|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2003-04-02 13:31 UTC] mfroeb at gmx dot de
I had set up Apache 2.0.45 with PHP 4.3.2RC1 and MySQL 3.23.55.
This script causes apache to crash with a "write failed" error. With PHP 4.3.1 everything's fine.
--- functions.php ---
<?php
$sql_server = 0;
if (!isset($sessionid)) {
if (isset($_REQUEST['sessionid'])) {
$sessionid = $_REQUEST['sessionid'];
} else {
$sessionid = "";
}
}
if ($sessionid == "") $sessionid = "-";
function sql_connect() {
global $sql_server;
$sql_server = mysql_connect("localhost", "***", "***");
mysql_select_db("***");
return true;
}
function sql_quit() {
global $sql_server;
mysql_close($sql_server);
return true;
}
function check_email ($email) {
if (@preg_match("/^([a-zA-Z0-9_.-]+)@([a-zA-Z0-9_.-]+)([a-zA-Z]{2,4})$/", $email) == 1) {
return true;
} else {
return false;
}
}
function check_passid ($passid) {
if (@preg_match("/^[0-9]{10}D-[0-9]{7}-[0-9]{7}-[0-9]$/", $passid) == 1) {
/* erste zifferngruppe */
$digits1 = ($passid{0} + $passid{3} + $passid{6})*7;
$digits2 = ($passid{1} + $passid{4} + $passid{7})*3;
$digits3 = ($passid{2} + $passid{5} + $passid{8})*1;
$checksum = ($digits1 + $digits2 + $digits3) % 10;
if ($checksum != $passid{9})
return false;
/* zweite zifferngruppe */
$digits1 = ($passid{12} + $passid{15})*7;
$digits2 = ($passid{13} + $passid{16})*3;
$digits3 = ($passid{14} + $passid{17})*1;
$checksum = ($digits1 + $digits2 + $digits3) % 10;
if ($checksum != $passid{18})
return false;
/* dritte zifferngruppe */
$digits1 = ($passid{20} + $passid{23})*7;
$digits2 = ($passid{21} + $passid{24})*3;
$digits3 = ($passid{22} + $passid{25})*1;
$checksum = ($digits1 + $digits2 + $digits3) % 10;
if ($checksum != $passid{26})
return false;
/* alle ziffern */
$digits1 = ($passid{0} + $passid{3} + $passid{6} + $passid{9} + $passid{14} + $passid{17} + $passid{21} + $passid{24})*7;
$digits2 = ($passid{1} + $passid{4} + $passid{7} + $passid{12} + $passid{15} + $passid{18} + $passid{22} + $passid{25})*3;
$digits3 = ($passid{2} + $passid{5} + $passid{8} + $passid{13} + $passid{16} + $passid{20} + $passid{23} + $passid{26})*1;
$checksum = ($digits1 + $digits2 + $digits3) % 10;
if ($checksum != $passid{28})
return false;
return true;
} else {
return false;
}
}
?>
--- login.php ---
<?php
include 'functions.php';
if (isset($_REQUEST['name'])) {
sql_connect();
$name = $_REQUEST['name'];
$password = $_REQUEST['pw'];
$sql_ergebnis = mysql_query("SELECT Count(ID) FROM players WHERE Name = '$name' AND Password = '$password'");
if (mysql_result($sql_ergebnis, 0, 0) == 1) {
$sessionid = md5(md5(rand()) . md5(rand()));
$datetime = date("Y-m-d H:i:s");
$playerip = $_SERVER['REMOTE_ADDR'];
$sql_ergebnis = mysql_query("UPDATE players SET SessionID = '$sessionid', LastActionTime = '$datetime', IP = '$playerip' WHERE Name = '$name' AND Password = '$password'");
sql_quit();
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/main.php?sessionid=" . $sessionid);
exit;
} else {
$error = true;
}
sql_quit();
}
?>
<?php
$page = "";
$stylesheet = "css/style00.css";
$showlogo = true;
$showlinks = false;
sql_connect();
include 'header.php';
?>
<?php
if (isset($error)) echo "<h2>Diese Name-/Passwortkombination ist im System nicht bekannt!</h2><br>";
?>
<form action="login.php" method="get">
<table cols="2" rows="1">
<tr>
<td>
<table cols="2" rows="3">
<tr>
<td>Name:</td>
<td><input name="name" type="text" size="50"></td>
</tr>
<tr>
<td>Passwort:</td>
<td><input name="pw" type="password" size="50"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" value="Einloggen"><input type="reset" value="Löschen"></td>
</tr>
</table>
</td>
<td>
<table cols="1" rows="2">
<tr>
<td>
<a href="stats.php" target="_blank">Statistiken</a>
</td>
</tr>
<tr>
<td>
<a href="register.php">Registrieren</a>
</td>
</tr>
</table>
</td>
</tr>
</table>
</form>
<?php
sql_quit();
include 'footer.php';
?>
header.php and footer.php are basically html files that output current time and date.
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sun Aug 18 10:01:29 2024 UTC |
sorry for the long script. I have tracked the error down to the following: this is my sql query, with connection establish somewhere prev.: $sql_ergebnis = mysql_query("SELECT Name, Gold, Stone, Wood, Food FROM isles WHERE Owner = $player"); the sql query suceeds, and apache crashes with the following call: $islename = mysql_result($sql_ergebnis, 0, 'Name'); if i comment this call, everything else works perfectly.