abies Sun May 30 16:40:36 2004 EDT
Modified files:
/php-src/ext/interbase ibase_query.c
Log:
Restrict 'CREATE DATABASE' in sql safe mode
http://cvs.php.net/diff.php/php-src/ext/interbase/ibase_query.c?r1=1.10&r2=1.11&ty=u
Index: php-src/ext/interbase/ibase_query.c
diff -u php-src/ext/interbase/ibase_query.c:1.10
php-src/ext/interbase/ibase_query.c:1.11
--- php-src/ext/interbase/ibase_query.c:1.10 Sun May 30 16:24:46 2004
+++ php-src/ext/interbase/ibase_query.c Sun May 30 16:40:36 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: ibase_query.c,v 1.10 2004/05/30 20:24:46 abies Exp $ */
+/* $Id: ibase_query.c,v 1.11 2004/05/30 20:40:36 abies Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -1081,6 +1081,11 @@
if (IBG(default_link) == -1) {
isc_db_handle db = NULL;
isc_tr_handle trans = NULL;
+
+ if (PG(sql_safe_mode)) {
+ _php_ibase_module_error("CREATE DATABASE not
allowed in SQL safe mode" TSRMLS_CC);
+ goto ibase_query_end;
+ }
if (isc_dsql_execute_immediate(IB_STATUS, &db, &trans,
0, query,
SQL_DIALECT_CURRENT, NULL)) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
