cacert
/
cacert-testmgr
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
bug-932
bug-1396
bug-1391
bug-1390
AddPoints
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '93f7bf20f6'
${ noResults }
cacert-testmgr/external/ZendFramework-1.9.5/tests/Zend/Feed/_files/AtomTestPlanetPHP.xml

126 lines
24 KiB
XML
Raw Normal View History Unescape Escape

initially import ZendFramework-1.9.5 into repository code was modified slightly, so the code differs from the original downloadable 1.9.5 version
15 years ago
<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom"><title>Planet PHP</title><link rel="alternate" type="text/html" href="http://www.planet-php.net/"/><link rel="self" type="text/html" href="http://www.planet-php.net/atom/"/><subtitle>People blogging about PHP</subtitle><id>http://www.planet-php.net/</id><generator uri="http://planet-php.net/">
Planet PHP Aggregator
</generator><updated>2006-01-23T16:40:00Z</updated><entry><title type="text">eZ components in Gentoo Linux</title><link rel="alternate" type="text/html" href="http://www.sebastian-bergmann.de/blog/archives/565-eZ-components-in-Gentoo-Linux.html" title="eZ components in Gentoo Linux"/><author><name>Sebastian Bergmann</name></author><id>http://www.sebastian-bergmann.de/blog/archives/565-guid.html</id><updated>2006-01-23T16:40:00Z</updated><published>2006-01-23T16:40:00Z</published><content type="html"><![CDATA[
The <a href="http://www.sebastian-bergmann.de/blog/exit.php?url_id=8307&entry_id=565" title="http://ez.no/products/ez_components" >eZ components</a>, which provide <i>an enterprise ready general purpose <a href="http://www.sebastian-bergmann.de/blog/exit.php?url_id=8308&entry_id=565" title="http://www.php.net/" >PHP</a> platform</i>, are now available through <a href="http://www.sebastian-bergmann.de/blog/exit.php?url_id=8309&entry_id=565" title="http://www.gentoo.org/" >Gentoo Linux</a>'s portage system:<pre>wopr-mobile ~ # emerge -vp ezc-eZcomponents
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild N ] app-admin/php-toolkit-1.0-r2 0 kB
[ebuild N ] dev-lang/php-5.1.2 0 kB [3]
[ebuild N ] dev-php/PEAR-PEAR-1.4.6 0 kB [2]
[ebuild N ] dev-php5/ezc-Base-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-Database-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-PhpGenerator-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-Configuration-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-ImageAnalysis-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-Archive-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-Translation-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-Cache-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-ConsoleTools-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-PersistentObject-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-ImageConversion-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-Mail-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-UserInput-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-Debug-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-EventLog-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-Execution-1.0_rc1 0 kB [2]
[ebuild N ] dev-php5/ezc-eZcomponents-1.0_rc1 0 kB [2]
Total size of downloads: 0 kB
Portage overlays:
[1] /usr/local/overlay/personal
[2] /usr/local/overlay/cvs
[3] /usr/local/overlay/php/testing
[4] /usr/local/overlay/php/experimental
[5] /usr/local/overlay/gentopia
[6] /usr/local/overlay/xgl</pre>
]]></content></entry><entry><title type="text">PHP Insecurity</title><link rel="alternate" type="text/html" href="http://shiflett.org/archive/185" title="PHP Insecurity"/><author><name>Chris Shiflett</name></author><id>http://shiflett.org/archive/185</id><updated>2006-01-23T16:15:00Z</updated><published>2006-01-23T16:15:00Z</published><content type="html"><![CDATA[<p><a href="http://www.greebo.net/">Andrew van der Stock</a> has written a <a href="http://www.greebo.net/?p=320">strong criticism</a> of PHP's insecurity. Andrew is a seasoned security expert and a major contributor to <a href="http://www.owasp.org/">OWASP</a>, and he states:</p>
<blockquote>After writing PHP forum software for three years now, I've come to the conclusion that it is basically impossible for normal programmers to write secure PHP code. It takes far too much effort.</blockquote>
<p>He <a href="http://www.greebo.net/?p=320">continues</a>, citing specific areas where he thinks PHP is weak and asserting that "PHP must now mature and take on a proper security architecture."</p>
<p>Many of the insecure features he cites (<tt>register_globals</tt>, <tt>magic_quotes_gpc</tt>, and <tt>safe_mode</tt>) are slated to be removed in <a href="http://shiflett.org/archive/135">PHP 6</a>, but his core complaint seems to revolve around the fact that PHP makes too much power too easily accessible, often granting developers more power and flexibility than they realize (e.g., <a href="http://www.php.net/manual/wrappers.php">wrappers</a>).</p>
<p>Aside from minor language features like taint mode, I don't see what other platforms offer to help prevent inexperienced developers from writing insecure code. Anyone care to enlighten me? :-)</p><p style="margin: 0px; padding: 5px 15px 5px 15px; background: #f1f3fc; border: 1px solid #9fa5ea; color: #676DB8">
Posted Mon, 23 Jan 2006 16:15:56 GMT in <a href="http://shiflett.org/">Chris Shiflett: The PHP Blog</a><br />
[
 
<img border="0" src="http://shiflett.org/images/brainbulb.gif" />
<a href="http://shiflett.org/archive/185#comments">Discuss</a>
 
|
 
<img border="0" src="http://shiflett.org/images/delicious.gif" />
<a href="http://del.icio.us/post?url=http%3A%2F%2Fshiflett.org%2Farchive%2F185&title=Chris+Shiflett%3A+PHP+Insecurity">Tag</a>
 
|
 
<img border="0" src="http://shiflett.org/images/digg.gif" />
<a href="http://digg.com/submit?phase=2&url=http%3A%2F%2Fshiflett.org%2Farchive%2F185">Digg</a>
 
|
 
<img border="0" src="http://shiflett.org/images/furl.gif" />
<a href="http://furl.net/storeIt.jsp?t=Chris+Shiflett%3A+PHP+Insecurity&u=http%3A%2F%2Fshiflett.org%2Farchive%2F185">Furl</a>
 
|
 
<img border="0" src="http://shiflett.org/images/technorati.gif" />
<a href="http://technorati.com/cosmos/search.html?url=http%3A%2F%2Fshiflett.org%2Farchive%2F185">Cosmos</a>
 
]
</p>]]></content></entry><entry><title type="text">Beta release of mobile webmail client (MIMP)</title><link rel="alternate" type="text/html" href="http://janschneider.de/cweb/home/index,channel,25,story,255.html" title="Beta release of mobile webmail client (MIMP)"/><author><name>Horde News</name></author><id>http://janschneider.de/cweb/home/index,channel,25,story,255.html</id><updated>2006-01-23T10:01:00Z</updated><published>2006-01-23T10:01:00Z</published><content type="html"><![CDATA[The beta version of Horde's mobile webmail client, MIMP H3 (1.0-BETA), has been released.]]></content></entry><entry><title type="text">Meet me at php|tek</title><link rel="alternate" type="text/html" href="http://blog.thinkphp.de/archives/81-Meet-me-at-phptek.html" title="Meet me at php|tek"/><author><name>ThinkPHP /dev/blog - PHP</name></author><id>http://blog.thinkphp.de/archives/81-guid.html</id><updated>2006-01-22T22:34:00Z</updated><published>2006-01-22T22:34:00Z</published><content type="html"><![CDATA[
<p><a href="http://www.phparch.com/tek/">php|tek</a>, the next conference from the <a href="http://www.phparch.com/">php|arch</a>
guys around Marco Tabini who already organized the php|cruise and php|tropics
conferences, will be from April 26th to 28th at Orlando, Florida. As
you can read on the recently published <a href="http://www.phparch.com/tek/tek_schedule.php">schedule</a>
I'll hold two talks. The first talk will be about PHP on the command
line, showing PHP's strength beyond the web which can be helpful to
build, deploy and scale your web-application and even for building apps
completely independent from anything on the web. My second talk will be
about PHP's reflection API. In that session I'll give an introduction
into the API and show how to use it to build modular, dynamic
applications.</p>
<p>If you're in reachable distance you should take the chance to listen and meet PHP developers from all over the world. (Hint: Till January 31st you can get <a
href="http://www.phparch.com/tek/tek_signup.php">early-bird</a> rates!)</p><p>johannes</p> ]]></content></entry><entry><title type="text">Quick Lookup</title><link rel="alternate" type="text/html" href="http://wyome.com/index.php?module=articles&amp;func=display&amp;ptid=10&amp;catid=29-31&amp;aid=507" title="Quick Lookup"/><author><name>John Cox</name></author><id>http://wyome.com/index.php?module=articles&amp;func=display&amp;ptid=10&amp;catid=29-31&amp;aid=507</id><updated>2006-01-22T19:23:00Z</updated><published>2006-01-22T19:23:00Z</published><content type="html"><![CDATA[ <p><a href="http://aonic.net/~qr/info.php">Quick lookup</a> is a very nice little reference tool for lookups of web development documentation. It installs as a simple bookmark which can be changed to your sidebar for look ups of php / css / javascript / mysql documentation. It has a limited scope of features (which isn't a bad thing in my mind):</p>
<blockquote><p>* Multiple tabs<br />
* PHP / MySQL / CSS / JS reference (MySQL is 55% complete)<br />
* Examples<br />
* Search as you type<br />
* Fast results<br />
* Remembers your last tab on your revisit<br />
* Access keys, [alt + (p, m, j, c)]<br />
</p></blockquote>
<p>I did a cursory install, and it appears to be pretty fast. I think it might be better as part of the <a href="http://chrispederick.com/work/webdeveloper/">Web Developer Extension</a> for Firefox, but as is, I can see the uses.</p>
]]></content></entry><entry><title type="text">mysql_real_escape_string() versus Prepared Statements</title><link rel="alternate" type="text/html" href="http://ilia.ws/archives/103-mysql_real_escape_string-versus-Prepared-Statements.html" title="mysql_real_escape_string() versus Prepared Statements"/><author><name>Ilia Alshanetsky</name></author><id>http://ilia.ws/archives/103-guid.html</id><updated>2006-01-22T18:03:00Z</updated><published>2006-01-22T18:03:00Z</published><content type="html"><![CDATA[
<a href="http://shiflett.org/archive/184">Chris</a> has written a compelling piece about how the use of addslashes() for string escaping in MySQL queries can lead to SQL injection through the abuse of multibyte character sets. In his example he relies on addslashes() to convert an invalid multibyte sequence into a valid one, which also has an embedded ' that is not escaped. And in an ironic twist, the function intended to protect against SQL injection is used to actually trigger it. <br/><br/>
The problem demonstrated, actually goes a bit further, which even makes the prescribed escaping mechanism, mysql_real_escape_string() prone to the same kind of issues affecting addslashes(). The main advantage of the mysql_real_escape_string() over addslashes() lies in the fact that it takes character set into account and thus is able to determine how to properly escape the data. For example, if GBK character set is being used, it will not convert an invalid multibyte sequence 0xbf27 (¿’) into 0xbf5c27 (¿\’ or in GBK a single valid multibyte character followed by a single quote). To determine the proper escaping methodology mysql_real_escape_string() needs to know the character set used, which is normally retrieved from the database connection cursor. Herein lies the “trick”. In MySQL there are two ways to change the character set, you can do it by changing in MySQL configuration file (my.cnf) by doing:<br/><br/><div class="bb-code-title">CODE:</div><div class="bb-code">[client]<br/>
default-character-set=GBK</div> <br/><br/>
Or you can change on a per-connection basis, which is a common practice done by people without admin level access to the server via the following query:<br/><br/><div class="bb-code-title">CODE:</div><div class="bb-code">SET CHARACTER SET 'GBK'</div><br/><br/>
The problem with the latter, is that while it most certainly modified the charset it didn’t let the escaping facilities know about it. Which means that mysql_real_escape_string() still works on the basis of the default charset, which if set to latin1 (common default) will make the function work in a manner identical to addslashes() for our purposes. Another word, 0xbf27 will be converted to 0xbf5c27 facilitating the SQL injection. Here is a brief proof of concept.<br/><br/><div class="bb-php-title">PHP:</div><div class="bb-php"><code><font color="#000000"><br/><font color="#0000BB">&lt;?php<br/><br/>
$c </font><font color="#007700">= </font><font color="#0000BB">mysql_connect</font><font color="#007700">(</font><font color="#DD0000">"localhost"</font><font color="#007700">, </font><font color="#DD0000">"user"</font><font color="#007700">, </font><font color="#DD0000">"pass"</font><font color="#007700">);<br/></font><font color="#0000BB">mysql_select_db</font><font color="#007700">(</font><font color="#DD0000">"database"</font><font color="#007700">, </font><font color="#0000BB">$c</font><font color="#007700">);<br/><br/></font><font color="#FF8000">// change our character set<br/></font><font color="#0000BB">mysql_query</font><font color="#007700">(</font><font color="#DD0000">"SET CHARACTER SET 'gbk'"</font><font color="#007700">, </font><font color="#0000BB">$c</font><font color="#007700">);<br/><br/></font><font color="#FF8000">// create demo table<br/></font><font color="#0000BB">mysql_query</font><font color="#007700">(</font><font color="#DD0000">"CREATE TABLE users (<br/>
    username VARCHAR(32) PRIMARY KEY,<br/>
    password VARCHAR(32)<br/>
) CHARACTER SET 'GBK'"</font><font color="#007700">, </font><font color="#0000BB">$c</font><font color="#007700">);<br/></font><font color="#0000BB">mysql_query</font><font color="#007700">(</font><font color="#DD0000">"INSERT INTO users VALUES('foo','bar'), ('baz','test')"</font><font color="#007700">, </font><font color="#0000BB">$c</font><font color="#007700">);<br/><br/></font><font color="#FF8000">// now the exploit code<br/></font><font color="#0000BB">$_POST</font><font color="#007700">[</font><font color="#DD0000">'username'</font><font color="#007700">] = </font><font color="#0000BB">chr</font><font color="#007700">(</font><font color="#0000BB">0xbf</font><font color="#007700">) . </font><font color="#0000BB">chr</font><font color="#007700">(</font><font color="#0000BB">0x27</font><font color="#007700">) . </font><font color="#DD0000">' OR username = username /*'</font><font color="#007700">; <br/></font><font color="#0000BB">$_POST</font><font color="#007700">[</font><font color="#DD0000">'password'</font><font color="#007700">] = </font><font color="#DD0000">'anything'</font><font color="#007700">; <br/><br/></font></font></code></div><p><i>Truncated by Planet PHP, read more at <a href="http://ilia.ws/archives/103-mysql_real_escape_string-versus-Prepared-Statements.html">the original</a> (another 2694 bytes)</i></p>]]></content></entry><entry><title type="text">The addslashes() Versus mysql_real_escape_string() Debate</title><link rel="alternate" type="text/html" href="http://shiflett.org/archive/184" title="The addslashes() Versus mysql_real_escape_string() Debate"/><author><name>Chris Shiflett</name></author><id>http://shiflett.org/archive/184</id><updated>2006-01-22T04:15:00Z</updated><published>2006-01-22T04:15:00Z</published><content type="html"><![CDATA[<p>Last month, I discussed <a href="http://shiflett.org/archive/177">Google's XSS Vulnerability</a> and provided an <a href="http://shiflett.org/archive/178">example that demonstrates it</a>. I was hoping to highlight why character encoding consistency is important, but apparently the <a href="http://www.sitepoint.com/forums/showthread.php?t=337881"><tt>addslashes()</tt> versus <tt>mysql_real_escape_string()</tt> debate</a> continues. <a href="http://shiflett.org/archive/178">Demonstrating</a> Google's XSS vulnerability was pretty easy. Demonstrating an SQL injection attack that is immune to <tt>addslashes()</tt> is a bit more involved, but still pretty straightforward.</p>
<p>In <a href="http://en.wikipedia.org/wiki/GBK">GBK</a>, 0xbf27 is not a valid multi-byte character, but 0xbf5c is. Interpreted as single-byte characters, 0xbf27 is 0xbf (¿) followed by 0x27 ('), and 0xbf5c is 0xbf (¿) followed by 0x5c (\).</p>
<p>How does this help? If I want to attempt an SQL injection attack against a MySQL database, having single quotes escaped with a backslash is a bummer. If you're using <tt>addslashes()</tt>, however, I'm in luck. All I need to do is inject something like 0xbf27, and <tt>addslashes()</tt> modifies this to become 0xbf5c27, a valid multi-byte character followed by a single quote. In other words, I can successfully inject a single quote despite your escaping. That's because 0xbf5c is considered to be a single character, not two. Oops, there goes the backslash.</p>
<p>I'm going to use <a href="http://dev.mysql.com/downloads/mysql/5.0.html">MySQL 5.0</a> and PHP's <a href="http://php.net/mysqli">mysqli</a> extension for this demonstration. If you want to try this yourself, make sure you're using GBK. I just changed <tt>/etc/my.cnf</tt>, but that's because I'm testing locally:</p>
<pre class="code">[client]
default-character-set=GBK</pre>
<p>Create a table called <tt>users</tt>:</p>
<pre class="code">CREATE TABLE users
(
username VARCHAR(32) CHARACTER SET GBK,
password VARCHAR(32) CHARACTER SET GBK,
PRIMARY KEY (username)
);
</pre>
<p>The following script mimics a situation where only <tt>addslashes()</tt> is used to escape the data being used in a query:</p>
<pre class="code"><span style="color: #0000BB">&lt;?php <br/><br/>$mysql </span><span style="color: #007700">= array(); <br/><br/></span><span style="color: #0000BB">$db </span><span style="color: #007700">= </span><span style="color: #0000BB">mysqli_init</span><span style="color: #007700">(); <br/></span><span style="color: #0000BB">$db</span><span style="color: #007700">-></span><span style="color: #0000BB">real_connect</span><span style="color: #007700">(</span><span style="color: #DD0000">'localhost'</span><span style="color: #007700">, </span><span style="color: #DD0000">'myuser'</span><span style="color: #007700">, </span><span style="color: #DD0000">'mypass'</span><span style="color: #007700">, </span><span style="color: #DD0000">'mydb'</span><span style="color: #007700">); <br/><br/></span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'username'</span><span style="color: #007700">] = </span><span style="color: #0000BB">chr</span><span style="color: #007700">(</span><span style="color: #0000BB">0xbf</span><span style="color: #007700">) . <br/>                     </span><span style="color: #0000BB">chr</span><span style="color: #007700">(</span><span style="color: #0000BB">0x27</span><span style="color: #007700">) . <br/>                     </span><span style="color: #DD0000">' OR username = username /*'</span><span style="color: #007700">; <br/></span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'password'</span><span style="color: #007700">] = </span><span style="color: #DD0000">'guess'</span><span style="color: #007700">; <br/><br/></span><span style="color: #0000BB">$mysql</span><span style="color: #007700">[</span><span style="color: #DD0000">'username'</span><span style="color: #007700">] = </span><span style="color: #0000BB">addslashes</span><span style="color: #007700">(</span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'username'</span><span style="color: #007700">]); <br/></span><span style="color: #0000BB">$mysql</span><span style="color: #007700">[</span><span style="color: #DD0000">'password'</span><span style="color: #007700">] = </span><span style="color: #0000BB">addslashes</span><span style="color: #007700">(</span><span style="color: #0000BB">$_POST</span><span style="color&lt;/body>"/></pre><p><i>Truncated by Planet PHP, read more at <a href="http://shiflett.org/archive/184">the original</a> (another 4165 bytes)</i></p>]]></content></entry><entry><title type="text">PHP Conferences</title><link rel="alternate" type="text/html" href="http://blog.casey-sweat.us/?p=69" title="PHP Conferences"/><author><name>Jason E. Sweat</name></author><id>http://blog.casey-sweat.us/?p=69</id><updated>2006-01-22T04:04:00Z</updated><published>2006-01-22T04:04:00Z</published><content type="html"><![CDATA[If you have never been to a PHP Conference, you owe it to yourself to make 2006 a year to attend one. There are of course the obvious benefits of attending the presentations and being able to see these presentations first hand as well as being able to interact with the presenters, ask questions, etc. A more subtle benefit is the networking which happens at these conferences. People whom you recognize from email addresses on mailing lists, pseudonyms on forums or names on the covers of PHP books are actually living breathing people (and usually fine, upstanding people at that). PHP conferences are a great opportunity to interact with both the presenters, conference organizers and the other attendees, who likely share many common interests with you, chiefly a passion for PHP and web development.]]></content></entry><entry><title type="text">Back from Norway</title><link rel="alternate" type="text/html" href="http://www.schlitt.info/applications/blog/index.php?/archives/407-Back-from-Norway.html" title="Back from Norway"/><author><name>Tobias Schlitt</name></author><id>
<p>Norway is a somewhat strange country. When I got there - 2 weeks ago to work with Amos, Derick, Fred and Ray on the <a href="http://www.schlitt.info/applications/blog/exit.php?url_id=2247&entry_id=407" title="http://ez.no/products/ez_components" >eZ components</a> - it had the expected amount of snow. A few days later, there was nothing anymore. We had positive celsius values and the weather was really crappy... until Monday. Since then it has been snowing all the time and yesterday we left when it looked like this:</p>
<p><div style="text-align: center;"><img src="http://schlitt.info/applications/gallery/d/6723-2/pict1285.jpg" width="150" height="113" alt="pict1285.jpg" /></div></p>
<p>Nice to watch, but not real fun to walk onto. :) Anyway, it's been another great stay in Skien, where the eZ headquarter is and I'm pretty much looking forward to <a href="http://www.schlitt.info/applications/blog/exit.php?url_id=2248&entry_id=407" title="http://ez.no/company/events/ez_publish_conference_2006" >our summer conference</a>, where we plan to have the complete eZ team there and lots of people from the PHP world. Thanks for the great time, folks!</p>
]]></content></entry><entry><title type="text">Solar 0.10.0 Released</title><link rel="alternate" type="text/html" href="http://paul-m-jones.com/blog/?p=192" title="Solar 0.10.0 Released"/><author><name>Paul M. Jones</name></author><id>http://paul-m-jones.com/blog/?p=192</id><updated>2006-01-21T21:44:00Z</updated><published>2006-01-21T21:44:00Z</published><content type="html"><![CDATA[The good news is that I've rolled the 0.10.0 release for Solar; the bad news is that it has a ton of changes, and that the release after this will also have large number of changes. Read on for change notes, especially regarding the new MVC architecture.]]></content></entry></feed>