From: Ilia Alshanetsky <iliaa@php.net>
Date: Mon, 7 Dec 2009 13:43:44 +0000 (+0000)
Subject: Added FILTER_FLAG_STRIP_BACKTICK option to the filter extension.
X-Git-Tag: php-5.3.2RC1~104
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2be6de0a500682b68735c3e2e1a12f9e89df7855;p=php

Added FILTER_FLAG_STRIP_BACKTICK option to the filter extension.
---

diff --git a/NEWS b/NEWS
index aa774367a2..095e449d98 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,7 @@ PHP                                                                        NEWS
 - Changed "post_max_size" php.ini directive to allow unlimited post size by
   setting it to 0. (Rasmus)
 
+- Added FILTER_FLAG_STRIP_BACKTICK option to the filter extension. (Ilia)
 - Added protection for $_SESSION from interrupt corruption and improved
   "session.save_path" check. (Stas)
 - Added LIBXML_PARSEHUGE constant to override the maximum text size of a
diff --git a/ext/filter/filter.c b/ext/filter/filter.c
index 824d558405..64cafe5410 100644
--- a/ext/filter/filter.c
+++ b/ext/filter/filter.c
@@ -251,6 +251,7 @@ PHP_MINIT_FUNCTION(filter)
 
 	REGISTER_LONG_CONSTANT("FILTER_FLAG_STRIP_LOW", FILTER_FLAG_STRIP_LOW, CONST_CS | CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("FILTER_FLAG_STRIP_HIGH", FILTER_FLAG_STRIP_HIGH, CONST_CS | CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("FILTER_FLAG_STRIP_BACKTICK", FILTER_FLAG_STRIP_BACKTICK, CONST_CS | CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("FILTER_FLAG_ENCODE_LOW", FILTER_FLAG_ENCODE_LOW, CONST_CS | CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("FILTER_FLAG_ENCODE_HIGH", FILTER_FLAG_ENCODE_HIGH, CONST_CS | CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("FILTER_FLAG_ENCODE_AMP", FILTER_FLAG_ENCODE_AMP, CONST_CS | CONST_PERSISTENT);
diff --git a/ext/filter/filter_private.h b/ext/filter/filter_private.h
index b3db3cd724..9bb234f490 100644
--- a/ext/filter/filter_private.h
+++ b/ext/filter/filter_private.h
@@ -39,6 +39,7 @@
 #define FILTER_FLAG_ENCODE_AMP              0x0040
 #define FILTER_FLAG_NO_ENCODE_QUOTES        0x0080
 #define FILTER_FLAG_EMPTY_STRING_NULL       0x0100
+#define FILTER_FLAG_STRIP_BACKTICK          0x0200
 
 #define FILTER_FLAG_ALLOW_FRACTION          0x1000
 #define FILTER_FLAG_ALLOW_THOUSAND          0x2000
diff --git a/ext/filter/sanitizing_filters.c b/ext/filter/sanitizing_filters.c
index cdfe08c29b..8ebcd08603 100644
--- a/ext/filter/sanitizing_filters.c
+++ b/ext/filter/sanitizing_filters.c
@@ -123,6 +123,7 @@ static void php_filter_strip(zval *value, long flags)
 	for (i = 0; i < Z_STRLEN_P(value); i++) {
 		if ((str[i] > 127) && (flags & FILTER_FLAG_STRIP_HIGH)) {
 		} else if ((str[i] < 32) && (flags & FILTER_FLAG_STRIP_LOW)) {
+		} else if ((str[i] == '`') && (flags & FILTER_FLAG_STRIP_BACKTICK)) {
 		} else {
 			buf[c] = str[i];
 			++c;