Problems I could spot: - You use (*z_user)->value.str.val without making sure that z_user is of type string. You must have convert_to_string_ex(z_user) first (line 159 of the patch) - You don't allocate room for the NULL terminator in tmp_filename (line 188 of the patch)
Do you know where it crashes? Did you ever get a backtrace? Zeev At 03:53 PM 4/3/2002, chand wrote: >Thanks > >Here is the patch to the ext/mysql/php_mysql.c file > >It looks a bit messy and there might be some stuff you don't get right >away. Basically here"s what it does. > >Mysql_connect gets a user, host and password (set to empty). We don't >really care about those values. Actually, i get the path translated value >from sapi_globals and i extract from it tow datas : >the country (cause we're hosting 9 differents countries) and the login of >the guy. We then add these two to create a unique login for Mysql >(login_cc (cc=countrycode : fr, uk, it, nl and so on)). > >and then the rest of the process is the same. > >And one other thing, the function names are modified so that we can wrap >them for some internal reasons. > >If you guys have any idea how to help me, i'd really appreciate it. Thanks >a lot > >Later >and take care > > >At 12:31 03/04/2002 +0200, Markus Fischer wrote: >> I would suggest simple post an url with the path against >> whatever version and people feeling attracted will contact >> you (even I might take a peek ;-) >> >> - Markus >> >>On Wed, Apr 03, 2002 at 11:50:36AM +0200, Chand wrote : >> > hi everyone, >> > >> > I'm working on a hosting platform with a large number of users, and we >> need >> > to ensure safety for our users considering the mysql Connection. Using a >> > password is not good enough cause if someone succeeds in getting the >> source >> > code of someone, he will get the password and then will be able to do >> > anything from his account. Thus, i've been working on a patch that would >> > allow me to enforce a mysql user login based on the script filename path. >> > (in example /home/chand/mysql.php enforces the login as 'chand'). >> > >> > I'd already done this patch on 4.0.4pl1 2 years ago and it worked. For our >> > new Hosting Platform, we've decided to go up to 4.1.0, and i can't seem to >> > make it work correctly. I randomly (looks like it's random), get Internal >> > Server Errors from the Mysql connection functions. My patch is most >> > certainly the cause of that. Using gdb, what seems to be the problem is a >> > lack of memory being available or allowed by the system thus a crash. I >> > really don't understand how this could be possible considering my patch >> > looks good to me. >> > >> > I was wondering if anyone had any idea about such a problem. Basically >> what >> > i do is get the PATH_TRANSLATED variable from the sapi_globals and use >> > strsep to get the login name to enforce it as the Mysql User. Before i >> used >> > strtok which actually was a bad idea since it's a completely broken >> > function, now obsolete. strsep helped me get the ratio of ISE (Internal >> > Server Errors) down to 1% of the pages correctly served. It's still not >> > good for me. We need a fully working php. >> > >> > I can put up the patch here to see if you guys can see what i'm doing >> > wrong. I've been working on this for a long time now looking at a lot of >> > different things from application to system. Nothing i've tried seems >> to be >> > working and my C code looks all right to me, but there might be some >> > inconsistency with some inner way of dealing memory in php. >> > >> > I'd really appreciate any help on this, on this list or on a private >> basis. >> > Thanks a lot for any insight. >> > >> > Later >> > Chand >> > >> > -- >> > >> > Mark Villemade >> > Hosting Services Technical Manager >> > Lycos Europe >> > +33 1 53 27 24 05 >> > >> > >> > -- >> > PHP Development Mailing List <http://www.php.net/> >> > To unsubscribe, visit: http://www.php.net/unsub.php >> >>-- >>Please always Cc to me when replying to me on the lists. >>GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc >>"Mind if I MFH ?" "What QA did you do on it?" "the usual?" "ah... none :)" >> >>-- >>PHP Development Mailing List <http://www.php.net/> >>To unsubscribe, visit: http://www.php.net/unsub.php > > > >-- >PHP Development Mailing List <http://www.php.net/> >To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php
