Microsoft sqlsrv extension for php 5.5.x

Question

Microsoft sqlsrv extension for php 5.5.x

We run php 5.3.27 on Windows nts.

We simply did not perform a PCI check due to a session commit vulnerability in PHP and must restore PCI compliance.

This is a little disappointing, since we use session_regenerate_id () after logging in, so in my eyes (maybe I'm wrong) our application is not vulnerable, even if php.

To pass the test, we need to switch to php 5.5.2.

We use the sqlsrv driver extension from Microsoft and notice that they did not release the build for php 5.5.x

Does anyone have a viable solution for this problem?

______ update ___________

I found this http://social.msdn.microsoft.com/Forums/sqlserver/en-US/e1d37219-88a3-46b2-a421-73bfa33fe433/unofficial-php-55-drivers-x86 , which is a build not for the vendor .

Has anyone used this assembly in production?

thanks

+4

php sqlsrv

Gavin 10 sept. '13 at 14:10

source share

2 answers

Microsoft's official drivers for PHP for SQL Server 3.1 were not available in 2014-12-12 (see http://www.microsoft.com/en-ca/download/details.aspx?id=20098 ). It supports PHP 5.4.32, or PHP 5.5.16, or later, according to the page.

+3

jinhr Jan 27 '15 at 16:05

source share

mkaatman · Accepted Answer · 2013-09-10T14:11:47+0000

There is an unofficial driver. Not sure if this will pass PCI.

http://social.msdn.microsoft.com/Forums/sqlserver/en-US/e1d37219-88a3-46b2-a421-73bfa33fe433/unofficial-php-55-drivers-x86

Microsoft sqlsrv extension for php 5.5.x

More articles: