- Prevent registration of the variable when a zero-length is returned

  from the sapi_input_filter.

diff --git a/main/php_variables.c b/main/php_variables.c
index 78b1863fd990c32c7057b1b3db7e6a74af37aa08..ae59eced6ca4df50a0201d388757426bf870acc8 100644 (file)
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -213,7 +213,9 @@ SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
                        php_url_decode(var, strlen(var));
                        val_len = php_url_decode(val, strlen(val));
                        val_len = sapi_module.input_filter(PARSE_POST, var, &val, val_len TSRMLS_CC);
-                       php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+                       if (val_len) {
+                               php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+                       }
                }
                var = php_strtok_r(NULL, "&", &strtok_buf);
        }
@@ -308,7 +310,9 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
                        php_url_decode(var, strlen(var));
                        val_len = php_url_decode(val, strlen(val));
                        val_len = sapi_module.input_filter(arg, var, &val, val_len TSRMLS_CC);
-                       php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+                       if (val_len) {
+                               php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+                       }
                } else {
                        php_url_decode(var, strlen(var));
                        php_register_variable_safe(var, "", 0, array_ptr TSRMLS_CC);

diff --git a/main/rfc1867.c b/main/rfc1867.c
index 1eaa0096ed5c5eec2c4e54a7529db9ad46faef2e..fc83952764041d8678115a904ce629ee02d97127 100644 (file)
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -881,22 +881,25 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
                        if (!filename && param) {
 
                                char *value = multipart_buffer_read_body(mbuff TSRMLS_CC);
+                               int   val_len;
 
                                if (!value) {
                                        value = estrdup("");
                                }
 
-                               sapi_module.input_filter(PARSE_POST, param, &value, strlen(value) TSRMLS_CC);
+                               val_len = sapi_module.input_filter(PARSE_POST, param, &value, strlen(value) TSRMLS_CC);
+                               if (val_len) {
 #if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
-                               if (php_mb_encoding_translation(TSRMLS_C)) {
-                                       php_mb_gpc_stack_variable(param, value, &val_list, &len_list, 
-                                                                                         &num_vars, &num_vars_max TSRMLS_CC);
-                               } else {
-                                       safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
-                               }
+                                       if (php_mb_encoding_translation(TSRMLS_C)) {
+                                               php_mb_gpc_stack_variable(param, value, &val_list, &len_list, 
+                                                                                                 &num_vars, &num_vars_max TSRMLS_CC);
+                                       } else {
+                                               safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
+                                       }
 #else
-                               safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
+                                       safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
 #endif
+                               }
                                if (!strcasecmp(param, "MAX_FILE_SIZE")) {
                                        max_file_size = atol(value);
                                }