Jump to content

Recommended Posts

Hello,
I have just created a MySQL Class in PHP and I wanted to try making it impossible for my developers to use the MySQL Functions.
I have disabled all the MySQL Functions via the PHP configuration under disable_functions and was now wondering if it is by any chance possible to enable the functions in a certain file or directory. I was going to do a little hacking on the MySQL module to do this but I want to make sure there isnt an easier method to it.
Any help would be great!
Thanks,
  SkareCrow
Link to comment
https://forums.phpfreaks.com/topic/24298-disabling-php-functions/
Share on other sites

[quote]now wondering if it is by any chance possible to enable the functions in a certain file or directory[/quote]

Unfortunately not. Ive tried this with my framework, making it the only way to interface with databases and Im afraid its a no go. Ended up moving my framework to Python (there was other reasons aswell).
i am not sure i understand what exactly you mean, care to explain a little more :) thanks

I was just searching and found an interesting extension.
Its a runkit extension. It allows you to copy functions, remove functions and copy a function over as that function. For example, from this site...
[code]< ?php
runkit_function_remove('print_r');
function print_rs($what)
{
echo "You said =".$what;
}
runkit_function_copy('print_rs','print_r');
print_r("yeah");
?>[/code]

I bet I could use the php_value auto_prepend_file "/path/to/class.php" to my server config and just use this runkit to rename all the mysql functions then use the renamed functions in the class. say there is mysql_query() i could rename it to tmp_mysql_query() and in my class use tmp_mysql_query() instead of mysql_query() or something. idk I think this will help. sorry if i am confusing cause I have just confused myself, I have it all pictured in my head just not sure how to explain it :) I will give this a shot and let you guys know how it goes.
Seems like a good idea skarecrow, but why not just use runkit_function_remove and then define it with the same name as the one you removed instead? You should also note that those functions are experimental and that they require a PECL extension installed, so if you are programming for a client, then you will require them to have the runkit extension, but the client may be at a shared host and therefor not having access php.ini to load the extension (or can it be done using dl()?).
no this is a personal project. for my site.

here is what I have so far, i am still having problems ;) trying to work things out.

[code]<?PHP
class MySQL {

public $server;
public $user;
private $pass;

public function __Construct($server, $user, $pass) {

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

mysql_connect($this->server, $this->user, $this->pass) or die(mysql_error());
mysql_select_db("warped");

}

public function cl_mysql_query($query) {

echo "Executing Query {$query}";

}


}
$MySQL = new MySQL("localhost", "root", "");

runkit_function_rename('mysql_query', 'tmp_mysql_query');
runkit_function_add('mysql_query', '$query', '$MySQL->cl_mysql_query($query);');
mysql_query("SELECT * FROM members") or die(mysql_error());
?>[/code]

right now the error is...

[code]Fatal error: Call to a member function cl_mysql_query() on a non-object in /home/skarecrow/public_html/test/index.php(30) : runkit created function on line 1[/code]

if i refresh once or twice i then get


[code]Warning: runkit_function_rename() [function.runkit-function-rename]: tmp_mysql_query() already exists in /home/skarecrow/public_html/test/index.php on line 29

Warning: runkit_function_add() [function.runkit-function-add]: Function mysql_query() already exists in /home/skarecrow/public_html/test/index.php on line 30
Table 'warped.members' doesn't exist[/code]


then if i try this

[code]<?PHP
runkit_function_rename('mysql_connect', 'tmp_mysql_connect');

class MySQL {

public $server;
public $user;
private $pass;

public function __Construct($server, $user, $pass) {

echo "Hello World";

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->cl_mysql_connect();

}

public function cl_mysql_connect() {


tmp_mysql_connect($this->server, $this->user, $this->pass) or die(mysql_error());

}

}

runkit_function_add('mysql_connect', '$server, $user, $pass', '$MySQL = new MySQL($server, $user, $pass);');
mysql_connect("localhost", "root", "");
?>[/code]

I will get his

[code]Hello World
Fatal error: Cannot call abstract method 0A±XDZÇ±::¨?±ð?±() in /home/skarecrow/public_html/test/index.php on line 25
[/code]

hehe
Alright, I got rid of the abstract error by creating an abstract function inside the class now im getting this error....

[code]<?PHP
runkit_function_rename('mysql_connect', 'tmp_mysql_connect');

class MySQL {

public $server;
public $user;
private $pass;

public function __Construct($server, $user, $pass) {

echo "Hello World";

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->cl_mysql_connect();

}

abstract function cl_mysql_connect() {

tmp_mysql_connect($this->server, $this->user, $this->pass) or die(mysql_error());

}

}

runkit_function_add('mysql_connect', '$server, $user, $pass', '$MySQL = new MySQL($server, $user, $pass);');
mysql_connect("localhost", "root", "");
?>[/code]

[code]
Fatal error: Abstract function MySQL::cl_mysql_connect() cannot contain body in /home/skarecrow/public_html/test/index.php on line 26
[/code]

I <3 Errors!

I am new to MySQL OOP, and OOP in general. Im sure its something obvious.
[code]Warning: runkit_function_add() expects exactly 3 parameters, 1 given in /home/skarecrow/public_html/test/index.php on line 31[/code]



Well, I got it all figured it out, I got it to start working without errors. I went to add a new MySQL method to the class and now get this..


[code]Fatal error: Call to a member function cl_mysql_connect() on a non-object in /home/skarecrow/public_html/test/index.php(38) : runkit created function on line 1
[/code]

From This

[code]<?PHP
runkit_function_copy('mysql_connect', 'tmp_mysql_connect');
runkit_function_copy('mysql_select_db', 'tmp_mysql_select_db');
runkit_function_remove('mysql_connect');
runkit_function_remove('mysql_select_db');

class MySQL {

public $server;
public $user;
private $pass;
private $link;
private $dbase;

public function __Construct() { }

public function cl_mysql_connect($server, $user, $pass) {

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->link = tmp_mysql_connect($server, $user, $pass) or die(mysql_error());

}

public function cl_mysql_select_db($dbase) {

$this->dbase = $dbase;
tmp_mysql_select_db($dbase);

}

}

$MySQL = new MySQL();

runkit_function_add('mysql_connect', '$server, $user, $pass', '$MySQL->cl_mysql_connect($server, $user, $pass);');
runkit_function_add('mysql_select_db', '$dbase', '$MySQL->cl_mysql_select_db($dbase);');
mysql_connect("localhost", "root", "");
mysql_select_db("warped");
?>[/code]


but it works just fine if i use this

[code]<?PHP
runkit_function_copy('mysql_connect', 'tmp_mysql_connect');
runkit_function_copy('mysql_select_db', 'tmp_mysql_select_db');
runkit_function_remove('mysql_connect');
runkit_function_remove('mysql_select_db');

class MySQL {

public $server;
public $user;
private $pass;
private $link;
private $dbase;

public function __Construct() { }

public function cl_mysql_connect($server, $user, $pass) {

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->link = tmp_mysql_connect($server, $user, $pass) or die(mysql_error());

}

public function cl_mysql_select_db($dbase) {

$this->dbase = $dbase;
tmp_mysql_select_db($dbase) or die(mysql_error());

}

}

$MySQL = new MySQL();

runkit_function_add('mysql_connect', '$MySQL, $server, $user, $pass', '$MySQL->cl_mysql_connect($server, $user, $pass);');
runkit_function_add('mysql_select_db', '$MySQL, $dbase', '$MySQL->cl_mysql_select_db($dbase);');
mysql_connect($MySQL, "localhost", "root", "");
mysql_select_db($MySQL, "warpedd");
?>[/code]

as you can see im sending the variable to the runkit function. I dont want to do that :( thats going to ruin the whole idea, lol
Never mind! I fixed it!
I wasnt thinking "FUNCTION" :P I had to make $MySQL global in the function.

so here is a working example

[code]<?PHP
runkit_function_copy('mysql_connect', 'tmp_mysql_connect');
runkit_function_copy('mysql_select_db', 'tmp_mysql_select_db');
runkit_function_remove('mysql_connect');
runkit_function_remove('mysql_select_db');

class MySQL {

public $server;
public $user;
private $pass;
private $link;
private $dbase;

public function __Construct() { }

public function cl_mysql_connect($server, $user, $pass) {

$this->server = $server;
$this->user = $user;
$this->pass = $pass;

$this->link = tmp_mysql_connect($server, $user, $pass) or die(mysql_error());

}

public function cl_mysql_select_db($dbase) {

$this->dbase = $dbase;
tmp_mysql_select_db($dbase) or die(mysql_error());

}

}

$MySQL = new MySQL();

runkit_function_add('mysql_connect', '$server, $user, $pass', 'global $MySQL; $MySQL->cl_mysql_connect($server, $user, $pass);');
runkit_function_add('mysql_select_db', '$dbase', 'global $MySQL; $MySQL->cl_mysql_select_db($dbase);');
mysql_connect("localhost", "root", "");
mysql_select_db("warped");
?>[/code]

now time to recreate a bunch of functions and create a secure mysql class ;) WOOT! Thanks for all the help. I might post the finished product here.
[quote author=Daniel0 link=topic=111862.msg453596#msg453596 date=1161154002]
Seems like a good idea skarecrow, but why not just use runkit_function_remove and then define it with the same name as the one you removed instead? You should also note that those functions are experimental and that they require a PECL extension installed, so if you are programming for a client, then you will require them to have the runkit extension, but the client may be at a shared host and therefor not having access php.ini to load the extension (or can it be done using dl()?).
[/quote]

hehe, i think i just got what you meant. ;) that would have helped me if i understood that a while ago. lol
i will give that a shot, will look alot nicer also ;) Thanks for the sugestion!


[i][b][EDIT][/b][/i]

Never mind on that, good idea but it isnt letting me do it that way.
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.