Jump to content

Archived

This topic is now archived and is closed to further replies.

skarecrow

Disabling PHP Functions

Recommended Posts

Hello,
I have just created a MySQL Class in PHP and I wanted to try making it impossible for my developers to use the MySQL Functions.
I have disabled all the MySQL Functions via the PHP configuration under disable_functions and was now wondering if it is by any chance possible to enable the functions in a certain file or directory. I was going to do a little hacking on the MySQL module to do this but I want to make sure there isnt an easier method to it.
Any help would be great!
Thanks,
  SkareCrow

Share this post


Link to post
Share on other sites
[quote]now wondering if it is by any chance possible to enable the functions in a certain file or directory[/quote]

Unfortunately not. Ive tried this with my framework, making it the only way to interface with databases and Im afraid its a no go. Ended up moving my framework to Python (there was other reasons aswell).

Share this post


Link to post
Share on other sites
perhaps i will just create an extension to disable functions and enable them per file or directory and give it to PHP Freaks to distribute

Share this post


Link to post
Share on other sites
It would be a much better idea to try and get it included into the php tree don't you think?

Share this post


Link to post
Share on other sites
i am not sure i understand what exactly you mean, care to explain a little more :) thanks

I was just searching and found an interesting extension.
Its a runkit extension. It allows you to copy functions, remove functions and copy a function over as that function. For example, from this site...
[code]< ?php
runkit_function_remove('print_r');
function print_rs($what)
{
echo "You said =".$what;
}
runkit_function_copy('print_rs','print_r');
print_r("yeah");
?>[/code]

I bet I could use the php_value auto_prepend_file "/path/to/class.php" to my server config and just use this runkit to rename all the mysql functions then use the renamed functions in the class. say there is mysql_query() i could rename it to tmp_mysql_query() and in my class use tmp_mysql_query() instead of mysql_query() or something. idk I think this will help. sorry if i am confusing cause I have just confused myself, I have it all pictured in my head just not sure how to explain it :) I will give this a shot and let you guys know how it goes.

Share this post


Link to post
Share on other sites
Seems like a good idea skarecrow, but why not just use runkit_function_remove and then define it with the same name as the one you removed instead? You should also note that those functions are experimental and that they require a PECL extension installed, so if you are programming for a client, then you will require them to have the runkit extension, but the client may be at a shared host and therefor not having access php.ini to load the extension (or can it be done using dl()?).

Share this post


Link to post
Share on other sites
no this is a personal project. for my site.

here is what I have so far, i am still having problems ;) trying to work things out.

[code]<?PHP
class MySQL {

public $server;
public $user;
private $pass;

public function __Construct($server, $user, $pass) {

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

mysql_connect($this->server, $this->user, $this->pass) or die(mysql_error());
mysql_select_db("warped");

}

public function cl_mysql_query($query) {

echo "Executing Query {$query}";

}


}
$MySQL = new MySQL("localhost", "root", "");

runkit_function_rename('mysql_query', 'tmp_mysql_query');
runkit_function_add('mysql_query', '$query', '$MySQL->cl_mysql_query($query);');
mysql_query("SELECT * FROM members") or die(mysql_error());
?>[/code]

right now the error is...

[code]Fatal error: Call to a member function cl_mysql_query() on a non-object in /home/skarecrow/public_html/test/index.php(30) : runkit created function on line 1[/code]

if i refresh once or twice i then get


[code]Warning: runkit_function_rename() [function.runkit-function-rename]: tmp_mysql_query() already exists in /home/skarecrow/public_html/test/index.php on line 29

Warning: runkit_function_add() [function.runkit-function-add]: Function mysql_query() already exists in /home/skarecrow/public_html/test/index.php on line 30
Table 'warped.members' doesn't exist[/code]


then if i try this

[code]<?PHP
runkit_function_rename('mysql_connect', 'tmp_mysql_connect');

class MySQL {

public $server;
public $user;
private $pass;

public function __Construct($server, $user, $pass) {

echo "Hello World";

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->cl_mysql_connect();

}

public function cl_mysql_connect() {


tmp_mysql_connect($this->server, $this->user, $this->pass) or die(mysql_error());

}

}

runkit_function_add('mysql_connect', '$server, $user, $pass', '$MySQL = new MySQL($server, $user, $pass);');
mysql_connect("localhost", "root", "");
?>[/code]

I will get his

[code]Hello World
Fatal error: Cannot call abstract method 0A±XDZÇ±::¨?±ð?±() in /home/skarecrow/public_html/test/index.php on line 25
[/code]

hehe

Share this post


Link to post
Share on other sites
Alright, I got rid of the abstract error by creating an abstract function inside the class now im getting this error....

[code]<?PHP
runkit_function_rename('mysql_connect', 'tmp_mysql_connect');

class MySQL {

public $server;
public $user;
private $pass;

public function __Construct($server, $user, $pass) {

echo "Hello World";

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->cl_mysql_connect();

}

abstract function cl_mysql_connect() {

tmp_mysql_connect($this->server, $this->user, $this->pass) or die(mysql_error());

}

}

runkit_function_add('mysql_connect', '$server, $user, $pass', '$MySQL = new MySQL($server, $user, $pass);');
mysql_connect("localhost", "root", "");
?>[/code]

[code]
Fatal error: Abstract function MySQL::cl_mysql_connect() cannot contain body in /home/skarecrow/public_html/test/index.php on line 26
[/code]

I <3 Errors!

I am new to MySQL OOP, and OOP in general. Im sure its something obvious.

Share this post


Link to post
Share on other sites
Try this: [code]runkit_function_add(array($object,"method_name"));[/code]

Share this post


Link to post
Share on other sites
[code]Warning: runkit_function_add() expects exactly 3 parameters, 1 given in /home/skarecrow/public_html/test/index.php on line 31[/code]



Well, I got it all figured it out, I got it to start working without errors. I went to add a new MySQL method to the class and now get this..


[code]Fatal error: Call to a member function cl_mysql_connect() on a non-object in /home/skarecrow/public_html/test/index.php(38) : runkit created function on line 1
[/code]

From This

[code]<?PHP
runkit_function_copy('mysql_connect', 'tmp_mysql_connect');
runkit_function_copy('mysql_select_db', 'tmp_mysql_select_db');
runkit_function_remove('mysql_connect');
runkit_function_remove('mysql_select_db');

class MySQL {

public $server;
public $user;
private $pass;
private $link;
private $dbase;

public function __Construct() { }

public function cl_mysql_connect($server, $user, $pass) {

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->link = tmp_mysql_connect($server, $user, $pass) or die(mysql_error());

}

public function cl_mysql_select_db($dbase) {

$this->dbase = $dbase;
tmp_mysql_select_db($dbase);

}

}

$MySQL = new MySQL();

runkit_function_add('mysql_connect', '$server, $user, $pass', '$MySQL->cl_mysql_connect($server, $user, $pass);');
runkit_function_add('mysql_select_db', '$dbase', '$MySQL->cl_mysql_select_db($dbase);');
mysql_connect("localhost", "root", "");
mysql_select_db("warped");
?>[/code]


but it works just fine if i use this

[code]<?PHP
runkit_function_copy('mysql_connect', 'tmp_mysql_connect');
runkit_function_copy('mysql_select_db', 'tmp_mysql_select_db');
runkit_function_remove('mysql_connect');
runkit_function_remove('mysql_select_db');

class MySQL {

public $server;
public $user;
private $pass;
private $link;
private $dbase;

public function __Construct() { }

public function cl_mysql_connect($server, $user, $pass) {

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->link = tmp_mysql_connect($server, $user, $pass) or die(mysql_error());

}

public function cl_mysql_select_db($dbase) {

$this->dbase = $dbase;
tmp_mysql_select_db($dbase) or die(mysql_error());

}

}

$MySQL = new MySQL();

runkit_function_add('mysql_connect', '$MySQL, $server, $user, $pass', '$MySQL->cl_mysql_connect($server, $user, $pass);');
runkit_function_add('mysql_select_db', '$MySQL, $dbase', '$MySQL->cl_mysql_select_db($dbase);');
mysql_connect($MySQL, "localhost", "root", "");
mysql_select_db($MySQL, "warpedd");
?>[/code]

as you can see im sending the variable to the runkit function. I dont want to do that :( thats going to ruin the whole idea, lol

Share this post


Link to post
Share on other sites
Never mind! I fixed it!
I wasnt thinking "FUNCTION" :P I had to make $MySQL global in the function.

so here is a working example

[code]<?PHP
runkit_function_copy('mysql_connect', 'tmp_mysql_connect');
runkit_function_copy('mysql_select_db', 'tmp_mysql_select_db');
runkit_function_remove('mysql_connect');
runkit_function_remove('mysql_select_db');

class MySQL {

public $server;
public $user;
private $pass;
private $link;
private $dbase;

public function __Construct() { }

public function cl_mysql_connect($server, $user, $pass) {

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->link = tmp_mysql_connect($server, $user, $pass) or die(mysql_error());

}

public function cl_mysql_select_db($dbase) {

$this->dbase = $dbase;
tmp_mysql_select_db($dbase) or die(mysql_error());

}

}

$MySQL = new MySQL();

runkit_function_add('mysql_connect', '$server, $user, $pass', 'global $MySQL; $MySQL->cl_mysql_connect($server, $user, $pass);');
runkit_function_add('mysql_select_db', '$dbase', 'global $MySQL; $MySQL->cl_mysql_select_db($dbase);');
mysql_connect("localhost", "root", "");
mysql_select_db("warped");
?>[/code]

now time to recreate a bunch of functions and create a secure mysql class ;) WOOT! Thanks for all the help. I might post the finished product here.

Share this post


Link to post
Share on other sites
[quote author=Daniel0 link=topic=111862.msg453596#msg453596 date=1161154002]
Seems like a good idea skarecrow, but why not just use runkit_function_remove and then define it with the same name as the one you removed instead? You should also note that those functions are experimental and that they require a PECL extension installed, so if you are programming for a client, then you will require them to have the runkit extension, but the client may be at a shared host and therefor not having access php.ini to load the extension (or can it be done using dl()?).
[/quote]

hehe, i think i just got what you meant. ;) that would have helped me if i understood that a while ago. lol
i will give that a shot, will look alot nicer also ;) Thanks for the sugestion!


[i][b][EDIT][/b][/i]

Never mind on that, good idea but it isnt letting me do it that way.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.