S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

XSS vulnerability found via injection in the parameter address

Mods please move if posted in wrong section, I wasnt sure where to ask this one. There are several of us that use an open source program called yiimp, https://github.com/tpruvot/yiimp several of our sites were attacked last night and I am reaching out to you guys to see if then vulnerability...

2. Solaris

Installing ZIP module for PHP

Hi Guys, I am using SOLARIS 10 and I want to install ZIP module for PHP. I went to this link http://pecl.php.net/package/zip and I choose zip-1.12.3.tgz, the latest "stable" release, and then transferred it to my server. Then I went to my path /usr/local/apache2/conf then untar the...

3. UNIX for Dummies Questions & Answers

How do I list kernel module parameter values?

Hi, I have problem with parameter configuration. My question is after the configuration, how to check if successfully change the value or not? I saw someone has the same question, and followed his steps. Original thread:...

4. UNIX for Dummies Questions & Answers

PHP Module

Ok..i've installed Apache 1.3.14, and it runs... BUT...I can't figure out how to get the php-4.0.4 module to run, and i've read through the install file and EVERYTYHING, aafter about 10 attempts I pissed myself off enough to goto sleep...Can anyone suggest a place to look for a lil bit more help?...

LEARN ABOUT PHP

mysql_insert_id

MYSQL_INSERT_ID(3)							 1							MYSQL_INSERT_ID(3)

mysql_insert_id - Get the ID generated in the last query

SYNOPSIS

       Warning

	      This  extension  is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should
	      be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:

		     omysqli_insert_id(3)

		     o PDO::lastInsertId

       int mysql_insert_id ([resource  $link_identifier = NULL])

DESCRIPTION

	Retrieves the ID generated for an AUTO_INCREMENT column by the previous query (usually INSERT).

	      o $
		link_identifier -The MySQL connection. If the link identifier is not specified,  the  last  link  opened  by  mysql_connect(3)	is
		assumed. If no such link is found, it will try to create one as if mysql_connect(3) was called with no arguments. If no connection
		is found or established, an E_WARNING level error is generated.

	The ID generated for an AUTO_INCREMENT column by the previous query on success, 0 if the previous query does not generate  an  AUTO_INCRE-
       MENT value, or FALSE if no MySQL connection was established.

       Example #1

	      mysql_insert_id(3) example

	      <?php
	      $link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
	      if (!$link) {
		  die('Could not connect: ' . mysql_error());
	      }
	      mysql_select_db('mydb');

	      mysql_query("INSERT INTO mytable (product) values ('kossu')");
	      printf("Last inserted record has id %d
", mysql_insert_id());
	      ?>

       Caution

	      mysql_insert_id(3) will convert the return type of the native MySQL C API function mysql_insert_id() to a type of long (named int in
	      PHP). If your AUTO_INCREMENT column has a column type of BIGINT (64 bits) the conversion may result in an incorrect value.  Instead,
	      use  the	internal  MySQL  SQL  function	LAST_INSERT_ID() in an SQL query. For more information about PHP's maximum integer values,
	      please see the integer documentation.

       Note

	       Because mysql_insert_id(3) acts on the last performed query, be sure to call mysql_insert_id(3) immediately after  the  query  that
	      generates the value.

       Note

	       The  value  of the MySQL SQL function LAST_INSERT_ID() always contains the most recently generated AUTO_INCREMENT value, and is not
	      reset between queries.

       mysql_query(3), mysql_info(3).

PHP Documentation Group 													MYSQL_INSERT_ID(3)

Security Advisories (RSS)