ID: 36820 Updated by: [EMAIL PROTECTED] Reported By: cjbj at hotmail dot com -Status: Assigned +Status: Closed Bug Type: OCI8 related Operating System: Linux PHP Version: 5.1.2 Assigned To: tony2001 New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2006-03-22 04:53:32] cjbj at hotmail dot com Description: ------------ When oci_connect() uses OCI_SYSDBA or OCI_SYSOPER, oci8.c always calls OCISessionBegin() with OCI_CRED_EXT. This needs to be changed to OCI_CRED_RDBMS in some cases so privileged connections can be authenticated by an Oracle password file. When OCI_SYSDBA or OCI_SYSOPER are specified: if the username is "/" and there is no password then the credential should be OCI_CRED_EXT else the credential should be OCI_CRED_RDBMS There are two success cases of interest: Case 1: oci8.c should use OCI_CRED_EXT. Connect succeds if the process running PHP is in Oracle's OS dba group and the DB is "local" i.e on the same host and specified by ORACLE_SID environment variable. Otherwise connection will fail. oci_connect("/", "", NULL, OCI_SYSDBA); Case 2: oci8.c should use OCI_CRED_RDBMS. Connect succeeds if the user is in Oracle's password file. The DB can be on a remote host. // Note DB name could be NULL. oci_connect("un", "pw", "MYSID", OCI_SYSDBA); Note: the php.ini parameter oci8.privileged_connect must be true for PHP to allow OCI_SYSDBA or OCI_SYSOPER connections. Actual result: -------------- Currently case 2 gives ORA-01031: insufficient privileges in test.php on line 3. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=36820&edit=1
