Daniel Beulshausen
0dab84d065
fix SAPI_POST_* exports
2001-08-15 18:01:48 +00:00
Zeev Suraski
1159c84ab7
- TSRMLS_FETCH work
...
- whitespace fixes
2001-08-05 01:43:02 +00:00
Zeev Suraski
d76cf1da18
More TSRMLS_FETCH work
2001-07-31 04:53:54 +00:00
Zeev Suraski
d87cc976e1
Redesigned thread safety mechanism - nua nua
2001-07-28 11:36:37 +00:00
Zeev Suraski
fe6f8712a4
- Get rid of ELS_*(), and use TSRMLS_*() instead.
...
- Move to the new ts_allocate_id() API
This patch is *bound* to break some files, as I must have had typos somewhere.
If you use any uncommon extension, please try to build it...
2001-07-27 10:16:41 +00:00
Zeev Suraski
a9915bf69a
Another layout fix
2001-07-16 20:43:18 +00:00
Zeev Suraski
b6064e5d3e
Fix layout
...
Guys - when submitting patches - please make sure you're not breaking
the layout of the code! It's not less important than the patch
itself.
2001-07-16 20:42:49 +00:00
foobar
b0ed727aee
Fix one problem with Opera browsers. Tested with IE,NS,Opera.
...
There can be also a \t before the 'filename=' part.
2001-06-19 16:54:30 +00:00
Rasmus Lerdorf
81e2cf03ac
Fix folding and clean up some extensions
2001-06-06 13:06:12 +00:00
Rasmus Lerdorf
25c3a3a39d
vim-6 does folding - clean up a bunch of missing folding tags plus
...
some misguided RINIT and RSHUTDOWN calls in a few fringe extensions
2001-06-05 13:12:10 +00:00
foobar
bf417a3b72
Now the file uploads 'work' also on Lynx. This patch was submitted
...
by Andreas Pistoor <andreas@erestor.f2s.com> and I have tested it a
quite long time now and didn't notive any problems. Bug: #9930
2001-05-02 01:18:53 +00:00
Andi Gutmans
4c823e8a89
- Change macros from V_ to VCWD_ because of AIX name clash
2001-04-30 12:45:02 +00:00
Andi Gutmans
eb6ba01d1c
- Fix copyright notices with 2001
2001-02-26 06:11:02 +00:00
Sascha Schumann
96ba644e9f
Make the code match the comment.
...
Prior to this change, the upload code tried to add mangled names to
the global HTTP_POST_FILES array, resulting in all kind of weird behaviour.
After this change, multi-dimensional form elements are treated correctly
and consistently.
2001-01-19 15:39:35 +00:00
Zeev Suraski
f8522c7fa9
Use free_estring()
2001-01-15 10:50:39 +00:00
Sascha Schumann
5d8e3c37d9
arr_index errorneusly included the trailing ']' character, so that
...
variable names like Data_name[Image]] were passed to the register functions.
2001-01-13 10:19:17 +00:00
Stanislav Malyshev
ea46f79a97
Fix #8486 (name= without quotes in MIME Content-Disposition header)
...
Ported fix by kk/sas from PHP 3
2001-01-03 10:52:26 +00:00
Rasmus Lerdorf
c9f1fe638d
Fix off by one error in file upload code
2000-12-08 14:28:14 +00:00
Stanislav Malyshev
1f7a3b3b11
Remove empty temp file on failed upload
2000-10-30 15:30:27 +00:00
Sascha Schumann
836df2f798
Parse quoted boundary correctly
2000-10-20 23:40:07 +00:00
Zeev Suraski
9e5ef06ceb
Fix warning
2000-10-17 18:13:35 +00:00
Andi Gutmans
824fc6a084
- Move php_open_temporary_file() out of file.c
2000-09-11 18:56:47 +00:00
Zeev Suraski
b7ecaacd07
More security-related (control) patches:
...
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit. Defaults to 8MB.
- Implemented file_uploads on/off directive (defaults to on).
2000-09-09 15:02:15 +00:00
Zeev Suraski
6c4cb4c079
Security related updates:
...
- Introduce php_open_temporary_file(), in place of tempnam(). Still
needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the mechanism for unlinking uploaded files at the end of the request
(was it ever tested?). Files moved with move_uploaded_file() will not be unlink()'d
again, to avoid (albeit very unlikely) race conditions.
2000-09-09 11:41:14 +00:00
Zeev Suraski
75086e3088
- Implemented is_upload_file()
2000-09-08 21:56:47 +00:00
Zeev Suraski
677d4b9913
Send $HTTP_POST_FILES to the right place
2000-09-07 04:12:31 +00:00
Zeev Suraski
eb32144902
- Remove track_vars - it is now always on
...
- Make the various $HTTP_*_VARS[] arrays be defined always,
even if they're empty
- Fix Win32 build and warnings
2000-09-05 19:06:29 +00:00
Zeev Suraski
efdd39207c
Protect arrays as well.
2000-09-04 22:26:01 +00:00
Zeev Suraski
5dca99232e
Prevent exploit in [tmp_name] as well
2000-09-04 22:05:00 +00:00
Zeev Suraski
60825fab88
Fix the logic. Tested.
2000-09-04 21:23:41 +00:00
Zeev Suraski
388170ffa5
3rd time's a charm
2000-09-04 20:47:52 +00:00
Zeev Suraski
b47050630b
Fix the fix
2000-09-04 20:46:10 +00:00
Zeev Suraski
ed453cc9b4
Fix the file upload security problem with no side effects (untested)
2000-09-04 19:07:50 +00:00
Rasmus Lerdorf
43fefff150
Quick-fix for the file upload security alert
...
@Quick-fix for the file upload security alert (Rasmus)
2000-09-04 05:09:46 +00:00
Rasmus Lerdorf
da1b7847b3
Support content-encoding headers in file upload mime parts
...
@- Support content-encoding headers in file upload MIME parts
@ (Ragnar Kjørstad)
2000-08-06 06:40:28 +00:00
Stanislav Malyshev
a790966b15
Fix file upload types array handling ( #5836 )
2000-07-30 11:22:18 +00:00
Rasmus Lerdorf
76061b701e
@ Add support for both indexed and non-indexed arrays of file uploads
...
@ eg. name="file[]" type="file" (Rasmus)
Add support for both indexed and non-indexed arrays of file uploads
eg. name="file[]" type="file" (Rasmus)
2000-06-04 05:46:28 +00:00
Zeev Suraski
e043439ff6
Update the license with the new clause 6
2000-05-18 15:34:45 +00:00
Andi Gutmans
1665cba750
- Change PHP_ to V_ (directory & file functions)
2000-04-15 14:20:01 +00:00
Zeev Suraski
69ff396312
*** empty log message ***
2000-04-02 22:15:14 +00:00
Zeev Suraski
18e0850ba1
@- Add $HTTP_POST_FILES[filename][tmp_name] - it was previously impossible to
...
@ retrieve the temporary name of an uploaded file using $HTTP_POST_FILES[] (Zeev)
- Changed IMAP Win32 definitions
2000-04-02 21:27:32 +00:00
Andi Gutmans
9df7df3293
- Baby steps... Use PHP_FOPEN()
2000-03-30 22:41:13 +00:00
Zeev Suraski
e5c8aeb3f1
- Protect $HTTP_POST_FILES[] as well
2000-02-26 18:59:29 +00:00
Zeev Suraski
9b621d1c8f
Get the license right... (this won't make it to RC1 of B4)
2000-02-19 23:21:46 +00:00
Zeev Suraski
739bdec582
Worked on beautifying rfc1867.c a bit
...
@- Introduced $HTTP_POST_FILES[], that contains information about files uploaded
@ through HTTP upload (Zeev)
2000-02-19 20:12:26 +00:00
Zeev Suraski
a6393de6f7
Make POST handling the way it should be. RFC1867, and any future POST handlers we might
...
have in the future now obey to the variables_order directive, and there's a real way modular
way to handle POST content.
This is all untested, BEFORE_SAPI_POST_PATCH_17_FEB_2000 tagged before submission
@- Made multipart/form-data content obey to the variables_order directive (Zeev)
2000-02-17 20:23:59 +00:00
Zeev Suraski
4a211a80fb
@- Fixed RFC1867 file upload under Windows (Zeev)
...
Fixed a memory leak
2000-02-15 22:51:18 +00:00
Thies C. Arntzen
829f4f334b
@- Workaround for bogus POST-Data from IE/Mac. (Thies)
...
@ Patch by Alain Malek <alain@virtua.ch>
fix #2944
2000-02-12 17:37:11 +00:00
Zeev Suraski
b2449f929c
- Change the argument order of php_register_variable() to something more
...
intuitive.
- Make the authentication variables be a part of the HTTP_SERVER_VARS[] array
2000-01-29 11:55:44 +00:00
Zeev Suraski
9ab35ae393
Tried to centralize global variable registration as much as possible:
...
- Added $HTTP_ENV_VARS[] and $HTTP_SERVER_VARS[] support, which similarly
to $HTTP_GET_VARS[], contain environment and server variables. Setting
register_globals to Off will now also prevent registration of the
environment and server variables into the global scope (Zeev)
- Renamed gpc_globals to register_globals (Zeev)
- Introduced variables_order that deprecates gpc_order, and allows control
over the server and environment variables, in addition to GET/POST/Cookies
(Zeev)
2000-01-28 17:24:53 +00:00