this patch adds the config variable pgsql.allowed_dblist
by default it has no value, meaning all databases are accessible
it can contain a colon delimited list of databases that are accessible.
if the database accessed is not in the list, and the list is not null,
then an error is returned as if the database did not exist
this patch is relative to php-4.2.3
this function would be very useful to apache/virtual hosting.
i have tested with the following in my apache httpd.conf:
<Directory /home/www/htdocs/jim>
php_admin_value pgsql.allowed_dblist "jim:billing"
</Directory>
although it can be accomplished by other means, setting the variable to a
value of ":" effectively locks the code out of pgsql.
--
[ Jim Mercer [EMAIL PROTECTED] +1 416 410-5633 ]
[ I want to live forever, or die trying. ]
this patch adds the config variable pgsql.allowed_dblist
by default it has no value, meaning all databases are accessible
it can contain a colon delimited list of databases that are accessible.
if the database accessed is not in the list, and the list is not null,
then an error is returned as if the database did not exist
this patch is relative to php-4.2.3
*** pgsql.c.orig Thu Sep 26 14:02:04 2002
--- pgsql.c Thu Sep 26 14:02:27 2002
***************
*** 304,309 ****
--- 304,311 ----
STD_PHP_INI_ENTRY_EX("pgsql.max_persistent", "-1", PHP_INI_SYSTEM,
OnUpdateInt, max_persistent, php_pgsql_globals,
pgsql_globals, display_link_numbers)
STD_PHP_INI_ENTRY_EX("pgsql.max_links", "-1", PHP_INI_SYSTEM,
OnUpdateInt, max_links, php_pgsql_globals,
pgsql_globals, display_link_numbers)
STD_PHP_INI_BOOLEAN("pgsql.auto_reset_persistent", "0",
PHP_INI_SYSTEM, OnUpdateBool, auto_reset_persistent,
php_pgsql_globals, pgsql_globals)
+ STD_PHP_INI_ENTRY("pgsql.allowed_dblist", NULL, PHP_INI_SYSTEM,
+ OnUpdateString, allowed_dblist, php_pgsql_globals, pgsql_globals)
PHP_INI_END()
/* }}} */
***************
*** 418,423 ****
--- 420,428 ----
char
*host=NULL,*port=NULL,*options=NULL,*tty=NULL,*dbname=NULL,*connstring=NULL;
char *hashed_details;
int hashed_details_length;
+ char *tmp_allowed_dblist;
+ char *last;
+ char *token;
PGconn *pgsql;
switch(ZEND_NUM_ARGS()) {
***************
*** 533,538 ****
--- 538,565 ----
RETURN_FALSE;
}
+ if (PGG(allowed_dblist) != NULL && PQdb(pgsql) != NULL) {
+ tmp_allowed_dblist = estrdup(PGG(allowed_dblist));
+ token = php_strtok_r(tmp_allowed_dblist, ":", &last);
+ while (token) {
+ if (strcmp(token, PQdb(pgsql)) == 0)
+ break;
+ token = php_strtok_r(NULL, ":", &last);
+ }
+
+ efree(tmp_allowed_dblist);
+ if (token == NULL) {
+ php_error(E_WARNING,"%s() unable to connect to
+"
+ "PostgreSQL server: FATAL 1: Database
+\"%s\" "
+ "does not exist in the system
+catalog.",
+ get_active_function_name(TSRMLS_C),
+PQdb(pgsql));
+ PQfinish(pgsql);
+ pgsql = NULL;
+ efree(hashed_details);
+ RETURN_FALSE;
+ }
+ }
+
PQsetNoticeProcessor(pgsql, _notice_handler, NULL);
/* hash it up */
***************
*** 625,630 ****
--- 652,679 ----
efree(hashed_details);
RETURN_FALSE;
}
+
+ if (PGG(allowed_dblist) != NULL && PQdb(pgsql) != NULL) {
+ tmp_allowed_dblist = estrdup(PGG(allowed_dblist));
+ token = php_strtok_r(tmp_allowed_dblist, ":", &last);
+ while (token) {
+ if (strcmp(token, PQdb(pgsql)) == 0)
+ break;
+ token = php_strtok_r(NULL, ":", &last);
+ }
+
+ efree(tmp_allowed_dblist);
+ if (token == NULL) {
+ php_error(E_WARNING,"%s() unable to connect to
+"
+ "PostgreSQL server: FATAL 1: Database
+\"%s\" "
+ "does not exist in the system
+catalog.",
+ get_active_function_name(TSRMLS_C),
+PQdb(pgsql));
+ PQfinish(pgsql);
+ pgsql = NULL;
+ efree(hashed_details);
+ RETURN_FALSE;
+ }
+ }
PQsetNoticeProcessor(pgsql, _notice_handler, NULL);
*** php_pgsql.h.orig Thu Sep 26 14:03:10 2002
--- php_pgsql.h Thu Sep 26 14:02:45 2002
***************
*** 147,152 ****
--- 147,153 ----
int ignore_notices;
char *last_notice;
uint last_notice_len;
+ char *allowed_dblist;
} php_pgsql_globals;
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
