php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Return to Bug #50388
Patch php5-mysqli-safe-mode revision 2010-04-23 23:57 UTC by orcan at nbcs dot rutgers dot edu

Patch php5-mysqli-safe-mode for MySQLi related Bug #50388

Patch version 2010-04-23 23:57 UTC

Return to Bug #50388 | Download this patch
Patch Revisions:

Developer: orcan@nbcs.rutgers.edu

--- php5.3-200911131930.old/ext/mysqli/mysqli_nonapi.c	2009-11-11 20:34:37.000000000 -0500
+++ php5.3-200911131930.new/ext/mysqli/mysqli_nonapi.c	2009-11-19 14:33:40.432147198 -0500
@@ -127,18 +127,28 @@ void mysqli_common_connect(INTERNAL_FUNC
 	if (!socket_len || !socket) {
 		socket = MyG(default_socket);
 	}
-	if (!port){
-		port = MyG(default_port);
-	}
-	if (!passwd) {
-		passwd = MyG(default_pw);
-		passwd_len = strlen(SAFE_STR(passwd));
-	}
-	if (!username){
-		username = MyG(default_user);
-	}
-	if (!hostname || !hostname_len) {
-		hostname = MyG(default_host);
+
+	if (PG(sql_safe_mode)) {
+        if (ZEND_NUM_ARGS()>0) {
+            php_error_docref(NULL TSRMLS_CC, E_NOTICE, "SQL safe mode in effect - ignoring host/user/password information");
+        }
+		hostname = passwd = NULL;
+        username = php_get_current_user();
+        flags = CLIENT_INTERACTIVE;
+	} else {
+		if (!port){
+			port = MyG(default_port);
+		}
+		if (!passwd) {
+			passwd = MyG(default_pw);
+			passwd_len = strlen(SAFE_STR(passwd));
+		}
+		if (!username){
+			username = MyG(default_user);
+		}
+		if (!hostname || !hostname_len) {
+			hostname = MyG(default_host);
+		}
 	}
 
 	if (strlen(SAFE_STR(hostname)) > 2 && !strncasecmp(hostname, "p:", 2)) {
@@ -147,10 +157,13 @@ void mysqli_common_connect(INTERNAL_FUNC
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Persistent connections are disabled. Downgrading to normal");			
 		} else {
 			mysql->persistent = persistent = TRUE;
-
-			hash_len = spprintf(&hash_key, 0, "mysqli_%s_%s%ld%s%s%s", SAFE_STR(hostname), SAFE_STR(socket), 
-								port, SAFE_STR(username), SAFE_STR(dbname), 
-								SAFE_STR(passwd));
+			if (PG(sql_safe_mode)) {
+				hash_len = spprintf(&hash_key, 0,  "mysql__%s_", username);
+			} else {
+				hash_len = spprintf(&hash_key, 0, "mysqli_%s_%s%ld%s%s%s", SAFE_STR(hostname), SAFE_STR(socket), 
+									port, SAFE_STR(username), SAFE_STR(dbname), 
+									SAFE_STR(passwd));
+			}
 
 			mysql->hash_key = hash_key;
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Dec 22 05:01:30 2024 UTC