--- embedaddon/php/README.input_filter 2012/02/21 23:47:51 1.1.1.1 +++ embedaddon/php/README.input_filter 2012/05/29 12:34:34 1.1.1.2 @@ -19,9 +19,7 @@ A simple implementation might look like the following. original raw user data and adds a my_get_raw() function while the normal $_POST, $_GET and $_COOKIE arrays are only populated with stripped data. In this simple example all I am doing is calling strip_tags() on -the data. If register_globals is turned on, the default globals that -are created will be stripped ($foo) while a $RAW_foo is created with the -original user input. +the data. ZEND_BEGIN_MODULE_GLOBALS(my_input_filter) zval *post_array; @@ -88,7 +86,7 @@ PHP_MINFO_FUNCTION(my_input_filter) { php_info_print_table_start(); php_info_print_table_row( 2, "My Input Filter Support", "enabled" ); - php_info_print_table_row( 2, "Revision", "$Revision: 1.1.1.1 $"); + php_info_print_table_row( 2, "Revision", "$Id: README.input_filter,v 1.1.1.2 2012/05/29 12:34:34 misho Exp $"); php_info_print_table_end(); } @@ -155,8 +153,6 @@ PHP_FUNCTION(my_get_raw) int var_len; zval **tmp; zval *array_ptr = NULL; - HashTable *hash_ptr; - char *raw_var; if(zend_parse_parameters(2 TSRMLS_CC, "ls", &arg, &var, &var_len) == FAILURE) { return; @@ -174,23 +170,15 @@ PHP_FUNCTION(my_get_raw) break; } - if(!array_ptr) RETURN_FALSE; + if(!array_ptr) { + RETURN_FALSE; + } - /* - * I'm changing the variable name here because when running with register_globals on, - * the variable will end up in the global symbol table - */ - raw_var = emalloc(var_len+5); /* RAW_ and a \0 */ - strcpy(raw_var, "RAW_"); - strlcat(raw_var,var,var_len+5); - hash_ptr = HASH_OF(array_ptr); - - if(zend_hash_find(hash_ptr, raw_var, var_len+5, (void **)&tmp) == SUCCESS) { + if(zend_hash_find(HASH_OF(array_ptr), var, var_len+5, (void **)&tmp) == SUCCESS) { *return_value = **tmp; zval_copy_ctor(return_value); } else { RETVAL_FALSE; } - efree(raw_var); }