requests--let's see what I can dig out of the bugtracker for NEWS--
and while crossing the road:
* implemented new zlib API
* fixed up ext/tidy (what was "s&" in zend_parse_parameters() supposed to do?)
Thanks to Jani and Felipe for pioneering.
* Removed ini options, safe_mode*
* Removed --enable-safe-mode --with-exec-dir configure options on Unix
* Updated extensions, SAPI's and core
* php_get_current_user() is now declared in main.c, thrus no need to include safe_mode.h anymore
I am sorry I tried fixing PHP without extensive discussion on the mailing list.
I am sorry I tried fixing PHP without extensive discussion on the mailing list.
Hope all the relevant parties are satisfied.
[DOC] proto void header_remove([string header_name])
Removes an HTTP header previously set using header()
The header_name parameter is optionnal, all headers are
removed if it is not set
[SAPIs] The header_handler callback in sapi_module_struct has
been changed, it now take a new argument.
When it is set to SAPI_HEADER_DELETE, sapi_header->header is
the name of an header, header_handler has to delete it.
When it is set to SAPI_HEADER_DELETE_ALL, header_handler has
to delete all headers.
When sapi_header_op_enum is SAPI_HEADER_ADD or _REPLACE,
sapi_header->header is in the form "Name: value", header_handler
has to add or replace the given header.
In all cases, header_handler must not free sapi_header or
sapi_header->header. SAPI_HEADER_ADD must be returned if the
header has been added or replaced, or 0 in other cases.
After the sigsetjmp change, this is patch #2 in an effort to get some
sanity restored to signal handling in PHP.
This patch does two things. First, it makes it possible to reset the
timeout without resetting the signal handlers. This is important for
cases where an extension may have deferred signals in its MINIT in order
to implement critical sections. It also lays the groundwork for cleaning
up our signal handling and perhaps eventually implementing our own
signal deferring mechanism so we can have true critical sections.
The second thing this does is to make it possible to terminate the current
child process (only for Apache1 at the moment) on a timeout. There are
a number of extensions that are unhappy about being longjmp'ed out of
and when this happens on a timeout they are left in an inconsistent state.
By turning on exit_on_timeout you can now force the process to terminate
on a timeout which will clean up any hanging locks and/or memory left
hanging after the longjmp.
This adds proto_num to request_info. It is defaulted to HTTP 1.0 (1000)
such that it has a valid value even if the underlying sapi doesn't set it
correctly. It is then used to determine if a 302 or a 303 should be sent
on a Location redirect. Any non GET/HEAD HTTP 1.1 redirect will get a 303
instead of a 302 to be compatible with the HTTP spec.
make PHP register the variable, returning 0 shouldn't. The new length of
the variables being filtered is now returned in the new_val_len argument
of the function.
into entities or use some other mechanism which causes the filtered data
to be longer than the original data. Ergo, pass in the address of the
buffer instead so the filter is free to reallocate it.
non-privileged user the web server is running as. this is useful
for creating shared memory segments which need to be accessed by
the child processes/threads.
this is necessary, when you want to take over control of a connection
and the web server is doing stupid things by default (like enabling
chunked transfer encoding for no reason).
- webdav-specific stuff removed (should be handled using httpd.conf
LIMIT or equivalents)
- always_populate_raw_post_data now working on any method, not just
POST (and webdav methods with allow_webdav_methods), when
Content-Length is greater zero
- raw input data is also available using php://input stream,
this way one doesn't have to care about memory_limit
- input data is now always consumed (although maybe ignored,
this fixes we had withproblems with keep-alive connections
@ raw POST data is now available as php://input stream (hartmut)
Disables zlib.output_compression for scripts with image/ content-type
header (fixes bug #16109) and makes it possible to switch
zlib.output_compression during script execution before the headers are
sent.
@- zlib.output_compression is disabled for "image/" content-type
@ headers and can be changed during script execution. (Stefan)
calls.
Revert the change to the sapi_add_header_ex interface.
Fix various bugs:
1. header("HTTP/1.0 306 foo");
header("Location: absolute-uri");
did not work in combination with several SAPI modules, because
http_status_line was never properly reset. And thus, all SAPI
modules which looked at http_status_line ignored the changed
http_response_code.
2. The CGI SAPI did not send out the HTTP status line at all, if
http_status_line had not been set explicitly by calling
header("HTTP/1.0 200 foo");
@ always_populate_raw_post_data was on - fixed. (Rasmus)
$HTTP_RAW_POST_DATA was not populated on a missing content-type even when
always_populate_raw_post_data was on - fixed. (Rasmus)
- Move to the new ts_allocate_id() API
This patch is *bound* to break some files, as I must have had typos somewhere.
If you use any uncommon extension, please try to build it...
maintain current behaviour. If this is turned on then $HTTP_RAW_POST_DATA
is always populated with a copy of the raw post data.
@ - Add config option (always_populate_raw_post_data) which when enabled
@ will always populate $HTTP_RAW_POST_DATA regardless of the post mime
@ type (Rasmus)
and sapi_unregister_post_entry() are for...
Also, please maintain K&R code layout, it's very messy to have different
styles intermixed in the same codebase, and especially in the same files!
- Make sapi_module available to external modules (PHPAPI)
- Make the php.ini path reported in phpinfo() always point to
real full path of the php.ini file
- Optimized the ISAPI module not to read unnecessary server
variables and read necessary variables at most once.
- Introduce php_open_temporary_file(), in place of tempnam(). Still
needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the mechanism for unlinking uploaded files at the end of the request
(was it ever tested?). Files moved with move_uploaded_file() will not be unlink()'d
again, to avoid (albeit very unlikely) race conditions.
SAPI and down into the individual SAPI modules. I have made the
appropriate changes in all the SAPI modules, but please verify these.
The reason for this change is that Apache sometimes will feed PHP
a request_method of GET but have r->header_only set to true. This happens
in an ErrorDocument redirect. In this same scenario we want to preserve
the status code as well instead of just overwriting it with a 200 and
losing this information. For now the other sapi modules act exactly as
before since they probably do not make this distinction, and they may
not even have a valid response code this early in the request.
@ Fix HEAD request bug on an Apache ErrorDocument redirect and preserve
@ the status code across the redirect as well. (Rasmus)
zend_get_parameters(), but it became invalid when someone switched it
to zend_get_parameters_ex(), and I decided to remove it anyway).
- Remove a redundant function call
[6] NEVER USE strncat(). If you're absolutely sure you know what you're doing,
check its man page again, and only then, consider using it, and even then,
try avoiding it.
strncat() is your enemy!
- Fix several SAPI services, get rid of the default_content_type (it's always
composed of the mime type and charset now).
- Win32 works again
stig, in sgi-mode i still "only" get:
(haven't touched my .ini file in ages - and don't plan to)
X-Powered-By: PHP/4.0b5-dev
Content-type: iso-8859-1 <<< where is text/html?
have in the future now obey to the variables_order directive, and there's a real way modular
way to handle POST content.
This is all untested, BEFORE_SAPI_POST_PATCH_17_FEB_2000 tagged before submission
@- Made multipart/form-data content obey to the variables_order directive (Zeev)
@ an ISAPI filter, only as an ISAPI extension, unless you wish to perform
@ authentication using PHP. This didn't yet get enough testing, but it
@ should work (Zeev)
- Fixed auth_user/auth_password memory leak (I didn't have time to test it under
Apache, feedback welcome!)
@- Finished the server abstraction layer; All of the PHP code is now shared
@ across different servers (Apache, CGI, IIS, etc.), except for thin
@ interface modules (Zeev)
