Permalink
Browse files

Move safe_mode to the new php_ini mechanism

  • Loading branch information...
1 parent 7685b44 commit 79f9f0ce8848ef2b2ad73c67350fba8b556c8d9d @zsuraski zsuraski committed Apr 10, 1999
Showing with 28 additions and 40 deletions.
  1. +4 −3 main/configuration-parser.y
  2. +7 −6 main/fopen_wrappers.c
  3. +13 −14 main/main.c
  4. +4 −0 main/php_globals.h
  5. +0 −15 mod_php3.c
  6. +0 −2 mod_php3.h
View
7 main/configuration-parser.y
@@ -34,6 +34,7 @@
#define DEBUG_CFG_PARSER 1
#include "php.h"
+#include "php_globals.h"
#include "functions/dl.h"
#include "functions/file.h"
#include "functions/php3_browscap.h"
@@ -161,7 +162,7 @@ int php3_init_config(void)
#if USE_CONFIG_FILE
{
char *env_location,*default_location,*php_ini_path;
- int safe_mode_state = php3_ini.safe_mode;
+ int safe_mode_state = PG(safe_mode);
char *opened_path;
int free_default_location=0;
@@ -203,13 +204,13 @@ int php3_init_config(void)
/* if path was set via -c flag, only look there */
strcpy(php_ini_path,default_location);
}
- php3_ini.safe_mode = 0;
+ PG(safe_mode) = 0;
cfgin = php3_fopen_with_path("php3.ini","r",php_ini_path,&opened_path);
free(php_ini_path);
if (free_default_location) {
free(default_location);
}
- php3_ini.safe_mode = safe_mode_state;
+ PG(safe_mode) = safe_mode_state;
if (!cfgin) {
# if WIN32|WINNT
View
13 main/fopen_wrappers.c
@@ -34,6 +34,7 @@
#endif
#include "php.h"
+#include "php_globals.h"
#include <stdio.h>
#include <stdlib.h>
@@ -189,7 +190,7 @@ PHPAPI FILE *php3_fopen_wrapper(char *path, char *mode, int options, int *issock
return php3_fopen_with_path(path, mode, php3_ini.include_path, NULL);
} else {
if(!strcmp(mode,"r") || !strcmp(mode,"r+")) cm=0;
- if (options & ENFORCE_SAFE_MODE && php3_ini.safe_mode && (!_php3_checkuid(path, cm))) {
+ if (options & ENFORCE_SAFE_MODE && PG(safe_mode) && (!_php3_checkuid(path, cm))) {
return NULL;
}
if (_php3_check_open_basedir(path)) return NULL;
@@ -316,7 +317,7 @@ PHPAPI FILE *php3_fopen_with_path(char *filename, char *mode, char *path, char *
}
/* Relative path open */
if (*filename == '.') {
- if (php3_ini.safe_mode && (!_php3_checkuid(filename, cm))) {
+ if (PG(safe_mode) && (!_php3_checkuid(filename, cm))) {
return NULL;
}
if (_php3_check_open_basedir(filename)) return NULL;
@@ -332,7 +333,7 @@ PHPAPI FILE *php3_fopen_with_path(char *filename, char *mode, char *path, char *
#else
if (*filename == '/') {
#endif
- if (php3_ini.safe_mode) {
+ if (PG(safe_mode)) {
if(php3_ini.doc_root) {
snprintf(trypath, MAXPATHLEN, "%s%s", php3_ini.doc_root, filename);
} else {
@@ -353,7 +354,7 @@ PHPAPI FILE *php3_fopen_with_path(char *filename, char *mode, char *path, char *
}
}
if (!path || (path && !*path)) {
- if (php3_ini.safe_mode && (!_php3_checkuid(filename, cm))) {
+ if (PG(safe_mode) && (!_php3_checkuid(filename, cm))) {
return NULL;
}
if (_php3_check_open_basedir(filename)) return NULL;
@@ -378,7 +379,7 @@ PHPAPI FILE *php3_fopen_with_path(char *filename, char *mode, char *path, char *
end++;
}
snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename);
- if (php3_ini.safe_mode) {
+ if (PG(safe_mode)) {
if (stat(trypath, &sb) == 0 && (!_php3_checkuid(trypath, cm))) {
efree(pathbuf);
return NULL;
@@ -886,7 +887,7 @@ static FILE *php3_fopen_url_wrapper(const char *path, char *mode, int options, i
} else {
int cm=2;
if(!strcmp(mode,"r") || !strcmp(mode,"r+")) cm=0;
- if (options & ENFORCE_SAFE_MODE && php3_ini.safe_mode && (!_php3_checkuid(path, cm))) {
+ if (options & ENFORCE_SAFE_MODE && PG(safe_mode) && (!_php3_checkuid(path, cm))) {
fp = NULL;
} else {
if (_php3_check_open_basedir((char *) path)) {
View
27 main/main.c
@@ -129,6 +129,14 @@ PHP_INI_MH(OnSetPrecision)
}
+/* Need to convert to strings and make use of:
+ * DEFAULT_SHORT_OPEN_TAG
+ * PHP_SAFE_MODE
+ */
+#ifndef SAFE_MODE_EXEC_DIR
+# define SAFE_MODE_EXEC_DIR "/"
+#endif
+
PHP_INI_BEGIN()
PHP_INI_ENTRY("short_open_tag", "1", PHP_INI_ALL, OnUpdateInt, (void *) XtOffsetOf(php_core_globals, short_tags))
PHP_INI_ENTRY("asp_tags", "0", PHP_INI_ALL, OnUpdateInt, (void *) XtOffsetOf(php_core_globals, asp_tags))
@@ -144,6 +152,10 @@ PHP_INI_BEGIN()
PHP_INI_ENTRY("magic_quotes_gpc", "1", PHP_INI_ALL, OnUpdateInt, (void *) XtOffsetOf(php_core_globals, magic_quotes_gpc))
PHP_INI_ENTRY("magic_quotes_runtime", "0", PHP_INI_ALL, OnUpdateInt, (void *) XtOffsetOf(php_core_globals, magic_quotes_runtime))
PHP_INI_ENTRY("magic_quotes_sybase", "0", PHP_INI_ALL, OnUpdateInt, (void *) XtOffsetOf(php_core_globals, magic_quotes_sybase))
+
+ PHP_INI_ENTRY("safe_mode", "0", PHP_INI_SYSTEM, OnUpdateInt, (void *) XtOffsetOf(php_core_globals, safe_mode))
+ PHP_INI_ENTRY("sql.safe_mode", "0", PHP_INI_SYSTEM, OnUpdateInt, (void *) XtOffsetOf(php_core_globals, sql_safe_mode))
+ PHP_INI_ENTRY("safe_mode_exec_dir", SAFE_MODE_EXEC_DIR, PHP_INI_SYSTEM, OnUpdateString, (void *) XtOffsetOf(php_core_globals, safe_mode_exec_dir))
PHP_INI_END()
@@ -456,7 +468,7 @@ void php3_set_time_limit(INTERNAL_FUNCTION_PARAMETERS)
{
pval *new_timeout;
- if (php3_ini.safe_mode) {
+ if (PG(safe_mode)) {
php3_error(E_WARNING, "Cannot set time limit in safe mode");
RETURN_FALSE;
}
@@ -782,16 +794,6 @@ static int php3_config_ini_startup(ELS_D)
php3_ini.user_dir = NULL;
}
}
- if (cfg_get_long("safe_mode", &php3_ini.safe_mode) == FAILURE) {
- php3_ini.safe_mode = PHP_SAFE_MODE;
- }
- if (cfg_get_string("safe_mode_exec_dir", &php3_ini.safe_mode_exec_dir) == FAILURE) {
-#ifdef PHP_SAFE_MODE_EXEC_DIR
- php3_ini.safe_mode_exec_dir = PHP_SAFE_MODE_EXEC_DIR;
-#else
- php3_ini.safe_mode_exec_dir = "/";
-#endif
- }
if (cfg_get_long("track_vars", &php3_ini.track_vars) == FAILURE) {
php3_ini.track_vars = PHP_TRACK_VARS;
}
@@ -826,9 +828,6 @@ static int php3_config_ini_startup(ELS_D)
if (cfg_get_string("extension_dir", &php3_ini.extension_dir) == FAILURE) {
php3_ini.extension_dir = NULL;
}
- if (cfg_get_long("sql.safe_mode", &php3_ini.sql_safe_mode) == FAILURE) {
- php3_ini.sql_safe_mode = 0;
- }
if (cfg_get_long("engine", &php3_ini.engine) == FAILURE) {
php3_ini.engine = 1;
}
View
4 main/php_globals.h
@@ -28,6 +28,10 @@ struct _php_core_globals {
long asp_tags;
long short_tags;
+
+ long safe_mode;
+ long sql_safe_mode;
+ char *safe_mode_exec_dir;
};
View
15 mod_php3.c
@@ -308,9 +308,7 @@ static void *php3_merge_dir(pool *p, void *basev, void *addv)
if (add->log_errors != orig.log_errors) new->log_errors = add->log_errors;
if (add->doc_root != orig.doc_root) new->doc_root = add->doc_root;
if (add->user_dir != orig.user_dir) new->user_dir = add->user_dir;
- if (add->safe_mode != orig.safe_mode) new->safe_mode = add->safe_mode;
if (add->track_vars != orig.track_vars) new->track_vars = add->track_vars;
- if (add->safe_mode_exec_dir != orig.safe_mode_exec_dir) new->safe_mode_exec_dir = add->safe_mode_exec_dir;
if (add->cgi_ext != orig.cgi_ext) new->cgi_ext = add->cgi_ext;
if (add->isapi_ext != orig.isapi_ext) new->isapi_ext = add->isapi_ext;
if (add->nsapi_ext != orig.nsapi_ext) new->nsapi_ext = add->nsapi_ext;
@@ -322,7 +320,6 @@ static void *php3_merge_dir(pool *p, void *basev, void *addv)
if (add->extension_dir != orig.extension_dir) new->extension_dir = add->extension_dir;
if (add->error_log != orig.error_log) new->error_log = add->error_log;
/* skip the highlight stuff */
- if (add->sql_safe_mode != orig.sql_safe_mode) new->sql_safe_mode = add->sql_safe_mode;
if (add->xbithack != orig.xbithack) new->xbithack = add->xbithack;
if (add->engine != orig.engine) new->engine = add->engine;
if (add->last_modified != orig.last_modified) new->last_modified = add->last_modified;
@@ -353,15 +350,9 @@ char *php3flaghandler(cmd_parms * cmd, php3_ini_structure * conf, int val)
case 0:
conf->track_errors = val;
break;
- case 4:
- conf->safe_mode = val;
- break;
case 5:
conf->track_vars = val;
break;
- case 6:
- conf->sql_safe_mode = val;
- break;
case 7:
conf->engine = val;
break;
@@ -433,9 +424,6 @@ char *php3take1handler(cmd_parms * cmd, php3_ini_structure * conf, char *arg)
case 2:
conf->user_dir = pstrdup(cmd->pool, arg);
break;
- case 3:
- conf->safe_mode_exec_dir = pstrdup(cmd->pool, arg);
- break;
case 4:
conf->include_path = pstrdup(cmd->pool, arg);
break;
@@ -581,7 +569,6 @@ command_rec php3_commands[] =
{"php3_error_reporting", php3take1handler, (void *)0, OR_OPTIONS, TAKE1, "error reporting level"},
{"php3_doc_root", php3take1handler, (void *)1, ACCESS_CONF|RSRC_CONF, TAKE1, "directory"}, /* not used yet */
{"php3_user_dir", php3take1handler, (void *)2, ACCESS_CONF|RSRC_CONF, TAKE1, "user directory"}, /* not used yet */
- {"php3_safe_mode_exec_dir", php3take1handler, (void *)3, ACCESS_CONF|RSRC_CONF, TAKE1, "safe mode executable dir"},
{"php3_include_path", php3take1handler, (void *)4, OR_OPTIONS, TAKE1, "colon-separated path"},
{"php3_auto_prepend_file", php3take1handler, (void *)5, OR_OPTIONS, TAKE1, "file name"},
{"php3_auto_append_file", php3take1handler, (void *)6, OR_OPTIONS, TAKE1, "file name"},
@@ -603,9 +590,7 @@ command_rec php3_commands[] =
"Lets PHP handle DAV requests by parsing this script."},
#endif
{"php3_track_errors", php3flaghandler, (void *)0, OR_OPTIONS, FLAG, "on|off"},
- {"php3_safe_mode", php3flaghandler, (void *)4, ACCESS_CONF|RSRC_CONF, FLAG, "on|off"},
{"php3_track_vars", php3flaghandler, (void *)5, OR_OPTIONS, FLAG, "on|off"},
- {"php3_sql_safe_mode", php3flaghandler, (void *)6, ACCESS_CONF|RSRC_CONF, FLAG, "on|off"},
{"php3_engine", php3flaghandler, (void *)7, RSRC_CONF|ACCESS_CONF, FLAG, "on|off"},
{"php3_xbithack", php3flaghandler, (void *)8, OR_OPTIONS, FLAG, "on|off"},
{"php3_last_modified", php3flaghandler, (void *)9, OR_OPTIONS, FLAG, "on|off"},
View
2 mod_php3.h
@@ -48,9 +48,7 @@ typedef struct {
long warn_plus_overloading;
char *doc_root;
char *user_dir;
- long safe_mode;
long track_vars;
- char *safe_mode_exec_dir;
char *cgi_ext;
char *isapi_ext;
char *nsapi_ext;

0 comments on commit 79f9f0c

Please sign in to comment.