clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-23 10:57:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,400 Commits 491 Branches 1,363 Tags 844 MiB
0235d331b7
Commit Graph

56 Commits

Author SHA1 Message Date
Wez Furlong
cfd0466389 Fix for Bug #21310, based on a patch by jflemer@php.net. 2003-03-17 13:40:45 +00:00
foobar
8e3f23e3c0 ws fixes + missing $Id$ tags, headers added 2003-02-19 08:40:19 +00:00
Ilia Alshanetsky
9b560970f8 Fixed compiler warnings. 2003-01-09 22:33:43 +00:00
Sara Golemon
4d789b593f Bug #21531 file_exists() and other filestat functions throw errors when in safe mode and file/directory does not exist. 
Extended php_checkuid function to add "flags" field via rename to php_checkuid_ex with alias for BC in functions that do want safe mode errors thrown.
 2003-01-09 21:57:45 +00:00
Sebastian Bergmann
2c5d4b8c23 Bump year. 2002-12-31 15:59:15 +00:00
Ilia Alshanetsky
78e2e69b23 Instead of checking whether realpath exists based on OS. Use the 
HAVE_REALPATH define, which is set if realpath() is avaliable. This patch
also resolves bug #18868.
 2002-11-06 18:07:23 +00:00
David Reid
cf2e12a01e Add some more BeOS support. 2002-10-02 23:48:58 +00:00
Marcus Boerger
a1f7bb12f1 use php_error_docref() 2002-08-25 18:45:02 +00:00
Wez Furlong
c2cbae6dd3 Enhance Ilia's recent patch to query the wrapper subsystem to determine 
if a filename is a URL and thus if safe-mode checks should be skipped.
 2002-08-16 09:50:24 +00:00
Ilia Alshanetsky
a643ae656a Make https:// be exempt from safe_mode checks, just like http:// & ftp:// are. 2002-08-16 03:52:37 +00:00
Yasuo Ohgaki
f4f8726b9e Accoding to safe_mode.h, php_checkuid() has six modes. 2002-07-17 05:15:17 +00:00
foobar
6f10116237 Fix bug: #18285, php_checkuid() mangled the passed path. 2002-07-13 00:52:18 +00:00
Stefan Esser
0d3a45299d SAFE_MODE restriction error message fixed if the file doesn't exist 2002-03-17 21:00:44 +00:00
Stefan Esser
cf4a292c5d fixed a typo within checkuid 2002-03-14 16:48:18 +00:00
James E. Flemer
6a6b5a6108 (php_checkuid) Added case for root directory when mode is 
not CHECKUID_ALLOW_ONLY_DIR.
 2002-03-03 21:12:49 +00:00
James E. Flemer
ecac9a7e9e (php_checkuid) Added case for root directory when mode is 
CHECKUID_ALLOW_ONLY_DIR.
 2002-03-03 20:49:04 +00:00
Sebastian Bergmann
90613d2282 Maintain headers. 2002-02-28 08:29:35 +00:00
Sebastian Bergmann
38933514e1 Update headers. 2001-12-11 15:32:16 +00:00
Derick Rethans
78747bd2df - Don't wrap lines... this is annoying while coding. 2001-09-09 13:29:31 +00:00
Zeev Suraski
1159c84ab7 - TSRMLS_FETCH work 
- whitespace fixes
 2001-08-05 01:43:02 +00:00
Zeev Suraski
bc42c37513 More TSRMLS_FETCH work. Got it under 400 now. 2001-07-31 06:28:05 +00:00
Zeev Suraski
d87cc976e1 Redesigned thread safety mechanism - nua nua 2001-07-28 11:36:37 +00:00
Rasmus Lerdorf
721c562e2a Fix a couple of build warnings 2001-07-16 04:31:13 +00:00
James E. Flemer
771e3e498f o Fixed Bug #12121: chdir and safe_mode 
- [ main/safe_mode.h ] added new checkuid mode:
    CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
	fails

  - [ ext/standard/dir.c ] changed php_checkuid() to use
    CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR

  - [ main/safe_mode.c ] added code for new checkuid mode

o Fixed Bug #12119: safe mode owner check can be bypassed with symlink
  - [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination
    of symlink before trimming filename

o New Feature: safe_mode_include_dir (php.ini directive)
  - Allows bypassing UID/GID checks when including files
    from the directory in safe_mode_include_dir and its
	subdirectories. (safe_mode must be on, directory must
	also be in include_path or full path must be used when
	including)

o Fixed Feature: safe_mode_gid (php.ini directive)
  - Correctly check (and report) UID/GID bits on directories

o Changed include() fall back to scripts cwd implementation
  - CWD added to the (local) search path in php_fopen_with_path()
    instead of seperate case. [ main/fopen_wrappers.c ]
 2001-07-13 18:21:21 +00:00
Rasmus Lerdorf
89a73df39c Fix Windows build (I think) 2001-07-09 18:57:19 +00:00
Rasmus Lerdorf
934e10c7dc Add getmygid() and safe_mode_gid ini directive to allow safe mode to do 
a gid check instead of a uid check.
@ - Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
@ a gid check instead of a uid check. (James E. Flemer, Rasmus)
 2001-07-09 17:36:04 +00:00
Rasmus Lerdorf
81e2cf03ac Fix folding and clean up some extensions 2001-06-06 13:06:12 +00:00
Rasmus Lerdorf
25c3a3a39d vim-6 does folding - clean up a bunch of missing folding tags plus 
some misguided RINIT and RSHUTDOWN calls in a few fringe extensions
 2001-06-05 13:12:10 +00:00
Andi Gutmans
4c823e8a89 - Change macros from V_ to VCWD_ because of AIX name clash 2001-04-30 12:45:02 +00:00
Andi Gutmans
eb6ba01d1c - Fix copyright notices with 2001 2001-02-26 06:11:02 +00:00
Andi Gutmans
033190cbcf - Fix warning 
PR:
Submitted by:
Reviewed by:
Obtained from:
 2001-02-12 15:47:38 +00:00
Thies C. Arntzen
0719e7e006 @- Allow access to uploaded files in safe_mode. Beware that you can only 
@  read the file. If you copy it to new location the copy will not have the
@  right UID and you script won't be able to access that copy. (Thies)
 2001-01-09 11:58:57 +00:00
Andi Gutmans
86a1cace27 - Make all places use MAXPATHLEN in the same way. It includes the 
terminating NULL.
 2000-12-16 20:52:43 +00:00
Andi Gutmans
6139a2c8ce - Define the different possible modes for readibility and use in the rest 
- of PHP
 2000-11-01 18:05:27 +00:00
Andi Gutmans
8907e17bde - In function declerations the opening { should be on a new line 2000-11-01 17:31:53 +00:00
Zeev Suraski
6614e8edb4 - I wrote a long msg but the commit didn't go through. 
- So here is the short version:
- a) Start moving to binary opens in Windows
- b) Give checkuid_mode() a small face lift including the fopen-wrappers.c
- The mode to this function should at least be a #define but that is for
- another day. Anyway this whole stuff should be given more face lifts in
- the future.
 2000-06-25 17:02:59 +00:00
Zeev Suraski
e043439ff6 Update the license with the new clause 6 2000-05-18 15:34:45 +00:00
Andi Gutmans
e40268d07c - Add missing V_STAT() 2000-04-20 16:38:08 +00:00
Andi Gutmans
1665cba750 - Change PHP_ to V_ (directory & file functions) 2000-04-15 14:20:01 +00:00
Andi Gutmans
f9547241d5 - Fix another bug in session.c 
- Start using the new PHP_GETCWD() and co. macros
 2000-03-30 22:38:50 +00:00
Zeev Suraski
9b621d1c8f Get the license right... (this won't make it to RC1 of B4) 2000-02-19 23:21:46 +00:00
Zeev Suraski
49e98c3ddd request_info.c is dead! long live SAPI 
@- Finished the server abstraction layer;  All of the PHP code is now shared
@  across different servers (Apache, CGI, IIS, etc.), except for thin
@  interface modules (Zeev)
 2000-02-10 20:13:08 +00:00
Zeev Suraski
41f6bca92f More cleanup! 2000-02-10 18:19:04 +00:00
Zeev Suraski
7d926a0e0c More cleanup... 2000-02-10 17:26:57 +00:00
Rasmus Lerdorf
e8b74e56c9 # Fix silly typo 2000-01-08 14:36:12 +00:00
Sascha Schumann
43ae2bffbb Happy Y2K patch! Happy new year (or the new millennium, depending on whether 
you start counting at 0 or 1).
 2000-01-01 01:32:05 +00:00
Zeev Suraski
a3c6514332 More php3_ annihilation 1999-12-17 19:51:39 +00:00
Zeev Suraski
02d3b39420 More php3_ annihilation 1999-12-17 19:16:50 +00:00
Zeev Suraski
3cb1eb0471 Removed '3' from key functions in PHP (maintained compatibility through 
php3_compat.h)
 1999-08-02 19:17:14 +00:00
Zeev Suraski
c5724cbd14 License update 1999-07-16 13:13:16 +00:00