From 370dfd39a9822428663acd98e9e1e86a38c072c0 Mon Sep 17 00:00:00 2001
From: Derick Rethans <derick@php.net>
Date: Wed, 26 Nov 2003 09:53:22 +0000
Subject: [PATCH] - Prevent registration of the variable when a zero-length is
 returned   from the sapi_input_filter.

---
 main/php_variables.c |  8 ++++++--
 main/rfc1867.c       | 19 +++++++++++--------
 2 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/main/php_variables.c b/main/php_variables.c
index 78b1863fd9..ae59eced6c 100644
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -213,7 +213,9 @@ SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
 			php_url_decode(var, strlen(var));
 			val_len = php_url_decode(val, strlen(val));
 			val_len = sapi_module.input_filter(PARSE_POST, var, &val, val_len TSRMLS_CC);
-			php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+			if (val_len) {
+				php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+			}
 		}
 		var = php_strtok_r(NULL, "&", &strtok_buf);
 	}
@@ -308,7 +310,9 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
 			php_url_decode(var, strlen(var));
 			val_len = php_url_decode(val, strlen(val));
 			val_len = sapi_module.input_filter(arg, var, &val, val_len TSRMLS_CC);
-			php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+			if (val_len) {
+				php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
+			}
 		} else {
 			php_url_decode(var, strlen(var));
 			php_register_variable_safe(var, "", 0, array_ptr TSRMLS_CC);
diff --git a/main/rfc1867.c b/main/rfc1867.c
index 1eaa0096ed..fc83952764 100644
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -881,22 +881,25 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
 			if (!filename && param) {
 
 				char *value = multipart_buffer_read_body(mbuff TSRMLS_CC);
+				int   val_len;
 
 				if (!value) {
 					value = estrdup("");
 				}
 
-				sapi_module.input_filter(PARSE_POST, param, &value, strlen(value) TSRMLS_CC);
+				val_len = sapi_module.input_filter(PARSE_POST, param, &value, strlen(value) TSRMLS_CC);
+				if (val_len) {
 #if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
-				if (php_mb_encoding_translation(TSRMLS_C)) {
-					php_mb_gpc_stack_variable(param, value, &val_list, &len_list, 
-											  &num_vars, &num_vars_max TSRMLS_CC);
-				} else {
-					safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
-				}
+					if (php_mb_encoding_translation(TSRMLS_C)) {
+						php_mb_gpc_stack_variable(param, value, &val_list, &len_list, 
+												  &num_vars, &num_vars_max TSRMLS_CC);
+					} else {
+						safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
+					}
 #else
-				safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
+					safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
 #endif
+				}
 				if (!strcasecmp(param, "MAX_FILE_SIZE")) {
 					max_file_size = atol(value);
 				}
-- 
2.40.0