Andi Gutmans
dbeb4158d2
- A belated happy holidays and PHP 5
2004-01-08 08:18:22 +00:00
James Cox
f68c7ff249
updating license information in the headers.
2003-06-10 20:04:29 +00:00
Wez Furlong
cfd0466389
Fix for Bug #21310 , based on a patch by jflemer@php.net.
2003-03-17 13:40:45 +00:00
foobar
8e3f23e3c0
ws fixes + missing $Id$ tags, headers added
2003-02-19 08:40:19 +00:00
Ilia Alshanetsky
9b560970f8
Fixed compiler warnings.
2003-01-09 22:33:43 +00:00
Sara Golemon
4d789b593f
Bug #21531 file_exists() and other filestat functions throw errors when in safe mode and file/directory does not exist.
...
Extended php_checkuid function to add "flags" field via rename to php_checkuid_ex with alias for BC in functions that do want safe mode errors thrown.
2003-01-09 21:57:45 +00:00
Sebastian Bergmann
2c5d4b8c23
Bump year.
2002-12-31 15:59:15 +00:00
Ilia Alshanetsky
78e2e69b23
Instead of checking whether realpath exists based on OS. Use the
...
HAVE_REALPATH define, which is set if realpath() is avaliable. This patch
also resolves bug #18868 .
2002-11-06 18:07:23 +00:00
David Reid
cf2e12a01e
Add some more BeOS support.
2002-10-02 23:48:58 +00:00
Marcus Boerger
a1f7bb12f1
use php_error_docref()
2002-08-25 18:45:02 +00:00
Wez Furlong
c2cbae6dd3
Enhance Ilia's recent patch to query the wrapper subsystem to determine
...
if a filename is a URL and thus if safe-mode checks should be skipped.
2002-08-16 09:50:24 +00:00
Ilia Alshanetsky
a643ae656a
Make https:// be exempt from safe_mode checks, just like http:// & ftp:// are.
2002-08-16 03:52:37 +00:00
Yasuo Ohgaki
f4f8726b9e
Accoding to safe_mode.h, php_checkuid() has six modes.
2002-07-17 05:15:17 +00:00
foobar
6f10116237
Fix bug: #18285 , php_checkuid() mangled the passed path.
2002-07-13 00:52:18 +00:00
Stefan Esser
0d3a45299d
SAFE_MODE restriction error message fixed if the file doesn't exist
2002-03-17 21:00:44 +00:00
Stefan Esser
cf4a292c5d
fixed a typo within checkuid
2002-03-14 16:48:18 +00:00
James E. Flemer
6a6b5a6108
(php_checkuid) Added case for root directory when mode is
...
not CHECKUID_ALLOW_ONLY_DIR.
2002-03-03 21:12:49 +00:00
James E. Flemer
ecac9a7e9e
(php_checkuid) Added case for root directory when mode is
...
CHECKUID_ALLOW_ONLY_DIR.
2002-03-03 20:49:04 +00:00
Sebastian Bergmann
90613d2282
Maintain headers.
2002-02-28 08:29:35 +00:00
Sebastian Bergmann
38933514e1
Update headers.
2001-12-11 15:32:16 +00:00
Derick Rethans
78747bd2df
- Don't wrap lines... this is annoying while coding.
2001-09-09 13:29:31 +00:00
Zeev Suraski
1159c84ab7
- TSRMLS_FETCH work
...
- whitespace fixes
2001-08-05 01:43:02 +00:00
Zeev Suraski
bc42c37513
More TSRMLS_FETCH work. Got it under 400 now.
2001-07-31 06:28:05 +00:00
Zeev Suraski
d87cc976e1
Redesigned thread safety mechanism - nua nua
2001-07-28 11:36:37 +00:00
Rasmus Lerdorf
721c562e2a
Fix a couple of build warnings
2001-07-16 04:31:13 +00:00
James E. Flemer
771e3e498f
o Fixed Bug #12121 : chdir and safe_mode
...
- [ main/safe_mode.h ] added new checkuid mode:
CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
fails
- [ ext/standard/dir.c ] changed php_checkuid() to use
CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR
- [ main/safe_mode.c ] added code for new checkuid mode
o Fixed Bug #12119 : safe mode owner check can be bypassed with symlink
- [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination
of symlink before trimming filename
o New Feature: safe_mode_include_dir (php.ini directive)
- Allows bypassing UID/GID checks when including files
from the directory in safe_mode_include_dir and its
subdirectories. (safe_mode must be on, directory must
also be in include_path or full path must be used when
including)
o Fixed Feature: safe_mode_gid (php.ini directive)
- Correctly check (and report) UID/GID bits on directories
o Changed include() fall back to scripts cwd implementation
- CWD added to the (local) search path in php_fopen_with_path()
instead of seperate case. [ main/fopen_wrappers.c ]
2001-07-13 18:21:21 +00:00
Rasmus Lerdorf
89a73df39c
Fix Windows build (I think)
2001-07-09 18:57:19 +00:00
Rasmus Lerdorf
934e10c7dc
Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
...
a gid check instead of a uid check.
@ - Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
@ a gid check instead of a uid check. (James E. Flemer, Rasmus)
2001-07-09 17:36:04 +00:00
Rasmus Lerdorf
81e2cf03ac
Fix folding and clean up some extensions
2001-06-06 13:06:12 +00:00
Rasmus Lerdorf
25c3a3a39d
vim-6 does folding - clean up a bunch of missing folding tags plus
...
some misguided RINIT and RSHUTDOWN calls in a few fringe extensions
2001-06-05 13:12:10 +00:00
Andi Gutmans
4c823e8a89
- Change macros from V_ to VCWD_ because of AIX name clash
2001-04-30 12:45:02 +00:00
Andi Gutmans
eb6ba01d1c
- Fix copyright notices with 2001
2001-02-26 06:11:02 +00:00
Andi Gutmans
033190cbcf
- Fix warning
...
PR:
Submitted by:
Reviewed by:
Obtained from:
2001-02-12 15:47:38 +00:00
Thies C. Arntzen
0719e7e006
@- Allow access to uploaded files in safe_mode. Beware that you can only
...
@ read the file. If you copy it to new location the copy will not have the
@ right UID and you script won't be able to access that copy. (Thies)
2001-01-09 11:58:57 +00:00
Andi Gutmans
86a1cace27
- Make all places use MAXPATHLEN in the same way. It includes the
...
terminating NULL.
2000-12-16 20:52:43 +00:00
Andi Gutmans
6139a2c8ce
- Define the different possible modes for readibility and use in the rest
...
- of PHP
2000-11-01 18:05:27 +00:00
Andi Gutmans
8907e17bde
- In function declerations the opening { should be on a new line
2000-11-01 17:31:53 +00:00
Zeev Suraski
6614e8edb4
- I wrote a long msg but the commit didn't go through.
...
- So here is the short version:
- a) Start moving to binary opens in Windows
- b) Give checkuid_mode() a small face lift including the fopen-wrappers.c
- The mode to this function should at least be a #define but that is for
- another day. Anyway this whole stuff should be given more face lifts in
- the future.
2000-06-25 17:02:59 +00:00
Zeev Suraski
e043439ff6
Update the license with the new clause 6
2000-05-18 15:34:45 +00:00
Andi Gutmans
e40268d07c
- Add missing V_STAT()
2000-04-20 16:38:08 +00:00
Andi Gutmans
1665cba750
- Change PHP_ to V_ (directory & file functions)
2000-04-15 14:20:01 +00:00
Andi Gutmans
f9547241d5
- Fix another bug in session.c
...
- Start using the new PHP_GETCWD() and co. macros
2000-03-30 22:38:50 +00:00
Zeev Suraski
9b621d1c8f
Get the license right... (this won't make it to RC1 of B4)
2000-02-19 23:21:46 +00:00
Zeev Suraski
49e98c3ddd
request_info.c is dead! long live SAPI
...
@- Finished the server abstraction layer; All of the PHP code is now shared
@ across different servers (Apache, CGI, IIS, etc.), except for thin
@ interface modules (Zeev)
2000-02-10 20:13:08 +00:00
Zeev Suraski
41f6bca92f
More cleanup!
2000-02-10 18:19:04 +00:00
Zeev Suraski
7d926a0e0c
More cleanup...
2000-02-10 17:26:57 +00:00
Rasmus Lerdorf
e8b74e56c9
# Fix silly typo
2000-01-08 14:36:12 +00:00
Sascha Schumann
43ae2bffbb
Happy Y2K patch! Happy new year (or the new millennium, depending on whether
...
you start counting at 0 or 1).
2000-01-01 01:32:05 +00:00
Zeev Suraski
a3c6514332
More php3_ annihilation
1999-12-17 19:51:39 +00:00
Zeev Suraski
02d3b39420
More php3_ annihilation
1999-12-17 19:16:50 +00:00