mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-01-07 11:34:09 +08:00
Code Issues Packages Projects Releases Wiki Activity
34,828 Commits 505 Branches 1,389 Tags 839 MiB
930ac9a5d0
Commit Graph

179 Commits

Author SHA1 Message Date
Ilia Alshanetsky
1f50681813 Fixed bug #21149 (fixed handling of unterminated '['). 2002-12-29 21:02:17 +00:00
Stefan Esser
75d8056e11 cleanup 2002-12-14 10:45:25 +00:00
Ilia Alshanetsky
3c9a6a8890 Removed one more unneeded check. 2002-12-10 15:58:31 +00:00
Ilia Alshanetsky
ecc9c539d2 Removed a pointless check. Thanks Stefan. 2002-12-10 15:36:26 +00:00
Ilia Alshanetsky
8425dbd0bc Fixed bugs #20725 & #20860. Post form variables get lost if the uploaded 
files cannot be written to disk.
 2002-12-07 00:48:13 +00:00
Stefan Esser
9dae1475ef little fix 2002-11-22 19:34:17 +00:00
Stefan Esser
658fd1ba8d Fixing possible remote overflow due to mbstring translation. 2002-11-14 16:30:07 +00:00
Moriyoshi Koizumi
e8be0db546 Fixed build when mbstring is not used - my previous patch is insufficient. 2002-10-24 02:59:01 +00:00
Moriyoshi Koizumi
73ca375f37 MFH; we would see a nasty problem again if it was not fixed... 2002-10-24 02:56:28 +00:00
Moriyoshi Koizumi
74883a9583 Make php_mb_is_mb_leadbyte() obsolete. It only works with double-byte chars. 
# Sorry Marcus, it seems we were working simultaneously :)
 2002-10-23 23:25:27 +00:00
Moriyoshi Koizumi
afa9f42f47 Function renaming. 2002-10-23 19:51:50 +00:00
Moriyoshi Koizumi
b7703551ed Remaned the functions for consistency 2002-10-23 16:54:31 +00:00
Stefan Esser
46f4a07d1c Closing protected variables hole 2002-10-07 11:23:24 +00:00
Stefan Esser
20693c1ad4 IE does not use quotes but now we are safe... 2002-08-17 11:48:21 +00:00
Stefan Esser
ecaa0a091a fixed the user supplied patch for bug #18792 2002-08-17 11:31:06 +00:00
Dan Kalowsky
6c22f90b4a Fix for bug #18792 submitted by t.bubeck@reinform.de 
# talked this over with sterling and he believes it shouldn't break anything
# although there might be a need/desire to check for both ',' and ';'
 2002-08-16 19:34:43 +00:00
Stefan Esser
6f822fdcb7 A full hard disk is no reason to leak memory... 2002-08-08 12:40:51 +00:00
Marcus Boerger
de8c36dcaa -use const to clarify code 
-fix tsrmls build (therefore rfc1867.c)
 2002-08-02 10:22:31 +00:00
Rui Hirokawa
7527bf0c58 made sapi_register_treat_data() to support multibyte input encoding translation without MBSTR_ENC_TRANS and changed php_treat_data to php_default_treat_data. 2002-08-02 06:53:48 +00:00
Stefan Esser
11ac4e035c use Zend API to access llist count 2002-07-15 16:37:15 +00:00
foobar
02d3e99bf2 IF --disable-mbstr-enc-trans is used OR mbstring is compiled as shared 
extension, these functions are not available.
 2002-07-14 00:27:52 +00:00
foobar
ed58d3a235 - Added predefined constants for the upload errors. 
- Removed the debugging error (not useful for end-users)
 2002-07-12 01:49:58 +00:00
foobar
6a83870c49 Fix typo 2002-07-05 18:32:08 +00:00
Rui Hirokawa
ead78e9125 fixed shift_jis character corruption including 0x5c as second byte following a slash on uploaded filename. 2002-07-05 15:06:39 +00:00
Sebastian Bergmann
0e52055f70 Fix ZTS build. 2002-07-03 21:07:24 +00:00
Rui Hirokawa
bb21c40738 fixed shift_jis character corruption including 0x5c as second byte on uploaded filename. 2002-07-03 13:36:19 +00:00
Stefan Esser
5956656864 - Stay always in buffer 2002-06-07 08:00:12 +00:00
Stefan Esser
23ceadfe2b fixed multiline header detection (':' is valid within following lines) 
fixed fill_buffer to fill the buffer always completely
 2002-06-05 13:35:34 +00:00
Stefan Esser
a06a3e1f7f fixing some crashbugs that can be triggered with bogus uploads. 2002-06-05 11:28:33 +00:00
Derick Rethans
f3c71c43b0 - Don't issue a notice when no file was uploaded 2002-05-31 09:05:39 +00:00
Zeev Suraski
19b7861d70 0 byte file uploads are valid, avoid choking on them 2002-05-11 11:58:16 +00:00
foobar
ae2e36a4e5 Changed the error for 'no upload' to E_NOTICE so that it doesn't 
pollute the logs too much.

@- Fixed possible crash bug in HTTP uploads. (Patch: Lucas Schroeder)
 2002-04-23 00:14:08 +00:00
foobar
bccfe80480 Prevent crashing with some bogus POSTs. 2002-04-01 23:02:16 +00:00
foobar
f43ca8d2bc Fixed a bug with file_uploads=off -> normal post variables not set. 2002-03-30 02:58:19 +00:00
Stefan Esser
2872bce78a Fix: Now returns correct Content-Type with Opera 6.01 2002-03-10 11:03:04 +00:00
jim winstead
e68095972e Move type-handling functions into ext/standard/type.c (which had 
a few otherwise unused functions in it).
 2002-01-09 23:47:46 +00:00
Jon Parise
2720dc3c05 Nuke unused variable warning (end_arr). 2002-01-04 22:57:36 +00:00
Stefan Esser
99e72c9ae5 whitespace. - now i know how code should look like ... 2001-12-16 21:59:13 +00:00
Stefan Esser
dce6ba9e0f fixed: php_ap_getword was unaware of quotes 
filenames with ; in it could not get uploaded

fixed: php_ap_getword_conf sometimes returned a static
	string that crashs php when freed
	(f.e. uploading the file "crash; name=  ;"
	crashed php)

fixed: magic_quotes was disabled while filling
	variables with user supplied input

fixed: memoryleak (some strings did not get freed)

fixed: assuming that adress of "" is always the same
	may fail on some compilers
 2001-12-16 13:34:52 +00:00
Stefan Esser
58a5b6bfda fixed some minor bugs and reordered some code to fix array uploads. 2001-12-13 18:12:58 +00:00
Sebastian Bergmann
38933514e1 Update headers. 2001-12-11 15:32:16 +00:00
foobar
2605bd4b30 Store the read bytes so that some sapi modules know how much to read. 2001-12-05 00:44:17 +00:00
foobar
6083eb1030 - Handle more error types when uploading files. 2001-11-24 18:23:35 +00:00
Zeev Suraski
ee111cf9c8 whitespace 2001-11-24 16:07:05 +00:00
Zeev Suraski
a25ccbec2e whitespace 2001-11-24 16:05:22 +00:00
foobar
1e5e73e0ae - Nuked some memleaks 
- Changed the error to be set always. Otherwise the index for error
  wouldn't be correct in case of uploading multiple files within array.
  ( <input type="file" name="test[]"> )
 2001-11-16 03:34:26 +00:00
foobar
37dec69a7c No use of populating the hash if there is no file saved. 2001-11-16 01:06:48 +00:00
foobar
ae82e1ccf2 In case of submitting form without any files selected don't set 
the tmp_name.
 2001-11-15 15:37:02 +00:00
foobar
b893e59095 Make the filesize 0 when upload fails. And changed the error messages to be different from each other. 2001-11-11 01:51:17 +00:00
foobar
7d479f4abb Fix for bug: #14008. Still needs some minor changes but should give idea about this. 2001-11-11 00:45:31 +00:00
foobar
d6adcc98b5 After discussing with Rasmus, this line should be enough. Speak up if it is not. 2001-10-29 19:12:43 +00:00
foobar
3be12d1d9b - Added myself to authors. 
- Modified the clause about Apache to say what exactly was borrowed.

  Should there be the Apache license included in this file?
 2001-10-29 18:58:15 +00:00
foobar
44b68122c2 @- Fixed HTTP file upload support to handle big files better. (Jani) 
# There are some minor memleaks still..I tried to eliminate them but
# without luck. I'd be glad if someone could check this code out.
# Also, this uses the Apache libapreq. So there might be need to add some
# license thingie there too?
 2001-10-27 05:26:24 +00:00
Jeroen van Wolffelaar
c033288573 Back-substitute for Z_* macro's. If it breaks some extension (the script isn't optimal, it parses for example var->zval.value incorrect) please let me know. 2001-09-25 21:58:48 +00:00
Andi Gutmans
315c894da8 - Commit fix for bug #11998 by Ralf Bolte <r.bolte@gmx.net> 2001-09-23 19:17:44 +00:00
Derick Rethans
78747bd2df - Don't wrap lines... this is annoying while coding. 2001-09-09 13:29:31 +00:00
foobar
e46decaa32 First step for chunkifying the HTTP uploads. 2001-09-03 02:31:56 +00:00
Daniel Beulshausen
0dab84d065 fix SAPI_POST_* exports 2001-08-15 18:01:48 +00:00
Zeev Suraski
1159c84ab7 - TSRMLS_FETCH work 
- whitespace fixes
 2001-08-05 01:43:02 +00:00
Zeev Suraski
d76cf1da18 More TSRMLS_FETCH work 2001-07-31 04:53:54 +00:00
Zeev Suraski
d87cc976e1 Redesigned thread safety mechanism - nua nua 2001-07-28 11:36:37 +00:00
Zeev Suraski
fe6f8712a4 - Get rid of ELS_*(), and use TSRMLS_*() instead. 
- Move to the new ts_allocate_id() API
This patch is *bound* to break some files, as I must have had typos somewhere.
If you use any uncommon extension, please try to build it...
 2001-07-27 10:16:41 +00:00
Zeev Suraski
a9915bf69a Another layout fix 2001-07-16 20:43:18 +00:00
Zeev Suraski
b6064e5d3e Fix layout 
Guys - when submitting patches - please make sure you're not breaking
the layout of the code!  It's not less important than the patch
itself.
 2001-07-16 20:42:49 +00:00
foobar
b0ed727aee Fix one problem with Opera browsers. Tested with IE,NS,Opera. 
There can be also a \t before the 'filename=' part.
 2001-06-19 16:54:30 +00:00
Rasmus Lerdorf
81e2cf03ac Fix folding and clean up some extensions 2001-06-06 13:06:12 +00:00
Rasmus Lerdorf
25c3a3a39d vim-6 does folding - clean up a bunch of missing folding tags plus 
some misguided RINIT and RSHUTDOWN calls in a few fringe extensions
 2001-06-05 13:12:10 +00:00
foobar
bf417a3b72 Now the file uploads 'work' also on Lynx. This patch was submitted 
by Andreas Pistoor <andreas@erestor.f2s.com> and I have tested it a
quite long time now and didn't notive any problems. Bug: #9930
 2001-05-02 01:18:53 +00:00
Andi Gutmans
4c823e8a89 - Change macros from V_ to VCWD_ because of AIX name clash 2001-04-30 12:45:02 +00:00
Andi Gutmans
eb6ba01d1c - Fix copyright notices with 2001 2001-02-26 06:11:02 +00:00
Sascha Schumann
96ba644e9f Make the code match the comment. 
Prior to this change, the upload code tried to add mangled names to
the global HTTP_POST_FILES array, resulting in all kind of weird behaviour.

After this change, multi-dimensional form elements are treated correctly
and consistently.
 2001-01-19 15:39:35 +00:00
Zeev Suraski
f8522c7fa9 Use free_estring() 2001-01-15 10:50:39 +00:00
Sascha Schumann
5d8e3c37d9 arr_index errorneusly included the trailing ']' character, so that 
variable names like Data_name[Image]] were passed to the register functions.
 2001-01-13 10:19:17 +00:00
Stanislav Malyshev
ea46f79a97 Fix #8486 (name= without quotes in MIME Content-Disposition header) 
Ported fix by kk/sas from PHP 3
 2001-01-03 10:52:26 +00:00
Rasmus Lerdorf
c9f1fe638d Fix off by one error in file upload code 2000-12-08 14:28:14 +00:00
Stanislav Malyshev
1f7a3b3b11 Remove empty temp file on failed upload 2000-10-30 15:30:27 +00:00
Sascha Schumann
836df2f798 Parse quoted boundary correctly 2000-10-20 23:40:07 +00:00
Zeev Suraski
9e5ef06ceb Fix warning 2000-10-17 18:13:35 +00:00
Andi Gutmans
824fc6a084 - Move php_open_temporary_file() out of file.c 2000-09-11 18:56:47 +00:00
Zeev Suraski
b7ecaacd07 More security-related (control) patches: 
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit.  Defaults to 8MB.
- Implemented file_uploads on/off directive (defaults to on).
 2000-09-09 15:02:15 +00:00
Zeev Suraski
6c4cb4c079 Security related updates: 
- Introduce php_open_temporary_file(), in place of tempnam().  Still
  needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the mechanism for unlinking uploaded files at the end of the request
  (was it ever tested?).  Files moved with move_uploaded_file() will not be unlink()'d
  again, to avoid (albeit very unlikely) race conditions.
 2000-09-09 11:41:14 +00:00
Zeev Suraski
75086e3088 - Implemented is_upload_file() 2000-09-08 21:56:47 +00:00
Zeev Suraski
677d4b9913 Send $HTTP_POST_FILES to the right place 2000-09-07 04:12:31 +00:00
Zeev Suraski
eb32144902 - Remove track_vars - it is now always on 
- Make the various $HTTP_*_VARS[] arrays be defined always,
  even if they're empty
- Fix Win32 build and warnings
 2000-09-05 19:06:29 +00:00
Zeev Suraski
efdd39207c Protect arrays as well. 2000-09-04 22:26:01 +00:00
Zeev Suraski
5dca99232e Prevent exploit in [tmp_name] as well 2000-09-04 22:05:00 +00:00
Zeev Suraski
60825fab88 Fix the logic. Tested. 2000-09-04 21:23:41 +00:00
Zeev Suraski
388170ffa5 3rd time's a charm 2000-09-04 20:47:52 +00:00
Zeev Suraski
b47050630b Fix the fix 2000-09-04 20:46:10 +00:00
Zeev Suraski
ed453cc9b4 Fix the file upload security problem with no side effects (untested) 2000-09-04 19:07:50 +00:00
Rasmus Lerdorf
43fefff150 Quick-fix for the file upload security alert 
@Quick-fix for the file upload security alert (Rasmus)
 2000-09-04 05:09:46 +00:00
Rasmus Lerdorf
da1b7847b3 Support content-encoding headers in file upload mime parts 
@- Support content-encoding headers in file upload MIME parts
@  (Ragnar Kjørstad)
 2000-08-06 06:40:28 +00:00
Stanislav Malyshev
a790966b15 Fix file upload types array handling (#5836) 2000-07-30 11:22:18 +00:00
Rasmus Lerdorf
76061b701e @ Add support for both indexed and non-indexed arrays of file uploads 
@ eg. name="file[]" type="file" (Rasmus)
Add support for both indexed and non-indexed arrays of file uploads
eg. name="file[]" type="file" (Rasmus)
 2000-06-04 05:46:28 +00:00
Zeev Suraski
e043439ff6 Update the license with the new clause 6 2000-05-18 15:34:45 +00:00
Andi Gutmans
1665cba750 - Change PHP_ to V_ (directory & file functions) 2000-04-15 14:20:01 +00:00
Zeev Suraski
69ff396312 *** empty log message *** 2000-04-02 22:15:14 +00:00
Zeev Suraski
18e0850ba1 @- Add $HTTP_POST_FILES[filename][tmp_name] - it was previously impossible to 
@  retrieve the temporary name of an uploaded file using $HTTP_POST_FILES[] (Zeev)
- Changed IMAP Win32 definitions
 2000-04-02 21:27:32 +00:00
Andi Gutmans
9df7df3293 - Baby steps... Use PHP_FOPEN() 2000-03-30 22:41:13 +00:00
Zeev Suraski
e5c8aeb3f1 - Protect $HTTP_POST_FILES[] as well 2000-02-26 18:59:29 +00:00