PHP :: Bug #957 :: Magic Quotes in Oracle

Bug #957	Magic Quotes in Oracle
Submitted:	1998-11-27 11:53 UTC	Modified:	1998-11-27 12:09 UTC
From:	drew at elysium dot demon dot co dot uk	Assigned:
Status:	Closed	Package:	Oracle related
PHP Version:	3.0.5	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	drew at elysium dot demon dot co dot uk
New email:
PHP Version:		OS:

New Comment:

[1998-11-27 11:53 UTC] drew at elysium dot demon dot co dot uk

When constructing a query for Oracle containing user supplied values ora_Parse will break if the user entered a value containing a ' such seaching an Oracle database for occurences of Bill's House.  PHP quotes the single ' in the variable containg the search criteria with a \ (it becomes Bill\' House), oracle needs single a single quote to be quoted with another ' (it should be Bill''s House).  The following patch will change a PHP quoted \' to a '' for submission to the Oracle SQL parse function.

--- oracle.c.orig       Fri Nov 27 16:37:56 1998
+++ oracle.c    Fri Nov 27 16:43:27 1998
@@ -709,7 +709,7 @@
        pval *argv[3];
        oraCursor *cursor;
        sword defer = 0;
-       text *query;
+       text *query, *quote;
 
        argc = ARG_COUNT(ht);
        if ((argc != 2 && argc != 3) || getParametersArray(ht, argc, argv) == FAILURE) {
@@ -738,6 +738,11 @@
        if (cursor->query) {
                efree(cursor->query);
        }
+
+       quote = query;
+       while ((quote = strstr("\\\'", quote)) != NULL)
+               *quote = '\'';
+
        cursor->query = query;
        cursor->fetched = 0;
        if(cursor->params && cursor->nparams > 0){
@@ -925,7 +930,7 @@
        pval *argv[2];
        oraConnection *conn = NULL;
        oraCursor *cursor = NULL;
-       text *query;
+       text *query, *quote;
 
        if (ARG_COUNT(ht) != 2 || getParametersArray(ht, 2, argv) == FAILURE) {
                WRONG_PARAM_COUNT;
@@ -962,8 +967,12 @@
                RETURN_FALSE;
        }
        cursor->open = 1;
-       cursor->conn_ptr = conn;        
-       
+       cursor->conn_ptr = conn;
+
+       quote = query;
+       while ((quote = strstr("\\\'", quote)) != NULL)
+               *quote = '\'';
+
        /* Prepare stmt */
 
        if (oparse(&cursor->cda, query, (sb4) - 1, 1, VERSION_7)){

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[1998-11-27 12:09 UTC] rasmus

The correct way to do this is to just turn on magic_quotes_sybase in your php3.ini file.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Dec 27 00:01:30 2024 UTC