version 1.1.1.1, 2012/02/21 23:48:05
|
version 1.1.1.2, 2012/05/29 12:34:35
|
Line 36
|
Line 36
|
|
|
#define DEBUG_FILE_UPLOAD ZEND_DEBUG |
#define DEBUG_FILE_UPLOAD ZEND_DEBUG |
|
|
PHPAPI int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; | static int dummy_encoding_translation(TSRMLS_D) |
| |
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) | |
#include "ext/mbstring/mbstring.h" | |
| |
static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC); | |
| |
#define SAFE_RETURN { \ | |
php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr TSRMLS_CC); \ | |
if (lbuf) efree(lbuf); \ | |
if (abuf) efree(abuf); \ | |
if (array_index) efree(array_index); \ | |
zend_hash_destroy(&PG(rfc1867_protected_variables)); \ | |
zend_llist_destroy(&header); \ | |
if (mbuff->boundary_next) efree(mbuff->boundary_next); \ | |
if (mbuff->boundary) efree(mbuff->boundary); \ | |
if (mbuff->buffer) efree(mbuff->buffer); \ | |
if (mbuff) efree(mbuff); \ | |
return; } | |
| |
void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr TSRMLS_DC) /* {{{ */ | |
{ |
{ |
int i; | return 0; |
if (php_mb_encoding_translation(TSRMLS_C)) { | |
if (num_vars > 0 && | |
php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) { | |
php_mb_gpc_encoding_converter(val_list, len_list, num_vars, NULL, NULL TSRMLS_CC); | |
} | |
for (i = 0; i<num_vars; i += 2) { | |
safe_php_register_variable(val_list[i], val_list[i+1], len_list[i+1], array_ptr, 0 TSRMLS_CC); | |
efree(val_list[i]); | |
efree(val_list[i+1]); | |
} | |
efree(val_list); | |
efree(len_list); | |
} | |
} |
} |
/* }}} */ |
|
|
|
void php_mb_gpc_realloc_buffer(char ***pval_list, int **plen_list, int *num_vars_max, int inc TSRMLS_DC) /* {{{ */ | static char *php_ap_getword(const zend_encoding *encoding, char **line, char stop TSRMLS_DC); |
{ | static char *php_ap_getword_conf(const zend_encoding *encoding, char *str TSRMLS_DC); |
/* allow only even increments */ | |
if (inc & 1) { | |
inc++; | |
} | |
(*num_vars_max) += inc; | |
*pval_list = (char **)erealloc(*pval_list, (*num_vars_max+2)*sizeof(char *)); | |
*plen_list = (int *)erealloc(*plen_list, (*num_vars_max+2)*sizeof(int)); | |
} | |
/* }}} */ | |
|
|
void php_mb_gpc_stack_variable(char *param, char *value, char ***pval_list, int **plen_list, int *num_vars, int *num_vars_max TSRMLS_DC) /* {{{ */ | static php_rfc1867_encoding_translation_t php_rfc1867_encoding_translation = dummy_encoding_translation; |
{ | static php_rfc1867_get_detect_order_t php_rfc1867_get_detect_order = NULL; |
char **val_list = *pval_list; | static php_rfc1867_set_input_encoding_t php_rfc1867_set_input_encoding = NULL; |
int *len_list = *plen_list; | static php_rfc1867_getword_t php_rfc1867_getword = php_ap_getword; |
| static php_rfc1867_getword_conf_t php_rfc1867_getword_conf = php_ap_getword_conf; |
| static php_rfc1867_basename_t php_rfc1867_basename = NULL; |
|
|
if (*num_vars >= *num_vars_max) { | PHPAPI int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; |
php_mb_gpc_realloc_buffer(pval_list, plen_list, num_vars_max, 16 TSRMLS_CC); | |
/* in case realloc relocated the buffer */ | |
val_list = *pval_list; | |
len_list = *plen_list; | |
} | |
|
|
val_list[*num_vars] = (char *)estrdup(param); | static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC); |
len_list[*num_vars] = strlen(param); | |
(*num_vars)++; | |
val_list[*num_vars] = (char *)estrdup(value); | |
len_list[*num_vars] = strlen(value); | |
(*num_vars)++; | |
} | |
/* }}} */ | |
|
|
#else |
|
|
|
#define SAFE_RETURN { \ |
|
if (lbuf) efree(lbuf); \ |
|
if (abuf) efree(abuf); \ |
|
if (array_index) efree(array_index); \ |
|
zend_hash_destroy(&PG(rfc1867_protected_variables)); \ |
|
zend_llist_destroy(&header); \ |
|
if (mbuff->boundary_next) efree(mbuff->boundary_next); \ |
|
if (mbuff->boundary) efree(mbuff->boundary); \ |
|
if (mbuff->buffer) efree(mbuff->buffer); \ |
|
if (mbuff) efree(mbuff); \ |
|
return; } |
|
#endif |
|
|
|
/* The longest property name we use in an uploaded file array */ |
/* The longest property name we use in an uploaded file array */ |
#define MAX_SIZE_OF_INDEX sizeof("[tmp_name]") |
#define MAX_SIZE_OF_INDEX sizeof("[tmp_name]") |
|
|
Line 139 void php_mb_gpc_stack_variable(char *param, char *valu
|
Line 71 void php_mb_gpc_stack_variable(char *param, char *valu
|
#define UPLOAD_ERROR_F 7 /* Failed to write file to disk */ |
#define UPLOAD_ERROR_F 7 /* Failed to write file to disk */ |
#define UPLOAD_ERROR_X 8 /* File upload stopped by extension */ |
#define UPLOAD_ERROR_X 8 /* File upload stopped by extension */ |
|
|
void php_rfc1867_register_constants(TSRMLS_D) /* {{{ */ | void php_rfc1867_register_constants(TSRMLS_D) /* {{{ */ |
{ |
{ |
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_OK", UPLOAD_ERROR_OK, CONST_CS | CONST_PERSISTENT); |
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_OK", UPLOAD_ERROR_OK, CONST_CS | CONST_PERSISTENT); |
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_INI_SIZE", UPLOAD_ERROR_A, CONST_CS | CONST_PERSISTENT); |
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_INI_SIZE", UPLOAD_ERROR_A, CONST_CS | CONST_PERSISTENT); |
Line 208 static void normalize_protected_variable(char *varname
|
Line 140 static void normalize_protected_variable(char *varname
|
} |
} |
*s = '\0'; |
*s = '\0'; |
} |
} |
/* }}} */ | /* }}} */ |
|
|
static void add_protected_variable(char *varname TSRMLS_DC) /* {{{ */ | static void add_protected_variable(char *varname TSRMLS_DC) /* {{{ */ |
{ |
{ |
int dummy = 1; |
int dummy = 1; |
|
|
normalize_protected_variable(varname TSRMLS_CC); |
normalize_protected_variable(varname TSRMLS_CC); |
zend_hash_add(&PG(rfc1867_protected_variables), varname, strlen(varname)+1, &dummy, sizeof(int), NULL); |
zend_hash_add(&PG(rfc1867_protected_variables), varname, strlen(varname)+1, &dummy, sizeof(int), NULL); |
} |
} |
/* }}} */ | /* }}} */ |
|
|
static zend_bool is_protected_variable(char *varname TSRMLS_DC) /* {{{ */ |
static zend_bool is_protected_variable(char *varname TSRMLS_DC) /* {{{ */ |
{ |
{ |
Line 226 static zend_bool is_protected_variable(char *varname T
|
Line 158 static zend_bool is_protected_variable(char *varname T
|
} |
} |
/* }}} */ |
/* }}} */ |
|
|
static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */ | static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */ |
{ |
{ |
if (override_protection || !is_protected_variable(var TSRMLS_CC)) { |
if (override_protection || !is_protected_variable(var TSRMLS_CC)) { |
php_register_variable_safe(var, strval, val_len, track_vars_array TSRMLS_CC); |
php_register_variable_safe(var, strval, val_len, track_vars_array TSRMLS_CC); |
} |
} |
} |
} |
/* }}} */ | /* }}} */ |
|
|
static void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */ | static void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */ |
{ |
{ |
if (override_protection || !is_protected_variable(var TSRMLS_CC)) { |
if (override_protection || !is_protected_variable(var TSRMLS_CC)) { |
php_register_variable_ex(var, val, track_vars_array TSRMLS_CC); |
php_register_variable_ex(var, val, track_vars_array TSRMLS_CC); |
} |
} |
} |
} |
/* }}} */ | /* }}} */ |
|
|
static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ | static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ |
{ |
{ |
int register_globals = PG(register_globals); |
|
|
|
PG(register_globals) = 0; |
|
safe_php_register_variable(strvar, val, strlen(val), http_post_files, override_protection TSRMLS_CC); |
safe_php_register_variable(strvar, val, strlen(val), http_post_files, override_protection TSRMLS_CC); |
PG(register_globals) = register_globals; |
|
} |
} |
/* }}} */ | /* }}} */ |
|
|
static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ |
static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ |
{ |
{ |
int register_globals = PG(register_globals); |
|
|
|
PG(register_globals) = 0; |
|
safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC); |
safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC); |
PG(register_globals) = register_globals; |
|
} |
} |
/* }}} */ | /* }}} */ |
|
|
static int unlink_filename(char **filename TSRMLS_DC) /* {{{ */ |
static int unlink_filename(char **filename TSRMLS_DC) /* {{{ */ |
{ |
{ |
Line 277 void destroy_uploaded_files_hash(TSRMLS_D) /* {{{ */
|
Line 201 void destroy_uploaded_files_hash(TSRMLS_D) /* {{{ */
|
} |
} |
/* }}} */ |
/* }}} */ |
|
|
/* {{{ Following code is based on apache_multipart_buffer.c from libapreq-0.33 package. */ | /* {{{ Following code is based on apache_multipart_buffer.c from libapreq-0.33 package. */ |
|
|
#define FILLUNIT (1024 * 5) |
#define FILLUNIT (1024 * 5) |
|
|
Line 294 typedef struct {
|
Line 218 typedef struct {
|
char *boundary_next; |
char *boundary_next; |
int boundary_next_len; |
int boundary_next_len; |
|
|
|
const zend_encoding *input_encoding; |
|
const zend_encoding **detect_order; |
|
size_t detect_order_size; |
} multipart_buffer; |
} multipart_buffer; |
|
|
typedef struct { |
typedef struct { |
Line 351 static int multipart_buffer_eof(multipart_buffer *self
|
Line 278 static int multipart_buffer_eof(multipart_buffer *self
|
} |
} |
|
|
/* create new multipart_buffer structure */ |
/* create new multipart_buffer structure */ |
static multipart_buffer *multipart_buffer_new(char *boundary, int boundary_len) | static multipart_buffer *multipart_buffer_new(char *boundary, int boundary_len TSRMLS_DC) |
{ |
{ |
multipart_buffer *self = (multipart_buffer *) ecalloc(1, sizeof(multipart_buffer)); |
multipart_buffer *self = (multipart_buffer *) ecalloc(1, sizeof(multipart_buffer)); |
|
|
Line 368 static multipart_buffer *multipart_buffer_new(char *bo
|
Line 295 static multipart_buffer *multipart_buffer_new(char *bo
|
self->buf_begin = self->buffer; |
self->buf_begin = self->buffer; |
self->bytes_in_buffer = 0; |
self->bytes_in_buffer = 0; |
|
|
|
if (php_rfc1867_encoding_translation(TSRMLS_C)) { |
|
php_rfc1867_get_detect_order(&self->detect_order, &self->detect_order_size TSRMLS_CC); |
|
} else { |
|
self->detect_order = NULL; |
|
self->detect_order_size = 0; |
|
} |
|
|
|
self->input_encoding = NULL; |
|
|
return self; |
return self; |
} |
} |
|
|
Line 478 static int multipart_buffer_headers(multipart_buffer *
|
Line 414 static int multipart_buffer_headers(multipart_buffer *
|
char *key = line; |
char *key = line; |
char *value = NULL; |
char *value = NULL; |
|
|
|
if (php_rfc1867_encoding_translation(TSRMLS_C)) { |
|
self->input_encoding = zend_multibyte_encoding_detector(line, strlen(line), self->detect_order, self->detect_order_size TSRMLS_CC); |
|
} |
|
|
/* space in the beginning means same header */ |
/* space in the beginning means same header */ |
if (!isspace(line[0])) { |
if (!isspace(line[0])) { |
value = strchr(line, ':'); |
value = strchr(line, ':'); |
Line 533 static char *php_mime_get_hdr_value(zend_llist header,
|
Line 473 static char *php_mime_get_hdr_value(zend_llist header,
|
return NULL; |
return NULL; |
} |
} |
|
|
static char *php_ap_getword(char **line, char stop) | static char *php_ap_getword(const zend_encoding *encoding, char **line, char stop TSRMLS_DC) |
{ |
{ |
char *pos = *line, quote; |
char *pos = *line, quote; |
char *res; |
char *res; |
Line 569 static char *php_ap_getword(char **line, char stop)
|
Line 509 static char *php_ap_getword(char **line, char stop)
|
return res; |
return res; |
} |
} |
|
|
static char *substring_conf(char *start, int len, char quote TSRMLS_DC) | static char *substring_conf(char *start, int len, char quote) |
{ |
{ |
char *result = emalloc(len + 2); | char *result = emalloc(len + 1); |
char *resp = result; |
char *resp = result; |
int i; |
int i; |
|
|
for (i = 0; i < len; ++i) { | for (i = 0; i < len && start[i] != quote; ++i) { |
if (start[i] == '\\' && (start[i + 1] == '\\' || (quote && start[i + 1] == quote))) { |
if (start[i] == '\\' && (start[i + 1] == '\\' || (quote && start[i + 1] == quote))) { |
*resp++ = start[++i]; |
*resp++ = start[++i]; |
} else { |
} else { |
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) |
|
if (php_mb_encoding_translation(TSRMLS_C)) { |
|
size_t j = php_mb_gpc_mbchar_bytes(start+i TSRMLS_CC); |
|
while (j-- > 0 && i < len) { |
|
*resp++ = start[i++]; |
|
} |
|
--i; |
|
} else { |
|
*resp++ = start[i]; |
|
} |
|
#else |
|
*resp++ = start[i]; |
*resp++ = start[i]; |
#endif |
|
} |
} |
} |
} |
|
|
Line 599 static char *substring_conf(char *start, int len, char
|
Line 527 static char *substring_conf(char *start, int len, char
|
return result; |
return result; |
} |
} |
|
|
static char *php_ap_getword_conf(char **line TSRMLS_DC) | static char *php_ap_getword_conf(const zend_encoding *encoding, char *str TSRMLS_DC) |
{ |
{ |
char *str = *line, *strend, *res, quote; |
|
|
|
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) |
|
if (php_mb_encoding_translation(TSRMLS_C)) { |
|
int len=strlen(str); |
|
php_mb_gpc_encoding_detector(&str, &len, 1, NULL TSRMLS_CC); |
|
} |
|
#endif |
|
|
|
while (*str && isspace(*str)) { |
while (*str && isspace(*str)) { |
++str; |
++str; |
} |
} |
|
|
if (!*str) { |
if (!*str) { |
*line = str; |
|
return estrdup(""); |
return estrdup(""); |
} |
} |
|
|
if ((quote = *str) == '"' || quote == '\'') { | if (*str == '"' || *str == '\'') { |
strend = str + 1; | char quote = *str; |
look_for_quote: | |
while (*strend && *strend != quote) { | |
if (*strend == '\\' && strend[1] && strend[1] == quote) { | |
strend += 2; | |
} else { | |
++strend; | |
} | |
} | |
if (*strend && *strend == quote) { | |
char p = *(strend + 1); | |
if (p != '\r' && p != '\n' && p != '\0') { | |
strend++; | |
goto look_for_quote; | |
} | |
} | |
|
|
res = substring_conf(str + 1, strend - str - 1, quote TSRMLS_CC); | str++; |
| return substring_conf(str, strlen(str), quote); |
if (*strend == quote) { | |
++strend; | |
} | |
| |
} else { |
} else { |
|
char *strend = str; |
|
|
strend = str; |
|
while (*strend && !isspace(*strend)) { |
while (*strend && !isspace(*strend)) { |
++strend; |
++strend; |
} |
} |
res = substring_conf(str, strend - str, 0 TSRMLS_CC); | return substring_conf(str, strend - str, 0); |
} |
} |
|
} |
|
|
while (*strend && isspace(*strend)) { | static char *php_ap_basename(const zend_encoding *encoding, char *path TSRMLS_DC) |
++strend; | { |
} | char *s = strrchr(path, '\\'); |
| char *s2 = strrchr(path, '/'); |
|
|
*line = strend; | if (s && s2) { |
return res; | if (s > s2) { |
| ++s; |
| } else { |
| s = ++s2; |
| } |
| return s; |
| } else if (s) { |
| return ++s; |
| } else if (s2) { |
| return ++s2; |
| } |
| return path; |
} |
} |
|
|
/* |
/* |
Line 760 static char *multipart_buffer_read_body(multipart_buff
|
Line 672 static char *multipart_buffer_read_body(multipart_buff
|
* |
* |
*/ |
*/ |
|
|
SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ | SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ |
{ |
{ |
char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL; |
char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL; |
char *temp_filename = NULL, *lbuf = NULL, *abuf = NULL; |
char *temp_filename = NULL, *lbuf = NULL, *abuf = NULL; |
Line 768 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 680 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
int max_file_size = 0, skip_upload = 0, anonindex = 0, is_anonymous; |
int max_file_size = 0, skip_upload = 0, anonindex = 0, is_anonymous; |
zval *http_post_files = NULL; |
zval *http_post_files = NULL; |
HashTable *uploaded_files = NULL; |
HashTable *uploaded_files = NULL; |
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) |
|
int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL; |
|
char **val_list = NULL; |
|
#endif |
|
multipart_buffer *mbuff; |
multipart_buffer *mbuff; |
zval *array_ptr = (zval *) arg; |
zval *array_ptr = (zval *) arg; |
int fd = -1; |
int fd = -1; |
zend_llist header; |
zend_llist header; |
void *event_extra_data = NULL; |
void *event_extra_data = NULL; |
int llen = 0; | unsigned int llen = 0; |
int upload_cnt = INI_INT("max_file_uploads"); |
int upload_cnt = INI_INT("max_file_uploads"); |
|
const zend_encoding *internal_encoding = zend_multibyte_get_internal_encoding(TSRMLS_C); |
|
php_rfc1867_getword_t getword; |
|
php_rfc1867_getword_conf_t getword_conf; |
|
php_rfc1867_basename_t _basename; |
|
long count = 0; |
|
|
|
if (php_rfc1867_encoding_translation(TSRMLS_C) && internal_encoding) { |
|
getword = php_rfc1867_getword; |
|
getword_conf = php_rfc1867_getword_conf; |
|
_basename = php_rfc1867_basename; |
|
} else { |
|
getword = php_ap_getword; |
|
getword_conf = php_ap_getword_conf; |
|
_basename = php_ap_basename; |
|
} |
|
|
if (SG(post_max_size) > 0 && SG(request_info).content_length > SG(post_max_size)) { |
if (SG(post_max_size) > 0 && SG(request_info).content_length > SG(post_max_size)) { |
sapi_module.sapi_error(E_WARNING, "POST Content-Length of %ld bytes exceeds the limit of %ld bytes", SG(request_info).content_length, SG(post_max_size)); |
sapi_module.sapi_error(E_WARNING, "POST Content-Length of %ld bytes exceeds the limit of %ld bytes", SG(request_info).content_length, SG(post_max_size)); |
return; |
return; |
Line 824 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 747 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
} |
} |
|
|
/* Initialize the buffer */ |
/* Initialize the buffer */ |
if (!(mbuff = multipart_buffer_new(boundary, boundary_len))) { | if (!(mbuff = multipart_buffer_new(boundary, boundary_len TSRMLS_CC))) { |
sapi_module.sapi_error(E_WARNING, "Unable to initialize the input buffer"); |
sapi_module.sapi_error(E_WARNING, "Unable to initialize the input buffer"); |
return; |
return; |
} |
} |
Line 841 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 764 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
INIT_PZVAL(http_post_files); |
INIT_PZVAL(http_post_files); |
PG(http_globals)[TRACK_VARS_FILES] = http_post_files; |
PG(http_globals)[TRACK_VARS_FILES] = http_post_files; |
|
|
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) |
|
if (php_mb_encoding_translation(TSRMLS_C)) { |
|
val_list = (char **)ecalloc(num_vars_max+2, sizeof(char *)); |
|
len_list = (int *)ecalloc(num_vars_max+2, sizeof(int)); |
|
} |
|
#endif |
|
zend_llist_init(&header, sizeof(mime_header_entry), (llist_dtor_func_t) php_free_hdr_entry, 0); |
zend_llist_init(&header, sizeof(mime_header_entry), (llist_dtor_func_t) php_free_hdr_entry, 0); |
|
|
if (php_rfc1867_callback != NULL) { |
if (php_rfc1867_callback != NULL) { |
Line 879 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 796 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
++cd; |
++cd; |
} |
} |
|
|
while (*cd && (pair = php_ap_getword(&cd, ';'))) | while (*cd && (pair = getword(mbuff->input_encoding, &cd, ';' TSRMLS_CC))) |
{ |
{ |
char *key = NULL, *word = pair; |
char *key = NULL, *word = pair; |
|
|
Line 888 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 805 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
} |
} |
|
|
if (strchr(pair, '=')) { |
if (strchr(pair, '=')) { |
key = php_ap_getword(&pair, '='); | key = getword(mbuff->input_encoding, &pair, '=' TSRMLS_CC); |
|
|
if (!strcasecmp(key, "name")) { |
if (!strcasecmp(key, "name")) { |
if (param) { |
if (param) { |
efree(param); |
efree(param); |
} |
} |
param = php_ap_getword_conf(&pair TSRMLS_CC); | param = getword_conf(mbuff->input_encoding, pair TSRMLS_CC); |
| if (mbuff->input_encoding && internal_encoding) { |
| unsigned char *new_param; |
| size_t new_param_len; |
| if ((size_t)-1 != zend_multibyte_encoding_converter(&new_param, &new_param_len, (unsigned char *)param, strlen(param), internal_encoding, mbuff->input_encoding TSRMLS_CC)) { |
| efree(param); |
| param = (char *)new_param; |
| } |
| } |
} else if (!strcasecmp(key, "filename")) { |
} else if (!strcasecmp(key, "filename")) { |
if (filename) { |
if (filename) { |
efree(filename); |
efree(filename); |
} |
} |
filename = php_ap_getword_conf(&pair TSRMLS_CC); | filename = getword_conf(mbuff->input_encoding, pair TSRMLS_CC); |
| if (mbuff->input_encoding && internal_encoding) { |
| unsigned char *new_filename; |
| size_t new_filename_len; |
| if ((size_t)-1 != zend_multibyte_encoding_converter(&new_filename, &new_filename_len, (unsigned char *)filename, strlen(filename), internal_encoding, mbuff->input_encoding TSRMLS_CC)) { |
| efree(filename); |
| filename = (char *)new_filename; |
| } |
| } |
} |
} |
} |
} |
if (key) { |
if (key) { |
Line 916 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 849 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
|
|
if (!value) { |
if (!value) { |
value = estrdup(""); |
value = estrdup(""); |
|
value_len = 0; |
} |
} |
|
|
if (sapi_module.input_filter(PARSE_POST, param, &value, value_len, &new_val_len TSRMLS_CC)) { | if (mbuff->input_encoding && internal_encoding) { |
| unsigned char *new_value; |
| size_t new_value_len; |
| if ((size_t)-1 != zend_multibyte_encoding_converter(&new_value, &new_value_len, (unsigned char *)value, value_len, internal_encoding, mbuff->input_encoding TSRMLS_CC)) { |
| efree(value); |
| value = (char *)new_value; |
| value_len = new_value_len; |
| } |
| } |
| |
| if (++count <= PG(max_input_vars) && sapi_module.input_filter(PARSE_POST, param, &value, value_len, &new_val_len TSRMLS_CC)) { |
if (php_rfc1867_callback != NULL) { |
if (php_rfc1867_callback != NULL) { |
multipart_event_formdata event_formdata; |
multipart_event_formdata event_formdata; |
size_t newlength = new_val_len; |
size_t newlength = new_val_len; |
Line 935 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 879 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
} |
} |
new_val_len = newlength; |
new_val_len = newlength; |
} |
} |
|
|
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) |
|
if (php_mb_encoding_translation(TSRMLS_C)) { |
|
php_mb_gpc_stack_variable(param, value, &val_list, &len_list, &num_vars, &num_vars_max TSRMLS_CC); |
|
} else { |
|
safe_php_register_variable(param, value, new_val_len, array_ptr, 0 TSRMLS_CC); |
|
} |
|
#else |
|
safe_php_register_variable(param, value, new_val_len, array_ptr, 0 TSRMLS_CC); |
safe_php_register_variable(param, value, new_val_len, array_ptr, 0 TSRMLS_CC); |
#endif | } else { |
} else if (php_rfc1867_callback != NULL) { | if (count == PG(max_input_vars) + 1) { |
multipart_event_formdata event_formdata; | php_error_docref(NULL TSRMLS_CC, E_WARNING, "Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.", PG(max_input_vars)); |
| } |
| |
| if (php_rfc1867_callback != NULL) { |
| multipart_event_formdata event_formdata; |
|
|
event_formdata.post_bytes_processed = SG(read_post_bytes); | event_formdata.post_bytes_processed = SG(read_post_bytes); |
event_formdata.name = param; | event_formdata.name = param; |
event_formdata.value = &value; | event_formdata.value = &value; |
event_formdata.length = value_len; | event_formdata.length = value_len; |
event_formdata.newlength = NULL; | event_formdata.newlength = NULL; |
php_rfc1867_callback(MULTIPART_EVENT_FORMDATA, &event_formdata, &event_extra_data TSRMLS_CC); | php_rfc1867_callback(MULTIPART_EVENT_FORMDATA, &event_formdata, &event_extra_data TSRMLS_CC); |
| } |
} |
} |
|
|
if (!strcasecmp(param, "MAX_FILE_SIZE")) { |
if (!strcasecmp(param, "MAX_FILE_SIZE")) { |
Line 1008 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 949 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
} |
} |
tmp++; |
tmp++; |
} |
} |
|
/* Brackets should always be closed */ |
|
if(c != 0) { |
|
skip_upload = 1; |
|
} |
} |
} |
|
|
total_bytes = cancel_upload = 0; |
total_bytes = cancel_upload = 0; |
Line 1043 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 988 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
|
|
offset = 0; |
offset = 0; |
end = 0; |
end = 0; |
| |
if (!cancel_upload) { |
if (!cancel_upload) { |
/* only bother to open temp file if we have data */ |
/* only bother to open temp file if we have data */ |
blen = multipart_buffer_read(mbuff, buff, sizeof(buff), &end TSRMLS_CC); |
blen = multipart_buffer_read(mbuff, buff, sizeof(buff), &end TSRMLS_CC); |
Line 1078 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 1023 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
} |
} |
} |
} |
|
|
if (PG(upload_max_filesize) > 0 && (total_bytes+blen) > PG(upload_max_filesize)) { | if (PG(upload_max_filesize) > 0 && (long)(total_bytes+blen) > PG(upload_max_filesize)) { |
#if DEBUG_FILE_UPLOAD |
#if DEBUG_FILE_UPLOAD |
sapi_module.sapi_error(E_NOTICE, "upload_max_filesize of %ld bytes exceeded - file [%s=%s] not saved", PG(upload_max_filesize), param, filename); |
sapi_module.sapi_error(E_NOTICE, "upload_max_filesize of %ld bytes exceeded - file [%s=%s] not saved", PG(upload_max_filesize), param, filename); |
#endif |
#endif |
cancel_upload = UPLOAD_ERROR_A; |
cancel_upload = UPLOAD_ERROR_A; |
} else if (max_file_size && ((total_bytes+blen) > max_file_size)) { | } else if (max_file_size && ((long)(total_bytes+blen) > max_file_size)) { |
#if DEBUG_FILE_UPLOAD |
#if DEBUG_FILE_UPLOAD |
sapi_module.sapi_error(E_NOTICE, "MAX_FILE_SIZE of %ld bytes exceeded - file [%s=%s] not saved", max_file_size, param, filename); |
sapi_module.sapi_error(E_NOTICE, "MAX_FILE_SIZE of %ld bytes exceeded - file [%s=%s] not saved", max_file_size, param, filename); |
#endif |
#endif |
Line 1179 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
Line 1124 SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
|
snprintf(lbuf, llen, "%s_name", param); |
snprintf(lbuf, llen, "%s_name", param); |
} |
} |
|
|
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) |
|
if (php_mb_encoding_translation(TSRMLS_C)) { |
|
if (num_vars >= num_vars_max) { |
|
php_mb_gpc_realloc_buffer(&val_list, &len_list, &num_vars_max, 1 TSRMLS_CC); |
|
} |
|
val_list[num_vars] = filename; |
|
len_list[num_vars] = strlen(filename); |
|
num_vars++; |
|
if (php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) { |
|
str_len = strlen(filename); |
|
php_mb_gpc_encoding_converter(&filename, &str_len, 1, NULL, NULL TSRMLS_CC); |
|
} |
|
s = php_mb_strrchr(filename, '\\' TSRMLS_CC); |
|
if ((tmp = php_mb_strrchr(filename, '/' TSRMLS_CC)) > s) { |
|
s = tmp; |
|
} |
|
num_vars--; |
|
goto filedone; |
|
} |
|
#endif |
|
/* The \ check should technically be needed for win32 systems only where |
/* The \ check should technically be needed for win32 systems only where |
* it is a valid path separator. However, IE in all it's wisdom always sends |
* it is a valid path separator. However, IE in all it's wisdom always sends |
* the full path of the file on the user's filesystem, which means that unless |
* the full path of the file on the user's filesystem, which means that unless |
* the user does basename() they get a bogus file name. Until IE's user base drops |
* the user does basename() they get a bogus file name. Until IE's user base drops |
* to nill or problem is fixed this code must remain enabled for all systems. */ |
* to nill or problem is fixed this code must remain enabled for all systems. */ |
s = strrchr(filename, '\\'); | s = _basename(internal_encoding, filename TSRMLS_CC); |
if ((tmp = strrchr(filename, '/')) > s) { | if (!s) { |
s = tmp; | s = filename; |
} |
} |
#ifdef PHP_WIN32 |
|
if (PG(magic_quotes_gpc)) { |
|
if ((tmp = strrchr(s ? s : filename, '\'')) > s) { |
|
s = tmp; |
|
} |
|
if ((tmp = strrchr(s ? s : filename, '"')) > s) { |
|
s = tmp; |
|
} |
|
} |
|
#endif |
|
|
|
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) |
|
filedone: |
|
#endif |
|
|
|
if (!is_anonymous) { |
if (!is_anonymous) { |
if (s && s >= filename) { | safe_php_register_variable(lbuf, s, strlen(s), NULL, 0 TSRMLS_CC); |
safe_php_register_variable(lbuf, s+1, strlen(s+1), NULL, 0 TSRMLS_CC); | |
} else { | |
safe_php_register_variable(lbuf, filename, strlen(filename), NULL, 0 TSRMLS_CC); | |
} | |
} |
} |
|
|
/* Add $foo[name] */ |
/* Add $foo[name] */ |
Line 1237 filedone:
|
Line 1144 filedone:
|
} else { |
} else { |
snprintf(lbuf, llen, "%s[name]", param); |
snprintf(lbuf, llen, "%s[name]", param); |
} |
} |
if (s && s >= filename) { | register_http_post_files_variable(lbuf, s, http_post_files, 0 TSRMLS_CC); |
register_http_post_files_variable(lbuf, s+1, http_post_files, 0 TSRMLS_CC); | |
} else { | |
register_http_post_files_variable(lbuf, filename, http_post_files, 0 TSRMLS_CC); | |
} | |
efree(filename); |
efree(filename); |
s = NULL; |
s = NULL; |
|
|
Line 1281 filedone:
|
Line 1184 filedone:
|
s = ""; |
s = ""; |
|
|
{ |
{ |
/* store temp_filename as-is (without magic_quotes_gpc-ing it, in case upload_tmp_dir | /* store temp_filename as-is (in case upload_tmp_dir |
* contains escapeable characters. escape only the variable name.) */ |
* contains escapeable characters. escape only the variable name.) */ |
zval zfilename; |
zval zfilename; |
|
|
Line 1357 fileupload_done:
|
Line 1260 fileupload_done:
|
php_rfc1867_callback(MULTIPART_EVENT_END, &event_end, &event_extra_data TSRMLS_CC); |
php_rfc1867_callback(MULTIPART_EVENT_END, &event_end, &event_extra_data TSRMLS_CC); |
} |
} |
|
|
SAFE_RETURN; | if (lbuf) efree(lbuf); |
| if (abuf) efree(abuf); |
| if (array_index) efree(array_index); |
| zend_hash_destroy(&PG(rfc1867_protected_variables)); |
| zend_llist_destroy(&header); |
| if (mbuff->boundary_next) efree(mbuff->boundary_next); |
| if (mbuff->boundary) efree(mbuff->boundary); |
| if (mbuff->buffer) efree(mbuff->buffer); |
| if (mbuff) efree(mbuff); |
| } |
| /* }}} */ |
| |
| SAPI_API void php_rfc1867_set_multibyte_callbacks( |
| php_rfc1867_encoding_translation_t encoding_translation, |
| php_rfc1867_get_detect_order_t get_detect_order, |
| php_rfc1867_set_input_encoding_t set_input_encoding, |
| php_rfc1867_getword_t getword, |
| php_rfc1867_getword_conf_t getword_conf, |
| php_rfc1867_basename_t basename) /* {{{ */ |
| { |
| php_rfc1867_encoding_translation = encoding_translation; |
| php_rfc1867_get_detect_order = get_detect_order; |
| php_rfc1867_set_input_encoding = set_input_encoding; |
| php_rfc1867_getword = getword; |
| php_rfc1867_getword_conf = getword_conf; |
| php_rfc1867_basename = basename; |
} |
} |
/* }}} */ |
/* }}} */ |
|
|