From: Nikita Popov Date: Fri, 12 Jul 2019 08:21:21 +0000 (+0200) Subject: Deprecate FILTER_SANITIZE_MAGIC_QUOTES X-Git-Tag: php-7.4.0beta1~25 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=cd2f2cd7d005fb6f23552b815892f7a885489976;p=php Deprecate FILTER_SANITIZE_MAGIC_QUOTES --- diff --git a/ext/filter/filter.c b/ext/filter/filter.c index 06467417db..e615edf084 100644 --- a/ext/filter/filter.c +++ b/ext/filter/filter.c @@ -58,7 +58,7 @@ static const filter_list_entry filter_list[] = { { "url", FILTER_SANITIZE_URL, php_filter_url }, { "number_int", FILTER_SANITIZE_NUMBER_INT, php_filter_number_int }, { "number_float", FILTER_SANITIZE_NUMBER_FLOAT, php_filter_number_float }, - { "magic_quotes", FILTER_SANITIZE_MAGIC_QUOTES, php_filter_add_slashes }, + { "magic_quotes", FILTER_SANITIZE_MAGIC_QUOTES, php_filter_magic_quotes }, { "add_slashes", FILTER_SANITIZE_ADD_SLASHES, php_filter_add_slashes }, { "callback", FILTER_CALLBACK, php_filter_callback }, diff --git a/ext/filter/php_filter.h b/ext/filter/php_filter.h index 48c08882d3..24b177d275 100644 --- a/ext/filter/php_filter.h +++ b/ext/filter/php_filter.h @@ -92,6 +92,7 @@ void php_filter_url(PHP_INPUT_FILTER_PARAM_DECL); void php_filter_number_int(PHP_INPUT_FILTER_PARAM_DECL); void php_filter_number_float(PHP_INPUT_FILTER_PARAM_DECL); void php_filter_add_slashes(PHP_INPUT_FILTER_PARAM_DECL); +void php_filter_magic_quotes(PHP_INPUT_FILTER_PARAM_DECL); void php_filter_callback(PHP_INPUT_FILTER_PARAM_DECL); diff --git a/ext/filter/sanitizing_filters.c b/ext/filter/sanitizing_filters.c index 815ba9a94a..5b4fb4432c 100644 --- a/ext/filter/sanitizing_filters.c +++ b/ext/filter/sanitizing_filters.c @@ -369,11 +369,20 @@ void php_filter_number_float(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ php_filter_add_slashes */ void php_filter_add_slashes(PHP_INPUT_FILTER_PARAM_DECL) { - /* This filter is used by both 'add_slashes' & 'magic_quotes' (legacy) */ + zend_string *buf = php_addslashes(Z_STR_P(value)); + zval_ptr_dtor(value); + ZVAL_STR(value, buf); +} +/* }}} */ + +/* {{{ php_filter_magic_quotes */ +void php_filter_magic_quotes(PHP_INPUT_FILTER_PARAM_DECL) +{ zend_string *buf; + php_error_docref(NULL, E_DEPRECATED, + "FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead"); - /* just call php_addslashes quotes */ buf = php_addslashes(Z_STR_P(value)); zval_ptr_dtor(value); diff --git a/ext/filter/tests/020.phpt b/ext/filter/tests/020.phpt index 855897da9b..5c2ec5bfb2 100644 --- a/ext/filter/tests/020.phpt +++ b/ext/filter/tests/020.phpt @@ -12,9 +12,16 @@ var_dump(filter_var(-1, FILTER_SANITIZE_MAGIC_QUOTES)); echo "Done\n"; ?> ---EXPECT-- +--EXPECTF-- +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d string(36) "test\'asd\'asd\'\' asd\\\'\"asdfasdf" + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d string(2) "\'" + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d string(0) "" + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d string(2) "-1" Done diff --git a/ext/filter/tests/033.phpt b/ext/filter/tests/033.phpt index affb878dbb..83ae4a3c19 100644 --- a/ext/filter/tests/033.phpt +++ b/ext/filter/tests/033.phpt @@ -9,7 +9,7 @@ default_charset=UTF-8 ---EXPECT-- +--EXPECTF-- int 1 123 boolean 1 float 1 123 @@ -29,6 +29,26 @@ email PHP 1 foo@bar.com httpa.b.c 1.2.3.4 123 12 url PHP 1 foo@bar.com http://a.b.c 1.2.3.4 123 123abc<>() O'Henry aa:bb:cc:dd:ee:ff number_int 1 1234 123 123 number_float 1 1234 123 123 + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d + +Deprecated: filter_var(): FILTER_SANITIZE_MAGIC_QUOTES is deprecated, use FILTER_SANITIZE_ADD_SLASHES instead in %s on line %d magic_quotes PHP 1 foo@bar.com http://a.b.c 1.2.3.4 123 123abc<>() O\'Henry 하퍼 aa:bb:cc:dd:ee:ff add_slashes PHP 1 foo@bar.com http://a.b.c 1.2.3.4 123 123abc<>() O\'Henry 하퍼 aa:bb:cc:dd:ee:ff callback PHP 1 FOO@BAR.COM HTTP://A.B.C 1.2.3.4 123 123ABC<>() O'HENRY 하퍼 AA:BB:CC:DD:EE:FF diff --git a/ext/filter/tests/059.phpt b/ext/filter/tests/059.phpt index 87729880ac..f1d24353a0 100644 --- a/ext/filter/tests/059.phpt +++ b/ext/filter/tests/059.phpt @@ -5,20 +5,11 @@ filter_var() and FILTER_SANITIZE_ADD_SLASHES --FILE-- --EXPECT-- @@ -26,8 +17,4 @@ string(36) "test\'asd\'asd\'\' asd\\\'\"asdfasdf" string(2) "\'" string(0) "" string(2) "-1" -bool(true) -bool(true) -bool(true) -bool(true) Done