* Thu Mar 06 2025 Jean-Philippe Pialasse <jpp@koozali.org> 5.2.1-2.sme

- SME11 build [SME: 12736]
  fix csp,  templates cleanup
  upgrade to php 8.3 (8.4 not supported yet)
- Wrong Servers output [SME: 12516]

.gitignore

@@ -2,3 +2,4 @@
 *.log
 *spec-20*
 *.tar.gz
+*.xz

contriborbase

@@ -1 +0,0 @@
-contribs10

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86PhpmyadminAlias

@@ -31,6 +31,7 @@
 
     # Location overrides Directory for access control and default is RequireAny
     # we need to repeat the Require ip section for both context to filter both admin and multiuser access.
+    if ("$adminaccess" eq "enabled"){
     $OUT .= qq(
 <Location /phpmyadmin>
     AuthName "phpmyadmin"
@@ -43,10 +44,12 @@
     $OUT .= (($phpmyadmin{access} || 'private' ) eq "public" ) ?  "      Require all granted": "      Require ip $localAccess $externalSSLAccess";
     $OUT .= qq(
     </RequireAll>
-</Location>) if "$adminaccess" eq "enabled";
+</Location>) ;
+    }
 
     $OUT .= qq(
 <Directory /usr/share/phpMyAdmin>
+    AddDefaultCharset UTF-8
     SSLRequireSSL
     Options -Indexes
     AllowOverride None
@@ -57,8 +60,10 @@
     </RequireAll>
     );
 
+    # we unset CSP from httpd to allow phpmyadmin to do its own 
+    $OUT .= "    Header unset Content-Security-Policy\n";
     # we do not want people to mess with this for the moment
-  my $version =  '74';
+    my $version =  '83';
 
     $OUT .= qq(
     AddType application/x-httpd-php .php 
@@ -87,7 +92,16 @@
 
 <Directory /usr/share/phpMyAdmin/setup/frames/>
     Require all denied
-</Directory>);
+</Directory>
+
+# This configuration prevents mod_security at phpMyAdmin directories from
+# filtering SQL etc.  This may break your mod_security implementation.
+<IfModule mod_security.c>
+    <Directory /usr/share/phpMyAdmin/>
+        SecRuleInheritance Off
+    </Directory>
+</IfModule>
+);
 
   }
     else 

root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15phpmyadmin

@@ -1,6 +1,6 @@
 {
 
-if ($PHP_VERSION eq '74'){
+if ($PHP_VERSION eq '83'){
   if (($phpmyadmin{'status'} || 'disabled') eq 'enabled'){
     my $max_upload_size = ($phpmyadmin{MaxUploadSize} || '100M');# 104857600 bytes
     $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
@@ -17,8 +17,8 @@ if ($PHP_VERSION eq '74'){
     my $start_servers = $phpmyadmin{'PHPstartServers'} || 6;
     my $max_spare_servers = $phpmyadmin{'PHPmaxServers'} || 8;
     my $max_requests = $phpmyadmin{'PHPmaxRequests'} || 1000;
-    $min_spare_servers = ( $min_spare_servers > $max_spare_servers ) ? printf("%.0f",$max_spare_servers/2) : $min_spare_servers;
+    $min_spare_servers = ( $min_spare_servers > $max_spare_servers ) ? sprintf("%.0f", $max_spare_servers/2) : $min_spare_servers;
-    $start_servers = ( $start_servers > $max_spare_servers ) ? printf("%.0f", $max_spare_servers /2 +  $min_spare_servers/2  ) : $start_servers;
+    $start_servers = ( $start_servers > $max_spare_servers ) ? sprintf("%.0f", $max_spare_servers/2 + $min_spare_servers/2 ) : $start_servers;
     my $id = 'phpmyadmin'; # Note the package is phpMyAdmin
     $OUT .=<<"_EOF";
 

smeserver-phpmyadmin.spec

@@ -6,7 +6,7 @@ Summary: phpMyAdmin for SME Server
 %define name smeserver-phpmyadmin
 Name: %{name}
 %define version 5.2.1
-%define release 1
+%define release 2
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -31,6 +31,12 @@ Implementation of phpMyAdmin for SME Server.
 Access with admin username/password via: https://yourdomain/phpmyadmin.
 
 %changelog
+* Thu Mar 06 2025 Jean-Philippe Pialasse <jpp@koozali.org> 5.2.1-2.sme
+- SME11 build [SME: 12736]
+  fix csp,  templates cleanup
+  upgrade to php 8.3 (8.4 not supported yet)
+- Wrong Servers output [SME: 12516]
+
 * Fri Sep 13 2024 Jean-Philippe Pialasse <jpp@koozali.org> 5.2.1-1.sme
 - fix mysql user creation [SME: 12736]