Beispiel #1
1
function dbQuery($query, $show_errors = true, $all_results = true, $show_output = true)
{
    if ($show_errors) {
        error_reporting(E_ALL);
    } else {
        error_reporting(E_PARSE);
    }
    // Connect to the Sybase database management system
    $link = @sybase_pconnect("192.168.231.144", "testuser", "testpass");
    if (!$link) {
        die(sybase_get_last_message());
    }
    // Make 'testdb' the current database
    $db_selected = @sybase_select_db("testdb");
    if (!$db_selected) {
        die(sybase_get_last_message());
    }
    // Print results in HTML
    print "<html><body>\n";
    // Print SQL query to test sqlmap '--string' command line option
    //print "<b>SQL query:</b> " . $query . "<br>\n";
    // Perform SQL injection affected query
    $result = sybase_query($query);
    if (!$result) {
        if ($show_errors) {
            print "<b>SQL error:</b> " . sybase_get_last_message() . "<br>\n";
        }
        exit(1);
    }
    if (!$show_output) {
        exit(1);
    }
    print "<b>SQL results:</b>\n";
    print "<table border=\"1\">\n";
    while ($line = sybase_fetch_assoc($result)) {
        print "<tr>";
        foreach ($line as $col_value) {
            print "<td>" . $col_value . "</td>";
        }
        print "</tr>\n";
        if (!$all_results) {
            break;
        }
    }
    print "</table>\n";
    print "</body></html>";
}
 /**
  * Iterator function. Returns a rowset if called without parameter,
  * the fields contents if a field is specified or FALSE to indicate
  * no more rows are available.
  *
  * @param   string field default NULL
  * @return  var
  */
 public function next($field = NULL)
 {
     if (!is_resource($this->handle) || FALSE === ($row = sybase_fetch_assoc($this->handle))) {
         return FALSE;
     }
     foreach (array_keys($row) as $key) {
         if (NULL === $row[$key] || !isset($this->fields[$key])) {
             continue;
         }
         if ('datetime' === $this->fields[$key]) {
             $row[$key] = Date::fromString($row[$key], $this->tz);
         }
     }
     if ($field) {
         return $row[$field];
     } else {
         return $row;
     }
 }
 /**
  * Iterator function. Returns a rowset if called without parameter,
  * the fields contents if a field is specified or FALSE to indicate
  * no more rows are available.
  *
  * @param   string field default NULL
  * @return  [:var]
  */
 public function next($field = null)
 {
     if (!is_resource($this->handle) || false === ($row = sybase_fetch_assoc($this->handle))) {
         return null;
     }
     foreach (array_keys($row) as $key) {
         if (null === $row[$key] || !isset($this->fields[$key])) {
             continue;
         }
         if ('datetime' === $this->fields[$key]) {
             $row[$key] = new \util\Date($row[$key], $this->tz);
         }
     }
     if ($field) {
         return $row[$field];
     } else {
         return $row;
     }
 }
 /**
  * Result - associative array
  *
  * Returns the result set as an array
  *
  * @access	private
  * @return	array
  */
 function _fetch_assoc()
 {
     return sybase_fetch_assoc($this->result_id);
 }
 /**
  * Places a row from the result set into the given array
  *
  * Formating of the array and the data therein are configurable.
  * See DB_result::fetchInto() for more information.
  *
  * This method is not meant to be called directly.  Use
  * DB_result::fetchInto() instead.  It can't be declared "protected"
  * because DB_result is a separate object.
  *
  * @param resource $result    the query result resource
  * @param array    $arr       the referenced array to put the data in
  * @param int      $fetchmode how the resulting array should be indexed
  * @param int      $rownum    the row number to fetch (0 = first row)
  *
  * @return mixed  DB_OK on success, NULL when the end of a result set is
  *                 reached or on failure
  *
  * @see DB_result::fetchInto()
  */
 function fetchInto($result, &$arr, $fetchmode, $rownum = null)
 {
     if ($rownum !== null) {
         if (!@sybase_data_seek($result, $rownum)) {
             return null;
         }
     }
     if ($fetchmode & DB_FETCHMODE_ASSOC) {
         if (function_exists('sybase_fetch_assoc')) {
             $arr = @sybase_fetch_assoc($result);
         } else {
             if ($arr = @sybase_fetch_array($result)) {
                 foreach ($arr as $key => $value) {
                     if (is_int($key)) {
                         unset($arr[$key]);
                     }
                 }
             }
         }
         if ($this->options['portability'] & DB_PORTABILITY_LOWERCASE && $arr) {
             $arr = array_change_key_case($arr, CASE_LOWER);
         }
     } else {
         $arr = @sybase_fetch_row($result);
     }
     if (!$arr) {
         return null;
     }
     if ($this->options['portability'] & DB_PORTABILITY_RTRIM) {
         $this->_rtrimArrayValues($arr);
     }
     if ($this->options['portability'] & DB_PORTABILITY_NULL_TO_EMPTY) {
         $this->_convertNullArrayValuesToEmpty($arr);
     }
     return DB_OK;
 }
 function _fetch($ignore_fields = false)
 {
     if ($this->fetchMode == ADODB_FETCH_NUM) {
         $this->fields = @sybase_fetch_row($this->_queryID);
     } else {
         if ($this->fetchMode == ADODB_FETCH_ASSOC) {
             $this->fields = @sybase_fetch_assoc($this->_queryID);
             if (is_array($this->fields)) {
                 $this->fields = $this->GetRowAssoc();
                 return true;
             }
             return false;
         } else {
             $this->fields = @sybase_fetch_array($this->_queryID);
         }
     }
     if (is_array($this->fields)) {
         return true;
     }
     return false;
 }
Beispiel #7
0
 /**
  * Fetch a row and insert the data into an existing array.
  *
  * Formating of the array and the data therein are configurable.
  * See DB_result::fetchInto() for more information.
  *
  * @param resource $result    query result identifier
  * @param array    $arr       (reference) array where data from the row
  *                            should be placed
  * @param int      $fetchmode how the resulting array should be indexed
  * @param int      $rownum    the row number to fetch
  *
  * @return mixed DB_OK on success, null when end of result set is
  *               reached or on failure
  *
  * @see DB_result::fetchInto()
  * @access private
  */
 function fetchInto($result, &$arr, $fetchmode, $rownum = null)
 {
     if ($rownum !== null) {
         if (!@sybase_data_seek($result, $rownum)) {
             return null;
         }
     }
     if ($fetchmode & DB_FETCHMODE_ASSOC) {
         if (function_exists('sybase_fetch_assoc')) {
             $arr = @sybase_fetch_assoc($result);
         } else {
             if ($arr = @sybase_fetch_array($result)) {
                 foreach ($arr as $key => $value) {
                     if (is_int($key)) {
                         unset($arr[$key]);
                     }
                 }
             }
         }
         if ($this->options['portability'] & DB_PORTABILITY_LOWERCASE && $arr) {
             $arr = array_change_key_case($arr, CASE_LOWER);
         }
     } else {
         $arr = @sybase_fetch_row($result);
     }
     if (!$arr) {
         // reported not work as seems that sybase_get_last_message()
         // always return a message here
         //if ($errmsg = @sybase_get_last_message()) {
         //    return $this->sybaseRaiseError($errmsg);
         //} else {
         return null;
         //}
     }
     if ($this->options['portability'] & DB_PORTABILITY_RTRIM) {
         $this->_rtrimArrayValues($arr);
     }
     if ($this->options['portability'] & DB_PORTABILITY_NULL_TO_EMPTY) {
         $this->_convertNullArrayValuesToEmpty($arr);
     }
     return DB_OK;
 }
 /**
  * Get the flags for a field
  *
  * Currently supports:
  *  + <samp>unique_key</samp>    (unique index, unique check or primary_key)
  *  + <samp>multiple_key</samp>  (multi-key index)
  *
  * @param string  $table   the table name
  * @param string  $column  the field name
  *
  * @return string  space delimited string of flags.  Empty string if none.
  *
  * @access private
  */
 function _sybase_field_flags($table, $column)
 {
     static $tableName = null;
     static $flags = array();
     if ($table != $tableName) {
         $flags = array();
         $tableName = $table;
         /* We're running sp_helpindex directly because it doesn't exist in
          * older versions of ASE -- unfortunately, we can't just use
          * DB::isError() because the user may be using callback error
          * handling. */
         $res = @sybase_query("sp_helpindex {$table}", $this->connection);
         if ($res === false || $res === true) {
             // Fake a valid response for BC reasons.
             return '';
         }
         while (($val = sybase_fetch_assoc($res)) !== false) {
             if (!isset($val['index_keys'])) {
                 /* No useful information returned. Break and be done with
                  * it, which preserves the pre-1.7.9 behaviour. */
                 break;
             }
             $keys = explode(', ', trim($val['index_keys']));
             if (sizeof($keys) > 1) {
                 foreach ($keys as $key) {
                     $this->_add_flag($flags[$key], 'multiple_key');
                 }
             }
             if (strpos($val['index_description'], 'unique')) {
                 foreach ($keys as $key) {
                     $this->_add_flag($flags[$key], 'unique_key');
                 }
             }
         }
         sybase_free_result($res);
     }
     if (array_key_exists($column, $flags)) {
         return implode(' ', $flags[$column]);
     }
     return '';
 }
Beispiel #9
0
 protected function _fetch_assoc($result_id)
 {
     global $configArray;
     if (strcasecmp($configArray['System']['operatingSystem'], 'windows') == 0) {
         return sybase_fetch_assoc($result_id);
     } else {
         return mssql_fetch_assoc($result_id);
     }
 }
Beispiel #10
0
 protected function convertResource($resource)
 {
     $resourceType = get_resource_type($resource);
     switch ($resourceType) {
         #case 'dbm':
         #case 'dba':
         #case 'dbase':
         #case 'domxml attribute':
         #case 'domxml document':
         #case 'domxml node':
         case 'fbsql result':
             $rows = array();
             $indexType = $this->dbResultIndexType == 'ASSOC' ? FBSQL_ASSOC : FBSQL_NUM;
             while ($row = fbsql_fetch_array($resource, $indexType)) {
                 array_push($rows, $row);
             }
             return $rows;
             #case 'gd': #return base64
         #case 'gd': #return base64
         case 'msql query':
             $rows = array();
             $indexType = $this->dbResultIndexType == 'ASSOC' ? MSQL_ASSOC : MSQL_NUM;
             while ($row = msql_fetch_array($resource, $indexType)) {
                 array_push($rows, $row);
             }
             return $rows;
         case 'mssql result':
             $rows = array();
             $indexType = $this->dbResultIndexType == 'ASSOC' ? MSSQL_ASSOC : MSSQL_NUM;
             while ($row = mssql_fetch_array($resource, $indexType)) {
                 array_push($rows, $row);
             }
             return $rows;
         case 'mysql result':
             $rows = array();
             $indexType = $this->dbResultIndexType == 'ASSOC' ? MYSQL_ASSOC : MYSQL_NUM;
             while ($row = mysql_fetch_array($resource, $indexType)) {
                 array_push($rows, $row);
             }
             return $rows;
         case 'odbc result':
             $rows = array();
             if ($this->dbResultIndexType == 'ASSOC') {
                 while ($row = odbc_fetch_array($resource)) {
                     array_push($rows, $row);
                 }
             } else {
                 while ($row = odbc_fetch_row($resource)) {
                     array_push($rows, $row);
                 }
             }
             return $rows;
             #case 'pdf document':
         #case 'pdf document':
         case 'pgsql result':
             $rows = array();
             $indexType = $this->dbResultIndexType == 'ASSOC' ? PGSQL_ASSOC : PGSQL_NUM;
             while ($row = pg_fetch_array($resource, $indexType)) {
                 array_push($rows, $row);
             }
             return $rows;
         case 'stream':
             return stream_get_contents($resource);
         case 'sybase-db result':
         case 'sybase-ct result':
             $rows = array();
             if ($this->dbResultIndexType == 'ASSOC') {
                 while ($row = sybase_fetch_assoc($resource)) {
                     array_push($rows, $row);
                 }
             } else {
                 while ($row = sybase_fetch_row($resource)) {
                     array_push($rows, $row);
                 }
             }
             return $rows;
             #case 'xml':
         #case 'xml':
         default:
             trigger_error("Unable to return resource type '{$resourceType}'.");
     }
 }
Beispiel #11
0
 /**
  * Fetch the current row as associative array
  * @return array
  */
 protected function fetch_assoc()
 {
     return @sybase_fetch_assoc($this->resResult);
 }
Beispiel #12
0
 /**
  * This function fetches a result as an associative array.
  *
  * @param   mixed $result
  * @return  array
  */
 function fetch_assoc($result)
 {
     return sybase_fetch_assoc($result);
 }
 function Send()
 {
     $this->error_message();
     $this->getHeader();
     if ($this->smtp) {
         $this->checkSmtp($this->hostSmtp, $this->portSmtp, $this->authenticate, $this->userSmtp, $this->passSmtp);
         $this->socket = $this->connectSmtp($this->hostSmtp, $this->portSmtp, $this->timeoutSmtp);
         switch ($this->smtpServer) {
             case 'esmtp':
                 $this->smtpEhlo($this->socket);
                 break;
             case 'smtp':
                 $this->smtpHelo($this->socket);
                 break;
             case 'test':
                 if ($this->smtpEhlo($this->socket)) {
                     echo nl2br("Connection successful... \r\n Server type: esmtp server \n");
                     return false;
                 } else {
                     $this->smtpQuit($this->socket);
                     $this->disconnectSmtp($this->socket);
                     $this->socket = $this->connectSmtp($this->hostSmtp, $this->portSmtp, $this->timeoutSmtp);
                     if ($this->smtpHelo($this->socket)) {
                         echo nl2br("Connection successful... \r\n Server type: smtp server \n");
                         return false;
                     } else {
                         echo nl2br("Server type: unknown server. \n");
                         return false;
                     }
                 }
         }
         $this->smtpAuth($this->authenticate);
     }
     if ($this->use == "whom") {
         $this->readData($this->setWhom($this->whom));
     } elseif ($this->use == "maillist") {
         $this->readData($this->checkMaillist($this->list));
     } elseif ($this->use == "DB" || $this->use == "all") {
         switch ($this->dbfbasa) {
             case 'mysql':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = mysql_fetch_assoc($this->query_result)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'pgsql':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = pg_fetch_assoc($this->query_result)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'ibase':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = ibase_fetch_assoc($this->query_result)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'msql':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = msql_fetch_array($this->query_result, MSQL_ASSOC)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'fbsql':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = fbsql_fetch_assoc($this->query_result)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'sqli':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = sqlite_fetch_array($this->query_result, SQLITE_ASSOC)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'oci':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = oci_fetch_assoc($this->query_result)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'sybase':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = sybase_fetch_assoc($this->query_result)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'ingres':
                 if (!$this->query_result) {
                     return false;
                 }
                 while ($this->tos = ingres_fetch_array($this->query_result, INGRES_ASSOC)) {
                     $this->readData($this->tos);
                 }
                 break;
             case 'phpmm':
                 if ($this->use == "all") {
                     $this->tos = array_merge($this->setWhom($this->whom), $this->checkMaillist($this->list));
                     $this->readData($this->tos);
                 }
                 break;
         }
     }
     if ($this->smtp) {
         $this->smtpQuit($this->socket);
         $this->disconnectSmtp($this->socket);
     }
 }
Beispiel #14
0
 /**
  * Fetch a result row as an array
  *
  * This function fetches a result as an associative array.
  *
  * @param   mixed $result
  * @return  array
  * @access  public
  * @author  Adam Greene <*****@*****.**>
  * @since   2004-12-10
  */
 function fetch_assoc($result)
 {
     if (!function_exists('sybase_fetch_assoc')) {
         $rs = @sybase_fetch_array($result);
     } else {
         $rs = @sybase_fetch_assoc($result);
     }
     return $rs;
 }
 public function fetchAssoc()
 {
     if (!empty($this->query)) {
         return sybase_fetch_assoc($this->query);
     } else {
         return false;
     }
 }
Beispiel #16
0
 function _performFetch($result)
 {
     $row = sybase_fetch_assoc($result);
     //if (sybase_error()(!!!)) return $this->_setDbError($this->_lastQuery);
     if ($row === false) {
         return null;
     }
     // sybase bugfix - replase ' ' to ''
     // Encoding string fields on fly
     if (is_array($row)) {
         $tf = $this->_getTextFields($result);
         foreach ($tf as $k => $t) {
             $v = $row[$k];
             if (!is_null($v)) {
                 if ($v === ' ') {
                     // Sybase bugfix
                     $v = '';
                 } else {
                     if ($this->lcharset && $this->rcharset) {
                         $v = mb_convert_encoding($v, $this->lcharset, $this->rcharset);
                     }
                 }
             }
             $row[$k] = $v;
         }
     }
     return $row;
 }