Permalink
Browse files

- Fix sapi_input_filter patch. Returning 1 from the filter handler sh…

…ould

  make PHP register the variable, returning 0 shouldn't. The new length of
  the variables being filtered is now returned in the new_val_len argument
  of the function.
  • Loading branch information...
1 parent f783019 commit 750b0338bf1a2ae6d2fe48396801ad13a29255a2 Derick Rethans committed Nov 29, 2003
Showing with 20 additions and 19 deletions.
  1. +3 −2 README.input_filter
  2. +6 −4 ext/mbstring/mb_gpc.c
  3. +1 −1 main/SAPI.c
  4. +2 −2 main/SAPI.h
  5. +6 −7 main/php_variables.c
  6. +2 −3 main/rfc1867.c
View
@@ -89,7 +89,7 @@ PHP_MINFO_FUNCTION(my_input_filter)
php_info_print_table_end();
}
-unsigned int my_sapi_input_filter(int arg, char *var, char **val, unsigned int val_len)
+unsigned int my_sapi_input_filter(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len)
{
zval new_var;
zval *array_ptr = NULL;
@@ -137,7 +137,8 @@ unsigned int my_sapi_input_filter(int arg, char *var, char **val, unsigned int
php_strip_tags(*val, val_len, NULL, NULL, 0);
- return strlen(*val);
+ *new_val_len = strlen(*val);
+ return 1;
}
PHP_FUNCTION(my_get_raw)
View
@@ -204,7 +204,8 @@ int _php_mb_encoding_handler_ex(int data_type, zval *arg, char *res, char *separ
char *var, *val, *s1, *s2;
char *strtok_buf = NULL, **val_list = NULL;
zval *array_ptr = (zval *) arg;
- int n, num, val_len, *len_list = NULL, *elist, elistsz;
+ int n, num, *len_list = NULL, *elist, elistsz;
+ unsigned int val_len, new_val_len;
enum mbfl_no_encoding from_encoding, to_encoding;
mbfl_string string, resvar, resval;
mbfl_encoding_detector *identd = NULL;
@@ -342,9 +343,10 @@ int _php_mb_encoding_handler_ex(int data_type, zval *arg, char *res, char *separ
val_len = len_list[n];
}
n++;
- val_len = sapi_module.input_filter(data_type, var, &val, val_len TSRMLS_CC);
- /* add variable to symbol table */
- php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+ if (sapi_module.input_filter(data_type, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+ /* add variable to symbol table */
+ php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
+ }
if (convd != NULL){
mbfl_string_clear(&resvar);
mbfl_string_clear(&resval);
View
@@ -831,7 +831,7 @@ SAPI_API int sapi_register_treat_data(void (*treat_data)(int arg, char *str, zva
return SUCCESS;
}
-SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC))
+SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC))
{
sapi_module.input_filter = input_filter;
return SUCCESS;
View
@@ -181,7 +181,7 @@ SAPI_API int sapi_register_post_entry(sapi_post_entry *post_entry);
SAPI_API void sapi_unregister_post_entry(sapi_post_entry *post_entry);
SAPI_API int sapi_register_default_post_reader(void (*default_post_reader)(TSRMLS_D));
SAPI_API int sapi_register_treat_data(void (*treat_data)(int arg, char *str, zval *destArray TSRMLS_DC));
-SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC));
+SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC));
SAPI_API int sapi_flush(TSRMLS_D);
SAPI_API struct stat *sapi_get_stat(TSRMLS_D);
@@ -244,7 +244,7 @@ struct _sapi_module_struct {
int (*get_target_uid)(uid_t * TSRMLS_DC);
int (*get_target_gid)(gid_t * TSRMLS_DC);
- unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len TSRMLS_DC);
+ unsigned int (*input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);
void (*ini_defaults)(HashTable *configuration_hash);
int phpinfo_as_text;
View
@@ -207,14 +207,13 @@ SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
while (var) {
val = strchr(var, '=');
if (val) { /* have a value */
- int val_len;
+ unsigned int val_len, new_val_len;
*val++ = '\0';
php_url_decode(var, strlen(var));
val_len = php_url_decode(val, strlen(val));
- val_len = sapi_module.input_filter(PARSE_POST, var, &val, val_len TSRMLS_CC);
- if (val_len) {
- php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+ if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+ php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
}
}
var = php_strtok_r(NULL, "&", &strtok_buf);
@@ -305,13 +304,13 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
val = strchr(var, '=');
if (val) { /* have a value */
int val_len;
+ unsigned int new_val_len;
*val++ = '\0';
php_url_decode(var, strlen(var));
val_len = php_url_decode(val, strlen(val));
- val_len = sapi_module.input_filter(arg, var, &val, val_len TSRMLS_CC);
- if (val_len) {
- php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+ if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+ php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
}
} else {
php_url_decode(var, strlen(var));
View
@@ -881,14 +881,13 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
if (!filename && param) {
char *value = multipart_buffer_read_body(mbuff TSRMLS_CC);
- int val_len;
+ unsigned int new_val_len;
if (!value) {
value = estrdup("");
}
- val_len = sapi_module.input_filter(PARSE_POST, param, &value, strlen(value) TSRMLS_CC);
- if (val_len) {
+ if (sapi_module.input_filter(PARSE_POST, param, &value, strlen(value), &new_val_len TSRMLS_CC)) {
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
if (php_mb_encoding_translation(TSRMLS_C)) {
php_mb_gpc_stack_variable(param, value, &val_list, &len_list,

0 comments on commit 750b033

Please sign in to comment.