Sebastian Bergmann
4223aa4d5e
MFH: Bump year.
2007-01-01 09:36:18 +00:00
Antony Dovgal
a7ce772222
fix #39575 (move_uploaded_file() no longer working (safe mode related))
2006-11-22 11:55:36 +00:00
Dmitry Stogov
a5f951f27c
Removed unnecessary checks for ISREG file and corresponding stat() calls on Windows
2006-11-10 10:55:26 +00:00
Dmitry Stogov
9fd2b6deb4
Simplify the code base as this getpwd() was used only once
2006-11-10 09:56:16 +00:00
Nuno Lopes
7961207d6b
add const keywords
2006-07-01 11:35:34 +00:00
Dmitry Stogov
63b3f5c041
Eliminated unnecessary getcwd() syscall
2006-03-17 10:42:31 +00:00
foobar
5bd93221a8
bump year and license version
2006-01-01 12:51:34 +00:00
Ilia Alshanetsky
72857b6dbb
MFH: Fixed bug #32937 (open_basedir looses trailing / in the limiter).
2005-09-27 15:07:49 +00:00
foobar
23e671a51e
- Bumber up year
2005-08-03 14:08:58 +00:00
Anantha Kesari H Y
d77acff66f
main/fopen_wrappers.c
...
NetWare file names are case insensitive
main/main.c
NetWare has no sendmail binary. It uses the smart host mailing code avaiolable in php distro. Could not find a better place to put this than main/main.c.
-- Kamesh
2005-07-16 12:21:34 +00:00
Anantha Kesari H Y
f04b1e97bb
NetWare LibC has pwd.h
2005-02-23 08:56:47 +00:00
Ilia Alshanetsky
e55938b6a8
Fixed bug #31514 (open_basedir uses path_translated rather then cwd for .
...
translation).
2005-02-02 23:43:17 +00:00
Anantha Kesari H Y
9b0489ac47
removed redundant checks for NETWARE
2004-09-23 15:43:54 +00:00
Ilia Alshanetsky
542b034efa
Fixed bug #27559 (Corrected open_basedir resolving logic).
2004-03-16 00:31:22 +00:00
Ilia Alshanetsky
e8beeecf3e
Fixed bug #26653 (open_basedir incorrectly resolved on win32).
2004-02-10 16:08:54 +00:00
Andi Gutmans
dbeb4158d2
- A belated happy holidays and PHP 5
2004-01-08 08:18:22 +00:00
Hartmut Holzgraefe
075e66cc08
signed/unsigned compiler warning fixes
2003-09-26 08:09:56 +00:00
Ilia Alshanetsky
9ba651c692
Fixed bug #24873 (incorrect handling of / inside open_basedir)
2003-07-30 17:55:06 +00:00
Ilia Alshanetsky
1e92b5e7a3
Make php_check_safe_mode_include_dir check independent of unrelated
...
open_basedir directive and make it properly handle undefined/empty
safe_mode_include_dir directive when safe_mode is enabled.
2003-07-22 01:32:01 +00:00
Ilia Alshanetsky
419448238b
Fixed typo.
2003-06-24 14:36:01 +00:00
Ilia Alshanetsky
6b5b6079da
Fix for bug #24313 (port from dead PHP_5 branch)
2003-06-24 13:56:25 +00:00
James Cox
f68c7ff249
updating license information in the headers.
2003-06-10 20:04:29 +00:00
Sterling Hughes
84f0dd0e44
really fix
2003-03-26 23:03:48 +00:00
Sterling Hughes
c0f04cc087
fix segfault
2003-03-26 23:01:39 +00:00
foobar
8c3cd0344d
MFB: Fix for open_basedir error message
2003-02-23 22:30:02 +00:00
foobar
8e3f23e3c0
ws fixes + missing $Id$ tags, headers added
2003-02-19 08:40:19 +00:00
Zeev Suraski
4934744b93
Win32 build improvements
2003-02-17 13:29:59 +00:00
Wez Furlong
0a18a9d744
A add much more useful select(2) implementation than is provided by
...
windows sockets. The winsock implementation will only work with sockets;
our implementation works with sockets and file descriptors.
By association, stream_select() will now operate correctly with files, pipes and sockets.
This change required linking against the winsock2 library. In terms of
compatibility, only older versions of windows 95 do not have winsock2
installed by default. It is available as a redistributable file, and is most likely installed by any OS patches (eg: Internet Explorer) applied by the user.
Also, add a win32 compatible pipe test when opening a stream from a pipe. This test will only work on NT, win2k and XP platforms. Without this test, interleaved fread() and select() calls would cause the read buffer to be clobbered. I will be working on a fix for this issue for win9x.
2003-02-16 03:48:49 +00:00
Sebastian Bergmann
2c5d4b8c23
Bump year.
2002-12-31 15:59:15 +00:00
Shane Caraveo
529762a21a
php_error_docref aborts cgi. This broke using php as cgi under
...
apache/mod_cgi with the cgi-script directive and bang lines in php scripts.
removing it allows this to work again.
2002-12-01 21:28:27 +00:00
Ilia Alshanetsky
2a291ba362
Made open_basedir error more descriptive.
2002-11-08 22:48:01 +00:00
Ilia Alshanetsky
cfe0c82034
Added 4th argument to virtual_file_ex() that specifies whether or not
...
realpath() should be used during path resolving. In a number of functions
we do not want to use realpath(), since realpath() will resolve symlinks.
2002-11-05 14:50:17 +00:00
Brian France
3340e82508
Fixed a problem where opendir with <path>/ and having <path>/ in
...
open_basedir ini option didn't work. It was removing the trailing
slashes and then addeding it back to only one of the string,
now it adds it back to to both if needed.
2002-10-04 22:16:16 +00:00
Rasmus Lerdorf
5a239ab059
Uh, this is what I meant to do. Fix for #19292
2002-09-28 16:27:10 +00:00
Rasmus Lerdorf
5eab8abd35
Probable fix for bug #19292
2002-09-28 16:10:43 +00:00
Ilia Alshanetsky
e489ee946e
Fixed bug #19395
2002-09-22 18:30:38 +00:00
Anantha Kesari H Y
e4b9df9585
NetWare related changes/modifications
2002-09-09 10:56:28 +00:00
Marcus Boerger
a1f7bb12f1
use php_error_docref()
2002-08-25 18:45:02 +00:00
Zeev Suraski
bc906117bb
Fix a few warnings
2002-08-19 20:47:55 +00:00
Rasmus Lerdorf
63e6666216
MTH - thought the code was slightly different in HEAD because of the
...
streams stuff, but it is exactly the same bug.
@ Safe-mode fix related to the safe_mode_include_dir feature (Rasmus)
2002-05-11 19:58:40 +00:00
Wez Furlong
0f65280cb5
New PHP streams...
2002-03-15 21:03:08 +00:00
Sebastian Bergmann
3ff94ed265
Fix thread-safe build.
2002-02-02 05:43:55 +00:00
James E. Flemer
6aadae975c
Changed php.ini directive 'safe_mode_include_dir' to accept a
...
(semi)colon separated path, rather than a single directory.
Also moved checking of said path into a separate path for code
readability.
@- Changed php.ini directive 'safe_mode_include_dir' to accept a
@ (semi)colon separated path (like 'include_path') rather than
@ a single directory. (jflemer)
2002-02-01 20:04:14 +00:00
Alex Waugh
e320de1e2e
Undefine AF_UNIX under RISC OS
2001-12-23 00:46:13 +00:00
Sebastian Bergmann
38933514e1
Update headers.
2001-12-11 15:32:16 +00:00
Sterling Hughes
b91a66699c
Z_TYPE(filehandle)?? ok.. whatever... ;)
2001-11-26 18:57:44 +00:00
Jeroen van Wolffelaar
c033288573
Back-substitute for Z_* macro's. If it breaks some extension (the script isn't optimal, it parses for example var->zval.value incorrect) please let me know.
2001-09-25 21:58:48 +00:00
Derick Rethans
78747bd2df
- Don't wrap lines... this is annoying while coding.
2001-09-09 13:29:31 +00:00
Zeev Suraski
1159c84ab7
- TSRMLS_FETCH work
...
- whitespace fixes
2001-08-05 01:43:02 +00:00
foobar
0ccc2fd9ef
kill warning and make this build again.
2001-08-01 00:31:19 +00:00
Zeev Suraski
15cb7ca021
Fix some warnings
2001-07-31 23:32:24 +00:00
Zeev Suraski
b1de7fc900
More TSRMLS_FETCH annihilation. Enough for today...
2001-07-31 07:09:49 +00:00
Zeev Suraski
bc42c37513
More TSRMLS_FETCH work. Got it under 400 now.
2001-07-31 06:28:05 +00:00
Zeev Suraski
c43806f415
Zend compatibility patch
2001-07-30 08:24:42 +00:00
Zeev Suraski
d87cc976e1
Redesigned thread safety mechanism - nua nua
2001-07-28 11:36:37 +00:00
Zeev Suraski
fe6f8712a4
- Get rid of ELS_*(), and use TSRMLS_*() instead.
...
- Move to the new ts_allocate_id() API
This patch is *bound* to break some files, as I must have had typos somewhere.
If you use any uncommon extension, please try to build it...
2001-07-27 10:16:41 +00:00
Andi Gutmans
7ce1846761
- Shouldn't be needed anymore
2001-07-21 15:13:19 +00:00
Andi Gutmans
4715403906
- Fix __FILE__ in the main script in CGI/command line mode.
2001-07-21 15:11:30 +00:00
Zeev Suraski
ba1249dc8e
Fix the crash Joey found
2001-07-16 13:48:07 +00:00
Zeev Suraski
407fd77c20
Generalize
2001-07-16 13:31:55 +00:00
Zeev Suraski
ab7f5ee038
Fix a crash with the new check-in-cwd code. It will now work only
...
with files which are included in runtime, and not files which are opened at startup (e.g., php.ini)
2001-07-15 12:24:06 +00:00
James E. Flemer
771e3e498f
o Fixed Bug #12121 : chdir and safe_mode
...
- [ main/safe_mode.h ] added new checkuid mode:
CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
fails
- [ ext/standard/dir.c ] changed php_checkuid() to use
CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR
- [ main/safe_mode.c ] added code for new checkuid mode
o Fixed Bug #12119 : safe mode owner check can be bypassed with symlink
- [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination
of symlink before trimming filename
o New Feature: safe_mode_include_dir (php.ini directive)
- Allows bypassing UID/GID checks when including files
from the directory in safe_mode_include_dir and its
subdirectories. (safe_mode must be on, directory must
also be in include_path or full path must be used when
including)
o Fixed Feature: safe_mode_gid (php.ini directive)
- Correctly check (and report) UID/GID bits on directories
o Changed include() fall back to scripts cwd implementation
- CWD added to the (local) search path in php_fopen_with_path()
instead of seperate case. [ main/fopen_wrappers.c ]
2001-07-13 18:21:21 +00:00
Zeev Suraski
66c8b08efa
Remove unreferenced variable
2001-07-11 17:10:13 +00:00
Andi Gutmans
2d9c29a31a
- Nuke fprintf()
2001-07-10 20:40:56 +00:00
Andi Gutmans
4b54140a35
- Commit patch which checks for an include file in the calling scripts'
...
current working directory if everything else fails (include_path).
- Right now this also effects things like opening php.ini. It'll now always
check in the current working directory for php.ini. I think this doesn't
screw up todays behavior.
2001-07-10 20:38:39 +00:00
Zeev Suraski
fa684c5bd4
Whitespace
2001-07-10 18:49:47 +00:00
Rasmus Lerdorf
81e2cf03ac
Fix folding and clean up some extensions
2001-06-06 13:06:12 +00:00
Rasmus Lerdorf
25c3a3a39d
vim-6 does folding - clean up a bunch of missing folding tags plus
...
some misguided RINIT and RSHUTDOWN calls in a few fringe extensions
2001-06-05 13:12:10 +00:00
foobar
726bd849c0
oops..
2001-05-23 03:40:52 +00:00
foobar
1567b0dfe0
fixed bug: #10960
2001-05-23 00:33:47 +00:00
Andi Gutmans
4c823e8a89
- Change macros from V_ to VCWD_ because of AIX name clash
2001-04-30 12:45:02 +00:00
Stig Bakken
0b2641efa6
@Added -C command-line option to avoid chdir to the script's directory (Stig)
2001-04-16 23:20:47 +00:00
Andi Gutmans
eb6ba01d1c
- Fix copyright notices with 2001
2001-02-26 06:11:02 +00:00
Rasmus Lerdorf
83cf6629ec
@BeOS patch from svanegmond@bang.dhs.org modified somewhat by Rasmus
...
BeOS patch from svanegmond@bang.dhs.org modified somewhat by Rasmus
2001-01-21 17:29:15 +00:00
Andi Gutmans
86a1cace27
- Make all places use MAXPATHLEN in the same way. It includes the
...
terminating NULL.
2000-12-16 20:52:43 +00:00
Andi Gutmans
11e5f9bd44
- This is the correct way of doing it
2000-12-14 23:05:31 +00:00
Hartmut Holzgraefe
38569740da
fix for #7756 and #6743 : fatal error on 'include("")' instead of warning
...
(+ some cleanup)
2000-11-11 10:15:59 +00:00
Andi Gutmans
6da2eaf600
- When mode is specified the flag is a don't care
2000-11-02 23:30:48 +00:00
Andi Gutmans
1956fb48d2
- Missed one of the php_checkuid() places
2000-11-02 23:19:48 +00:00
Andi Gutmans
d0ec3df288
- Use CHECKUID_* #define's instead of cryptic numbers in php_checkuid()
...
- I did not test for validity of the actual php_checkuid() calls and there
- might be mistakes in the previous code.
2000-11-02 23:08:07 +00:00
Hartmut Holzgraefe
604876542a
removed some bogus code
2000-10-31 11:32:05 +00:00
Zeev Suraski
3dc7fc54a0
- URL-opened files now store the HTTP response header in $http_response_header
...
- Some layout updates
2000-10-28 01:31:56 +00:00
Frank M. Kromann
02537bd2f2
Kill compiler warning.
2000-10-27 16:16:55 +00:00
Sascha Schumann
61cf1f34a5
We don't need to store NUL of the key which simplifies the lookup
...
significantly.
2000-10-22 14:42:55 +00:00
Joey Smith
a57ea792c6
Close bug #7325 . Patches by djm@web.us.uu.net.
2000-10-19 15:05:44 +00:00
Hartmut Holzgraefe
6d5f1d97f8
now it works for me as CGI and APXS, with or without --enable-debug ...
2000-10-13 10:04:17 +00:00
Daniel Beulshausen
6fb51171c8
compile fixes & update of win32 dsp
2000-10-13 09:13:01 +00:00
Hartmut Holzgraefe
cae27179ce
fopen wrappers cleanup
...
- comfiguration is now done by an ini parameter
instead of a compile time option
- the implementations of the three standard wrappers
now live in seperate files in ext/standard
- the compiler is happy again, no more warnings
2000-10-13 00:09:31 +00:00
Andi Gutmans
e91c188e85
- Fix memory leak.
2000-10-12 19:58:20 +00:00
Andi Gutmans
18f86e7757
- Fix V_CHDIR_FILE() to only chdir() when a directory part is specified.
...
Use this instead of broken php_dirname() in fopen-wrappers.c
2000-10-03 15:05:50 +00:00
Andi Gutmans
5819b6d4a6
- Remove unneeded IS_SLASH() definition.
2000-10-01 18:13:41 +00:00
Andi Gutmans
e740042363
- Fix doc_root problem. If you need to limit under which directories the
...
scripts should reside use open_basedir.
2000-09-17 05:52:26 +00:00
Andi Gutmans
0e874a094c
- Use IS_ABSOLUTE_PATH() so that this will work correctly under Windows
2000-09-14 20:47:35 +00:00
Stig Venaas
d8a4a9b1dd
Added IPv6 support to php_fopen_url_wrap_ftp (EPSV and php_hostconnect())
2000-09-09 21:29:37 +00:00
Stanislav Malyshev
522aec4443
Never trust snprintf return value
2000-09-08 12:52:05 +00:00
Stig Venaas
24633f5987
renamed hostconnect() to php_hostconnect()
2000-09-05 16:36:56 +00:00
Stig Venaas
b83427db64
using the new hostconnect() for the http wrapper
2000-09-05 15:59:08 +00:00
Andi Gutmans
27de50012b
- Use emalloc() for opened_path now. This was a potential leak before.
...
- This patch has potential to break stuff but I tested it as much as I
- could. Fixes should be easy.
2000-08-31 22:24:20 +00:00
Andi Gutmans
e8e5c9d97e
- Remove redundant IS_SLASH
...
- Reverse config.w32.h patches
- Use IS_ABSOLUTE_PATH() in one place in fopen-wrappers.c
2000-08-31 19:49:36 +00:00
Andi Gutmans
ca5e0330ca
- Missed a space
2000-08-30 20:32:29 +00:00