|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2006-03-22 10:46 UTC] tony2001@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sun Oct 27 16:01:27 2024 UTC |
Description: ------------ When oci_connect() uses OCI_SYSDBA or OCI_SYSOPER, oci8.c always calls OCISessionBegin() with OCI_CRED_EXT. This needs to be changed to OCI_CRED_RDBMS in some cases so privileged connections can be authenticated by an Oracle password file. When OCI_SYSDBA or OCI_SYSOPER are specified: if the username is "/" and there is no password then the credential should be OCI_CRED_EXT else the credential should be OCI_CRED_RDBMS There are two success cases of interest: Case 1: oci8.c should use OCI_CRED_EXT. Connect succeds if the process running PHP is in Oracle's OS dba group and the DB is "local" i.e on the same host and specified by ORACLE_SID environment variable. Otherwise connection will fail. oci_connect("/", "", NULL, OCI_SYSDBA); Case 2: oci8.c should use OCI_CRED_RDBMS. Connect succeeds if the user is in Oracle's password file. The DB can be on a remote host. // Note DB name could be NULL. oci_connect("un", "pw", "MYSID", OCI_SYSDBA); Note: the php.ini parameter oci8.privileged_connect must be true for PHP to allow OCI_SYSDBA or OCI_SYSOPER connections. Actual result: -------------- Currently case 2 gives ORA-01031: insufficient privileges in test.php on line 3.