clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 18:37:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
2920a26636
php-src/main
History
Calvin Buckley 2920a26636
Quote when adding to connection string in (PDO_)ODBC 
Because the UID= and PWD= values are appended to the SQLDriverConnect
case when credentials are passed, we have to append them to the string
in case users are relying on this behaviour. However, they must be
quoted, or the arguments will be invalid (or possibly more injected).
This means users had to quote arguments or append credentials to the raw
connection string themselves.

It seems that ODBC quoting rules are consistent enough (and that
Microsoft trusts them enough to encode into the .NET BCL) that we can
actually check if the string is already quoted (in case a user is
already quoting because of this not being fixed), and if not, apply the
appropriate ODBC quoting rules.

This is because the code exists in main/, and are shared between
both ODBC extensions, so it doesn't make sense for it to only exist
in one or the other. There may be a better spot for it.

Closes GH-8307.
2022-05-27 16:56:44 +02:00
..
streams Fix some level 1 MSVC compiler warnings on x86 2022-05-24 13:05:16 +02:00
build-defs.h.in Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
explicit_bzero.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
fastcgi.c Merge branch 'PHP-8.1' 2022-05-10 21:40:44 +01:00
fastcgi.h Mark various functions with void arguments. 2021-05-12 14:55:53 +01:00
fopen_wrappers.c Fix for bug in file handling refactor. 2021-11-23 18:34:48 +01:00
fopen_wrappers.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
getopt.c Fixed some spaces used instead of tabs 2021-06-29 11:30:26 +02:00
http_status_codes.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
internal_functions_win32.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
internal_functions.c.in Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
main.c Minor refactoring of main/main.c and TSRM (#8608) 2022-05-24 08:34:55 +01:00
network.c Update bug tracker links 2022-05-12 14:55:11 +02:00
output.c Replace memcmp() with zend_string functions (#8216) 2022-03-31 16:27:58 +02:00
php_compat.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_content_types.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_content_types.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_getopt.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_globals.h Remove no longer used "log_errors_max_len" ini directive (#6838) 2021-05-10 19:26:33 +02:00
php_ini_builder.c sapi/*: move duplicate "--define" code to library 2022-04-18 16:52:08 +02:00
php_ini_builder.h sapi/*: move duplicate "--define" code to library 2022-04-18 16:52:08 +02:00
php_ini.c Initialise zend_stat_t to fix MSAN build 2022-05-22 16:06:27 +01:00
php_ini.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_main.h Minor refactoring of main/main.c and TSRM (#8608) 2022-05-24 08:34:55 +01:00
php_memory_streams.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_network.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_odbc_utils.c Quote when adding to connection string in (PDO_)ODBC 2022-05-27 16:56:44 +02:00
php_odbc_utils.h Quote when adding to connection string in (PDO_)ODBC 2022-05-27 16:56:44 +02:00
php_open_temporary_file.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_open_temporary_file.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_output.h Remove unnecessary PHP_FUNCTION() declarations (#7472) 2021-09-07 10:04:00 +02:00
php_reentrancy.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_scandir.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_scandir.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_stdint.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_streams.h Use more specific return type for stream functions 2021-09-20 14:24:59 +01:00
php_syslog.c Make syslog() binary safe 2021-07-15 19:08:26 +02:00
php_syslog.h Make syslog() binary safe 2021-07-15 19:08:26 +02:00
php_ticks.c Fixed some spaces used instead of tabs 2021-06-29 11:30:26 +02:00
php_ticks.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_variables.c Replace memcmp() with zend_string functions (#8216) 2022-03-31 16:27:58 +02:00
php_variables.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_version.h Prepare for PHP 8.1.7 2022-04-26 19:22:15 -05:00
php.h Minor refactoring of main/main.c and TSRM (#8608) 2022-05-24 08:34:55 +01:00
reentrancy.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
rfc1867.c Use more compact representation for packed arrays. 2021-11-03 15:18:26 +03:00
rfc1867.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
SAPI.c Allow get_request_time() hook to fail 2021-09-16 16:54:07 +02:00
SAPI.h Allow get_request_time() hook to fail 2021-09-16 16:54:07 +02:00
snprintf.c Use memrchr() when available 2021-11-24 16:13:34 +03:00
snprintf.h Remove FORMAT_CONV_MAX_PRECISION 2021-08-02 15:59:26 +02:00
spprintf.c Use memrchr() when available 2021-11-24 16:13:34 +03:00
spprintf.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
strlcat.c strlcpy/strlcat update to last openbsd version. 2022-04-28 15:09:55 +02:00
strlcpy.c strlcpy/strlcat update to last openbsd version. 2022-04-28 15:09:55 +02:00