From: Arnaud Le Blanc <lbarnaud@php.net>
Date: Fri, 1 May 2009 00:15:07 +0000 (+0000)
Subject: Removed code for register_globals in file uploads
X-Git-Tag: php-5.4.0alpha1~191^2~3799
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ee7239acbef990edc0ddb1908d8eca39c8c99e80;p=php

Removed code for register_globals in file uploads
---

diff --git a/main/rfc1867.c b/main/rfc1867.c
index 81bf5185c5..f3c8a7745a 100644
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -1136,7 +1136,6 @@ var_done:
 				array_index = eustrndup(start_arr+1, array_len-2);   
 			}
 
-			/* Add $foo_name */
 			if (lbuf) {
 				efree(lbuf);
 			}
@@ -1146,9 +1145,6 @@ var_done:
 			if (is_arr_upload) {
 				if (abuf) efree(abuf);
 				abuf = eustrndup(param, u_strlen(param)-array_len);
-				u_snprintf(lbuf, llen, "%S_name[%S]", abuf, array_index);
-			} else {
-				u_snprintf(lbuf, llen, "%S_name", param);
 			}
 
 			/* The \ check should technically be needed for win32 systems only where
@@ -1162,14 +1158,6 @@ var_done:
 				s = tmp;
 			}
 
-			if (!is_anonymous) {
-				if (s && s > filename) {
-					safe_u_php_register_variable(lbuf, s+1, u_strlen(s+1), NULL, 0 TSRMLS_CC);
-				} else {
-					safe_u_php_register_variable(lbuf, filename, u_strlen(filename), NULL, 0 TSRMLS_CC);
-				}
-			}
-
 			/* Add $foo[name] */
 			if (is_arr_upload) {
 				u_snprintf(lbuf, llen, "%S[name][%S]", abuf, array_index);
@@ -1201,16 +1189,6 @@ var_done:
 				}
 			}
 
-			/* Add $foo_type */
-			if (is_arr_upload) {
-				u_snprintf(lbuf, llen, "%S_type[%S]", abuf, array_index);
-			} else {
-				u_snprintf(lbuf, llen, "%S_type", param);
-			}
-			if (!is_anonymous) {
-				safe_u_php_register_variable(lbuf, ucd, ucd_len, NULL, 0 TSRMLS_CC);
-			}
-
 			/* Add $foo[type] */
 			if (is_arr_upload) {
 				u_snprintf(lbuf, llen, "%S[type][%S]", abuf, array_index);
@@ -1225,11 +1203,6 @@ var_done:
 			/* Initialize variables */
 			add_u_protected_variable(param TSRMLS_CC);
 
-			/* if param is of form xxx[.*] this will cut it to xxx */
-			if (!is_anonymous) {
-				safe_u_php_register_variable(param, temp_filename, u_strlen(temp_filename), NULL, 1 TSRMLS_CC);
-			}
-
 			/* Add $foo[tmp_name] */
 			if (is_arr_upload) {
 				u_snprintf(lbuf, llen, "%S[tmp_name][%S]", abuf, array_index);
@@ -1264,16 +1237,6 @@ var_done:
 				}
 				register_u_http_post_files_variable_ex(lbuf, &error_type, http_post_files, 0 TSRMLS_CC);
 
-				/* Add $foo_size */
-				if (is_arr_upload) {
-					u_snprintf(lbuf, llen, "%S_size[%S]", abuf, array_index);
-				} else {
-					u_snprintf(lbuf, llen, "%S_size", param);
-				}
-				if (!is_anonymous) {
-					safe_u_php_register_variable_ex(lbuf, &file_size, NULL, 0 TSRMLS_CC);
-				}	
-
 				/* Add $foo[size] */
 				if (is_arr_upload) {
 					u_snprintf(lbuf, llen, "%S[size][%S]", abuf, array_index);