mirror of
https://github.com/php/php-src.git
synced 2024-09-21 18:07:23 +00:00
- Fix sapi_input_filter patch. Returning 1 from the filter handler should
make PHP register the variable, returning 0 shouldn't. The new length of the variables being filtered is now returned in the new_val_len argument of the function.
This commit is contained in:
parent
f7830195c0
commit
750b0338bf
@ -89,7 +89,7 @@ PHP_MINFO_FUNCTION(my_input_filter)
|
||||
php_info_print_table_end();
|
||||
}
|
||||
|
||||
unsigned int my_sapi_input_filter(int arg, char *var, char **val, unsigned int val_len)
|
||||
unsigned int my_sapi_input_filter(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len)
|
||||
{
|
||||
zval new_var;
|
||||
zval *array_ptr = NULL;
|
||||
@ -137,7 +137,8 @@ unsigned int my_sapi_input_filter(int arg, char *var, char **val, unsigned int
|
||||
|
||||
php_strip_tags(*val, val_len, NULL, NULL, 0);
|
||||
|
||||
return strlen(*val);
|
||||
*new_val_len = strlen(*val);
|
||||
return 1;
|
||||
}
|
||||
|
||||
PHP_FUNCTION(my_get_raw)
|
||||
|
@ -204,7 +204,8 @@ int _php_mb_encoding_handler_ex(int data_type, zval *arg, char *res, char *separ
|
||||
char *var, *val, *s1, *s2;
|
||||
char *strtok_buf = NULL, **val_list = NULL;
|
||||
zval *array_ptr = (zval *) arg;
|
||||
int n, num, val_len, *len_list = NULL, *elist, elistsz;
|
||||
int n, num, *len_list = NULL, *elist, elistsz;
|
||||
unsigned int val_len, new_val_len;
|
||||
enum mbfl_no_encoding from_encoding, to_encoding;
|
||||
mbfl_string string, resvar, resval;
|
||||
mbfl_encoding_detector *identd = NULL;
|
||||
@ -342,9 +343,10 @@ int _php_mb_encoding_handler_ex(int data_type, zval *arg, char *res, char *separ
|
||||
val_len = len_list[n];
|
||||
}
|
||||
n++;
|
||||
val_len = sapi_module.input_filter(data_type, var, &val, val_len TSRMLS_CC);
|
||||
/* add variable to symbol table */
|
||||
php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
|
||||
if (sapi_module.input_filter(data_type, var, &val, val_len, &new_val_len TSRMLS_CC)) {
|
||||
/* add variable to symbol table */
|
||||
php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
|
||||
}
|
||||
if (convd != NULL){
|
||||
mbfl_string_clear(&resvar);
|
||||
mbfl_string_clear(&resval);
|
||||
|
@ -831,7 +831,7 @@ SAPI_API int sapi_register_treat_data(void (*treat_data)(int arg, char *str, zva
|
||||
return SUCCESS;
|
||||
}
|
||||
|
||||
SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC))
|
||||
SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC))
|
||||
{
|
||||
sapi_module.input_filter = input_filter;
|
||||
return SUCCESS;
|
||||
|
@ -181,7 +181,7 @@ SAPI_API int sapi_register_post_entry(sapi_post_entry *post_entry);
|
||||
SAPI_API void sapi_unregister_post_entry(sapi_post_entry *post_entry);
|
||||
SAPI_API int sapi_register_default_post_reader(void (*default_post_reader)(TSRMLS_D));
|
||||
SAPI_API int sapi_register_treat_data(void (*treat_data)(int arg, char *str, zval *destArray TSRMLS_DC));
|
||||
SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC));
|
||||
SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC));
|
||||
|
||||
SAPI_API int sapi_flush(TSRMLS_D);
|
||||
SAPI_API struct stat *sapi_get_stat(TSRMLS_D);
|
||||
@ -244,7 +244,7 @@ struct _sapi_module_struct {
|
||||
int (*get_target_uid)(uid_t * TSRMLS_DC);
|
||||
int (*get_target_gid)(gid_t * TSRMLS_DC);
|
||||
|
||||
unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC);
|
||||
unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);
|
||||
|
||||
void (*ini_defaults)(HashTable *configuration_hash);
|
||||
int phpinfo_as_text;
|
||||
|
@ -207,14 +207,13 @@ SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
|
||||
while (var) {
|
||||
val = strchr(var, '=');
|
||||
if (val) { /* have a value */
|
||||
int val_len;
|
||||
unsigned int val_len, new_val_len;
|
||||
|
||||
*val++ = '\0';
|
||||
php_url_decode(var, strlen(var));
|
||||
val_len = php_url_decode(val, strlen(val));
|
||||
val_len = sapi_module.input_filter(PARSE_POST, var, &val, val_len TSRMLS_CC);
|
||||
if (val_len) {
|
||||
php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
|
||||
if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
|
||||
php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
|
||||
}
|
||||
}
|
||||
var = php_strtok_r(NULL, "&", &strtok_buf);
|
||||
@ -305,13 +304,13 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
|
||||
val = strchr(var, '=');
|
||||
if (val) { /* have a value */
|
||||
int val_len;
|
||||
unsigned int new_val_len;
|
||||
|
||||
*val++ = '\0';
|
||||
php_url_decode(var, strlen(var));
|
||||
val_len = php_url_decode(val, strlen(val));
|
||||
val_len = sapi_module.input_filter(arg, var, &val, val_len TSRMLS_CC);
|
||||
if (val_len) {
|
||||
php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
|
||||
if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
|
||||
php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
|
||||
}
|
||||
} else {
|
||||
php_url_decode(var, strlen(var));
|
||||
|
@ -881,14 +881,13 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
||||
if (!filename && param) {
|
||||
|
||||
char *value = multipart_buffer_read_body(mbuff TSRMLS_CC);
|
||||
int val_len;
|
||||
unsigned int new_val_len;
|
||||
|
||||
if (!value) {
|
||||
value = estrdup("");
|
||||
}
|
||||
|
||||
val_len = sapi_module.input_filter(PARSE_POST, param, &value, strlen(value) TSRMLS_CC);
|
||||
if (val_len) {
|
||||
if (sapi_module.input_filter(PARSE_POST, param, &value, strlen(value), &new_val_len TSRMLS_CC)) {
|
||||
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
|
||||
if (php_mb_encoding_translation(TSRMLS_C)) {
|
||||
php_mb_gpc_stack_variable(param, value, &val_list, &len_list,
|
||||
|
Loading…
Reference in New Issue
Block a user