clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-28 21:36:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
42,946 Commits 494 Branches 1,367 Tags 785 MiB
4e6a1c2754
Commit Graph

192 Commits

Author SHA1 Message Date
Sebastian Bergmann
08659c2dcd MFH: Bump copyright year, 3 of 3. 2008-12-31 11:15:49 +00:00
Arnaud Le Blanc
f5dd8c00a0 WS 2008-10-20 18:43:32 +00:00
Arnaud Le Blanc
0f31ed2f77 Better fix for #46313 2008-10-20 18:42:58 +00:00
Arnaud Le Blanc
c98e28795f Fixed #46313 (Magic quotes broke $_FILES) 
# magic_quotes_gpc was disabled during registration of $_FILES["x"]["tmp_name"]
# and $GLOBALS["x"] (which is tmp_name with register_globals enabled). This
# caused "x" to not be escaped so there was 2 different keys for the same file
# in $_FILES, one with tmp_name and the other without.
# All other variables (name, size, etc) are registered with magic_quotes_gpc
# untouched, both in $_FILES and $GLOBALS and I did not found a reason for
# disabling it for tmp_name.
 2008-10-20 17:09:10 +00:00
Nuno Lopes
8a77e55566 clean some dead code (with static analysis help) 2008-09-23 15:18:26 +00:00
Arnaud Le Blanc
ef38ff62a5 MFH: More accurate max_file_size / upload_max_filesize (fixes #45124) 2008-09-07 14:17:47 +00:00
Arnaud Le Blanc
898ff10dc0 MFH: Fixed #43540 (rfc1867 handler newlength problem) 2008-09-06 17:18:40 +00:00
Antony Dovgal
8f6b35ccd3 MFH: check if return value of write() is -1 and abort upload in this case setting the correct error status 2008-03-14 13:11:12 +00:00
Sebastian Bergmann
d1dded8751 MFH: Bump copyright year, 2 of 2. 2007-12-31 07:17:19 +00:00
Ilia Alshanetsky
20aa854940 Allow file uploads to bypass open_basedir checks (fixes regression) 2007-07-17 23:46:40 +00:00
Marcus Boerger
24fa61e202 - Drop superflous efree 2007-02-24 14:53:50 +00:00
Marcus Boerger
50ea26760d - Avoid sprintf, even when checked copy'n'paste or changes lead to errors 2007-02-24 02:17:47 +00:00
Sebastian Bergmann
4223aa4d5e MFH: Bump year. 2007-01-01 09:36:18 +00:00
Stefan Esser
abfc08dc82 If one name is disallowed don't drop all files 2006-09-29 10:05:34 +00:00
Stefan Esser
1e8fc23095 Delete empty temporary files if file upload hook forbids the upload 2006-09-19 11:34:19 +00:00
Rasmus Lerdorf
935b0c88e9 Minor tweak to the file upload hooks. The MULTIPART_EVENT_FORMDATA event 
was only triggering when an input filter was applied.  This simple change
makes the event also trigger when no filter is applied.  The newlength
pointer is set to NULL to let a downstream module differentiate between
the two cases.
 2006-09-09 22:06:27 +00:00
Ilia Alshanetsky
cfda15ffc1 Binary safe multipart request handling 2006-07-27 17:04:15 +00:00
Stefan Esser
cfac29e20e Added RFC1867 fileupload processing hook. 2006-07-22 16:38:29 +00:00
foobar
5bd93221a8 bump year and license version 2006-01-01 12:51:34 +00:00
foobar
23e671a51e - Bumber up year 2005-08-03 14:08:58 +00:00
Ilia Alshanetsky
85e237888c Fixed bug #33673 (Added detection for partially uploaded files). 2005-07-13 20:44:08 +00:00
Uwe Schindler
4558cdade6 Bug #32491 (File upload error - unable to create a temporary file) - Changing file upload from stdio to posix 2005-04-04 14:59:40 +00:00
Ilia Alshanetsky
7ee1fdb657 Prune uploaded file names to \ on all OSes, read comments for explanation. 2005-02-15 00:25:38 +00:00
Ilia Alshanetsky
d179e6aa40 Final version of filename upload handling. 2005-02-01 02:33:07 +00:00
Ilia Alshanetsky
71695f8159 Use multibyte specific code for handling files and generic basename based 
code in all other instances.
 2005-01-24 22:35:23 +00:00
Moriyoshi Koizumi
76d91f2a3d - Revert irrelevant part. 2005-01-24 16:47:18 +00:00
Ilia Alshanetsky
844cc09cd1 Fixed bug #31398 (When magic_guotes_gpc are enabled filenames with ' 
get cutoff).
 2005-01-20 17:44:58 +00:00
Stefan Esser
224201e635 Fixed: strip quotes from filename 2004-11-20 18:49:36 +00:00
Ilia Alshanetsky
f41c40f63e Fixed bug #30750 (Meaningful error message when upload directory is not 
accessible).
 2004-11-11 00:38:04 +00:00
Stefan Esser
0f860d8f34 only allow valid arrays at this point 2004-09-13 16:00:23 +00:00
Stefan Esser
e7d698c7d8 New Rule: Never try to repair potential malicious user input 2004-09-12 10:45:14 +00:00
Sara Golemon
883e096ce6 Minor format specifier fixes 2004-08-11 04:27:01 +00:00
Ilia Alshanetsky
86efab2cc4 Fixed bug #29369 (Uploaded files with ' or " in their names get their names 
truncated at those characters).
 2004-07-25 19:19:26 +00:00
Andi Gutmans
e5cfb1d05c - Better stability during premature shutdown of request startup 2004-07-10 07:46:17 +00:00
Stefan Esser
bed3f4ce0b This is more correct. 2004-05-23 10:00:59 +00:00
Derick Rethans
cb1e4ab6c8 - Fixed TSRM problem in latest commit. 2004-05-21 08:16:13 +00:00
Derick Rethans
bc7ad69fbc - Fixed bug #28456 (Problem with enclosed / in uploaded file names) 2004-05-21 08:11:43 +00:00
Derick Rethans
500f634db9 - Fixed defines 2004-05-11 15:30:54 +00:00
Derick Rethans
fe576c7acb - Stopped file uploads from throwing E_WARNINGs and E_NOTICEs which can not be 
hidden from within scripts (and a result value in the $_FILES global can be
  used to see the real failure anyway).
 2004-03-25 21:27:23 +00:00
Derick Rethans
9ff10d086a - Revert bogus commit 2004-03-24 14:28:41 +00:00
Derick Rethans
2face60bef - Fixed NEWS 
#- Can we *please* keep this in order?
 2004-03-24 13:31:20 +00:00
Stefan Esser
debf069a58 better write into the correct buffer 2004-02-12 18:27:33 +00:00
Andi Gutmans
dbeb4158d2 - A belated happy holidays and PHP 5 2004-01-08 08:18:22 +00:00
Derick Rethans
8eb22d7b8d - Add comment, I put this ina week ago and it already confused me :) 2003-12-07 14:47:35 +00:00
Derick Rethans
750b0338bf - Fix sapi_input_filter patch. Returning 1 from the filter handler should 
make PHP register the variable, returning 0 shouldn't. The new length of
  the variables being filtered is now returned in the new_val_len argument
  of the function.
 2003-11-29 15:24:35 +00:00
Derick Rethans
370dfd39a9 - Prevent registration of the variable when a zero-length is returned 
from the sapi_input_filter.
 2003-11-26 09:53:22 +00:00
Stefan Esser
befbd6d793 Fix odd increments to repair the boundary checks. 2003-11-12 22:34:58 +00:00
Rui Hirokawa
744212ab45 added buffer reallocation for filename. 2003-11-05 23:27:41 +00:00
Stefan Esser
b763dd42c3 Fixed possible crashbug. 2003-11-03 11:46:33 +00:00
Stefan Esser
f670f9c683 It is usually a good idea to write only into allocated bufferspace. 2003-11-03 09:16:24 +00:00