PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2006, PHP 5.2.0
+- Added support for getenv() input filtering. (Rasmus)
- Removed ze1 compatibility mode. (Marcus)
- Added support for constructors in interfaces to force constructor signature
checks in implementations. (Marcus)
#include "php.h"
#include "SAPI.h"
+#include "php_variables.h"
#include "php_ini.h"
#include "ext/standard/php_string.h"
#include "ext/standard/pageinfo.h"
SAPI_API char *sapi_getenv(char *name, size_t name_len TSRMLS_DC)
{
- if (sapi_module.getenv) {
- return sapi_module.getenv(name, name_len TSRMLS_CC);
+ if (sapi_module.getenv) {
+ char *value, *tmp = sapi_module.getenv(name, name_len TSRMLS_CC);
+ if(tmp) value = estrdup(tmp);
+ else return NULL;
+ sapi_module.input_filter(PARSE_ENV, name, &value, strlen(value), NULL TSRMLS_CC);
+ return value;
} else {
- return NULL;
- }
+ return NULL;
+ }
}
SAPI_API int sapi_get_fd(int *fd TSRMLS_DC)
for (i = 0; i < arr->nelts; i++) {
char *val;
+ int val_len, new_val_len;
if (elts[i].val) {
val = elts[i].val;
} else {
val = "";
}
- php_register_variable(elts[i].key, val, track_vars_array TSRMLS_CC);
+ val_len = strlen(val);
+ if (sapi_module.input_filter(PARSE_SERVER, elts[i].key, &val, val_len, &new_val_len TSRMLS_CC)) {
+ php_register_variable_safe(elts[i].key, val, new_val_len, track_vars_array TSRMLS_CC);
+ }
}
/* If PATH_TRANSLATED doesn't exist, copy it from SCRIPT_FILENAME */
projects / php / commitdiff