The PHP-Nuke EasyContent module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. The risk is LOW. Expoiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Mods please move if posted in wrong section, I wasnt sure where to ask this one.
There are several of us that use an open source program called yiimp, https://github.com/tpruvot/yiimp
several of our sites were attacked last night and I am reaching out to you guys to see if then vulnerability... (0 Replies)
Hi Guys,
I am using SOLARIS 10 and I want to install ZIP module for PHP.
I went to this link http://pecl.php.net/package/zip and I choose zip-1.12.3.tgz, the latest "stable" release, and then transferred it to my server.
Then I went to my path /usr/local/apache2/conf then untar the... (1 Reply)
Hi,
I have problem with parameter configuration.
My question is after the configuration, how to check if successfully change the value or not?
I saw someone has the same question, and followed his steps.
Original thread:... (3 Replies)
Ok..i've installed Apache 1.3.14, and it runs... BUT...I can't figure out how to get the php-4.0.4 module to run, and i've read through the install file and EVERYTYHING, aafter about 10 attempts I pissed myself off enough to goto sleep...Can anyone suggest a place to look for a lil bit more help?... (10 Replies)
MYSQL_UNBUFFERED_QUERY(3) 1 MYSQL_UNBUFFERED_QUERY(3)mysql_unbuffered_query - Send an SQL query to MySQL without fetching and buffering the result rows.SYNOPSIS
Warning
This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should
be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:
oSee: Buffered and Unbuffered queries
resource mysql_unbuffered_query (string $query, [resource $link_identifier = NULL])
DESCRIPTION mysql_unbuffered_query(3) sends the SQL query $query to MySQL without automatically fetching and buffering the result rows as
mysql_query(3) does. This saves a considerable amount of memory with SQL queries that produce large result sets, and you can start working
on the result set immediately after the first row has been retrieved as you don't have to wait until the complete SQL query has been per-
formed. To use mysql_unbuffered_query(3) while multiple database connections are open, you must specify the optional parameter $link_iden-
tifier to identify which connection you want to use.
o $query
- The SQL query to execute. Data inside the query should be properly escaped.
o $
link_identifier -The MySQL connection. If the link identifier is not specified, the last link opened by mysql_connect(3) is
assumed. If no such link is found, it will try to create one as if mysql_connect(3) was called with no arguments. If no connection
is found or established, an E_WARNING level error is generated.
For SELECT, SHOW, DESCRIBE or EXPLAIN statements, mysql_unbuffered_query(3) returns a resource on success, or FALSE on error.
For other type of SQL statements, UPDATE, DELETE, DROP, etc, mysql_unbuffered_query(3) returns TRUE on success or FALSE on error.
Note
The benefits of mysql_unbuffered_query(3) come at a cost: you cannot use mysql_num_rows(3) and mysql_data_seek(3) on a result set
returned from mysql_unbuffered_query(3), until all rows are fetched. You also have to fetch all result rows from an unbuffered SQL
query before you can send a new SQL query to MySQL, using the same $link_identifier.
mysql_query(3).
PHP Documentation Group MYSQL_UNBUFFERED_QUERY(3)