MFH:

author Ilia Alshanetsky <iliaa@php.net>

Fri, 3 Nov 2006 13:51:48 +0000 (13:51 +0000)

committer Ilia Alshanetsky <iliaa@php.net>

Fri, 3 Nov 2006 13:51:48 +0000 (13:51 +0000)
author Ilia Alshanetsky <iliaa@php.net>
Fri, 3 Nov 2006 13:51:48 +0000 (13:51 +0000)
committer Ilia Alshanetsky <iliaa@php.net>
Fri, 3 Nov 2006 13:51:48 +0000 (13:51 +0000)
diff --git a/sapi/apache/mod_php5.c b/sapi/apache/mod_php5.c

index 719a19323235ff40db1b4e7cf50cbf3299def4e0..101c449240920e302855fdeddd955fa195ee8788 100644 (file)
--- a/sapi/apache/mod_php5.c
+++ b/sapi/apache/mod_php5.c
@@ -246,10 +246,11 @@ static void sapi_apache_register_server_variables(zval *track_vars_array TSRMLS_
         table_entry *elts = (table_entry *) arr->elts;
         zval **path_translated;
         HashTable *symbol_table;
+       int new_val_len;
  
         for (i = 0; i < arr->nelts; i++) {
                 char *val;
-               int val_len, new_val_len;
+               int val_len;
  
                 if (elts[i].val) {
                         val = elts[i].val;
@@ -277,7 +278,9 @@ static void sapi_apache_register_server_variables(zval *track_vars_array TSRMLS_
                 php_register_variable("PATH_TRANSLATED", Z_STRVAL_PP(path_translated), track_vars_array TSRMLS_CC);
         }
  
-       php_register_variable("PHP_SELF", ((request_rec *) SG(server_context))->uri, track_vars_array TSRMLS_CC);
+       if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &((request_rec *) SG(server_context))->uri, strlen(((request_rec *) SG(server_context))->uri), &new_val_len TSRMLS_CC)) {
+               php_register_variable("PHP_SELF", ((request_rec *) SG(server_context))->uri, track_vars_array TSRMLS_CC);
+       }
  }
  /* }}} */
  
diff --git a/sapi/apache2filter/sapi_apache2.c b/sapi/apache2filter/sapi_apache2.c

index 453a8e51b9db062610f8ec7d98cd00e4dc8f4913..e28adf762d95d0c2004f1e0cad02ef43b91ad975 100644 (file)
--- a/sapi/apache2filter/sapi_apache2.c
+++ b/sapi/apache2filter/sapi_apache2.c
@@ -212,11 +212,18 @@ php_apache_sapi_register_variables(zval *track_vars_array TSRMLS_DC)
         char *key, *val;
         
         APR_ARRAY_FOREACH_OPEN(arr, key, val)
-               if (!val) val = "";
-               php_register_variable(key, val, track_vars_array TSRMLS_CC);
+               if (!val) {
+                       val = "";
+               }
+               if (sapi_module.input_filter(PARSE_SERVER, key, &val, strlen(val), &new_val_len TSRMLS_CC)) {
+                       php_register_variable_safe(key, val, new_val_len, track_vars_array TSRMLS_CC);
+               }
         APR_ARRAY_FOREACH_CLOSE()
                 
         php_register_variable("PHP_SELF", ctx->r->uri, track_vars_array TSRMLS_CC);
+       if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &ctx->r->uri, strlen(ctx->r->uri), &new_val_len TSRMLS_CC)) {
+               php_register_variable_safe("PHP_SELF", ctx->r->uri, new_val_len, track_vars_array TSRMLS_CC);
+       }
  }
  
  static void
diff --git a/sapi/apache2handler/sapi_apache2.c b/sapi/apache2handler/sapi_apache2.c

index f3612bf137a8efa3c8856f55ae76df48c7360134..e7789cf863ef61af31173d5944443ac998a6536a 100644 (file)
--- a/sapi/apache2handler/sapi_apache2.c
+++ b/sapi/apache2handler/sapi_apache2.c
@@ -232,13 +232,20 @@ php_apache_sapi_register_variables(zval *track_vars_array TSRMLS_DC)
         php_struct *ctx = SG(server_context);
         const apr_array_header_t *arr = apr_table_elts(ctx->r->subprocess_env);
         char *key, *val;
+       int new_val_len;
  
         APR_ARRAY_FOREACH_OPEN(arr, key, val)
-               if (!val) val = "";
-               php_register_variable(key, val, track_vars_array TSRMLS_CC);
+               if (!val) {
+                       val = "";
+               }
+               if (sapi_module.input_filter(PARSE_SERVER, key, &val, strlen(val), &new_val_len TSRMLS_CC)) {
+                       php_register_variable_safe(key, val, new_val_len, track_vars_array TSRMLS_CC);
+               }
         APR_ARRAY_FOREACH_CLOSE()
  
-       php_register_variable("PHP_SELF", ctx->r->uri, track_vars_array TSRMLS_CC);
+       if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &ctx->r->uri, strlen(ctx->r->uri), &new_val_len TSRMLS_CC)) {
+               php_register_variable_safe("PHP_SELF", ctx->r->uri, new_val_len, track_vars_array TSRMLS_CC);
+       }
  }
  
  static void
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c

index 45b6262fe9c60babe3f759ac062736a580dae8c8..54216568e1429911504712ef7f640813745efedb 100644 (file)
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -490,7 +490,10 @@ void cgi_php_import_environment_variables(zval *array_ptr TSRMLS_DC)
                      zend_hash_get_current_key_ex(&request->env, &var, &var_len, &idx, 0, &pos) == HASH_KEY_IS_STRING &&
                      zend_hash_get_current_data_ex(&request->env, (void **) &val, &pos) == SUCCESS;
                      zend_hash_move_forward_ex(&request->env, &pos)) {
-                       php_register_variable(var, *val, array_ptr TSRMLS_CC);
+                       int new_val_len;
+                       if (sapi_module.input_filter(PARSE_SERVER, var.s, val, strlen(*val), &new_val_len TSRMLS_CC)) {
+                               php_register_variable_safe(var.s, *val, new_val_len, array_ptr TSRMLS_CC);
+                       }
                 }
                 PG(magic_quotes_gpc) = magic_quotes_gpc;
         }
@@ -499,12 +502,16 @@ void cgi_php_import_environment_variables(zval *array_ptr TSRMLS_DC)
  
  static void sapi_cgi_register_variables(zval *track_vars_array TSRMLS_DC)
  {
+       int new_val_len;
+       char *val = SG(request_info).request_uri ? SG(request_info).request_uri : "";
         /* In CGI mode, we consider the environment to be a part of the server
          * variables
          */
         php_import_environment_variables(track_vars_array TSRMLS_CC);
         /* Build the special-case PHP_SELF variable for the CGI version */
-       php_register_variable("PHP_SELF", (SG(request_info).request_uri ? SG(request_info).request_uri : ""), track_vars_array TSRMLS_CC);
+       if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &val, strlen(val), &new_val_len TSRMLS_CC)) {
+               php_register_variable_safe("PHP_SELF", val, new_val_len, track_vars_array TSRMLS_CC);
+       }
  }
  
  static void sapi_cgi_log_message(char *message)
author	Ilia Alshanetsky <iliaa@php.net>
	Fri, 3 Nov 2006 13:51:48 +0000 (13:51 +0000)
committer	Ilia Alshanetsky <iliaa@php.net>
	Fri, 3 Nov 2006 13:51:48 +0000 (13:51 +0000)
sapi/apache/mod_php5.c		patch \| blob \| history
sapi/apache2filter/sapi_apache2.c		patch \| blob \| history
sapi/apache2handler/sapi_apache2.c		patch \| blob \| history
sapi/cgi/cgi_main.c		patch \| blob \| history