clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-10-16 22:12:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
35,494 Commits 496 Branches 1,370 Tags 793 MiB
d2c343a3df
Commit Graph

217 Commits

Author SHA1 Message Date
Marcus Boerger
50ea26760d - Avoid sprintf, even when checked copy'n'paste or changes lead to errors 2007-02-24 02:17:47 +00:00
Sebastian Bergmann
4223aa4d5e MFH: Bump year. 2007-01-01 09:36:18 +00:00
Ilia Alshanetsky
96489b4178 Fixed bug #39984 (redirect response code in header() could be ignored in 
CGI sapi).
 2006-12-31 19:22:01 +00:00
Antony Dovgal
b019cd99c6 MFH 2006-12-21 21:49:22 +00:00
Antony Dovgal
908b1e562d MFH: fix possible invalid read (reproducible only on big-endian machines) 2006-12-18 13:16:54 +00:00
Zeev Suraski
9219d7aa57 Whitespace 2006-12-18 12:32:08 +00:00
Dmitry Stogov
7d14dad02e MFH: Fixed mess with CGI/CLI -d command line option (now it works with cgi; constants are working exactly like in php.ini; with FastCGI -d affects all requests). 2006-09-19 20:33:12 +00:00
Rasmus Lerdorf
4df7ab403c Add input_filter hook call in getenv() 2006-05-10 21:19:32 +00:00
foobar
5bd93221a8 bump year and license version 2006-01-01 12:51:34 +00:00
foobar
c5b9552891 MFH: typofix 2005-12-30 05:40:43 +00:00
Ilia Alshanetsky
f2415625d4 MFH: Prevent header injection by limiting each header to a single line. 2005-12-06 03:39:45 +00:00
foobar
261eabbdd4 MFH 2005-11-06 22:08:30 +00:00
Michael Wallner
496fd1c041 - sapi_header_op(SAPI_HEADER_(REPLACE|ADD), {NULL, 0, 0}) caused HTTP response splitting 
- sapi_send_headers() already takes care of default_content_type (left over of fix for bug #29983)
 2005-11-02 14:38:13 +00:00
Ilia Alshanetsky
435b820f68 Fixed minor memory leak triggered by: -dzlib.output_compression=1 -m 2005-11-01 22:59:18 +00:00
Ilia Alshanetsky
382bc9d0e4 MFH: Fixed bug #29983 (PHP does not explicitly set mime type & charset). 2005-10-19 20:33:33 +00:00
foobar
23e671a51e - Bumber up year 2005-08-03 14:08:58 +00:00
Ilia Alshanetsky
0131b2b032 Fixed double-free in the digest authentication handling. 
# Found and Reported by Stefan Esser
 2005-07-12 16:53:30 +00:00
Rui Hirokawa
8235a70ef9 added a server variable PHP_AUTH_DIGEST to support HTTP Digest Authentication. 2005-04-04 15:06:36 +00:00
Rasmus Lerdorf
3c0411c496 Fix for bug #32263 
This adds proto_num to request_info.  It is defaulted to HTTP 1.0 (1000)
such that it has a valid value even if the underlying sapi doesn't set it
correctly.  It is then used to determine if a 302 or a 303 should be sent
on a Location redirect.  Any non GET/HEAD HTTP 1.1 redirect will get a 303
instead of a 302 to be compatible with the HTTP spec.
 2005-03-14 19:25:39 +00:00
Andrey Hristov
9e939133d2 FR 32275 - fifth parameter to preg_replace() to count number of replaces 
made.
#it would be nice if someone of the doc team documents it. thanks!
 2005-03-12 12:03:50 +00:00
Moriyoshi Koizumi
5e33c04e95 - Fixed bug #32109 ($_POST is not populated in multithreaded environment). 2005-03-05 16:41:13 +00:00
Moriyoshi Koizumi
b19d28907e - Silly typo. 2005-02-22 05:07:37 +00:00
foobar
498cce1f80 Nuke unused variables when PCRE is not compiled in 2005-02-21 21:00:04 +00:00
foobar
42599f8191 Remove the useless TSRM_FETCH calls 2005-02-21 20:57:18 +00:00
Moriyoshi Koizumi
0d7845384f - Fix bug #28568 (known_post_content_types is not thread safe). 
# What is eventually necessiated is entire SAPI redesign, I think.
 2005-02-21 15:14:02 +00:00
Stefan Esser
c02b2d2d45 Fixed: Correctly Initialize fields 2004-11-28 13:32:29 +00:00
Andi Gutmans
216853c0db - Apply realpath() cache patch. We don't use it if we're in safe_mode and 
- friends (which are quite slow anyway).
- If it proves to be stable I'll remove the #ifdef's in a few weeks.
 2004-10-05 00:42:25 +00:00
Brian France
2f97097e0f If you send a post with a content-type header and then the next post without the content-type header, raw_post_data will not be set. This is because SG(request_info).post_entry is set to the first requests function pointer which makes it follow the wrong code path. 2004-08-19 20:26:39 +00:00
Rasmus Lerdorf
3166314d89 Reset global request_time in sapi_activate. Reset it in sapi_deactivate 
too, although I can't see why that would be necessary, but most of the
other sapi globals are reset there as well.
 2004-08-11 06:18:25 +00:00
Rasmus Lerdorf
cad60c3760 Add SAPI hook to get the request time if provided by the web server, 
otherwise call time(0) on the first call and store it so subsequent
calls will get the same time.  Hook support for Apache1/2 included.
 2004-08-10 17:40:00 +00:00
Ilia Alshanetsky
b8c9e83664 Fixed bug #28692 (\0 in Authenticate header passed via safe_mode). 2004-06-08 13:23:38 +00:00
Ilia Alshanetsky
ff5b2d27ae Fixed bug #28670 (WWW-Authentication header mangling with PCRE in safe_mode 
adds extra spaces).
 2004-06-07 13:51:50 +00:00
Stefan Esser
7dc95709c8 break is better 2004-05-25 22:12:40 +00:00
Marcus Boerger
bca4347064 Fixed bug #27687 (Bug Adding Default Charset to 'text/*' Content-Type Header 2004-03-25 08:42:00 +00:00
Ilia Alshanetsky
09517318b1 Fixed bug #27530 (broken http auth when safe_mode is on and PCRE is 
disabled).
 2004-03-09 02:24:02 +00:00
Andi Gutmans
dbeb4158d2 - A belated happy holidays and PHP 5 2004-01-08 08:18:22 +00:00
Derick Rethans
750b0338bf - Fix sapi_input_filter patch. Returning 1 from the filter handler should 
make PHP register the variable, returning 0 shouldn't. The new length of
  the variables being filtered is now returned in the new_val_len argument
  of the function.
 2003-11-29 15:24:35 +00:00
Stefan Esser
28b6c35d80 On error do not leave content_type_dup unitialised. 2003-11-22 21:10:47 +00:00
Ard Biesheuvel
6f37733367 Fixed for 64bit archs 2003-09-13 15:27:09 +00:00
Stefan Roehrich
2fc92e8fd8 Fix for bug #23488 zlib.output_compression overrides vary header. 
It was already fixed for ob_gzhandler (#24827).
 2003-09-10 08:47:37 +00:00
Sascha Schumann
af8e15b8db kill warnings 2003-08-28 17:07:40 +00:00
Marcus Boerger
c60d2a312e Bugfix #25044 2003-08-11 19:36:26 +00:00
James Cox
f68c7ff249 updating license information in the headers. 2003-06-10 20:04:29 +00:00
Edin Kadribasic
b7713f411e Fix for #23902 by Shane. 
Removed bogus recommendation from php.ini files.

# Basic authentication is actually possible
# usign IIS + PHP cgi countrary to our current docs
 2003-06-03 10:06:45 +00:00
Rasmus Lerdorf
d08a0e99c8 An input filter might not simply strip stuff, it might also turn things 
into entities or use some other mechanism which causes the filtered data
to be longer than the original data.  Ergo, pass in the address of the
buffer instead so the filter is free to reallocate it.
 2003-02-20 22:21:49 +00:00
Rasmus Lerdorf
7429c2dc3f Input Filter support. See README.input_filter for details. 
@- Input Filter support added. See  README.input_filter. (Rasmus)
 2003-02-19 19:41:09 +00:00
Stefan Esser
a0873a8f7d size matters not. 2003-02-11 21:44:02 +00:00
Stefan Esser
d2c550e991 8 + 20 + 1 + 1 = 30 
There was no Bufferoverflow on 64bit systems.

And the "fix" broke the header code on systems with old style snprintf.
 2003-02-11 21:41:32 +00:00
Moriyoshi Koizumi
6d95ea199d Fixed possible snprintf problem 
# besides snprintf returns int value, not uint / size_t...
 2003-02-10 20:18:08 +00:00
Moriyoshi Koizumi
9450b1e4b0 Fixed possible buffer overflow in 64bit systems 2003-02-10 20:11:10 +00:00