Thread: PHP function question
View Single Post
  #1 (permalink)  
Old 21-Jan-2009, 10:51
yu210148's Avatar
yu210148 yu210148 is offline
Explorer Penguin
  
Join Date: Jan 2009
Location: Toronto, Ontario
Posts: 154
yu210148 hasn't been rated much yet
Default PHP function question
Hi all,

I've got a function in one of my php scripts that periodically errors out with
Code:
[Wed Jan 21 11:20:21 2009] [error] [client 10.0.10.13] ALERT - canary mismatch on efree() - heap overflow detected (attacker '10.0.10.13', file '/srv/www/htdocs/sales_by_department.php', line 1335), referer: http://linux-aqep/sales_by_department.php
the line 1335 is the line calling the function get_LY_Non_Merch($Location, $FromDate, $ToDate) (see below).

I've added a couple of usleep(xx)'s into the code which seems to help as the error isn't consistant (i.e., it only happens occasionally). Most of the time the script completes.

The reason I use the pear:B module for one database and odbc_connect() for the other is that originally I had them both connecting with pear:B but couldn't figure out how to set the 'SQL_CUR_USE_IF_NEEDED' with it so I just switched it to odbc_connect().

Here's the function:
Code:
function get_LY_Non_Merch($Location, $FromDate, $ToDate){
$sql = "
SELECT DISTINCT
	((SUM((SalesHistoryDetail.SaleAmt)) + SUM((SalesHistoryDetail.SaleDisc))) - (SUM((SalesHistoryDetail.RtnAmt)) 
	+ SUM((SalesHistoryDetail.RtnDisc))) - (SUM((SalesHistoryDetail.SaleDisc)) - SUM((SalesHistoryDetail.RtnDisc)))) AS NonMerch
FROM
	SalesHistoryHeader
INNER JOIN
	SalesHistoryDetail
			ON
		SalesHistoryHeader.SHMID = SalesHistoryDetail.SHMID
INNER JOIN
	Location
			ON
		SalesHistoryHeader.LocationID = Location.LocationID
INNER JOIN
	SalesTypes
			ON
		SalesHistoryDetail.TypeID = SalesTypes.TypeID
WHERE
	SalesTypes.Description = 'Non-Merch'
AND
	SalesHistoryHeader.PostDate >= '$FromDate'
AND
	SalesHistoryHeader.PostDate <= '$ToDate'
AND
	Location.Description = '$Location'
";

$dsn = "Winprism";
$user = "readonly";
$pass = "passwd";
$db = odbc_connect($dsn, $user, $pass, SQL_CUR_USE_IF_NEEDED);
$q = odbc_exec($db, $sql);

$db2 = DB::connect("mysql://klucas:passwd@localhost/sales_by_department");
	if (DB::iserror($db2)) {
	die($db2->getMessage());
	}
while (odbc_fetch_into($q, $row)){
$sql3 = "
UPDATE
	sales_by_department.dcc_sales
SET
	dcc_sales.LYNetSales = '$row[0]'
WHERE
	dcc_sales.Department = 'NM'
";
usleep(4);
send_query($sql3, $db2);
} // end while
//disconnect($db2);
//odbc_close($db);
return 0;
usleep(20);
} // end function definition for get_LY_Non_Merch()
Any ideas?

Thanks in advance.
kev.
Reply With Quote