Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Debian: New gforge packages fix SQL injection

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Debian: New gforge packages fix SQL injection
# 1  
Old 01-09-2009
Debian: New gforge packages fix SQL injection
LinuxSecurity.com: It was discovered that GForge, a collaborative development tool, insufficiently sanitises some input allowing a remote attacker to perform SQL injection.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT PHP

pg_select

PG_SELECT(3)															      PG_SELECT(3)

pg_select - Select records

SYNOPSIS

       mixed pg_select (resource  $connection, string  $table_name, array  $assoc_array, [int  $options = PGSQL_DML_EXEC])

DESCRIPTION

       pg_select(3)  selects  records  specified by assoc_array which has field=>value. For a successful query, it returns an array containing all
       records and fields that match the condition specified by assoc_array.

       If options is specified, pg_convert(3) is applied to assoc_array with the specified flags.

PARAMETERS

	      o $connection
		- PostgreSQL database connection resource.

	      o $table_name
		- Name of the table from which to select rows.

	      o $assoc_array
		- An array whose keys are field names in the table $table_name, and whose values are the conditions that a row	must  meet  to	be
		retrieved.

	      o $options
		-  Any	number	of PGSQL_CONV_FORCE_NULL, PGSQL_DML_NO_CONV, PGSQL_DML_ESCAPE, PGSQL_DML_EXEC, PGSQL_DML_ASYNC or PGSQL_DML_STRING
		combined. If PGSQL_DML_STRING is part of the $options then query string is returned. When PGSQL_DML_NO_CONV or PGSQL_DML_ESCAPE is
		set, it does not call pg_convert(3) internally.

RETURN VALUES

	Returns TRUE on success or FALSE on failure. Returns string if PGSQL_DML_STRING is passed via $options.

EXAMPLES

       Example #1

	      pg_select(3) example

	      <?php
		$db = pg_connect('dbname=foo');
		// This is safe, since $_POST is converted automatically
		$rec = pg_select($db, 'post_log', $_POST);
		if ($rec) {
		    echo "Records selected
";
		    var_dump($rec);
		} else {
		    echo "User must have sent wrong inputs
";
		}
	      ?>

CHANGELOG

       +-------------+---------------------------------------------------+
       |  Version    |							 |
       |	     |							 |
       |	     |			  Description			 |
       |	     |							 |
       +-------------+---------------------------------------------------+
       |   5.6.0     |							 |
       |	     |							 |
       |	     |	No  longer  experimental. Added PGSQL_DML_ESCAPE |
       |	     | constant, TRUE/ FALSE and NULL data type support. |
       |	     |							 |
       |5.5.3/5.4.19 |							 |
       |	     |							 |
       |	     |	Direct SQL injection to $table_name and Indirect |
       |	     | SQL injection to identifiers are fixed.		 |
       |	     |							 |
       +-------------+---------------------------------------------------+
SEE ALSO

       pg_convert(3).

PHP Documentation Group 													      PG_SELECT(3)