mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-11-25 19:05:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,949 Commits 500 Branches 1,381 Tags 801 MiB
78194a47b7
Commit Graph

881 Commits

Author SHA1 Message Date
Zeev Suraski
ec4a36ec12 complementary PHP patch 2000-09-27 19:46:47 +00:00
Daniel Beulshausen
8b23529beb let windows build with trans sid 2000-09-18 17:23:45 +00:00
Stanislav Malyshev
1fbc3945a2 Fix crash 2000-09-18 15:15:27 +00:00
Andi Gutmans
e740042363 - Fix doc_root problem. If you need to limit under which directories the 
scripts should reside use open_basedir.
 2000-09-17 05:52:26 +00:00
Andi Gutmans
0e874a094c - Use IS_ABSOLUTE_PATH() so that this will work correctly under Windows 2000-09-14 20:47:35 +00:00
Andi Gutmans
962c163cdf - Time to remove these two. 2000-09-14 20:43:13 +00:00
Andi Gutmans
f5cf7d7eb7 - Windows and UNIX compile fixes 2000-09-11 19:14:42 +00:00
Andi Gutmans
b510fcf96e - Get rid of stuff which is already done in php.h 
- More can probably be removed as the code doesn't use lots of sys calls.
 2000-09-11 19:11:03 +00:00
Andi Gutmans
824fc6a084 - Move php_open_temporary_file() out of file.c 2000-09-11 18:56:47 +00:00
Stanislav Malyshev
1ccac6ed55 Add additional parameter to parse_str for saving result (thanks to 
John Bafford <dshadow@zort.net>)
@ Added second parameter for parse_str to save result (John Bafford)
 2000-09-11 14:50:26 +00:00
Derick Rethans
eba1b6221d - Fixed missing parameter in php_atoi 2000-09-09 23:21:44 +00:00
Stig Venaas
d8a4a9b1dd Added IPv6 support to php_fopen_url_wrap_ftp (EPSV and php_hostconnect()) 2000-09-09 21:29:37 +00:00
Zeev Suraski
b7ecaacd07 More security-related (control) patches: 
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit.  Defaults to 8MB.
- Implemented file_uploads on/off directive (defaults to on).
 2000-09-09 15:02:15 +00:00
Zeev Suraski
6c4cb4c079 Security related updates: 
- Introduce php_open_temporary_file(), in place of tempnam().  Still
  needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the mechanism for unlinking uploaded files at the end of the request
  (was it ever tested?).  Files moved with move_uploaded_file() will not be unlink()'d
  again, to avoid (albeit very unlikely) race conditions.
 2000-09-09 11:41:14 +00:00
Zeev Suraski
3edf46ff73 Implement move_uploaded_file() (untested) 2000-09-08 22:31:21 +00:00
Zeev Suraski
75086e3088 - Implemented is_upload_file() 2000-09-08 21:56:47 +00:00
Zeev Suraski
91c808ecc4 Restore the headers_only test to the centralized SAPI startup. If necessary, it can 
be overriden in the activate() callback.
 2000-09-08 14:43:57 +00:00
Stanislav Malyshev
522aec4443 Never trust snprintf return value 2000-09-08 12:52:05 +00:00
Stanislav Malyshev
6426d1c9ce Fix crash on very long error messages 
Manual for snprintf says:
       If  the output was truncated, the return value is -1, oth-
       erwise it is the number of characters stored, not  includ-
       ing the terminating null.
And that's a blatant lie - in reality, libc 2.1 always returns number of
characters that _would be_ stored. I hate those libc bugs. Now we should go
and check every place we trusted snprintf return value.
 2000-09-08 12:32:29 +00:00
Stanislav Malyshev
df5e0cb0a5 Fix syslog call 2000-09-08 12:07:21 +00:00
Stig Venaas
f68fb8fad2 Better IPv6 checking 2000-09-07 17:56:12 +00:00
Andi Gutmans
204f4adca7 - Smarter detection of MAXPATHLEN 2000-09-07 15:20:29 +00:00
Zeev Suraski
677d4b9913 Send $HTTP_POST_FILES to the right place 2000-09-07 04:12:31 +00:00
Sascha Schumann
4d2515d6be 4.0.3-dev 2000-09-06 16:52:33 +00:00
Daniel Beulshausen
81daa0899e deleted unnecessary defines 
i also plan to let windows build with crypt() support
 2000-09-06 10:00:34 +00:00
Zeev Suraski
bfa301dfd0 Fix ordering 2000-09-06 04:56:22 +00:00
Zeev Suraski
12adebbc3a - Fix leak 
- Remove redundant php_ini code
 2000-09-05 21:18:00 +00:00
Zeev Suraski
4647bbb71a broken logic fixed. I'm getting old 2000-09-05 20:50:41 +00:00
Zeev Suraski
eb32144902 - Remove track_vars - it is now always on 
- Make the various $HTTP_*_VARS[] arrays be defined always,
  even if they're empty
- Fix Win32 build and warnings
 2000-09-05 19:06:29 +00:00
Stig Venaas
d57e56ab4c using emalloc and efree, instead of malloc and free 2000-09-05 17:37:44 +00:00
Stig Venaas
24633f5987 renamed hostconnect() to php_hostconnect() 2000-09-05 16:36:56 +00:00
Stig Venaas
b83427db64 using the new hostconnect() for the http wrapper 2000-09-05 15:59:08 +00:00
Stig Venaas
4a7f22123f hostconnect now supports IPv6 if getaddrinfo exists, and also tries to 
connect to all addresses of a host before giving up. It should also be
thread safe when using getaddrinfo.
 2000-09-05 13:56:11 +00:00
Zeev Suraski
efdd39207c Protect arrays as well. 2000-09-04 22:26:01 +00:00
Sterling Hughes
9f86ff884f @Add a php.ini option session.use_trans_sid to enable/disable trans-sid. (Sterling) 2000-09-04 22:21:10 +00:00
Zeev Suraski
5dca99232e Prevent exploit in [tmp_name] as well 2000-09-04 22:05:00 +00:00
Zeev Suraski
60825fab88 Fix the logic. Tested. 2000-09-04 21:23:41 +00:00
Zeev Suraski
388170ffa5 3rd time's a charm 2000-09-04 20:47:52 +00:00
Zeev Suraski
b47050630b Fix the fix 2000-09-04 20:46:10 +00:00
Zeev Suraski
ed453cc9b4 Fix the file upload security problem with no side effects (untested) 2000-09-04 19:07:50 +00:00
Sascha Schumann
96128460b7 Include "php.h", otherwise we don't have access to the PHP and autoconf 
macros.
 2000-09-04 12:58:08 +00:00
Rasmus Lerdorf
43fefff150 Quick-fix for the file upload security alert 
@Quick-fix for the file upload security alert (Rasmus)
 2000-09-04 05:09:46 +00:00
Andi Gutmans
6bfed632c7 - This shouldn't have been commited. 
There are quite a few modules which are using VIRTUAL_DIR. I don't think
  this should be happening.
 2000-09-04 04:22:47 +00:00
Andi Gutmans
341a0d465a - Found my bug and managed to move the V_* macros to TSRM 2000-09-04 04:18:04 +00:00
Andi Gutmans
e47d4fe249 - Increase buffers of output buffering to 40KB and 10KB increments which 
makes more sense when web pages are typically like 10KB-20KB.
  I think it would be best to change the reallocation algorithm at least to
  redoubling when it's full instead of incrementing and possibly use
  a data structure similar to Zend/zend_static_allocator which uses memory
  blocks and not realloc().
 2000-09-03 19:57:06 +00:00
Andi Gutmans
799a00f19a - Before removing php_virtual_cwd.[ch] #if 0 them to make sure nothing 
is broken by this.
 2000-09-03 19:44:35 +00:00
Stig Venaas
f0962c33a1 Added timeout argument, but not used yet 2000-09-03 19:12:28 +00:00
Andi Gutmans
6c6471b160 - Move to virtual cwd in TSRM 2000-09-03 18:45:02 +00:00
Zeev Suraski
2183e2b0be Make gcc happy 2000-09-03 15:58:50 +00:00
Zeev Suraski
48f13455be Fix init bug 2000-09-03 15:56:54 +00:00
Stig Venaas
7f8917932f Added network.c 2000-09-03 09:34:33 +00:00
Stig Venaas
ad95450fc4 To be included by code using functions in network.c 2000-09-03 09:33:14 +00:00
Stig Venaas
c94933b2fa Network related functions, only for internal use by other PHP code. Tries 
to hide the details of address families/protocols, and to reduce duplication
of code.
 2000-09-03 09:30:41 +00:00
Andi Gutmans
299d1295b6 - Remove another TSRM->Zend dependency 2000-09-02 18:40:41 +00:00
Zeev Suraski
cf8e389799 @- Added support for an optional output handler function for output 
@  buffering.  This enables transparent rendering of XML through XSL,
@  transparent compression, etc. (Zeev)
 2000-09-02 18:03:58 +00:00
Andi Gutmans
97d509cc95 - Get rid of unused code and stop including PHP's win95nt.h 2000-09-02 16:08:24 +00:00
Zeev Suraski
e065c308e9 - Fix dir.c 
- Begin cleanup of php_error_cb()
 2000-09-01 12:06:52 +00:00
Sascha Schumann
df273c9d01 Hopefully last round of fixing varargs use. 
We don't need to create the log message twice, and by doing it only
once we also avoid the orig_args trap.
 2000-09-01 09:54:32 +00:00
Andi Gutmans
27de50012b - Use emalloc() for opened_path now. This was a potential leak before. 
- This patch has potential to break stuff but I tested it as much as I
- could. Fixes should be easy.
 2000-08-31 22:24:20 +00:00
Andi Gutmans
e8e5c9d97e - Remove redundant IS_SLASH 
- Reverse config.w32.h patches
- Use IS_ABSOLUTE_PATH() in one place in fopen-wrappers.c
 2000-08-31 19:49:36 +00:00
Stanislav Malyshev
ed3c85261b Make main.c compile again 2000-08-31 16:15:31 +00:00
Zeev Suraski
0bc2bb05d4 Safer shutdown process. Continue to shut down even if we bail out in the middle of a certain part. 2000-08-31 16:02:51 +00:00
Daniel Beulshausen
95ee791d97 should be easier when compiling the modules 2000-08-30 21:07:16 +00:00
Andi Gutmans
ca5e0330ca - Missed a space 2000-08-30 20:32:29 +00:00
Andi Gutmans
4a2fa70fc9 - Fix bug when using safe_mode and doc_root together 2000-08-30 20:31:17 +00:00
Zeev Suraski
47f8af85f5 This is no longer relevant... 2000-08-30 18:06:17 +00:00
Zeev Suraski
0e482b1b30 - Truly fix varargs handling - the current situation was a sure-fire crash in most platforms 
(the older code worked, even though it didn't compile well for some very odd reason, probably
  a compiler bug;  The new code would cause PHP to crash if both display_errors/log_errors and
  track_errors were enabled)
 2000-08-30 18:02:00 +00:00
Zeev Suraski
3a10285392 Go 4.0.2 2000-08-29 15:49:44 +00:00
Stig Bakken
1b4d8c0fb6 @Added PHP API for Zend's ticks 
Added PHP API for registering tick functions.  Ticks is a per-instruction
callback in Zend that allows us to implement cooperative multitasking
within PHP.  Example:

In extension code:

php_add_tick_function(my_tick_func);

void my_tick_func(int count) {
    php_printf("[tick %d]", count);
}

In PHP code:
<?php

declare(ticks = 1) {
    print "there should be two ticks here.\n";
}

?>
 2000-08-29 09:18:48 +00:00
Sascha Schumann
e783d75ed3 sizeof(old_cwd) evaluated to sizeof(char *) after last commit, so old_cwd 
was not set correctly.
 2000-08-27 20:51:30 +00:00
Andi Gutmans
ecbc0255d9 - Use do_alloca()/free_alloca() for old_cwd. This will ensure speed in 
- non-ISAPI environments but in ISAPI will use emalloc()/efree() to save
- stack space. MS only gives us 10KB those bastards.
 2000-08-27 19:56:22 +00:00
Andi Gutmans
827672cd78 - Reverting Sascha's patch although I don't like doing these kind of things 
- but as it is Sascha who has reverted a zillion patches I don't feel that
- bad about it :)
- The patch is morally incorrect and it actually also has a crash bug which
- I won't point out because it shouldn't be there.
- SG(path_translated) should be set by the SAPI module correctly and if it
- isn't the SAPI module should be fixed and not add code to PHP. There is
- enough special case code in PHP and I would like to clean it up and not
- add more.
- Last but not least, old_cwd takes 4KB of stack space. We should probably
- malloc() it because in ISAPI we only have 10KB of stack space.
 2000-08-27 19:51:50 +00:00
Sascha Schumann
390d1cd1b7 Initializing new_path once is enough 2000-08-27 19:40:21 +00:00
Sascha Schumann
3f969d0b84 If a SAPI module does not pass an absolute path as primary_file to 
php_execute_script(), we will now change the filename to point to
the absolute path.
 2000-08-27 19:38:18 +00:00
Sascha Schumann
626fc9a773 Export IS_ABSOLUTE_PATH to the outside world. 2000-08-27 19:36:35 +00:00
Sascha Schumann
ab458219ec Real fix for this rule. 2000-08-27 19:32:28 +00:00
Andi Gutmans
eea3a56973 - This should be more efficient. 
- Post 4.0.2 it's time to move the whole opened_path and virtual stuff
- to emalloc() and friends including some alloca() improvements where
- possible but I don't want to break anything before
 2000-08-27 19:20:53 +00:00
Sascha Schumann
58abfc5426 Fix internal_functions.c rule. This should also work better with BSD make's 
VPATH support.
 2000-08-27 18:54:28 +00:00
Andi Gutmans
0b8ca80e57 - Remove some unused stuff. 2000-08-27 18:27:37 +00:00
Andi Gutmans
989203cf9c - Test commit msg. This is Andi and it seems to come from Zeev. 2000-08-27 18:18:34 +00:00
Zeev Suraski
1f7b735290 - Forgot to fix non-ZTS CHDIR_FILE macro 2000-08-27 18:06:12 +00:00
Andi Gutmans
39770d99ea - Try and fix problem with opening wrong file. 2000-08-27 18:01:17 +00:00
Sascha Schumann
35a9a1878e Fix strlcpy use at this place. 2000-08-27 09:48:03 +00:00
Sascha Schumann
2eb8688f29 Refine PHP_STRLCPY comment 2000-08-27 09:38:33 +00:00
Sascha Schumann
b2cecd9d8b newtype has a length of newlen+1, 'len' refers to the length of *mimetype 
here.
 2000-08-27 09:32:23 +00:00
Sascha Schumann
365edaddd4 Add PHP_STRLCPY macro. This macro should be used in new code instead of 
strlcpy/strlcat which are intended for fixing broken code.
 2000-08-27 09:30:15 +00:00
Stig Bakken
03471b21ee @Added ob_get_length function (Stig) 
Added ob_get_length() function (returns size of buffer)
 2000-08-25 03:10:42 +00:00
Zeev Suraski
c542f9a3f4 - Fix IMAP build problem 
- Allow external DLLs to use warn_not_available
 2000-08-24 18:49:49 +00:00
Sascha Schumann
19741cc37a The macro CONVERT_TO_WIN_FS is not used anywhere. 2000-08-21 09:57:13 +00:00
Sascha Schumann
8e0ae5d152 Cleaning up some mess 2000-08-21 09:50:53 +00:00
Andi Gutmans
99d3b9bfe8 - Remove old/deprecated version of expand_filepath 2000-08-21 04:30:25 +00:00
Andi Gutmans
c799959568 - Change PHP_SEPARATOR to PHP_DIR_SEPARATOR 2000-08-20 19:56:24 +00:00
Andi Gutmans
892e949196 - Checking for ".." isn't enough. include_once() could mess up even if both 
- names didn't include ".." but were referenced different directories which
- were symlinked to each other.
 2000-08-20 19:49:10 +00:00
Andi Gutmans
80d878279b - Sascha's patch should make PHP in VIRTUAL_DIR mode also change to the 
- right directory so this shouldn't be needed anymore.
 2000-08-20 18:12:16 +00:00
Sascha Schumann
1d68a02df3 The status quo in PHP is that the current directory is initialized 
to the directory where the executing script is located.

Since this needs to be implemented for all SAPI modules anyway, this
change moves the functionality to php_execute_script() and gets rid
of the per-module code.
 2000-08-20 14:29:00 +00:00
Sascha Schumann
320105bcd8 Use size_t as parameter type in the getenv member of struct sapi_module 2000-08-20 14:20:21 +00:00
Sascha Schumann
6358dad0e1 const'ify virtual-cwd API 2000-08-20 14:11:50 +00:00
Sascha Schumann
c8b8a908ca Provide PHP_SEPARATOR which expands to the default directory separator 
on the target platform.
 2000-08-20 14:02:57 +00:00
Sascha Schumann
d3aeebdd1f Fix prototype of virtual_real_chdir_file. 2000-08-20 13:09:57 +00:00
Sascha Schumann
c86ec8b1a9 Add virtual_real_chdir_file. Silly name for a useful function. 2000-08-20 12:49:56 +00:00