From: mfroeb at gmx dot de
Operating system: Windows 2000 SP3
PHP version: 4.3.2RC1
PHP Bug Type: Apache2 related
Bug description: PHP 4.3.2RC1 crashes
I had set up Apache 2.0.45 with PHP 4.3.2RC1 and MySQL 3.23.55.
This script causes apache to crash with a "write failed" error. With PHP
4.3.1 everything's fine.
--- functions.php ---
<?php
$sql_server = 0;
if (!isset($sessionid)) {
if (isset($_REQUEST['sessionid'])) {
$sessionid = $_REQUEST['sessionid'];
} else {
$sessionid = "";
}
}
if ($sessionid == "") $sessionid = "-";
function sql_connect() {
global $sql_server;
$sql_server = mysql_connect("localhost", "***", "***");
mysql_select_db("***");
return true;
}
function sql_quit() {
global $sql_server;
mysql_close($sql_server);
return true;
}
function check_email ($email) {
if
(@preg_match("/^([a-zA-Z0-9_.-]+)@([a-zA-Z0-9_.-]+)([a-zA-Z]{2,4})$/",
$email) == 1) {
return true;
} else {
return false;
}
}
function check_passid ($passid) {
if (@preg_match("/^[0-9]{10}D-[0-9]{7}-[0-9]{7}-[0-9]$/", $passid) == 1)
{
/* erste zifferngruppe */
$digits1 = ($passid{0} + $passid{3} + $passid{6})*7;
$digits2 = ($passid{1} + $passid{4} + $passid{7})*3;
$digits3 = ($passid{2} + $passid{5} + $passid{8})*1;
$checksum = ($digits1 + $digits2 + $digits3) % 10;
if ($checksum != $passid{9})
return false;
/* zweite zifferngruppe */
$digits1 = ($passid{12} + $passid{15})*7;
$digits2 = ($passid{13} + $passid{16})*3;
$digits3 = ($passid{14} + $passid{17})*1;
$checksum = ($digits1 + $digits2 + $digits3) % 10;
if ($checksum != $passid{18})
return false;
/* dritte zifferngruppe */
$digits1 = ($passid{20} + $passid{23})*7;
$digits2 = ($passid{21} + $passid{24})*3;
$digits3 = ($passid{22} + $passid{25})*1;
$checksum = ($digits1 + $digits2 + $digits3) % 10;
if ($checksum != $passid{26})
return false;
/* alle ziffern */
$digits1 = ($passid{0} + $passid{3} + $passid{6} + $passid{9} +
$passid{14} + $passid{17} + $passid{21} + $passid{24})*7;
$digits2 = ($passid{1} + $passid{4} + $passid{7} + $passid{12} +
$passid{15} + $passid{18} + $passid{22} + $passid{25})*3;
$digits3 = ($passid{2} + $passid{5} + $passid{8} + $passid{13} +
$passid{16} + $passid{20} + $passid{23} + $passid{26})*1;
$checksum = ($digits1 + $digits2 + $digits3) % 10;
if ($checksum != $passid{28})
return false;
return true;
} else {
return false;
}
}
?>
--- login.php ---
<?php
include 'functions.php';
if (isset($_REQUEST['name'])) {
sql_connect();
$name = $_REQUEST['name'];
$password = $_REQUEST['pw'];
$sql_ergebnis = mysql_query("SELECT Count(ID) FROM players WHERE Name =
'$name' AND Password = '$password'");
if (mysql_result($sql_ergebnis, 0, 0) == 1) {
$sessionid = md5(md5(rand()) . md5(rand()));
$datetime = date("Y-m-d H:i:s");
$playerip = $_SERVER['REMOTE_ADDR'];
$sql_ergebnis = mysql_query("UPDATE players SET SessionID =
'$sessionid', LastActionTime = '$datetime', IP = '$playerip' WHERE Name =
'$name' AND Password = '$password'");
sql_quit();
header("Location: http://"; . $_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']) . "/main.php?sessionid=" . $sessionid);
exit;
} else {
$error = true;
}
sql_quit();
}
?>
<?php
$page = "";
$stylesheet = "css/style00.css";
$showlogo = true;
$showlinks = false;
sql_connect();
include 'header.php';
?>
<?php
if (isset($error)) echo "<h2>Diese Name-/Passwortkombination ist im System
nicht bekannt!</h2><br>";
?>
<form action="login.php" method="get">
<table cols="2" rows="1">
<tr>
<td>
<table cols="2" rows="3">
<tr>
<td>Name:</td>
<td><input name="name" type="text" size="50"></td>
</tr>
<tr>
<td>Passwort:</td>
<td><input name="pw" type="password" size="50"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" value="Einloggen"><input type="reset"
value="Löschen"></td>
</tr>
</table>
</td>
<td>
<table cols="1" rows="2">
<tr>
<td>
<a href="stats.php" target="_blank">Statistiken</a>
</td>
</tr>
<tr>
<td>
<a href="register.php">Registrieren</a>
</td>
</tr>
</table>
</td>
</tr>
</table>
</form>
<?php
sql_quit();
include 'footer.php';
?>
header.php and footer.php are basically html files that output current
time and date.
--
Edit bug report at http://bugs.php.net/?id=23025&edit=1
--
Try a CVS snapshot: http://bugs.php.net/fix.php?id=23025&r=trysnapshot
Fixed in CVS: http://bugs.php.net/fix.php?id=23025&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=23025&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=23025&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=23025&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=23025&r=support
Expected behavior: http://bugs.php.net/fix.php?id=23025&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=23025&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=23025&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=23025&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=23025&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=23025&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=23025&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=23025&r=gnused
