#23025 [NEW]: PHP 4.3.2RC1 crashes

mfroeb at gmx dot de Wed, 02 Apr 2003 11:29:22 -0800

From:             mfroeb at gmx dot de
Operating system: Windows 2000 SP3
PHP version:      4.3.2RC1
PHP Bug Type:     Apache2 related
Bug description:  PHP 4.3.2RC1 crashes


I had set up Apache 2.0.45 with PHP 4.3.2RC1 and MySQL 3.23.55.

This script causes apache to crash with a "write failed" error. With PHP
4.3.1 everything's fine.

--- functions.php ---
<?php

$sql_server = 0;

if (!isset($sessionid)) {
  if (isset($_REQUEST['sessionid'])) {
    $sessionid = $_REQUEST['sessionid'];
  } else {
    $sessionid = "";
  }
}

if ($sessionid == "") $sessionid = "-";

function sql_connect() {
  global $sql_server;
  
  $sql_server = mysql_connect("localhost", "***", "***");
  mysql_select_db("***");
  return true;
}

function sql_quit() {
  global $sql_server;
  
  mysql_close($sql_server);
  return true;
}

function check_email ($email) {
  if
(@preg_match("/^([a-zA-Z0-9_.-]+)@([a-zA-Z0-9_.-]+)([a-zA-Z]{2,4})$/",
$email) == 1) {
    return true;
  } else {
    return false;
  }
}

function check_passid ($passid) {
  if (@preg_match("/^[0-9]{10}D-[0-9]{7}-[0-9]{7}-[0-9]$/", $passid) == 1)
{
    /* erste zifferngruppe */
    $digits1 = ($passid{0} + $passid{3} + $passid{6})*7;
    $digits2 = ($passid{1} + $passid{4} + $passid{7})*3;
    $digits3 = ($passid{2} + $passid{5} + $passid{8})*1;
    $checksum = ($digits1 + $digits2 + $digits3) % 10;
    if ($checksum != $passid{9})
      return false;
    
    /* zweite zifferngruppe */
    $digits1 = ($passid{12} + $passid{15})*7;
    $digits2 = ($passid{13} + $passid{16})*3;
    $digits3 = ($passid{14} + $passid{17})*1;
    $checksum = ($digits1 + $digits2 + $digits3) % 10;
    if ($checksum != $passid{18})
      return false;
    
    /* dritte zifferngruppe */
    $digits1 = ($passid{20} + $passid{23})*7;
    $digits2 = ($passid{21} + $passid{24})*3;
    $digits3 = ($passid{22} + $passid{25})*1;
    $checksum = ($digits1 + $digits2 + $digits3) % 10;
    if ($checksum != $passid{26})
      return false;
    
    /* alle ziffern */
    $digits1 = ($passid{0} + $passid{3} + $passid{6} + $passid{9} +
$passid{14} + $passid{17} + $passid{21} + $passid{24})*7;
    $digits2 = ($passid{1} + $passid{4} + $passid{7} + $passid{12} +
$passid{15} + $passid{18} + $passid{22} + $passid{25})*3;
    $digits3 = ($passid{2} + $passid{5} + $passid{8} + $passid{13} +
$passid{16} + $passid{20} + $passid{23} + $passid{26})*1;
    $checksum = ($digits1 + $digits2 + $digits3) % 10;
    if ($checksum != $passid{28})
      return false;
    
    return true;
  } else {
    return false;
  }
}


?>

--- login.php ---

<?php

include 'functions.php';

if (isset($_REQUEST['name'])) {
 sql_connect();
 
 $name = $_REQUEST['name'];
 $password = $_REQUEST['pw'];
 $sql_ergebnis = mysql_query("SELECT Count(ID) FROM players WHERE Name =
'$name' AND Password = '$password'");
 if (mysql_result($sql_ergebnis, 0, 0) == 1) {
   $sessionid = md5(md5(rand()) . md5(rand()));
   $datetime = date("Y-m-d H:i:s");
   $playerip = $_SERVER['REMOTE_ADDR'];
   $sql_ergebnis = mysql_query("UPDATE players SET SessionID =
'$sessionid', LastActionTime = '$datetime', IP = '$playerip' WHERE Name =
'$name' AND Password = '$password'");
   
   sql_quit();
   header("Location: http://"; . $_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']) . "/main.php?sessionid=" . $sessionid);
   exit;
 } else {
   $error = true;
 }
 sql_quit();
}

?>

<?php
$page = "";
$stylesheet = "css/style00.css";
$showlogo = true;
$showlinks = false;
sql_connect();
include 'header.php';
?>

<?php
if (isset($error)) echo "<h2>Diese Name-/Passwortkombination ist im System
nicht bekannt!</h2><br>";
?>

<form action="login.php" method="get">
<table cols="2" rows="1">
<tr>
<td>
<table cols="2" rows="3">
 <tr>
 <td>Name:</td>
 <td><input name="name" type="text" size="50"></td>
 </tr>
 <tr>
 <td>Passwort:</td>
 <td><input name="pw" type="password" size="50"></td>
 </tr>
 <tr>
 <td>&nbsp;</td>
 <td><input type="submit" value="Einloggen"><input type="reset"
value="L&ouml;schen"></td>
 </tr>
</table>
</td>
<td>
<table cols="1" rows="2">
 <tr>
 <td>
  <a href="stats.php" target="_blank">Statistiken</a>
 </td>
 </tr>
 <tr>
 <td>
  <a href="register.php">Registrieren</a>
 </td>
 </tr>
</table>
</td>
</tr>
</table>
</form>

<?php
sql_quit();
include 'footer.php';
?>

header.php and footer.php are basically html files that output current
time and date.
-- 
Edit bug report at http://bugs.php.net/?id=23025&edit=1
-- 
Try a CVS snapshot:         http://bugs.php.net/fix.php?id=23025&r=trysnapshot
Fixed in CVS:               http://bugs.php.net/fix.php?id=23025&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=23025&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=23025&r=needtrace
Try newer version:          http://bugs.php.net/fix.php?id=23025&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=23025&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=23025&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=23025&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=23025&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=23025&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=23025&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=23025&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=23025&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=23025&r=gnused

#23025 [NEW]: PHP 4.3.2RC1 crashes

Reply via email to