PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

PHP Web Blog - Part 2
Check Data
In Case You Missed It...The Week of June 12th, 2006
User Route Tracing
Database Abstraction in PHP

[PHP-DEV] Bug #959: Magic Quotes in Oracle (replaces bug 957) From: drew <email protected>
Date: 11/30/98

Next message: michale <email protected>: "[PHP-DEV] Bug #960: Apache SIGSEGV hang on getallheaders()"
Previous message: eschmid: "[PHP-DEV] CVS update: php3/doc/functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: drew <email protected>
Operating system: Linux
PHP version: 3.0.5
PHP Bug Type: Oracle related
Bug description: Magic Quotes in Oracle (replaces bug 957)

Oops - I had the args the wrong way round in the strstr calls !! Heres the newer version (bug 957's patch is wrong) :-

When constructing a query for Oracle containing user supplied values ora_Parse will break if the user entered a value containing a ' such seaching an Oracle database for occurences of Bill's House. PHP quotes the single ' in the variable containg the search criteria with a \ (it becomes Bill\' House), oracle needs single a single quote to be quoted with another ' (it should be Bill''s House). The following patch will change a PHP quoted \' to a '' for submission to the Oracle SQL parse function.

--- oracle.c.orig Mon Oct 5 01:22:29 1998
+++ oracle.c Mon Nov 30 11:19:25 1998
@@ -709,7 +709,7 @@
        pval *argv[3];
        oraCursor *cursor;
        sword defer = 0;
- text *query;
+ text *query, *quote;

        argc = ARG_COUNT(ht);
        if ((argc != 2 && argc != 3) || getParametersArray(ht, argc, argv) == FAILURE) {
@@ -738,6 +738,11 @@
        if (cursor->query) {
                efree(cursor->query);
        }
+
+ quote = query;
+ while ((quote = strstr(quote, "\\\'")) != NULL)
+ *quote = '\'';
+
        cursor->query = query;
        cursor->fetched = 0;
        if(cursor->params && cursor->nparams > 0){
@@ -925,7 +930,7 @@
        pval *argv[2];
        oraConnection *conn = NULL;
        oraCursor *cursor = NULL;
- text *query;
+ text *query, *quote;

        if (ARG_COUNT(ht) != 2 || getParametersArray(ht, 2, argv) == FAILURE) {
                WRONG_PARAM_COUNT;
@@ -962,8 +967,12 @@
                RETURN_FALSE;
        }
        cursor->open = 1;
- cursor->conn_ptr = conn;
-
+ cursor->conn_ptr = conn;
+
+ quote = query;
+ while ((quote = strstr(quote, "\\\'")) != NULL)
+ *quote = '\'';
+
        /* Prepare stmt */

        if (oparse(&cursor->cda, query, (sb4) - 1, 1, VERSION_7)){

--
PHP Development Mailing List   http://www.php.net/
To unsubscribe send an empty message to php-dev-unsubscribe <email protected>
For help: php-dev-help <email protected>

Next message: michale <email protected>: "[PHP-DEV] Bug #960: Apache SIGSEGV hang on getallheaders()"
Previous message: eschmid: "[PHP-DEV] CVS update: php3/doc/functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]