]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 56a947a)
Test existing PHP 5 safe mode functionality and make consistent. No MTH.
authorChristopher Jones <sixd@php.net>
Thu, 2 Aug 2007 22:39:54 +0000 (22:39 +0000)
committerChristopher Jones <sixd@php.net>
Thu, 2 Aug 2007 22:39:54 +0000 (22:39 +0000)
ext/oci8/oci8.c patch | blob | history
ext/oci8/tests/oci8safemode.phpt [new file with mode: 0644] patch | blob

diff --git a/ext/oci8/oci8.c b/ext/oci8/oci8.c
index 5fb8f9ff7ee46e7fac127e18c5a1e48eeef07257..051e177c1dd98b7e0387ee9cea3a883f7cf5f714 100644 (file)
--- a/ext/oci8/oci8.c
+++ b/ext/oci8/oci8.c
@@ -1012,6 +1012,16 @@ php_oci_connection *php_oci_do_connect_ex(char *username, int username_len, char
                                php_error_docref(NULL TSRMLS_CC, E_WARNING, "Privileged connect is disabled. Enable oci8.privileged_connect to be able to connect as SYSOPER or SYSDBA");
                                return NULL;
                        }
+                       /*  Disable privileged connections in Safe Mode (N.b. safe mode has been removed in PHP 6 anyway) */
+                       if (PG(safe_mode)) {
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Privileged connect is disabled in Safe Mode");
+                               return NULL;
+                       }
+                       /* Increase security by not caching privileged
+                        * oci_pconnect() connections. The connection becomes
+                        * equivalent to oci_connect() or oci_new_connect().
+                        */
+                       persistent = 0;
                        break;
                default:
                        php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid session mode specified (%ld)", session_mode);
diff --git a/ext/oci8/tests/oci8safemode.phpt b/ext/oci8/tests/oci8safemode.phpt
new file mode 100644 (file)
index 0000000..4662b44
--- /dev/null
+++ b/ext/oci8/tests/oci8safemode.phpt
@@ -0,0 +1,21 @@
+--TEST--
+Test functionality disabled in safe mode
+--SKIPIF--
+<?php if (!extension_loaded('oci8')) die("skip no oci8 extension"); ?>
+--INI--
+safe_mode=On
+oci8.privileged_connect=On
+--FILE--
+<?php
+
+$c = oci_connect("hr", "hrpwd", "//localhost/XE", null, OCI_SYSDBA);
+
+$r = oci_password_change($c, "hr", "hrpwd", "hrpwd");
+
+echo "Done\n";
+?>
+--EXPECTF--
+Warning: oci_connect(): Privileged connect is disabled in Safe Mode in %s on line %d
+
+Warning: oci_password_change(): is disabled in Safe Mode in %s on line %d
+Done
Unnamed repository; edit this file 'description' to name the repository.