Permalink
Browse files

Removed register_globals

  • Loading branch information...
1 parent bae9248 commit febee112850af0e56a57e2b38c9043c07dc99465 @KalleZ KalleZ committed Apr 21, 2010
Showing with 122 additions and 447 deletions.
  1. +1 −9 INSTALL
  2. +2 −0 NEWS
  3. +5 −17 README.input_filter
  4. +5 −12 Zend/tests/unset_cv06.phpt
  5. +2 −7 ext/filter/filter.c
  6. +0 −14 ext/mbstring/mb_gpc.c
  7. +0 −1 ext/mbstring/mb_gpc.h
  8. +0 −1 ext/mbstring/mbstring.c
  9. +0 −1 ext/mbstring/tests/mb_parse_str.phpt
  10. +0 −1 ext/mbstring/tests/mb_parse_str02.phpt
  11. +7 −93 ext/session/session.c
  12. +5 −9 ext/session/tests/001.phpt
  13. +4 −6 ext/session/tests/003.phpt
  14. +7 −9 ext/session/tests/004.phpt
  15. +21 −20 ext/session/tests/005.phpt
  16. +3 −15 ext/session/tests/006.phpt
  17. +1 −2 ext/session/tests/007.phpt
  18. +0 −71 ext/session/tests/008-php4.2.3.phpt
  19. +1 −2 ext/session/tests/009.phpt
  20. +0 −1 ext/session/tests/010.phpt
  21. +0 −1 ext/session/tests/011.phpt
  22. +2 −6 ext/session/tests/012.phpt
  23. +0 −2 ext/session/tests/013.phpt
  24. +6 −8 ext/session/tests/014.phpt
  25. +6 −8 ext/session/tests/019.phpt
  26. +0 −1 ext/session/tests/bug24592.phpt
  27. +0 −1 ext/session/tests/bug26862.phpt
  28. +0 −1 ext/soap/TODO.old
  29. +3 −3 ext/standard/tests/general_functions/get_cfg_var_variation8.phpt
  30. +0 −2 ext/standard/tests/general_functions/import_request.phpt
  31. +3 −4 main/main.c
  32. +0 −1 main/php_globals.h
  33. +8 −32 main/php_variables.c
  34. +0 −8 main/rfc1867.c
  35. +10 −20 php.ini-development
  36. +10 −20 php.ini-production
  37. +0 −3 sapi/apache/mod_php5.c
  38. +0 −3 sapi/apache_hooks/mod_php5.c
  39. +3 −7 sapi/apache_hooks/sapi_apache.c
  40. +2 −2 sapi/cli/README
  41. +2 −5 tests/basic/011.phpt
  42. +2 −5 tests/basic/012.phpt
  43. +0 −3 tests/basic/bug46313-win.phpt
  44. +0 −1 tests/basic/bug46313.phpt
  45. +1 −9 win32/install.txt
View
10 INSTALL
@@ -716,14 +716,6 @@ CGI environment and recommended modifications in php.ini
the web server not from the administration server. Use the command
line as root user and start it manually - you will see there are no
CGI-like environment variables.
-
- Simply change your scripts to get CGI variables in the correct way for
- PHP 4.x by using the superglobal $_SERVER. If you have older scripts
- which use $HTTP_HOST, etc., you should turn on register_globals in
- php.ini and change the variable order too (important: remove "E" from
- it, because you do not need the environment here):
-variables_order = "GPCS"
-register_globals = On
__________________________________________________________________
Special use for error pages or self-made directory listings (PHP >= 4.3.3)
@@ -1532,7 +1524,7 @@ The configuration file
; Boolean values can be set to either:
; true, on, yes
; or false, off, no, none
-register_globals = off
+html_errors = off
track_errors = yes
; you can enclose strings in double-quotes
View
2 NEWS
@@ -12,6 +12,7 @@
time are allocated in a single copy and never changed. (Dmitry)
- Added an optimization which saves memory and emalloc/efree calls for empty
HashTables (Stas, Dmitry)
+
- Added Tokyo Cabinet abstract DB support to ext/dba. (Michael Maclean)
- Added Jenkins's one-at-a-time hash support to ext/hash. (Martin Jansen)
- Added FNV-1 hash support to ext/hash. (Michael Maclean)
@@ -30,6 +31,7 @@
- Removed legacy features: (Kalle)
. define_syslog_variables ini option and its associated function.
+ . register_globals.
. register_long_arrays ini option.
. y2k_compliance ini option.
View
@@ -19,9 +19,7 @@ A simple implementation might look like the following. This stores the
original raw user data and adds a my_get_raw() function while the normal
$_POST, $_GET and $_COOKIE arrays are only populated with stripped
data. In this simple example all I am doing is calling strip_tags() on
-the data. If register_globals is turned on, the default globals that
-are created will be stripped ($foo) while a $RAW_foo is created with the
-original user input.
+the data.
ZEND_BEGIN_MODULE_GLOBALS(my_input_filter)
zval *post_array;
@@ -155,8 +153,6 @@ PHP_FUNCTION(my_get_raw)
int var_len;
zval **tmp;
zval *array_ptr = NULL;
- HashTable *hash_ptr;
- char *raw_var;
if(zend_parse_parameters(2 TSRMLS_CC, "ls", &arg, &var, &var_len) == FAILURE) {
return;
@@ -174,23 +170,15 @@ PHP_FUNCTION(my_get_raw)
break;
}
- if(!array_ptr) RETURN_FALSE;
-
- /*
- * I'm changing the variable name here because when running with register_globals on,
- * the variable will end up in the global symbol table
- */
- raw_var = emalloc(var_len+5); /* RAW_ and a \0 */
- strcpy(raw_var, "RAW_");
- strlcat(raw_var,var,var_len+5);
- hash_ptr = HASH_OF(array_ptr);
+ if(!array_ptr) {
+ RETURN_FALSE;
+ }
- if(zend_hash_find(hash_ptr, raw_var, var_len+5, (void **)&tmp) == SUCCESS) {
+ if(zend_hash_find(HASH_OF(array_ptr), var, var_len+5, (void **)&tmp) == SUCCESS) {
*return_value = **tmp;
zval_copy_ctor(return_value);
} else {
RETVAL_FALSE;
}
- efree(raw_var);
}
View
@@ -3,27 +3,20 @@ unset() CV 6 (indirect unset() of global variable in session_unset())
--SKIPIF--
<?php include(dirname(__FILE__).'/../../ext/session/tests/skipif.inc'); ?>
--INI--
-register_globals=1
session.auto_start=0
session.save_handler=files
--FILE--
<?php
-$x = "1\n";
session_start();
-echo $x;
-session_register('x');
-$_SESSION['x'] = "2\n";
-echo $x;
+$_SESSION['x'] = "1\n";
+echo $_SESSION['x'];
+
session_unset();
-echo $x;
+echo $_SESSION['x'];
echo "ok\n";
?>
--EXPECTF--
-Warning: Directive 'register_globals' is deprecated in PHP %d.%d and greater in Unknown on line 0
1
-Deprecated: Function session_register() is deprecated in %s on line %d
-2
-
-Notice: Undefined variable: x in %sunset_cv06.php on line %d
+Notice: Undefined index: x in %sunset_cv06.php on line %d
ok
View
@@ -450,8 +450,6 @@ static unsigned int php_sapi_filter(int arg, char *var, char **val, unsigned int
orig_var = estrdup(var);
/* Store the RAW variable internally */
- /* FIXME: Should not use php_register_variable_ex as that also registers
- * globals when register_globals is turned on */
Z_STRLEN(raw_var) = val_len;
Z_STRVAL(raw_var) = estrndup(*val, val_len);
Z_TYPE(raw_var) = IS_STRING;
@@ -461,8 +459,6 @@ static unsigned int php_sapi_filter(int arg, char *var, char **val, unsigned int
if (val_len) {
/* Register mangled variable */
- /* FIXME: Should not use php_register_variable_ex as that also registers
- * globals when register_globals is turned on */
Z_STRLEN(new_var) = val_len;
Z_TYPE(new_var) = IS_STRING;
@@ -537,7 +533,6 @@ static zval *php_filter_get_storage(long arg TSRMLS_DC)/* {{{ */
{
zval *array_ptr = NULL;
- zend_bool jit_initialization = (PG(auto_globals_jit) && !PG(register_globals));
switch (arg) {
case PARSE_GET:
@@ -550,13 +545,13 @@ static zval *php_filter_get_storage(long arg TSRMLS_DC)/* {{{ */
array_ptr = IF_G(cookie_array);
break;
case PARSE_SERVER:
- if (jit_initialization) {
+ if (PG(auto_globals_jit)) {
zend_is_auto_global("_SERVER", sizeof("_SERVER")-1 TSRMLS_CC);
}
array_ptr = IF_G(server_array);
break;
case PARSE_ENV:
- if (jit_initialization) {
+ if (PG(auto_globals_jit)) {
zend_is_auto_global("_ENV", sizeof("_ENV")-1 TSRMLS_CC);
}
array_ptr = IF_G(env_array);
View
@@ -151,7 +151,6 @@ MBSTRING_API SAPI_TREAT_DATA_FUNC(mbstr_treat_data)
info.data_type = arg;
info.separator = separator;
- info.force_register_globals = 0;
info.report_errors = 0;
info.to_encoding = MBSTRG(internal_encoding);
info.to_language = MBSTRG(language);
@@ -210,13 +209,6 @@ enum mbfl_no_encoding _php_mb_encoding_handler_ex(const php_mb_encoding_handler_
mbfl_string_init_set(&resvar, info->to_language, info->to_encoding);
mbfl_string_init_set(&resval, info->to_language, info->to_encoding);
- /* register_globals stuff
- * XXX: this feature is going to be deprecated? */
-
- if (info->force_register_globals && !(prev_rg_state = PG(register_globals))) {
- zend_alter_ini_entry("register_globals", sizeof("register_globals"), "1", sizeof("1")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME);
- }
-
if (!res || *res == '\0') {
goto out;
}
@@ -346,11 +338,6 @@ enum mbfl_no_encoding _php_mb_encoding_handler_ex(const php_mb_encoding_handler_
}
out:
- /* register_global stuff */
- if (info->force_register_globals && !prev_rg_state) {
- zend_alter_ini_entry("register_globals", sizeof("register_globals"), "0", sizeof("0")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME);
- }
-
if (convd != NULL) {
MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd);
mbfl_buffer_converter_delete(convd);
@@ -376,7 +363,6 @@ SAPI_POST_HANDLER_FUNC(php_mb_post_handler)
info.data_type = PARSE_POST;
info.separator = "&";
- info.force_register_globals = 0;
info.report_errors = 0;
info.to_encoding = MBSTRG(internal_encoding);
info.to_language = MBSTRG(language);
View
@@ -32,7 +32,6 @@
typedef struct _php_mb_encoding_handler_info_t {
int data_type;
const char *separator;
- unsigned int force_register_globals: 1;
unsigned int report_errors: 1;
enum mbfl_no_language to_language;
enum mbfl_no_encoding to_encoding;
View
@@ -1896,7 +1896,6 @@ PHP_FUNCTION(mb_parse_str)
info.data_type = PARSE_STRING;
info.separator = PG(arg_separator).input;
- info.force_register_globals = (track_vars_array == NULL);
info.report_errors = 1;
info.to_encoding = MBSTRG(current_internal_encoding);
info.to_language = MBSTRG(language);
@@ -4,7 +4,6 @@ mb_parse_str()
<?php extension_loaded('mbstring') or die('skip mbstring not available'); ?>
--INI--
arg_separator.input=&
-register_globals=0
--FILE--
<?php
$queries = array(
@@ -4,7 +4,6 @@ mb_parse_str() test 2
<?php extension_loaded('mbstring') or die('skip mbstring not available'); ?>
--INI--
arg_separator.input=&#
-register_globals=0
--FILE--
<?php
$queries = array(
View
@@ -131,76 +131,18 @@ PHPAPI void php_add_session_var(char *name, size_t namelen TSRMLS_DC) /* {{{ */
return;
}
- /* Set up a proper reference between $_SESSION["x"] and $x. */
+ if (sym_track == NULL) {
+ zval *empty_var;
- if (PG(register_globals)) {
- zval **sym_global = NULL;
-
- if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void *) &sym_global) == SUCCESS) {
- if ((Z_TYPE_PP(sym_global) == IS_ARRAY && Z_ARRVAL_PP(sym_global) == &EG(symbol_table)) || *sym_global == PS(http_session_vars)) {
- return;
- }
- }
-
- if (sym_global == NULL && sym_track == NULL) {
- zval *empty_var;
-
- ALLOC_INIT_ZVAL(empty_var); /* this sets refcount to 1 */
- Z_SET_REFCOUNT_P(empty_var, 0); /* our module does not maintain a ref */
- /* The next call will increase refcount by NR_OF_SYM_TABLES==2 */
- zend_set_hash_symbol(empty_var, name, namelen, 1, 2, Z_ARRVAL_P(PS(http_session_vars)), &EG(symbol_table));
- } else if (sym_global == NULL) {
- SEPARATE_ZVAL_IF_NOT_REF(sym_track);
- zend_set_hash_symbol(*sym_track, name, namelen, 1, 1, &EG(symbol_table));
- } else if (sym_track == NULL) {
- SEPARATE_ZVAL_IF_NOT_REF(sym_global);
- zend_set_hash_symbol(*sym_global, name, namelen, 1, 1, Z_ARRVAL_P(PS(http_session_vars)));
- }
- } else {
- if (sym_track == NULL) {
- zval *empty_var;
-
- ALLOC_INIT_ZVAL(empty_var);
- ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, empty_var, 1, 0);
- }
+ ALLOC_INIT_ZVAL(empty_var);
+ ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, empty_var, 1, 0);
}
}
/* }}} */
PHPAPI void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC) /* {{{ */
{
- if (PG(register_globals)) {
- zval **old_symbol;
- if (zend_hash_find(&EG(symbol_table),name,namelen+1,(void *)&old_symbol) == SUCCESS) {
- if ((Z_TYPE_PP(old_symbol) == IS_ARRAY && Z_ARRVAL_PP(old_symbol) == &EG(symbol_table)) || *old_symbol == PS(http_session_vars)) {
- return;
- }
-
- /* A global symbol with the same name exists already. That
- * symbol might have been created by other means (e.g. $_GET).
- *
- * hash_update in zend_set_hash_symbol is not good, because
- * it will leave referenced variables (such as local instances
- * of a global variable) dangling.
- *
- * BTW: if you use register_globals references between
- * session-vars won't work because of this very reason! */
-
- REPLACE_ZVAL_VALUE(old_symbol,state_val,1);
-
- /* The following line will update the reference table used for
- * unserialization. It is optional, because some storage
- * formats may not be able to represent references. */
-
- if (var_hash) {
- PHP_VAR_UNSERIALIZE_ZVAL_CHANGED(var_hash,state_val,*old_symbol);
- }
-
- zend_set_hash_symbol(*old_symbol, name, namelen, 1, 1, Z_ARRVAL_P(PS(http_session_vars)));
- } else {
- zend_set_hash_symbol(state_val, name, namelen, 1, 2, Z_ARRVAL_P(PS(http_session_vars)), &EG(symbol_table));
- }
- } else IF_SESSION_VARS() {
+ IF_SESSION_VARS() {
zend_set_hash_symbol(state_val, name, namelen, PZVAL_IS_REF(state_val), 1, Z_ARRVAL_P(PS(http_session_vars)));
}
}
@@ -212,20 +154,6 @@ PHPAPI int php_get_session_var(char *name, size_t namelen, zval ***state_var TSR
IF_SESSION_VARS() {
ret = zend_hash_find(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1, (void **) state_var);
-
- /* If register_globals is enabled, and
- * if there is an entry for the slot in $_SESSION, and
- * if that entry is still set to NULL, and
- * if the global var exists, then
- * we prefer the same key in the global sym table. */
-
- if (PG(register_globals) && ret == SUCCESS && Z_TYPE_PP(*state_var) == IS_NULL) {
- zval **tmp;
-
- if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) {
- *state_var = tmp;
- }
- }
}
return ret;
}
@@ -546,7 +474,7 @@ static void php_session_save_current_state(TSRMLS_D) /* {{{ */
int ret = FAILURE;
IF_SESSION_VARS() {
- if (PS(bug_compat) && !PG(register_globals)) {
+ if (PS(bug_compat)) {
HashTable *ht = Z_ARRVAL_P(PS(http_session_vars));
HashPosition pos;
zval **val;
@@ -564,7 +492,7 @@ static void php_session_save_current_state(TSRMLS_D) /* {{{ */
}
if (do_warn && PS(bug_compat_warn)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively");
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively");
}
}
@@ -1895,20 +1823,6 @@ static PHP_FUNCTION(session_unset)
SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars));
ht = Z_ARRVAL_P(PS(http_session_vars));
- if (PG(register_globals)) {
- uint str_len;
- char *str;
- ulong num_key;
- HashPosition pos;
-
- zend_hash_internal_pointer_reset_ex(ht, &pos);
-
- while (zend_hash_get_current_key_ex(ht, &str, &str_len, &num_key, 0, &pos) == HASH_KEY_IS_STRING) {
- zend_delete_global_variable(str, str_len - 1 TSRMLS_CC);
- zend_hash_move_forward_ex(ht, &pos);
- }
- }
-
/* Clean $_SESSION. */
zend_hash_clean(ht);
}
Oops, something went wrong.

0 comments on commit febee11

Please sign in to comment.