The 'My_eGallery' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. The risk is LOW. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Mods please move if posted in wrong section, I wasnt sure where to ask this one.
There are several of us that use an open source program called yiimp, https://github.com/tpruvot/yiimp
several of our sites were attacked last night and I am reaching out to you guys to see if then vulnerability... (0 Replies)
Hi Guys,
I am using SOLARIS 10 and I want to install ZIP module for PHP.
I went to this link http://pecl.php.net/package/zip and I choose zip-1.12.3.tgz, the latest "stable" release, and then transferred it to my server.
Then I went to my path /usr/local/apache2/conf then untar the... (1 Reply)
Hi,
I have problem with parameter configuration.
My question is after the configuration, how to check if successfully change the value or not?
I saw someone has the same question, and followed his steps.
Original thread:... (3 Replies)
I have a set of tapes that contain a full system backup done with 'ufsdump' on an Exabyte 220. I don't know how many tapes the backup spans, but I'd guess at least 3-4 tapes (the set is 20, but some of that is subsequent incremental backups). I used 'ufsrestore ilv' and was able to traverse at... (0 Replies)
Ok..i've installed Apache 1.3.14, and it runs... BUT...I can't figure out how to get the php-4.0.4 module to run, and i've read through the install file and EVERYTYHING, aafter about 10 attempts I pissed myself off enough to goto sleep...Can anyone suggest a place to look for a lil bit more help?... (10 Replies)
OCI_SET_MODULE_NAME(3)OCI_SET_MODULE_NAME(3)oci_set_module_name - Sets the module nameSYNOPSIS
bool oci_set_module_name (resource $connection, string $module_name)
DESCRIPTION
Sets the module name for Oracle tracing.
The module name is registered with the database when the next 'roundtrip' from PHP to the database occurs, typically when an SQL statement
is executed.
The name can subsequently be queried from database administration views such as V$SESSION. It can be used for tracing and monitoring such
as with V$SQLAREA and DBMS_MONITOR.SERV_MOD_ACT_STAT_ENABLE.
The value may be retained across persistent connections.
PARAMETERS
o $connection
-An Oracle connection identifier, returned by oci_connect(3), oci_pconnect(3), or oci_new_connect(3).
o $module_name
- User chosen string up to 48 bytes long.
RETURN VALUES
Returns TRUE on success or FALSE on failure.
NOTES
Note
Oracle version requirement
This function is available when PHP is linked with Oracle Database libraries from version 10 g onwards.
Tip
Performance
With older versions of OCI8 or the Oracle Database, the client information can be set using the Oracle DBMS_APPLICATION_INFO pack-
age. This is less efficient than using oci_set_client_info(3).
Caution
Roundtrip Gotcha
Some but not all OCI8 functions cause roundtrips. Roundtrips to the database may not occur with queries when result caching is
enabled.
EXAMPLES
Example #1
Setting the module name
<?php
$c = oci_connect('hr', 'welcome', 'localhost/XE');
// Record the module
oci_set_module_name($c, 'Home Page');
// Code that causes a roundtrip, for example a query:
$s = oci_parse($c, 'select * from dual');
oci_execute($s);
oci_fetch_all($s, $res);
sleep(30);
?>
// While the script is running, the administrator can see the
// modules in use:
sqlplus system/welcome
SQL> select module from v$session;
SEE ALSO oci_set_action(3), oci_set_client_info(3), oci_set_client_identifier(3).
PHP Documentation Group OCI_SET_MODULE_NAME(3)