php-webdriver.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #8, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at July 26, 2017 07:40 AM

July 25, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W29

Last week was really focused on fixing issues on phpMyAdmin itself. Some of them also lead to me to bigger cleanups, for example in theme management code, which is now not relying on session cache.

Another important improvements were focused on improving SSL support in phpMyAdmin. It is now able to automatically detect if server enforces SSL and enable it in such case. There is also improved documentation about configuring SSL.

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at July 25, 2017 10:00 AM

July 24, 2017

Raghuram Vadapalli

Single command set up for IIIT VPN

All are probably familiar with vpn.iiit.ac.in. It clearly details steps to follow for setting up IIIT VPN which includes going through a series of steps every time you want to connect. So, I made this small procedure to automate it.

  1. Follow first two steps on vpn.iiit.ac.in for Linux. Here are the two steps:
    1. Install openvpn package using yum, apt-get, synaptic, yast etc. based on which Linux distribution you are using. All standard Linux distributions support openVPN installation using standard repositories.
    2. After installation, copy following files to /etc/openvpn/ directory. ca.crtall.iiit.ac.in.crtall.iiit.ac.in and linux_client.conf. (You need to be root to be able to write in this directory).
  2. cd into etc/openvpn/. Create a file called login.conf and add your IIIT email ID in first line and password in second line. For security, make it accessible only to root:
    sudo chown root login.conf
    sudo chgrp root login.conf #Not really needed
    sudo chmod 400 login.conf
    
  3. Open linux_client.conf. Find line which says auth-user-pass(should be around line 126). Replace the line with auth-user-pass login.conf.
  4. Go to home directory and open .bashrc. Copy the following lines at the end of it.
    #This function is helpful if you want to run any function as root.
    function execsudo ()
    {
        ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ##
        #
        # LOCAL VARIABLES:
        #
        ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ##
    
        #
        # I use underscores to remember it's been passed
        local _funcname_="$1"
    
        local params=( "$@" )               ## array containing all params passed here
        local tmpfile="/dev/shm/$RANDOM"    ## temporary file
        local filecontent                   ## content of the temporary file
        local regex                         ## regular expression
        local func                          ## function source
    
        ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ##
        #
        # MAIN CODE:
        #
        ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ##
    
        #
        # WORKING ON PARAMS:
        # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    
        #
        # Shift the first param (which is the name of the function)
        unset params[0]              ## remove first element
        # params=( "${params[@]}" )     ## repack array
    
        #
        # WORKING ON THE TEMPORARY FILE:
        # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    
        content="#!/bin/bash\n\n"
    
        #
        # Write the params array
        content="${content}params=(\n"
    
        regex="\s+"
        for param in "${params[@]}"
        do
            if [[ "$param" =~ $regex ]]
                then
                    content="${content}\t\"${param}\"\n"
                else
                    content="${content}\t${param}\n"
            fi
        done
    
        content="$content)\n"
        echo -e "$content" > "$tmpfile"
    
        #
        # Append the function source
        echo "#$( type "$_funcname_" )" >> "$tmpfile"
    
        #
        # Append the call to the function
        echo -e "\n$_funcname_ \"\${params[@]}\"\n" >> "$tmpfile"
    
        #
        # DONE: EXECUTE THE TEMPORARY FILE WITH SUDO
        # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        sudo bash "$tmpfile"
        disown 2> /dev/null
        rm "$tmpfile"
    }
    
    function vpnfunc {
    	echo "Starting VPN!!"
    	cd /etc/openvpn
    	openvpn --config linux_client.conf | while read line
    	do
    		[[ "${line}" == *"Initialization Sequence Completed"* ]] && echo 'nameserver 10.4.20.204' | cat - /etc/resolv.conf > temp && mv temp /etc/resolv.conf && echo 'Started VPN successfully!!' && kill -STOP $$
    	done
    }
    
    function startvpn {
    	exec 3>&2          # 3 is now a copy of 2
    	exec 2> /dev/null  # 2 now points to /dev/null
    	execsudo vpnfunc   # run script with redirected stderr
    	exec 2>&3          # restore stderr to saved
    	exec 3>&-          # close saved version
    }
    
    function stopvpn {
    	sudo killall openvpn
    	sudo sed -i '/nameserver 10.4.20.204$/d' /etc/resolv.conf
    }
    
    
  5. Open a new terminal or execute source .bashrc.
  6. From now, startvpn command should start your VPN. (It may ask for sudo password).
  7. stopvpn will terminate VPN.

I am not a bash God, so please spare me if I made any blunders. But, do leave a comment if it can be done better.

 

Credits for execsudo function: stackoverflow answer


by Raghuram Vadapalli at July 24, 2017 09:45 PM

July 23, 2017

Manish Bisht

Week 8: Google Summer of Code’ 17 with phpmyadmin

This week I have spent my time working on following issue:

Import/Export Progress bar

https://github.com/phpmyadmin/phpmyadmin/issues/6311

https://github.com/phpmyadmin/phpmyadmin/issues/12401

First I made changes in the phpmyadmin configuration sql table and added one extra table to track the progress status.

CREATE TABLE IF NOT EXISTS `pma__progress` (
`uuid` varchar(36) NOT NULL,
`type` varchar(64) NOT NULL,
`data` text NOT NULL,
`value` int(50) unsigned NOT NULL,
`total` int(50) unsigned NOT NULL,
UNIQUE KEY `uuid` (`uuid`)
)
COMMENT='Saved import/export progress data'
DEFAULT CHARACTER SET
utf8 COLLATE utf8_bin;

Then I learnt how to insert data in phpmyadmin configuration database. Then from the mailing list I got this link to get started
https://github.com/phpmyadmin/phpmyadmin/blob/master/libraries/tracking.lib.php#L246 So finally I was able to update data in the progress table as the new table is exported.

$cfgRelation = PMA_getRelationsParam();
$sql_query = " SELECT * FROM " .
PhpMyAdmin\Util::backquote($cfgRelation['db']) . "." .
PhpMyAdmin\Util::backquote($cfgRelation['tracking']) .
" WHERE db_name = '" .
$GLOBALS['dbi']->escapeString($_REQUEST['db']) . "' " .
" AND table_name = '" .
$GLOBALS['dbi']->escapeString($_REQUEST['table']) . "' " .
" ORDER BY version DESC ";
PMA_queryAsControlUser($sql_query);

Then I used the setInterval() to update the progress on the page.

var progressInterval = setInterval(function () {
$.post('progress.php', params, function (response) {
if (response.success === true) {
// do something
}
});
}, 500);

And the final result was something like this.

One more thing I missed mentioning below issue in my previous blog post. This was completed last week.

Double Character Encoding Issue:

https://github.com/phpmyadmin/phpmyadmin/issues/9419

removed double charset encoding

https://github.com/phpmyadmin/phpmyadmin/pull/13457

I have used phpmyadmin sql parser to do this.

use PhpMyAdmin\SqlParser\Parser;
use PhpMyAdmin\SqlParser\Utils\Query;

$query = 'SET NAMES latin1';
$parser = new Parser($query);
$flags = Query::getFlags($parser->statements[0]);

echo $flags['querytype'];

Next Steps

This was my eighth week progress. I will post an update for this week soon.

by Manish Bisht at July 23, 2017 03:26 PM

July 22, 2017

Raghuram Vadapalli

Weekly update

This week, there is nothing much to update. It turned out that my previous task i.e., to consolidate table sorter libraries used by phpMyAdmin is not needed. The reason being the two libraries mentioned in the task are independent of each other and do not do the same task. I am getting code reviews on my previously submitted patches. I will be working on them those patches this week and hopefully get some of them merged.

The following are the patches I submitted so far:

 


by Raghuram Vadapalli at July 22, 2017 09:01 AM

July 21, 2017

Michal Čihař

Making Weblate more secure and robust

Having publicly running web application always brings challenges in terms of security and in generally in handling untrusted data. Security wise Weblate has been always quite good (mostly thanks to using Django which comes with built in protection against many vulnerabilities), but there were always things to improve in input validation or possible information leaks.

When Weblate has joined HackerOne (see our first month experience with it), I was hoping to get some security driven core review, but apparently most people there are focused on black box testing. I can certainly understand that - it's easier to conduct and you need much less knowledge of the tested website to perform this.

One big area where reports against Weblate came in was authentication. Originally we were mostly fully relying on default authentication pipeline coming with Python Social Auth, but that showed some possible security implications and we ended up with having heavily customized authentication pipeline to avoid several risks. Some patches were submitted back, some issues reported, but still we've diverged quite a lot in this area.

Second area where scanning was apparently performed, but almost none reports came, was input validation. Thanks to excellent XSS protection in Django nothing was really found. On the other side this has triggered several internal server errors on our side. At this point I was really happy to have Rollbar configured to track all errors happening in the production. Thanks to having all such errors properly recorded and grouped it was really easy to go through them and fix them in our codebase.

Most of the related fixes have landed in Weblate 2.14 and 2.15, but obviously this is ongoing effort to make Weblate better with every release.

Filed under: Debian English SUSE Weblate

by Michal Čihař (michal@cihar.com) at July 21, 2017 10:00 AM

July 18, 2017

Michal Čihař

Weekly phpMyAdmin contributions 2017-W28

Last week was quite busy and that can be seen from number of issues. Some of them are coming from our error reporting server, where I've focused on the most frequently happening ones for last releases. Still there is about 30000 reports to handle there.

There were several fixes to our SQL parser as well, apparently it's already being used by some other tools, for example by php-sqllint, so we're getting more bug reports :-).

Handled issues:

Filed under: English phpMyAdmin

by Michal Čihař (michal@cihar.com) at July 18, 2017 10:00 AM

July 17, 2017

Deven Bansod

GSoC 2017 : Weekly Report #7

Week #7

Key accomplishments last week:

  • Fixed selenium tests related to Login, Normalization, ChangePassword, ServerSettings

Key tasks worked on:

  • Fixed table-related, tracking-related and export-related tests (partially)

Key tasks stalled:

NA

Tasks in the upcoming week:

  • Work on and fix remaining set of broken selenium tests

Details:

 

I spent the last week fixing the selenium tests related to Login, Normalization, ChangePassword, ServerSettings. The related PR was made and merged at #13476.

In the later part of the week, I spent some time fixing the table-related tests, tracking-related tests and export-related tests. Though, they are not in a consistently fixed state (i.e. they sometimes do misbehave, leading to a failure), I expect them to be ready for a PR soon.

For the next week, I plan to continue working to fixing the next set of broken selenium tests.


Filed under: GSoC 2017, phpMyAdmin, Weekly Reports Tagged: #6, GSoC 2017, phpMyAdmin, Weekly Report

by Deven Bansod at July 17, 2017 07:40 AM

July 16, 2017

Manish Bisht

Week 7: Google Summer of Code’ 17 with phpmyadmin

This week I have spent my time working on following issue:

Nice view for JSON data

https://github.com/phpmyadmin/phpmyadmin/issues/12944

Show data in json format for datatype other than json

https://github.com/phpmyadmin/phpmyadmin/pull/13435

This is how to check the string is in JSON format of not.

function isJsonString(str) {
try {
JSON.parse(str);
} catch (e) {
return false;
}
return true;
}

Removed inline Javascript

https://github.com/phpmyadmin/phpmyadmin/issues/12261

removed inline onclick javascript

https://github.com/phpmyadmin/phpmyadmin/pull/13446

I uses the following code to remove remove javascript.

$(selector).click(function() {
//do something
});

Import/Export Progress bar

https://github.com/phpmyadmin/phpmyadmin/issues/6311

https://github.com/phpmyadmin/phpmyadmin/issues/12401

I tried solving this issue by setting the cookie and the retriving the cookie to show the progress but the setcookie() in php failed when used after setting the header.

So as this doesn’t worked I have now created a new table in phpMyAdmin Configuration Storage database. I am running behind my timeline as this seems to be difficult compared to my expectations.

This next week issue https://github.com/phpmyadmin/phpmyadmin/issues/12718 has already been resolved my me during the community bonding period so I expect this to complete it by this week.

Next Steps

This was my seventh week progress. I will post an update for this week soon.

by Manish Bisht at July 16, 2017 09:31 AM

July 14, 2017

Raghuram Vadapalli

2-factor authentication for phpMyAdmin

This week, I worked on adding two-factor authentication support for phpMyAdmin. This is by far the most interesting feature I worked on. I never really worked keenly on the security aspect of any software. This indeed has been a very good learning experience.           DuoScreen_740.png

Here is the process:

  1. Log in to your account normally.
  2. Access setup2FA.php. I have not figured out where to place the link which directly takes you to the page. That is more of a user-experience issue and I leave it for the team to advise me on that.                                                                                                                                      Screenshot_20170714_121959.png
  3. Open Google Authenticator (or Authy or whatever you prefer). Scan the barcode with your app. It now starts generating TOTP on your app.                                                               Screenshot_20170714-124414.png
  4. Enter the TOTP in the text field and click submit. Done!!. You now have successfully added 2-factor authentication to you PMA account.                                                Screenshot_20170714_122950.png
  5. When you log in next time, after you enter your credentials, you will be asked for TOTP.Screenshot_20170714_123431.png
  6. Enter the TOTP generated. You will not be logged in unless you clear this step. That’s it!! :D.

I am yet to add a way to delete 2-factor authentication. You can check-out the code from my branch. I will make a pull request after I add the deletion part also.

Since this is a security feature, I feel this requires thorough testing.

Special thanks to TwoFactorAuth library.

Edit: Submitted pull request – https://github.com/phpmyadmin/phpmyadmin/pull/13495


by Raghuram Vadapalli at July 14, 2017 07:11 AM

Subscriptions

Planet phpMyAdmin aggregates blogs of following phpMyAdmin contributors.

Last updated

November 21, 2017 12:00 AM
All times are UTC.

Feeds

[RSS 1.0 Feed] [RSS 2.0 Feed] [Atom Feed] [FOAF Subscriptions] [OPML Subscriptions] [Venus]

Planetarium