From: Pierre Joye Date: Wed, 8 Mar 2006 00:43:32 +0000 (+0000) Subject: - remove magic_quotes_gpc, magic_quotes_runtime, magic_quotes_sybase X-Git-Tag: RELEASE_1_3~496 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=bb1ec86f9da24fe6b49bae68353d53ba96b7228f;p=php - remove magic_quotes_gpc, magic_quotes_runtime, magic_quotes_sybase (calling ini_set('magic_....') returns 0|false - get_magic_quotes_gpc, get_magic_quotes_runtime are kept but always return false - set_magic_quotes_runtime raises an E_CORE_ERROR --- diff --git a/NEWS b/NEWS index ea8dc5104e..6025c9d5f4 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,10 @@ PHP NEWS - Droped register_globals support (Pierre) - session_register, session_unregister and session_is_registered removed they depend on register_globals +- Droped magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase ini + settings (Pierre) + - get_magic_quotes_gpc, get_magic_quotes_runtime are kept but always return + false, set_magic_quotes_runtime raises an E_CORE_ERROR - Freetype 1.x and GD 1.x support removed (Pierre) - Cleaned CGI code. Now FastCGI can not be disabled. See sapi/cgi/CHANGES for more details. (Dmitry) diff --git a/ext/bz2/bz2.c b/ext/bz2/bz2.c index 07296d2daa..0edf41e973 100644 --- a/ext/bz2/bz2.c +++ b/ext/bz2/bz2.c @@ -292,12 +292,6 @@ PHP_FUNCTION(bzread) Z_STRVAL_P(return_value)[Z_STRLEN_P(return_value)] = 0; - if (PG(magic_quotes_runtime)) { - Z_STRVAL_P(return_value) = php_addslashes( Z_STRVAL_P(return_value), - Z_STRLEN_P(return_value), - &Z_STRLEN_P(return_value), 1 TSRMLS_CC); - } - Z_TYPE_P(return_value) = IS_STRING; } /* }}} */ diff --git a/ext/dba/dba.c b/ext/dba/dba.c index 43a371ed00..6088a85640 100644 --- a/ext/dba/dba.c +++ b/ext/dba/dba.c @@ -474,22 +474,10 @@ static void php_dba_update(INTERNAL_FUNCTION_PARAMETERS, int mode) DBA_WRITE_CHECK; - if (PG(magic_quotes_runtime)) { - len = Z_STRLEN_PP(val); - v = estrndup(Z_STRVAL_PP(val), len); - php_stripslashes(v, &len TSRMLS_CC); - if(info->hnd->update(info, key_str, key_len, v, len, mode TSRMLS_CC) == SUCCESS) { - efree(v); - DBA_ID_DONE; - RETURN_TRUE; - } - efree(v); - } else { - if(info->hnd->update(info, key_str, key_len, VALLEN(val), mode TSRMLS_CC) == SUCCESS) - { - DBA_ID_DONE; - RETURN_TRUE; - } + if(info->hnd->update(info, key_str, key_len, VALLEN(val), mode TSRMLS_CC) == SUCCESS) + { + DBA_ID_DONE; + RETURN_TRUE; } DBA_ID_DONE; RETURN_FALSE; @@ -937,9 +925,6 @@ PHP_FUNCTION(dba_fetch) skip = 0; } if((val = info->hnd->fetch(info, key_str, key_len, skip, &len TSRMLS_CC)) != NULL) { - if (val && PG(magic_quotes_runtime)) { - val = php_addslashes(val, len, &len, 1 TSRMLS_CC); - } DBA_ID_DONE; RETURN_STRINGL(val, len, 0); } diff --git a/ext/dba/tests/dba008.phpt b/ext/dba/tests/dba008.phpt index 84a47ba083..0c0e434fd8 100644 --- a/ext/dba/tests/dba008.phpt +++ b/ext/dba/tests/dba008.phpt @@ -2,6 +2,7 @@ DBA magic_quotes_runtime Test --SKIPIF-- diff --git a/ext/dba/tests/dba_cdb_make.phpt b/ext/dba/tests/dba_cdb_make.phpt index 04df9252d8..4f4b747460 100644 --- a/ext/dba/tests/dba_cdb_make.phpt +++ b/ext/dba/tests/dba_cdb_make.phpt @@ -1,7 +1,5 @@ --TEST-- DBA CDB_MAKE handler test ---INI-- -magic_quotes_runtime=1 --SKIPIF-- s = php_addslashes(value, length, &length, 0 TSRMLS_CC); - } else { - info_value->s = estrndup(value, length); - } + info_value->s = estrndup(value, length); info_data->length = length; } else { info_data->length = 0; @@ -1604,12 +1600,7 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c break; case TAG_FMT_UNDEFINED: if (value) { - /* do not recompute length here */ - if (PG(magic_quotes_runtime)) { - info_value->s = php_addslashes(value, length, &length, 0 TSRMLS_CC); - } else { - info_value->s = estrndup(value, length); - } + info_value->s = estrndup(value, length); info_data->length = length; } else { info_data->length = 0; @@ -1731,11 +1722,7 @@ static void exif_iif_add_str(image_info_type *image_info, int section_index, cha info_data->format = TAG_FMT_STRING; info_data->length = 1; info_data->name = estrdup(name); - if (PG(magic_quotes_runtime)) { - info_data->value.s = php_addslashes(value, strlen(value), NULL, 0 TSRMLS_CC); - } else { - info_data->value.s = estrdup(value); - } + info_data->value.s = estrdup(value); image_info->sections_found |= 1<info_list[section_index].count++; } @@ -1776,17 +1763,9 @@ static void exif_iif_add_buffer(image_info_type *image_info, int section_index, info_data->format = TAG_FMT_UNDEFINED; info_data->length = length; info_data->name = estrdup(name); - if (PG(magic_quotes_runtime)) { -#ifdef EXIF_DEBUG - exif_error_docref(NULL EXIFERR_CC, image_info, E_NOTICE, "Adding %s as buffer%s", name, exif_char_dump(value, length, 0)); -#endif - info_data->value.s = php_addslashes(value, length, &length, 0 TSRMLS_CC); - info_data->length = length; - } else { - info_data->value.s = safe_emalloc(length, 1, 1); - memcpy(info_data->value.s, value, length); - info_data->value.s[length] = 0; - } + info_data->value.s = safe_emalloc(length, 1, 1); + memcpy(info_data->value.s, value, length); + info_data->value.s[length] = 0; image_info->sections_found |= 1<info_list[section_index].count++; } diff --git a/ext/exif/tests/bug34704.phpt b/ext/exif/tests/bug34704.phpt index b6b26de78d..7688ce861a 100755 --- a/ext/exif/tests/bug34704.phpt +++ b/ext/exif/tests/bug34704.phpt @@ -3,7 +3,6 @@ Bug #34704 (Infinite recursion due to corrupt JPEG) --SKIPIF-- --INI-- -magic_quotes_runtime=0 output_handler= zlib.output_compression=0 --FILE-- diff --git a/ext/exif/tests/exif002.phpt b/ext/exif/tests/exif002.phpt index 1b1220c600..2a70f2920c 100644 --- a/ext/exif/tests/exif002.phpt +++ b/ext/exif/tests/exif002.phpt @@ -3,7 +3,6 @@ Check for exif_thumbnail --SKIPIF-- --INI-- -magic_quotes_runtime=0 output_handler= zlib.output_compression=0 --FILE-- diff --git a/ext/exif/tests/exif006.phpt b/ext/exif/tests/exif006.phpt index bad74ee4fa..655cecb42d 100644 --- a/ext/exif/tests/exif006.phpt +++ b/ext/exif/tests/exif006.phpt @@ -2,8 +2,7 @@ Check for exif_read_data, magic_quotes_runtime --SKIPIF-- --INI-- output_handler= diff --git a/ext/iconv/tests/translit-utf8.phpt b/ext/iconv/tests/translit-utf8.phpt index aa5131f2c3..0151dc385c 100644 --- a/ext/iconv/tests/translit-utf8.phpt +++ b/ext/iconv/tests/translit-utf8.phpt @@ -6,7 +6,6 @@ include('skipif.inc'); ( ICONV_IMPL != "libiconv" ) and die("skip ICONV_IMPL != \"libiconv\""); ?> --INI-- -magic_quotes_runtime=0 error_reporting=2047 --FILE-- vary_string; /* no break */ case SQL_TEXT: - if (PG(magic_quotes_runtime)) { - Z_STRVAL_P(val) = php_addslashes(data, len, &Z_STRLEN_P(val), 0 TSRMLS_CC); - Z_TYPE_P(val) = IS_STRING; - } else { - ZVAL_STRINGL(val,(char *) data,len,1); - } + ZVAL_STRINGL(val,(char *) data,len,1); break; case SQL_SHORT: n = *(short *) data; diff --git a/ext/mhash/tests/001.phpt b/ext/mhash/tests/001.phpt index 13c16a2263..5e0496a7ee 100644 --- a/ext/mhash/tests/001.phpt +++ b/ext/mhash/tests/001.phpt @@ -1,7 +1,5 @@ --TEST-- mhash() test ---INI-- -magic_quotes_runtime=0 --SKIPIF-- data[result->cur_row][i]) == IS_STRING) { - if (PG(magic_quotes_runtime)) { - data = php_addslashes(Z_STRVAL(result->data[result->cur_row][i]), Z_STRLEN(result->data[result->cur_row][i]), &data_len, 0 TSRMLS_CC); - should_copy = 0; - } - else - { - data = Z_STRVAL(result->data[result->cur_row][i]); - data_len = Z_STRLEN(result->data[result->cur_row][i]); - should_copy = 1; - } + data = Z_STRVAL(result->data[result->cur_row][i]); + data_len = Z_STRLEN(result->data[result->cur_row][i]); + should_copy = 1; if (result_type & MSSQL_NUM) { add_index_stringl(return_value, i, data, data_len, should_copy); diff --git a/ext/mysql/php_mysql.c b/ext/mysql/php_mysql.c index b9288c6bf6..52141f5327 100644 --- a/ext/mysql/php_mysql.c +++ b/ext/mysql/php_mysql.c @@ -1841,13 +1841,8 @@ PHP_FUNCTION(mysql_result) if (sql_row[field_offset]) { Z_TYPE_P(return_value) = IS_STRING; - - if (PG(magic_quotes_runtime)) { - Z_STRVAL_P(return_value) = php_addslashes(sql_row[field_offset], sql_row_lengths[field_offset],&Z_STRLEN_P(return_value), 0 TSRMLS_CC); - } else { - Z_STRLEN_P(return_value) = sql_row_lengths[field_offset]; - Z_STRVAL_P(return_value) = (char *) safe_estrndup(sql_row[field_offset], Z_STRLEN_P(return_value)); - } + Z_STRLEN_P(return_value) = sql_row_lengths[field_offset]; + Z_STRVAL_P(return_value) = (char *) safe_estrndup(sql_row[field_offset], Z_STRLEN_P(return_value)); } else { Z_TYPE_P(return_value) = IS_NULL; } @@ -1970,12 +1965,7 @@ static void php_mysql_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, int result_type, MAKE_STD_ZVAL(data); - if (PG(magic_quotes_runtime)) { - Z_TYPE_P(data) = IS_STRING; - Z_STRVAL_P(data) = php_addslashes(mysql_row[i], mysql_row_lengths[i], &Z_STRLEN_P(data), 0 TSRMLS_CC); - } else { - ZVAL_STRINGL(data, mysql_row[i], mysql_row_lengths[i], 1); - } + ZVAL_STRINGL(data, mysql_row[i], mysql_row_lengths[i], 1); if (result_type & MYSQL_NUM) { add_index_zval(return_value, i, data); diff --git a/ext/mysqli/mysqli.c b/ext/mysqli/mysqli.c index 0e5305cd80..8b1ca3bff6 100644 --- a/ext/mysqli/mysqli.c +++ b/ext/mysqli/mysqli.c @@ -815,13 +815,7 @@ void php_mysqli_fetch_into_hash(INTERNAL_FUNCTION_PARAMETERS, int override_flags MAKE_STD_ZVAL(res); - /* check if we need magic quotes */ - if (PG(magic_quotes_runtime)) { - Z_TYPE_P(res) = IS_STRING; - Z_STRVAL_P(res) = php_addslashes(row[i], field_len[i], &Z_STRLEN_P(res), 0 TSRMLS_CC); - } else { - ZVAL_STRINGL(res, row[i], field_len[i], 1); - } + ZVAL_STRINGL(res, row[i], field_len[i], 1); if (fetchtype & MYSQLI_NUM) { add_index_zval(return_value, i, res); diff --git a/ext/pcre/config0.m4 b/ext/pcre/config0.m4 index 3ae740d682..4d442231a7 100644 --- a/ext/pcre/config0.m4 +++ b/ext/pcre/config0.m4 @@ -16,6 +16,7 @@ if test "$PHP_PCRE_REGEX" != "no"; then PHP_NEW_EXTENSION(pcre, pcrelib/pcre_chartables.c pcrelib/pcre_ucp_searchfuncs.c pcrelib/pcre_compile.c pcrelib/pcre_config.c pcrelib/pcre_dfa_exec.c pcrelib/pcre_exec.c pcrelib/pcre_fullinfo.c pcrelib/pcre_get.c pcrelib/pcre_globals.c pcrelib/pcre_info.c pcrelib/pcre_maketables.c pcrelib/pcre_ord2utf8.c pcrelib/pcre_refcount.c pcrelib/pcre_study.c pcrelib/pcre_tables.c pcrelib/pcre_try_flipped.c pcrelib/pcre_valid_utf8.c pcrelib/pcre_version.c pcrelib/pcre_xclass.c php_pcre.c, $ext_shared,,-DEXPORT= -DNEWLINE=10 -DSUPPORT_UTF8 -DSUPPORT_UCP -DLINK_SIZE=2 -DPOSIX_MALLOC_THRESHOLD=10 -DMATCH_LIMIT=10000000 -DMATCH_LIMIT_RECURSION=10000000 -I@ext_srcdir@/pcrelib) PHP_ADD_BUILD_DIR($ext_builddir/pcrelib) PHP_INSTALL_HEADERS([ext/pcre], [php_pcre.h pcrelib/]) + PHP_ADD_INCLUDE(pcrelib) AC_DEFINE(HAVE_BUNDLED_PCRE, 1, [ ]) else for i in $PHP_PCRE_REGEX $PHP_PCRE_REGEX/include $PHP_PCRE_REGEX/include/pcre; do diff --git a/ext/pcre/pcrelib/pcre_internal.h b/ext/pcre/pcrelib/pcre_internal.h index 386ed3ddf9..b51cd93083 100644 --- a/ext/pcre/pcrelib/pcre_internal.h +++ b/ext/pcre/pcrelib/pcre_internal.h @@ -70,7 +70,15 @@ all, it had only been about 10 years then... */ #else # include #endif +/* +#ifndef MATCH_LIMIT +#define MATCH_LIMIT 10000000 +#endif +#ifndef MATCH_LIMIT_RECURSION +#define MATCH_LIMIT_RECURSION MATCH_LIMIT +#endif +*/ /* Standard C headers plus the external interface definition. The only time setjmp and stdarg are used is when NO_RECURSE is set. */ diff --git a/ext/pcre/tests/bug33200.phpt b/ext/pcre/tests/bug33200.phpt index b00b72ac28..334e90e865 100644 --- a/ext/pcre/tests/bug33200.phpt +++ b/ext/pcre/tests/bug33200.phpt @@ -1,5 +1,7 @@ --TEST-- Bug #33200 (magic_quotes_sybase = On makes 'e' modifier misbehave) +--SKIPIF-- +die('skip magic_quotes removed'); --INI-- magic_quotes_sybase=1 --FILE-- diff --git a/ext/pdo/tests/pdo_test.inc b/ext/pdo/tests/pdo_test.inc index a023fd89bb..6696fe12d7 100644 --- a/ext/pdo/tests/pdo_test.inc +++ b/ext/pdo/tests/pdo_test.inc @@ -11,7 +11,6 @@ if (getenv('PDOTEST_DSN') === false) { $append = true; } } - if (ini_get('magic_quotes_runtime')) $common = stripslashes($common); $conf = eval($common); foreach($conf['ENV'] as $n=>$v) putenv("$n=$v"); } diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c index d52d2b4519..99d5ab5434 100644 --- a/ext/pgsql/pgsql.c +++ b/ext/pgsql/pgsql.c @@ -1962,12 +1962,8 @@ static void php_pgsql_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, long result_type, int data_len; int should_copy=0; - if (PG(magic_quotes_runtime)) { - data = php_addslashes(element, element_len, &data_len, 0 TSRMLS_CC); - } else { - data = safe_estrndup(element, element_len); - data_len = element_len; - } + data = safe_estrndup(element, element_len); + data_len = element_len; if (result_type & PGSQL_NUM) { add_index_stringl(return_value, i, data, data_len, should_copy); @@ -5583,12 +5579,9 @@ PHP_PGSQL_API int php_pgsql_result2array(PGresult *pg_result, zval *ret_array TS element = PQgetvalue(pg_result, pg_row, i); element_len = (element ? strlen(element) : 0); if (element) { - if (PG(magic_quotes_runtime)) { - data = php_addslashes(element, element_len, &data_len, 0 TSRMLS_CC); - } else { - data = safe_estrndup(element, element_len); - data_len = element_len; - } + data = safe_estrndup(element, element_len); + data_len = element_len; + field_name = PQfname(pg_result, i); add_assoc_stringl(row, field_name, data, data_len, 0); } diff --git a/ext/spl/examples/dbaarray.inc b/ext/spl/examples/dbaarray.inc index 0bd42d425f..20b33bd278 100755 --- a/ext/spl/examples/dbaarray.inc +++ b/ext/spl/examples/dbaarray.inc @@ -51,9 +51,6 @@ class DbaArray extends DbaReader implements ArrayAccess { $data = dba_fetch($name, $this->db); if($data) { - if (ini_get('magic_quotes_runtime')) { - $data = stripslashes($data); - } //return unserialize($data); return $data; } @@ -95,4 +92,4 @@ class DbaArray extends DbaReader implements ArrayAccess } } -?> \ No newline at end of file +?> diff --git a/ext/spl/spl_directory.c b/ext/spl/spl_directory.c index 123481c7c1..682cb764b8 100755 --- a/ext/spl/spl_directory.c +++ b/ext/spl/spl_directory.c @@ -1353,11 +1353,6 @@ static int spl_filesystem_file_read(spl_filesystem_object *intern, int silent TS buf[line_len] = '\0'; } - if (PG(magic_quotes_runtime)) { - buf = php_addslashes(buf, line_len, &len, 1 TSRMLS_CC); - line_len = len; - } - intern->u.file.current_line = buf; intern->u.file.current_line_len = line_len; } @@ -1842,14 +1837,6 @@ SPL_METHOD(SplFileObject, fwrite) RETURN_LONG(0); } - if (PG(magic_quotes_runtime)) { - str = estrndup(str, str_len); - php_stripslashes(str, &str_len TSRMLS_CC); - ret = php_stream_write(intern->u.file.stream, str, str_len); - efree(str); - RETURN_LONG(ret); - } - RETURN_LONG(php_stream_write(intern->u.file.stream, str, str_len)); } /* }}} */ diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index ab7d375569..9681db53c0 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -442,11 +442,11 @@ zend_function_entry basic_functions[] = { PHP_FE(get_current_user, NULL) PHP_FE(set_time_limit, NULL) PHP_FE(get_cfg_var, NULL) - PHP_FALIAS(magic_quotes_runtime, set_magic_quotes_runtime, NULL) - PHP_FE(set_magic_quotes_runtime, NULL) - PHP_FE(get_magic_quotes_gpc, NULL) - PHP_FE(get_magic_quotes_runtime, NULL) - + PHP_DEP_FALIAS(magic_quotes_runtime, set_magic_quotes_runtime, NULL) + PHP_DEP_FE(set_magic_quotes_runtime, NULL) + PHP_DEP_FE(get_magic_quotes_gpc, NULL) + PHP_DEP_FE(get_magic_quotes_runtime, NULL) + PHP_FE(import_request_variables, NULL) PHP_FE(error_log, NULL) PHP_FE(call_user_func, NULL) @@ -1151,9 +1151,6 @@ PHP_RINIT_FUNCTION(basic) PHP_RINIT(dir)(INIT_FUNC_ARGS_PASSTHRU); PHP_RINIT(url_scanner_ex)(INIT_FUNC_ARGS_PASSTHRU); - /* Reset magic_quotes_runtime */ - PG(magic_quotes_runtime) = INI_BOOL("magic_quotes_runtime"); - /* Setup default context */ FG(default_context) = NULL; @@ -1823,38 +1820,20 @@ PHP_FUNCTION(get_cfg_var) } /* }}} */ -/* {{{ proto bool set_magic_quotes_runtime(int new_setting) - Set the current active configuration setting of magic_quotes_runtime and return previous */ PHP_FUNCTION(set_magic_quotes_runtime) { - zval **new_setting; - - if (ZEND_NUM_ARGS() != 1 || zend_get_parameters_ex(1, &new_setting) == FAILURE) { - RETURN_FALSE; - } - convert_to_boolean_ex(new_setting); - - PG(magic_quotes_runtime) = (zend_bool) Z_LVAL_PP(new_setting); - RETURN_TRUE; + php_error_docref(NULL TSRMLS_CC, E_CORE_ERROR, "magic_quotes_runtime is not supported anymore"); + RETURN_FALSE; } -/* }}} */ -/* {{{ proto int get_magic_quotes_runtime(void) - Get the current active configuration setting of magic_quotes_runtime */ PHP_FUNCTION(get_magic_quotes_runtime) { - RETURN_LONG(PG(magic_quotes_runtime)); + RETURN_FALSE; } - -/* }}} */ - -/* {{{ proto int get_magic_quotes_gpc(void) - Get the current active configuration setting of magic_quotes_gpc */ PHP_FUNCTION(get_magic_quotes_gpc) { - RETURN_LONG(PG(magic_quotes_gpc)); + RETURN_FALSE; } -/* }}} */ /* 1st arg = error message diff --git a/ext/standard/exec.c b/ext/standard/exec.c index 3fa0462aa5..1dccf6610c 100644 --- a/ext/standard/exec.c +++ b/ext/standard/exec.c @@ -135,14 +135,7 @@ int php_exec(int type, char *cmd, zval *array, zval *return_value TSRMLS_DC) } /* Return last line from the shell command */ - if (PG(magic_quotes_runtime)) { - int len; - - tmp = php_addslashes(buf, bufl, &len, 0 TSRMLS_CC); - RETVAL_STRINGL(tmp, len, 0); - } else { - RETVAL_STRINGL(buf, bufl, 1); - } + RETVAL_STRINGL(buf, bufl, 1); } else { /* should return NULL, but for BC we return "" */ RETVAL_EMPTY_STRING(); } diff --git a/ext/standard/file.c b/ext/standard/file.c index 88d4062c6f..f3ad871faa 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -413,11 +413,7 @@ PHP_FUNCTION(get_meta_tags) have_name = 1; } else if (saw_content) { /* Get the CONTENT attr (Single word attr, non-quoted) */ - if (PG(magic_quotes_runtime)) { - value = php_addslashes(md.token_data, 0, &md.token_len, 0 TSRMLS_CC); - } else { - value = estrndup(md.token_data, md.token_len); - } + value = estrndup(md.token_data, md.token_len); have_content = 1; } @@ -451,11 +447,7 @@ PHP_FUNCTION(get_meta_tags) have_name = 1; } else if (saw_content) { /* Get the CONTENT attr (Single word attr, non-quoted) */ - if (PG(magic_quotes_runtime)) { - value = php_addslashes(md.token_data, 0, &md.token_len, 0 TSRMLS_CC); - } else { - value = estrndup(md.token_data, md.token_len); - } + value = estrndup(md.token_data, md.token_len); have_content = 1; } @@ -543,12 +535,6 @@ PHP_FUNCTION(file_get_contents) /* uses mmap if possible */ if ((len = php_stream_copy_to_mem(stream, &contents, maxlen, 0)) > 0) { - - if (PG(magic_quotes_runtime)) { - contents = php_addslashes(contents, len, &newlen, 1 TSRMLS_CC); /* 1 = free source string */ - len = newlen; - } - RETVAL_STRINGL(contents, len, 0); } else if (len == 0) { RETVAL_EMPTY_STRING(); @@ -778,13 +764,7 @@ PHP_FUNCTION(file) do { p++; parse_eol: - if (PG(magic_quotes_runtime)) { - /* s is in target_buf which is freed at the end of the function */ - slashed = php_addslashes(s, (p-s), &len, 0 TSRMLS_CC); - add_index_stringl(return_value, i++, slashed, len, 0); - } else { - add_index_stringl(return_value, i++, estrndup(s, p-s), p-s, 0); - } + add_index_stringl(return_value, i++, estrndup(s, p-s), p-s, 0); s = p; } while ((p = memchr(p, eol_marker, (e-p)))); } else { @@ -793,13 +773,7 @@ parse_eol: s = ++p; continue; } - if (PG(magic_quotes_runtime)) { - /* s is in target_buf which is freed at the end of the function */ - slashed = php_addslashes(s, (p-s), &len, 0 TSRMLS_CC); - add_index_stringl(return_value, i++, slashed, len, 0); - } else { - add_index_stringl(return_value, i++, estrndup(s, p-s), p-s, 0); - } + add_index_stringl(return_value, i++, estrndup(s, p-s), p-s, 0); s = ++p; } while ((p = memchr(p, eol_marker, (e-p)))); } @@ -1038,18 +1012,9 @@ PHPAPI PHP_FUNCTION(fgets) } if (is_unicode) { - /* UTODO: magic_quotes_runtime */ RETURN_UNICODEL(buf, num_chars, 0); } else { - if (PG(magic_quotes_runtime)) { - int len; - char *str; - - str = php_addslashes((char*)buf, num_bytes, &len, 1 TSRMLS_CC); - RETURN_STRINGL(str, len, 0); - } else { RETURN_STRINGL((char*)buf, num_bytes, 0); - } } } /* }}} */ @@ -1248,9 +1213,6 @@ PHPAPI PHP_FUNCTION(fwrite) if (write_len < 0 || write_len > Z_USTRLEN_P(zstring)) { write_len = Z_USTRLEN_P(zstring); } - - /* UTODO Handle magic_quotes_runtime for unicode strings */ - ret = php_stream_u_write(stream, Z_USTRVAL_P(zstring), write_len); /* Convert data points back to code units */ @@ -1267,10 +1229,6 @@ PHPAPI PHP_FUNCTION(fwrite) } num_bytes = write_len; - if (argc < 3 && PG(magic_quotes_runtime)) { - buffer = estrndup(Z_STRVAL_P(zstring), num_bytes); - php_stripslashes(buffer, &num_bytes TSRMLS_CC); - } ret = php_stream_write(stream, buffer ? buffer : Z_STRVAL_P(zstring), num_bytes); if (buffer) { efree(buffer); @@ -1828,16 +1786,11 @@ PHPAPI PHP_FUNCTION(fread) } if (is_unicode) { - /* UTODO - magic_quotes_runtime */ - buf[num_bytes] = 0; buf[num_bytes + 1] = 0; RETURN_UNICODEL((UChar *)buf, num_bytes >> 1, 0); } else { buf[num_bytes] = 0; - if (PG(magic_quotes_runtime)) { - buf = php_addslashes(buf, num_bytes, &num_bytes, 1 TSRMLS_CC); - } RETURN_STRINGL(buf, num_bytes, 0); } } @@ -1976,16 +1929,7 @@ PHP_FUNCTION(fputcsv) smart_str_appendc(&csvline, '\n'); smart_str_0(&csvline); - if (!PG(magic_quotes_runtime)) { - ret = php_stream_write(stream, csvline.c, csvline.len); - } else { - char *buffer = estrndup(csvline.c, csvline.len); - int len = csvline.len; - php_stripslashes(buffer, &len TSRMLS_CC); - ret = php_stream_write(stream, buffer, len); - efree(buffer); - } - + ret = php_stream_write(stream, csvline.c, csvline.len); smart_str_free(&csvline); RETURN_LONG(ret); diff --git a/ext/standard/streamsfuncs.c b/ext/standard/streamsfuncs.c index 569dc47be4..0d3050d149 100644 --- a/ext/standard/streamsfuncs.c +++ b/ext/standard/streamsfuncs.c @@ -370,14 +370,7 @@ PHP_FUNCTION(stream_socket_recvfrom) } read_buf[recvd] = '\0'; - if (PG(magic_quotes_runtime)) { - Z_TYPE_P(return_value) = IS_STRING; - Z_STRVAL_P(return_value) = php_addslashes(Z_STRVAL_P(return_value), - Z_STRLEN_P(return_value), &Z_STRLEN_P(return_value), 1 TSRMLS_CC); - return; - } else { - RETURN_STRINGL(read_buf, recvd, 0); - } + RETURN_STRINGL(read_buf, recvd, 0); } efree(read_buf); @@ -407,12 +400,6 @@ PHP_FUNCTION(stream_get_contents) } if ((len = php_stream_copy_to_mem(stream, &contents, maxlen, 0)) > 0) { - - if (PG(magic_quotes_runtime)) { - contents = php_addslashes(contents, len, &newlen, 1 TSRMLS_CC); /* 1 = free source string */ - len = newlen; - } - RETVAL_STRINGL(contents, len, 0); } else if (len == 0) { RETVAL_EMPTY_STRING(); diff --git a/ext/standard/string.c b/ext/standard/string.c index 7b9f677788..eca1d998a6 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -3798,48 +3798,19 @@ PHPAPI void php_u_stripslashes(UChar *str, int *len TSRMLS_DC) UChar32 ch1, ch2; ch1 = -1; ch2 = -1; - if (PG(magic_quotes_sybase)) { - while (i < src_len) { - U16_NEXT(str, i, src_len, ch1); - if (ch1 == '\'') { - tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len); - if (i < src_len) { - U16_NEXT(str, i, src_len, ch2); - if (ch2 != '\'') { - tmp_len += zend_codepoint_to_uchar(ch2, str+tmp_len); - } - } - } else if (ch1 == '\\') { - if (i < src_len) { - U16_NEXT(str, i, src_len, ch2); - if (ch2 == '0') { - tmp_len += zend_codepoint_to_uchar('\0', str+tmp_len); - } else { - tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len); - tmp_len += zend_codepoint_to_uchar(ch2, str+tmp_len); - } + while (i < src_len) { + U16_NEXT(str, i, src_len, ch1); + if (ch1 == '\\') { + if (i < src_len) { + U16_NEXT(str, i, src_len, ch2); + if (ch2 == '0') { + tmp_len += zend_codepoint_to_uchar('\0', str+tmp_len); } else { - tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len); + tmp_len += zend_codepoint_to_uchar(ch2, str+tmp_len); } - } else { - tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len); - } - } - } else { - while (i < src_len) { - U16_NEXT(str, i, src_len, ch1); - if (ch1 == '\\') { - if (i < src_len) { - U16_NEXT(str, i, src_len, ch2); - if (ch2 == '0') { - tmp_len += zend_codepoint_to_uchar('\0', str+tmp_len); - } else { - tmp_len += zend_codepoint_to_uchar(ch2, str+tmp_len); - } - } - } else { - tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len); } + } else { + tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len); } } *(str+tmp_len) = 0; @@ -3865,34 +3836,6 @@ PHPAPI void php_stripslashes(char *str, int *len TSRMLS_DC) s = str; t = str; - if (PG(magic_quotes_sybase)) { - while (l > 0) { - if (*t == '\'') { - if ((l > 0) && (t[1] == '\'')) { - t++; - if (len != NULL) { - (*len)--; - } - l--; - } - *s++ = *t++; - } else if (*t == '\\' && t[1] == '0' && l > 0) { - *s++='\0'; - t+=2; - if (len != NULL) { - (*len)--; - } - l--; - } else { - *s++ = *t++; - } - l--; - } - *s = '\0'; - - return; - } - while (l > 0) { if (*t == '\\') { t++; /* skip the slash */ @@ -4179,42 +4122,25 @@ PHPAPI UChar *php_u_addslashes_ex(UChar *str, int length, int *new_length, int s } buf = eumalloc(length * 2); - if (!ignore_sybase && PG(magic_quotes_sybase)) { - while (i < length) { - U16_NEXT(str, i, length, ch); - switch (ch) { - case '\0': - *(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */ - *(buf+buf_len) = (UChar)0x30; buf_len++; /* 0 */ - break; - case '\'': - *(buf+buf_len) = (UChar)0x27; buf_len++; /* ' */ - *(buf+buf_len) = (UChar)0x27; buf_len++; /* ' */ - break; - default: - buf_len += zend_codepoint_to_uchar(ch, buf+buf_len); - break; - } - } - } else { - while (i < length) { - U16_NEXT(str, i, length, ch); - switch (ch) { + + while (i < length) { + U16_NEXT(str, i, length, ch); + switch (ch) { case '\0': *(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */ *(buf+buf_len) = (UChar)0x30; buf_len++; /* 0 */ break; case '\'': - case '\"': + case '\"': case '\\': - *(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */ - /* break is missing *intentionally* */ + *(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */ + /* break is missing *intentionally* */ default: - buf_len += zend_codepoint_to_uchar(ch, buf+buf_len); - break; - } + buf_len += zend_codepoint_to_uchar(ch, buf+buf_len); + break; } } + *(buf+buf_len) = 0; if (should_free) { @@ -4256,44 +4182,25 @@ PHPAPI char *php_addslashes_ex(char *str, int length, int *new_length, int shoul end = source + length; target = new_str; - if (!ignore_sybase && PG(magic_quotes_sybase)) { - while (source < end) { - switch (*source) { - case '\0': - *target++ = '\\'; - *target++ = '0'; - break; - case '\'': - *target++ = '\''; - *target++ = '\''; - break; - default: - *target++ = *source; - break; - } - source++; - } - } else { - while (source < end) { - switch (*source) { - case '\0': - *target++ = '\\'; - *target++ = '0'; - break; - case '\'': + while (source < end) { + switch (*source) { + case '\0': + *target++ = '\\'; + *target++ = '0'; + break; + case '\'': case '\"': - case '\\': + case '\\': *target++ = '\\'; /* break is missing *intentionally* */ - default: + default: *target++ = *source; break; - } - - source++; } + + source++; } - + *target = 0; *new_length = target - new_str; if (should_free) { diff --git a/ext/standard/tests/file/fputcsv.phpt b/ext/standard/tests/file/fputcsv.phpt index 486d10a1fc..e4f91fa9f4 100755 --- a/ext/standard/tests/file/fputcsv.phpt +++ b/ext/standard/tests/file/fputcsv.phpt @@ -1,7 +1,5 @@ --TEST-- various fputcsv() functionality tests ---INI-- -magic_quotes_runtime=0 --FILE-- --EXPECT-- Normal: OK -Sybase: OK diff --git a/ext/sybase/php_sybase_db.c b/ext/sybase/php_sybase_db.c index 6de16ff104..684fa62dce 100644 --- a/ext/sybase/php_sybase_db.c +++ b/ext/sybase/php_sybase_db.c @@ -858,9 +858,6 @@ PHP_FUNCTION(sybase_query) zval *cur_value = result->data[i][j-1]; convert_to_string(cur_value); - if (PG(magic_quotes_runtime)) { - Z_STRVAL_P(cur_value) = php_addslashes(Z_STRVAL_P(cur_value), Z_STRLEN_P(cur_value), &Z_STRLEN_P(cur_value),0 TSRMLS_CC); - } } } retvalue=dbnextrow(sybase_ptr->link); diff --git a/ext/sybase_ct/php_sybase_ct.c b/ext/sybase_ct/php_sybase_ct.c index 4c9065874c..d379bf8494 100644 --- a/ext/sybase_ct/php_sybase_ct.c +++ b/ext/sybase_ct/php_sybase_ct.c @@ -1780,11 +1780,7 @@ static void php_sybase_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, int numerics) ALLOC_ZVAL(tmp); *tmp = result->data[result->store ? result->cur_row : 0][i]; INIT_PZVAL(tmp); - if (PG(magic_quotes_runtime) && Z_TYPE_P(tmp) == IS_STRING) { - Z_STRVAL_P(tmp) = php_addslashes(Z_STRVAL_P(tmp), Z_STRLEN_P(tmp), &Z_STRLEN_P(tmp), 0 TSRMLS_CC); - } else { - zval_copy_ctor(tmp); - } + zval_copy_ctor(tmp); if (numerics) { zend_hash_index_update(Z_ARRVAL_P(return_value), i, (void *) &tmp, sizeof(zval *), NULL); tmp->refcount++; diff --git a/ext/xml/tests/xml001.phpt b/ext/xml/tests/xml001.phpt index 62d597c5f8..9c03b553cc 100644 --- a/ext/xml/tests/xml001.phpt +++ b/ext/xml/tests/xml001.phpt @@ -5,8 +5,6 @@ XML parser test, function callbacks require_once("skipif.inc"); XML_SAX_IMPL == 'libxml' && die('skip this test is not intended for libxml SAX parser'); ?> ---INI-- -magic_quotes_runtime=0 --FILE-- ---INI-- -magic_quotes_runtime=0 --FILE-- ---INI-- -magic_quotes_runtime=0 --FILE-- ---INI-- -magic_quotes_runtime=0 --FILE-- s) { s = tmp; } -#ifdef PHP_WIN32 - if (PG(magic_quotes_gpc)) { - s = s ? s : filename; - tmp = u_strrchr(s, 0x27 /*'\''*/); - s = tmp > s ? tmp : s; - tmp = u_strrchr(s, 0x22 /*'"'*/); - s = tmp > s ? tmp : s; - } -#endif if (!is_anonymous) { if (s && s > filename) { @@ -1418,8 +1408,6 @@ var_done: /* Initialize variables */ add_u_protected_variable(param TSRMLS_CC); - magic_quotes_gpc = PG(magic_quotes_gpc); - PG(magic_quotes_gpc) = 0; /* if param is of form xxx[.*] this will cut it to xxx */ if (!is_anonymous) { safe_u_php_register_variable(param, temp_filename, u_strlen(temp_filename), NULL, 1 TSRMLS_CC); @@ -1434,8 +1422,6 @@ var_done: add_u_protected_variable(lbuf TSRMLS_CC); register_u_http_post_files_variable(lbuf, temp_filename, u_strlen(temp_filename), http_post_files, 1 TSRMLS_CC); - PG(magic_quotes_gpc) = magic_quotes_gpc; - { zval file_size, error_type; @@ -1495,7 +1481,6 @@ static SAPI_POST_HANDLER_FUNC(rfc1867_post_handler_legacy) int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL; char **val_list = NULL; #endif - zend_bool magic_quotes_gpc; multipart_buffer *mbuff; zval *array_ptr = (zval *) arg; int fd=-1; @@ -1822,15 +1807,6 @@ static SAPI_POST_HANDLER_FUNC(rfc1867_post_handler_legacy) if ((tmp = strrchr(filename, '/')) > s) { s = tmp; } -#ifdef PHP_WIN32 - if (PG(magic_quotes_gpc)) { - s = s ? s : filename; - tmp = strrchr(s, '\''); - s = tmp > s ? tmp : s; - tmp = strrchr(s, '"'); - s = tmp > s ? tmp : s; - } -#endif #if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) filedone: @@ -1896,8 +1872,6 @@ filedone: /* Initialize variables */ add_protected_variable(param TSRMLS_CC); - magic_quotes_gpc = PG(magic_quotes_gpc); - PG(magic_quotes_gpc) = 0; /* if param is of form xxx[.*] this will cut it to xxx */ if (!is_anonymous) { safe_php_register_variable(param, temp_filename, NULL, 1 TSRMLS_CC); @@ -1912,8 +1886,6 @@ filedone: add_protected_variable(lbuf TSRMLS_CC); register_http_post_files_variable(lbuf, temp_filename, http_post_files, 1 TSRMLS_CC); - PG(magic_quotes_gpc) = magic_quotes_gpc; - { zval file_size, error_type; diff --git a/php.ini-dist b/php.ini-dist index f6a5e51ee2..c3e8f48ffd 100644 --- a/php.ini-dist +++ b/php.ini-dist @@ -408,18 +408,6 @@ auto_globals_jit = On ; Maximum size of POST data that PHP will accept. post_max_size = 8M -; Magic quotes -; - -; Magic quotes for incoming GET/POST/Cookie data. -magic_quotes_gpc = On - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -magic_quotes_sybase = Off - ; Automatically add files before or after any PHP document. auto_prepend_file = auto_append_file = diff --git a/php.ini-recommended b/php.ini-recommended index 2b51ace1a1..e0f993a266 100644 --- a/php.ini-recommended +++ b/php.ini-recommended @@ -92,10 +92,6 @@ ; - register_argc_argv = Off [Performance] ; Disables registration of the somewhat redundant $argv and $argc global ; variables. -; - magic_quotes_gpc = Off [Performance] -; Input data is no longer escaped with slashes so that it can be sent into -; SQL databases without further manipulation. Instead, you should use the -; function addslashes() on each input element you wish to send to a database. ; - variables_order = "GPCS" [Performance] ; The environment variables are not hashed into the $_ENV. To access ; environment variables, you can use getenv() instead. @@ -454,18 +450,6 @@ auto_globals_jit = On ; Maximum size of POST data that PHP will accept. post_max_size = 8M -; Magic quotes -; - -; Magic quotes for incoming GET/POST/Cookie data. -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -magic_quotes_sybase = Off - ; Automatically add files before or after any PHP document. auto_prepend_file = auto_append_file = diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c index 8fe28acf04..0334003b12 100644 --- a/sapi/cgi/cgi_main.c +++ b/sapi/cgi/cgi_main.c @@ -422,10 +422,7 @@ void cgi_php_import_environment_variables(zval *array_ptr TSRMLS_DC) if (!FCGX_IsCGI()) { FCGX_Request *request = (FCGX_Request *) SG(server_context); char **env, *p, *t; - int magic_quotes_gpc = PG(magic_quotes_gpc); - /* turn off magic_quotes while importing environment variables */ - PG(magic_quotes_gpc) = 0; for (env = request->envp; env != NULL && *env != NULL; env++) { p = strchr(*env, '='); if (!p) { /* malformed entry? */ @@ -435,7 +432,6 @@ void cgi_php_import_environment_variables(zval *array_ptr TSRMLS_DC) php_register_variable(t, p + 1, array_ptr TSRMLS_CC); efree(t); } - PG(magic_quotes_gpc) = magic_quotes_gpc; } /* call php's original import as a catch-all */ php_php_import_environment_variables(array_ptr TSRMLS_CC);