Sebastian Bergmann
d1dded8751
MFH: Bump copyright year, 2 of 2.
2007-12-31 07:17:19 +00:00
Hannes Magnusson
c236bcd80e
Fixed bug#43105 (PHP seems to fail to close open files.)
2007-12-27 02:09:26 +00:00
Scott MacVicar
52debae82e
MFH: Fix expand_filepath when including relative files, ideally you should test you code...
2007-10-09 10:05:08 +00:00
Jani Taskinen
e2b5419e05
MFH: ws + cs
2007-10-09 08:40:36 +00:00
Robert Thompson
0092263030
Fix for bug 41822. expand_filepath() will now return a relative path under the specific situation where getcwd() returns NULL and the file is still readable. As far as I have been able to tell, this fix only applies to the Solaris OS where files in directories with (--x) cannot getcwd().
2007-10-08 23:44:50 +00:00
Dmitry Stogov
ca854215db
Fixed symlink("", "somthing") and link("", "somthing") in ZTS mode
2007-07-10 13:21:11 +00:00
Antony Dovgal
8e3eee385e
MFH: fix #41518 (file_exists() warns of open_basedir restriction on non-existent file)
2007-06-01 13:35:23 +00:00
Dmitry Stogov
72e7bfdedf
Fixed endless loop in open_basedir check
2007-04-18 11:58:40 +00:00
Antony Dovgal
19aa4a932f
fix #40931 (open_basedir bypass via symlink and move_uploaded_file())
2007-04-10 22:30:07 +00:00
Marcus Boerger
50ea26760d
- Avoid sprintf, even when checked copy'n'paste or changes lead to errors
2007-02-24 02:17:47 +00:00
Hannes Magnusson
6b7144d0b8
Fix build
...
#Thanks Andy
2007-01-12 14:31:28 +00:00
Antony Dovgal
5941c1d28c
MFH
2007-01-12 09:10:16 +00:00
Ilia Alshanetsky
2ae036f038
Fixed bug #40098 (php_fopen_primary_script() not thread safe).
...
Adjusted previous fixes for similar issue to handle sysconf() failures
2007-01-12 01:46:11 +00:00
Sebastian Bergmann
4223aa4d5e
MFH: Bump year.
2007-01-01 09:36:18 +00:00
Antony Dovgal
a7ce772222
fix #39575 (move_uploaded_file() no longer working (safe mode related))
2006-11-22 11:55:36 +00:00
Dmitry Stogov
a5f951f27c
Removed unnecessary checks for ISREG file and corresponding stat() calls on Windows
2006-11-10 10:55:26 +00:00
Dmitry Stogov
9fd2b6deb4
Simplify the code base as this getpwd() was used only once
2006-11-10 09:56:16 +00:00
Nuno Lopes
7961207d6b
add const keywords
2006-07-01 11:35:34 +00:00
Dmitry Stogov
63b3f5c041
Eliminated unnecessary getcwd() syscall
2006-03-17 10:42:31 +00:00
foobar
5bd93221a8
bump year and license version
2006-01-01 12:51:34 +00:00
Ilia Alshanetsky
72857b6dbb
MFH: Fixed bug #32937 (open_basedir looses trailing / in the limiter).
2005-09-27 15:07:49 +00:00
foobar
23e671a51e
- Bumber up year
2005-08-03 14:08:58 +00:00
Anantha Kesari H Y
d77acff66f
main/fopen_wrappers.c
...
NetWare file names are case insensitive
main/main.c
NetWare has no sendmail binary. It uses the smart host mailing code avaiolable in php distro. Could not find a better place to put this than main/main.c.
-- Kamesh
2005-07-16 12:21:34 +00:00
Anantha Kesari H Y
f04b1e97bb
NetWare LibC has pwd.h
2005-02-23 08:56:47 +00:00
Ilia Alshanetsky
e55938b6a8
Fixed bug #31514 (open_basedir uses path_translated rather then cwd for .
...
translation).
2005-02-02 23:43:17 +00:00
Anantha Kesari H Y
9b0489ac47
removed redundant checks for NETWARE
2004-09-23 15:43:54 +00:00
Ilia Alshanetsky
542b034efa
Fixed bug #27559 (Corrected open_basedir resolving logic).
2004-03-16 00:31:22 +00:00
Ilia Alshanetsky
e8beeecf3e
Fixed bug #26653 (open_basedir incorrectly resolved on win32).
2004-02-10 16:08:54 +00:00
Andi Gutmans
dbeb4158d2
- A belated happy holidays and PHP 5
2004-01-08 08:18:22 +00:00
Hartmut Holzgraefe
075e66cc08
signed/unsigned compiler warning fixes
2003-09-26 08:09:56 +00:00
Ilia Alshanetsky
9ba651c692
Fixed bug #24873 (incorrect handling of / inside open_basedir)
2003-07-30 17:55:06 +00:00
Ilia Alshanetsky
1e92b5e7a3
Make php_check_safe_mode_include_dir check independent of unrelated
...
open_basedir directive and make it properly handle undefined/empty
safe_mode_include_dir directive when safe_mode is enabled.
2003-07-22 01:32:01 +00:00
Ilia Alshanetsky
419448238b
Fixed typo.
2003-06-24 14:36:01 +00:00
Ilia Alshanetsky
6b5b6079da
Fix for bug #24313 (port from dead PHP_5 branch)
2003-06-24 13:56:25 +00:00
James Cox
f68c7ff249
updating license information in the headers.
2003-06-10 20:04:29 +00:00
Sterling Hughes
84f0dd0e44
really fix
2003-03-26 23:03:48 +00:00
Sterling Hughes
c0f04cc087
fix segfault
2003-03-26 23:01:39 +00:00
foobar
8c3cd0344d
MFB: Fix for open_basedir error message
2003-02-23 22:30:02 +00:00
foobar
8e3f23e3c0
ws fixes + missing $Id$ tags, headers added
2003-02-19 08:40:19 +00:00
Zeev Suraski
4934744b93
Win32 build improvements
2003-02-17 13:29:59 +00:00
Wez Furlong
0a18a9d744
A add much more useful select(2) implementation than is provided by
...
windows sockets. The winsock implementation will only work with sockets;
our implementation works with sockets and file descriptors.
By association, stream_select() will now operate correctly with files, pipes and sockets.
This change required linking against the winsock2 library. In terms of
compatibility, only older versions of windows 95 do not have winsock2
installed by default. It is available as a redistributable file, and is most likely installed by any OS patches (eg: Internet Explorer) applied by the user.
Also, add a win32 compatible pipe test when opening a stream from a pipe. This test will only work on NT, win2k and XP platforms. Without this test, interleaved fread() and select() calls would cause the read buffer to be clobbered. I will be working on a fix for this issue for win9x.
2003-02-16 03:48:49 +00:00
Sebastian Bergmann
2c5d4b8c23
Bump year.
2002-12-31 15:59:15 +00:00
Shane Caraveo
529762a21a
php_error_docref aborts cgi. This broke using php as cgi under
...
apache/mod_cgi with the cgi-script directive and bang lines in php scripts.
removing it allows this to work again.
2002-12-01 21:28:27 +00:00
Ilia Alshanetsky
2a291ba362
Made open_basedir error more descriptive.
2002-11-08 22:48:01 +00:00
Ilia Alshanetsky
cfe0c82034
Added 4th argument to virtual_file_ex() that specifies whether or not
...
realpath() should be used during path resolving. In a number of functions
we do not want to use realpath(), since realpath() will resolve symlinks.
2002-11-05 14:50:17 +00:00
Brian France
3340e82508
Fixed a problem where opendir with <path>/ and having <path>/ in
...
open_basedir ini option didn't work. It was removing the trailing
slashes and then addeding it back to only one of the string,
now it adds it back to to both if needed.
2002-10-04 22:16:16 +00:00
Rasmus Lerdorf
5a239ab059
Uh, this is what I meant to do. Fix for #19292
2002-09-28 16:27:10 +00:00
Rasmus Lerdorf
5eab8abd35
Probable fix for bug #19292
2002-09-28 16:10:43 +00:00
Ilia Alshanetsky
e489ee946e
Fixed bug #19395
2002-09-22 18:30:38 +00:00
Anantha Kesari H Y
e4b9df9585
NetWare related changes/modifications
2002-09-09 10:56:28 +00:00
Marcus Boerger
a1f7bb12f1
use php_error_docref()
2002-08-25 18:45:02 +00:00
Zeev Suraski
bc906117bb
Fix a few warnings
2002-08-19 20:47:55 +00:00
Rasmus Lerdorf
63e6666216
MTH - thought the code was slightly different in HEAD because of the
...
streams stuff, but it is exactly the same bug.
@ Safe-mode fix related to the safe_mode_include_dir feature (Rasmus)
2002-05-11 19:58:40 +00:00
Wez Furlong
0f65280cb5
New PHP streams...
2002-03-15 21:03:08 +00:00
Sebastian Bergmann
3ff94ed265
Fix thread-safe build.
2002-02-02 05:43:55 +00:00
James E. Flemer
6aadae975c
Changed php.ini directive 'safe_mode_include_dir' to accept a
...
(semi)colon separated path, rather than a single directory.
Also moved checking of said path into a separate path for code
readability.
@- Changed php.ini directive 'safe_mode_include_dir' to accept a
@ (semi)colon separated path (like 'include_path') rather than
@ a single directory. (jflemer)
2002-02-01 20:04:14 +00:00
Alex Waugh
e320de1e2e
Undefine AF_UNIX under RISC OS
2001-12-23 00:46:13 +00:00
Sebastian Bergmann
38933514e1
Update headers.
2001-12-11 15:32:16 +00:00
Sterling Hughes
b91a66699c
Z_TYPE(filehandle)?? ok.. whatever... ;)
2001-11-26 18:57:44 +00:00
Jeroen van Wolffelaar
c033288573
Back-substitute for Z_* macro's. If it breaks some extension (the script isn't optimal, it parses for example var->zval.value incorrect) please let me know.
2001-09-25 21:58:48 +00:00
Derick Rethans
78747bd2df
- Don't wrap lines... this is annoying while coding.
2001-09-09 13:29:31 +00:00
Zeev Suraski
1159c84ab7
- TSRMLS_FETCH work
...
- whitespace fixes
2001-08-05 01:43:02 +00:00
foobar
0ccc2fd9ef
kill warning and make this build again.
2001-08-01 00:31:19 +00:00
Zeev Suraski
15cb7ca021
Fix some warnings
2001-07-31 23:32:24 +00:00
Zeev Suraski
b1de7fc900
More TSRMLS_FETCH annihilation. Enough for today...
2001-07-31 07:09:49 +00:00
Zeev Suraski
bc42c37513
More TSRMLS_FETCH work. Got it under 400 now.
2001-07-31 06:28:05 +00:00
Zeev Suraski
c43806f415
Zend compatibility patch
2001-07-30 08:24:42 +00:00
Zeev Suraski
d87cc976e1
Redesigned thread safety mechanism - nua nua
2001-07-28 11:36:37 +00:00
Zeev Suraski
fe6f8712a4
- Get rid of ELS_*(), and use TSRMLS_*() instead.
...
- Move to the new ts_allocate_id() API
This patch is *bound* to break some files, as I must have had typos somewhere.
If you use any uncommon extension, please try to build it...
2001-07-27 10:16:41 +00:00
Andi Gutmans
7ce1846761
- Shouldn't be needed anymore
2001-07-21 15:13:19 +00:00
Andi Gutmans
4715403906
- Fix __FILE__ in the main script in CGI/command line mode.
2001-07-21 15:11:30 +00:00
Zeev Suraski
ba1249dc8e
Fix the crash Joey found
2001-07-16 13:48:07 +00:00
Zeev Suraski
407fd77c20
Generalize
2001-07-16 13:31:55 +00:00
Zeev Suraski
ab7f5ee038
Fix a crash with the new check-in-cwd code. It will now work only
...
with files which are included in runtime, and not files which are opened at startup (e.g., php.ini)
2001-07-15 12:24:06 +00:00
James E. Flemer
771e3e498f
o Fixed Bug #12121 : chdir and safe_mode
...
- [ main/safe_mode.h ] added new checkuid mode:
CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
fails
- [ ext/standard/dir.c ] changed php_checkuid() to use
CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR
- [ main/safe_mode.c ] added code for new checkuid mode
o Fixed Bug #12119 : safe mode owner check can be bypassed with symlink
- [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination
of symlink before trimming filename
o New Feature: safe_mode_include_dir (php.ini directive)
- Allows bypassing UID/GID checks when including files
from the directory in safe_mode_include_dir and its
subdirectories. (safe_mode must be on, directory must
also be in include_path or full path must be used when
including)
o Fixed Feature: safe_mode_gid (php.ini directive)
- Correctly check (and report) UID/GID bits on directories
o Changed include() fall back to scripts cwd implementation
- CWD added to the (local) search path in php_fopen_with_path()
instead of seperate case. [ main/fopen_wrappers.c ]
2001-07-13 18:21:21 +00:00
Zeev Suraski
66c8b08efa
Remove unreferenced variable
2001-07-11 17:10:13 +00:00
Andi Gutmans
2d9c29a31a
- Nuke fprintf()
2001-07-10 20:40:56 +00:00
Andi Gutmans
4b54140a35
- Commit patch which checks for an include file in the calling scripts'
...
current working directory if everything else fails (include_path).
- Right now this also effects things like opening php.ini. It'll now always
check in the current working directory for php.ini. I think this doesn't
screw up todays behavior.
2001-07-10 20:38:39 +00:00
Zeev Suraski
fa684c5bd4
Whitespace
2001-07-10 18:49:47 +00:00
Rasmus Lerdorf
81e2cf03ac
Fix folding and clean up some extensions
2001-06-06 13:06:12 +00:00
Rasmus Lerdorf
25c3a3a39d
vim-6 does folding - clean up a bunch of missing folding tags plus
...
some misguided RINIT and RSHUTDOWN calls in a few fringe extensions
2001-06-05 13:12:10 +00:00
foobar
726bd849c0
oops..
2001-05-23 03:40:52 +00:00
foobar
1567b0dfe0
fixed bug: #10960
2001-05-23 00:33:47 +00:00
Andi Gutmans
4c823e8a89
- Change macros from V_ to VCWD_ because of AIX name clash
2001-04-30 12:45:02 +00:00
Stig Bakken
0b2641efa6
@Added -C command-line option to avoid chdir to the script's directory (Stig)
2001-04-16 23:20:47 +00:00
Andi Gutmans
eb6ba01d1c
- Fix copyright notices with 2001
2001-02-26 06:11:02 +00:00
Rasmus Lerdorf
83cf6629ec
@BeOS patch from svanegmond@bang.dhs.org modified somewhat by Rasmus
...
BeOS patch from svanegmond@bang.dhs.org modified somewhat by Rasmus
2001-01-21 17:29:15 +00:00
Andi Gutmans
86a1cace27
- Make all places use MAXPATHLEN in the same way. It includes the
...
terminating NULL.
2000-12-16 20:52:43 +00:00
Andi Gutmans
11e5f9bd44
- This is the correct way of doing it
2000-12-14 23:05:31 +00:00
Hartmut Holzgraefe
38569740da
fix for #7756 and #6743 : fatal error on 'include("")' instead of warning
...
(+ some cleanup)
2000-11-11 10:15:59 +00:00
Andi Gutmans
6da2eaf600
- When mode is specified the flag is a don't care
2000-11-02 23:30:48 +00:00
Andi Gutmans
1956fb48d2
- Missed one of the php_checkuid() places
2000-11-02 23:19:48 +00:00
Andi Gutmans
d0ec3df288
- Use CHECKUID_* #define's instead of cryptic numbers in php_checkuid()
...
- I did not test for validity of the actual php_checkuid() calls and there
- might be mistakes in the previous code.
2000-11-02 23:08:07 +00:00
Hartmut Holzgraefe
604876542a
removed some bogus code
2000-10-31 11:32:05 +00:00
Zeev Suraski
3dc7fc54a0
- URL-opened files now store the HTTP response header in $http_response_header
...
- Some layout updates
2000-10-28 01:31:56 +00:00
Frank M. Kromann
02537bd2f2
Kill compiler warning.
2000-10-27 16:16:55 +00:00
Sascha Schumann
61cf1f34a5
We don't need to store NUL of the key which simplifies the lookup
...
significantly.
2000-10-22 14:42:55 +00:00
Joey Smith
a57ea792c6
Close bug #7325 . Patches by djm@web.us.uu.net.
2000-10-19 15:05:44 +00:00
Hartmut Holzgraefe
6d5f1d97f8
now it works for me as CGI and APXS, with or without --enable-debug ...
2000-10-13 10:04:17 +00:00
Daniel Beulshausen
6fb51171c8
compile fixes & update of win32 dsp
2000-10-13 09:13:01 +00:00