The 'My_eGallery' module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. The risk is LOW. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Mods please move if posted in wrong section, I wasnt sure where to ask this one.
There are several of us that use an open source program called yiimp, https://github.com/tpruvot/yiimp
several of our sites were attacked last night and I am reaching out to you guys to see if then vulnerability... (0 Replies)
Hi Guys,
I am using SOLARIS 10 and I want to install ZIP module for PHP.
I went to this link http://pecl.php.net/package/zip and I choose zip-1.12.3.tgz, the latest "stable" release, and then transferred it to my server.
Then I went to my path /usr/local/apache2/conf then untar the... (1 Reply)
Hi,
I have problem with parameter configuration.
My question is after the configuration, how to check if successfully change the value or not?
I saw someone has the same question, and followed his steps.
Original thread:... (3 Replies)
I have a set of tapes that contain a full system backup done with 'ufsdump' on an Exabyte 220. I don't know how many tapes the backup spans, but I'd guess at least 3-4 tapes (the set is 20, but some of that is subsequent incremental backups). I used 'ufsrestore ilv' and was able to traverse at... (0 Replies)
Ok..i've installed Apache 1.3.14, and it runs... BUT...I can't figure out how to get the php-4.0.4 module to run, and i've read through the install file and EVERYTYHING, aafter about 10 attempts I pissed myself off enough to goto sleep...Can anyone suggest a place to look for a lil bit more help?... (10 Replies)
PDO.SQLITECREATEFUNCTION(3) 1 PDO.SQLITECREATEFUNCTION(3)PDO ::sqliteCreateFunction - Registers a User Defined Function for use in SQL statements
SYNOPSIS
public bool PDO::sqliteCreateFunction (string $function_name, callable $callback, [int $num_args])
DESCRIPTION
Warning
This function is EXPERIMENTAL. The behaviour of this function, its name, and surrounding documentation may change without notice in
a future release of PHP. This function should be used at your own risk.
This method allows you to register a PHP function with SQLite as an UDF (User Defined Function), so that it can be called from within your
SQL statements.
The UDF can be used in any SQL statement that can call functions, such as SELECT and UPDATE statements and also in triggers.
PARAMETERS
o $function_name
- The name of the function used in SQL statements.
o $callback
- Callback function to handle the defined SQL function.
Note
Callback functions should return a type understood by SQLite (i.e. scalar type).
o $num_args
- Hint to the SQLite parser if the callback function accepts a predetermined number of arguments.
RETURN VALUES
Returns TRUE on success or FALSE on failure.
EXAMPLES
Example #1
PDO.sqliteCreateFunction(3) example
<?php
function md5_and_reverse($string)
{
return strrev(md5($string));
}
$db = new PDO('sqlite:sqlitedb');
$db->sqliteCreateFunction('md5rev', 'md5_and_reverse', 1);
$rows = $db->query('SELECT md5rev(filename) FROM files')->fetchAll();
?>
In this example, we have a function that calculates the md5 sum of a string, and then reverses it. When the SQL statement executes, it
returns the value of the filename transformed by our function. The data returned in $rows contains the processed result.
The beauty of this technique is that you do not need to process the result using a foreach loop after you have queried for the data.
Tip
You can use "PDO::sqliteCreateFunction" and "PDO::sqliteCreateAggregate" to override SQLite native SQL functions.
Note
This method is not available with the SQLite2 driver. Use the old style sqlite API for that instead.
SEE ALSO
"PDO::sqliteCreateAggregate", sqlite_create_function(3), sqlite_create_aggregate(3).
PHP Documentation Group PDO.SQLITECREATEFUNCTION(3)