- Fix sapi_input_filter patch. Returning 1 from the filter handler should

make PHP register the variable, returning 0 shouldn't. The new length of
  the variables being filtered is now returned in the new_val_len argument
  of the function.

README.input_filter

@@ -89,7 +89,7 @@ PHP_MINFO_FUNCTION(my_input_filter)
     php_info_print_table_end();
 }
 
-unsigned int  my_sapi_input_filter(int arg, char *var, char **val, unsigned int val_len)
+unsigned int  my_sapi_input_filter(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len)
 {
     zval new_var;
     zval *array_ptr = NULL;
@@ -137,7 +137,8 @@ unsigned int  my_sapi_input_filter(int arg, char *var, char **val, unsigned int
 
     php_strip_tags(*val, val_len, NULL, NULL, 0);
 
-    return strlen(*val);
+    *new_val_len = strlen(*val);
+	return 1;
 }
 
 PHP_FUNCTION(my_get_raw)

ext/mbstring/mb_gpc.c

@@ -204,7 +204,8 @@ int _php_mb_encoding_handler_ex(int data_type, zval *arg, char *res, char *separ
 	char *var, *val, *s1, *s2;
 	char *strtok_buf = NULL, **val_list = NULL;
 	zval *array_ptr = (zval *) arg;
-	int n, num, val_len, *len_list = NULL, *elist, elistsz;
+	int n, num, *len_list = NULL, *elist, elistsz;
+	unsigned int val_len, new_val_len;
 	enum mbfl_no_encoding from_encoding, to_encoding;
 	mbfl_string string, resvar, resval;
 	mbfl_encoding_detector *identd = NULL; 
@@ -342,9 +343,10 @@ int _php_mb_encoding_handler_ex(int data_type, zval *arg, char *res, char *separ
 			val_len = len_list[n];
 		}
 		n++;
-		val_len = sapi_module.input_filter(data_type, var, &val, val_len TSRMLS_CC);
-		/* add variable to symbol table */
-		php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+		if (sapi_module.input_filter(data_type, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+			/* add variable to symbol table */
+			php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
+		}
 		if (convd != NULL){
 			mbfl_string_clear(&resvar);
 			mbfl_string_clear(&resval);

main/SAPI.c

@@ -831,7 +831,7 @@ SAPI_API int sapi_register_treat_data(void (*treat_data)(int arg, char *str, zva
 	return SUCCESS;
 }
 
-SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC))
+SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC))
 {
 	sapi_module.input_filter = input_filter;
 	return SUCCESS;

main/SAPI.h

@@ -181,7 +181,7 @@ SAPI_API int sapi_register_post_entry(sapi_post_entry *post_entry);
 SAPI_API void sapi_unregister_post_entry(sapi_post_entry *post_entry);
 SAPI_API int sapi_register_default_post_reader(void (*default_post_reader)(TSRMLS_D));
 SAPI_API int sapi_register_treat_data(void (*treat_data)(int arg, char *str, zval *destArray TSRMLS_DC));
-SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC));
+SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC));
 
 SAPI_API int sapi_flush(TSRMLS_D);
 SAPI_API struct stat *sapi_get_stat(TSRMLS_D);
@@ -244,7 +244,7 @@ struct _sapi_module_struct {
 	int (*get_target_uid)(uid_t * TSRMLS_DC);
 	int (*get_target_gid)(gid_t * TSRMLS_DC);
 
-	unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC);
+	unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);
 	
 	void (*ini_defaults)(HashTable *configuration_hash);
 	int phpinfo_as_text;

main/php_variables.c

@@ -207,14 +207,13 @@ SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
 	while (var) {
 		val = strchr(var, '=');
 		if (val) { /* have a value */
-			int val_len;
+			unsigned int val_len, new_val_len;
 
 			*val++ = '\0';
 			php_url_decode(var, strlen(var));
 			val_len = php_url_decode(val, strlen(val));
-			val_len = sapi_module.input_filter(PARSE_POST, var, &val, val_len TSRMLS_CC);
-			if (val_len) {
-				php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+			if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+				php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
 			}
 		}
 		var = php_strtok_r(NULL, "&", &strtok_buf);
@@ -305,13 +304,13 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
 		val = strchr(var, '=');
 		if (val) { /* have a value */
 			int val_len;
+			unsigned int new_val_len;
 
 			*val++ = '\0';
 			php_url_decode(var, strlen(var));
 			val_len = php_url_decode(val, strlen(val));
-			val_len = sapi_module.input_filter(arg, var, &val, val_len TSRMLS_CC);
-			if (val_len) {
-				php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+			if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+				php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
 			}
 		} else {
 			php_url_decode(var, strlen(var));

main/rfc1867.c

@@ -881,14 +881,13 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
 			if (!filename && param) {
 
 				char *value = multipart_buffer_read_body(mbuff TSRMLS_CC);
-				int   val_len;
+				unsigned int new_val_len;
 
 				if (!value) {
 					value = estrdup("");
 				}
 
-				val_len = sapi_module.input_filter(PARSE_POST, param, &value, strlen(value) TSRMLS_CC);
-				if (val_len) {
+				if (sapi_module.input_filter(PARSE_POST, param, &value, strlen(value), &new_val_len TSRMLS_CC)) {
 #if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
 					if (php_mb_encoding_translation(TSRMLS_C)) {
 						php_mb_gpc_stack_variable(param, value, &val_list, &len_list,