Commit Graph

220 Commits

Author SHA1 Message Date
Stanislav Malyshev
ac40c0b562 Merge branch 'pull-request/341'
* pull-request/341: (23 commits)
  typofixes
2013-06-10 14:20:18 -07:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Dmitry Stogov
04f6171012 Improved max_input_vars directive to check nested variables 2012-02-14 08:58:52 +00:00
Stanislav Malyshev
2a687aed1a fix bug #54374, bug #55500 - filter file names better, no dangling [s 2012-01-01 23:54:25 +00:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Hannes Magnusson
43fb787add Fixed bug #55504 (Content-Type header is not parsed correctly on HTTP POST request 2011-09-07 16:19:09 +00:00
Pierre Joye
9805e1674a - remove magic quotes support, functions are kept (see the NEWS entry for the details) for BC reasons but do not allow to set enable MQ 2011-07-22 11:25:30 +00:00
Felipe Pena
907fd926e5 - Restore basename in filename on non Windows OS 2011-06-12 15:15:44 +00:00
Pierrick Charron
4a0831743d Remove unused variable 2011-03-13 05:25:45 +00:00
Moriyoshi Koizumi
b2ddc6de23 Fix ZTS build. 2011-03-06 07:06:55 +00:00
Moriyoshi Koizumi
cdb9ee0d1a Fix zend.multibyte oddities. Hope this will address all the known problems. 2011-03-06 07:00:30 +00:00
Ilia Alshanetsky
86550a9fed Win32 build fix 2011-01-19 13:09:05 +00:00
Ilia Alshanetsky
b5e12bd4da Fixed variable re-declaration 2011-01-18 13:17:23 +00:00
Felipe Pena
0203cc3d44 - Year++ 2011-01-01 02:17:06 +00:00
Dmitry Stogov
755c2cd0d8 Removed compile time dependency from ext/mbstring 2010-12-08 11:27:34 +00:00
Dmitry Stogov
dcb65e76da WS and cosmethic changes 2010-12-02 09:40:53 +00:00
Gustavo André dos Santos Lopes
e1aa908468 - Implemented FR #50692, not uploaded files don't count towards
max_file_uploads limit.
- As a side improvement, temporary files are not opened for
  empty uploads and, in debug mode, 0-length uploads.
2010-10-04 01:27:33 +00:00
Kalle Sommer Nielsen
159cd6916d Fixed compiler warnings in main/ 2010-08-17 12:49:19 +00:00
Kalle Sommer Nielsen
febee11285 Removed register_globals 2010-04-21 01:27:22 +00:00
Andrei Zmievski
f92fae2f66 I am sorry I tried fixing PHP without extensive discussion on the mailing list.
I am sorry I tried fixing PHP without extensive discussion on the mailing list.
I am sorry I tried fixing PHP without extensive discussion on the mailing list.

Hope all the relevant parties are satisfied.
2010-03-18 22:37:25 +00:00
Andrei Zmievski
3220f15ca2 Fix a few problems with large (2G-4G) file uploads. Added
--enable-large-uploads-fix switch because one change was in SAPI.h structure.
2010-03-18 21:07:38 +00:00
Sebastian Bergmann
9ba1e81665 sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php 2010-01-03 09:23:27 +00:00
Jani Taskinen
72a9c6d37a - Sync with HEAD 2009-12-29 19:25:09 +00:00
Jani Taskinen
1a64bb9c05 - WS + CS + folding tags 2009-12-29 18:59:58 +00:00
Ilia Alshanetsky
c3230ad217 Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive in HTTP uploads). 2009-12-29 15:57:54 +00:00
Rasmus Lerdorf
2e9c3ed919 Make it possible to disable post_max_size 2009-11-17 20:33:51 +00:00
Ilia Alshanetsky
2e13e89bd1 Simpify the max_file_uploads handling code 2009-11-16 13:34:57 +00:00
Ilia Alshanetsky
e2211cee86 Introduced a max_file_uploads INI setting, which is set to limit the
number of file uploads per-request to 100 by default, to prevent possible
DOS via temporary file exhaustion.
2009-10-27 16:13:48 +00:00
Sebastian Bergmann
08659c2dcd MFH: Bump copyright year, 3 of 3. 2008-12-31 11:15:49 +00:00
Arnaud Le Blanc
f5dd8c00a0 WS 2008-10-20 18:43:32 +00:00
Arnaud Le Blanc
0f31ed2f77 Better fix for #46313 2008-10-20 18:42:58 +00:00
Arnaud Le Blanc
c98e28795f Fixed #46313 (Magic quotes broke $_FILES)
# magic_quotes_gpc was disabled during registration of $_FILES["x"]["tmp_name"]
# and $GLOBALS["x"] (which is tmp_name with register_globals enabled). This
# caused "x" to not be escaped so there was 2 different keys for the same file
# in $_FILES, one with tmp_name and the other without.
# All other variables (name, size, etc) are registered with magic_quotes_gpc
# untouched, both in $_FILES and $GLOBALS and I did not found a reason for
# disabling it for tmp_name.
2008-10-20 17:09:10 +00:00
Nuno Lopes
8a77e55566 clean some dead code (with static analysis help) 2008-09-23 15:18:26 +00:00
Arnaud Le Blanc
ef38ff62a5 MFH: More accurate max_file_size / upload_max_filesize (fixes #45124) 2008-09-07 14:17:47 +00:00
Arnaud Le Blanc
898ff10dc0 MFH: Fixed #43540 (rfc1867 handler newlength problem) 2008-09-06 17:18:40 +00:00
Antony Dovgal
8f6b35ccd3 MFH: check if return value of write() is -1 and abort upload in this case setting the correct error status 2008-03-14 13:11:12 +00:00
Sebastian Bergmann
d1dded8751 MFH: Bump copyright year, 2 of 2. 2007-12-31 07:17:19 +00:00
Ilia Alshanetsky
20aa854940 Allow file uploads to bypass open_basedir checks (fixes regression) 2007-07-17 23:46:40 +00:00
Marcus Boerger
24fa61e202 - Drop superflous efree 2007-02-24 14:53:50 +00:00
Marcus Boerger
50ea26760d - Avoid sprintf, even when checked copy'n'paste or changes lead to errors 2007-02-24 02:17:47 +00:00
Sebastian Bergmann
4223aa4d5e MFH: Bump year. 2007-01-01 09:36:18 +00:00
Stefan Esser
abfc08dc82 If one name is disallowed don't drop all files 2006-09-29 10:05:34 +00:00
Stefan Esser
1e8fc23095 Delete empty temporary files if file upload hook forbids the upload 2006-09-19 11:34:19 +00:00
Rasmus Lerdorf
935b0c88e9 Minor tweak to the file upload hooks. The MULTIPART_EVENT_FORMDATA event
was only triggering when an input filter was applied.  This simple change
makes the event also trigger when no filter is applied.  The newlength
pointer is set to NULL to let a downstream module differentiate between
the two cases.
2006-09-09 22:06:27 +00:00
Ilia Alshanetsky
cfda15ffc1 Binary safe multipart request handling 2006-07-27 17:04:15 +00:00
Stefan Esser
cfac29e20e Added RFC1867 fileupload processing hook. 2006-07-22 16:38:29 +00:00
foobar
5bd93221a8 bump year and license version 2006-01-01 12:51:34 +00:00
foobar
23e671a51e - Bumber up year 2005-08-03 14:08:58 +00:00
Ilia Alshanetsky
85e237888c Fixed bug #33673 (Added detection for partially uploaded files). 2005-07-13 20:44:08 +00:00
Uwe Schindler
4558cdade6 Bug #32491 (File upload error - unable to create a temporary file) - Changing file upload from stdio to posix 2005-04-04 14:59:40 +00:00