diff options
| author | Zeev Suraski <zeev@php.net> | 2000-09-05 19:06:29 +0000 |
|---|---|---|
| committer | Zeev Suraski <zeev@php.net> | 2000-09-05 19:06:29 +0000 |
| commit | eb3214490287d4f8fd87a0e709f24e56eb97ae12 (patch) | |
| tree | db7976f0421b040f53f5ae3ea37b9179327cb563 | |
| parent | 3c45b97804205dfe299814d6375d2022ca800d7a (diff) | |
| download | php-git-eb3214490287d4f8fd87a0e709f24e56eb97ae12.tar.gz | |
- Remove track_vars - it is now always on
- Make the various $HTTP_*_VARS[] arrays be defined always,
even if they're empty
- Fix Win32 build and warnings
| -rw-r--r-- | ext/session/session.c | 45 | ||||
| -rw-r--r-- | main/main.c | 83 | ||||
| -rw-r--r-- | main/network.c | 6 | ||||
| -rw-r--r-- | main/php_globals.h | 18 | ||||
| -rw-r--r-- | main/php_network.h | 7 | ||||
| -rw-r--r-- | main/php_variables.c | 44 | ||||
| -rw-r--r-- | main/rfc1867.c | 10 | ||||
| -rw-r--r-- | php.ini-dist | 7 | ||||
| -rw-r--r-- | php.ini-optimized | 5 | ||||
| -rw-r--r-- | php.ini-recommended | 5 | ||||
| -rw-r--r-- | win32/php4dllts.dsp | 4 |
11 files changed, 107 insertions, 127 deletions
diff --git a/ext/session/session.c b/ext/session/session.c index 4615454a82..6ddedfcfbf 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -244,16 +244,14 @@ static void php_set_session_var(char *name, size_t namelen, zval_copy_ctor(state_val_copy); state_val_copy->refcount = 0; - if (PG(register_globals) && PG(track_vars)) { + if (PG(register_globals)) { zend_set_hash_symbol(state_val_copy, name, namelen, 0, 2, PS(http_session_vars)->value.ht, &EG(symbol_table)); } else { if (PG(register_globals)) { zend_set_hash_symbol(state_val_copy, name, namelen, 0, 1, &EG(symbol_table)); } - if (PG(track_vars)) { - zend_set_hash_symbol(state_val_copy, name, namelen, 0, 1, PS(http_session_vars)->value.ht); - } + zend_set_hash_symbol(state_val_copy, name, namelen, 0, 1, PS(http_session_vars)->value.ht); } } @@ -261,7 +259,7 @@ static int php_get_session_var(char *name, size_t namelen, zval ***state_var PLS { HashTable *ht = &EG(symbol_table); - if (!PG(register_globals) && PG(track_vars)) + if (!PG(register_globals)) ht = PS(http_session_vars)->value.ht; return zend_hash_find(ht, name, namelen + 1, (void **)state_var); @@ -523,8 +521,7 @@ static void _php_session_decode(const char *val, int vallen PSLS_DC) { PLS_FETCH(); - if (PG(track_vars)) - php_session_track_init(); + php_session_track_init(); if (PS(serializer)->decode(val, vallen PSLS_CC) == FAILURE) { _php_session_destroy(PSLS_C); php_error(E_WARNING, "Failed to decode session object. Session has been destroyed."); @@ -844,8 +841,6 @@ static void _php_session_start(PSLS_D) char *p; int send_cookie = 1; int define_sid = 1; - zend_bool register_globals; - zend_bool track_vars; int module_number = PS(module_number); int nrand; int lensess; @@ -856,39 +851,13 @@ static void _php_session_start(PSLS_D) lensess = strlen(PS(session_name)); - register_globals = INI_BOOL("register_globals"); - track_vars = INI_BOOL("track_vars"); - - if (!register_globals && !track_vars) { - php_error(E_ERROR, "The session module will not work if you have disabled track_vars and register_globals. At least one of them must be enabled."); - return; - } - if (!track_vars && PS(use_cookies)) - php_error(E_NOTICE, "Because track_vars is disabled, the session module will not be able to determine whether the user has sent a cookie. SID will always be defined."); - - /* - * If our only resource is the global symbol_table, then check it. - * If track_vars are enabled, we prefer these, because they are more - * reliable, and we always know whether the user has accepted the - * cookie. - */ - - if (register_globals && - !track_vars && - !PS(id) && - zend_hash_find(&EG(symbol_table), PS(session_name), - lensess + 1, (void **) &ppid) == SUCCESS) { - PPID2SID; - send_cookie = 0; - } - /* - * Now check the track_vars. Cookies are preferred, because initially + * Cookies are preferred, because initially * cookie and get variables will be available. */ - if (!PS(id) && track_vars) { + if (!PS(id)) { if (zend_hash_find(&EG(symbol_table), "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"), (void **) &data) == SUCCESS && (*data)->type == IS_ARRAY && @@ -1244,7 +1213,7 @@ static void php_register_var(zval** entry PSLS_DC PLS_DC) } else { convert_to_string_ex(entry); - if (!PG(track_vars) || strcmp((*entry)->value.str.val, "HTTP_SESSION_VARS") != 0) + if (strcmp((*entry)->value.str.val, "HTTP_SESSION_VARS") != 0) PS_ADD_VARL((*entry)->value.str.val, (*entry)->value.str.len); } } diff --git a/main/main.c b/main/main.c index a3887075f1..875290fc35 100644 --- a/main/main.c +++ b/main/main.c @@ -225,7 +225,6 @@ PHP_INI_BEGIN() STD_PHP_INI_BOOLEAN("short_open_tag", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, short_tags, zend_compiler_globals, compiler_globals) STD_PHP_INI_BOOLEAN("sql.safe_mode", "0", PHP_INI_SYSTEM, OnUpdateBool, sql_safe_mode, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("track_errors", "0", PHP_INI_ALL, OnUpdateBool, track_errors, php_core_globals, core_globals) - STD_PHP_INI_BOOLEAN("track_vars", "1", PHP_INI_ALL, OnUpdateBool, track_vars, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("y2k_compliance", "0", PHP_INI_ALL, OnUpdateBool, y2k_compliance, php_core_globals, core_globals) STD_PHP_INI_ENTRY("arg_separator", "&", PHP_INI_ALL, OnUpdateStringUnempty, arg_separator, php_core_globals, core_globals) @@ -922,12 +921,10 @@ static inline void php_register_server_variables(ELS_D SLS_DC PLS_DC) { zval *array_ptr=NULL; - if (PG(track_vars)) { - ALLOC_ZVAL(array_ptr); - array_init(array_ptr); - INIT_PZVAL(array_ptr); - PG(http_globals).server = array_ptr; - } + ALLOC_ZVAL(array_ptr); + array_init(array_ptr); + INIT_PZVAL(array_ptr); + PG(http_globals)[TRACK_VARS_SERVER] = array_ptr; /* Server variables */ if (sapi_module.register_server_variables) { @@ -954,8 +951,31 @@ static int php_hash_environment(ELS_D SLS_DC PLS_DC) char *p; unsigned char _gpc_flags[3] = {0,0,0}; zend_bool have_variables_order; - - PG(http_globals).post = PG(http_globals).get = PG(http_globals).cookie = PG(http_globals).server = PG(http_globals).environment = PG(http_globals).post_files = NULL; + zval *dummy_track_vars_array; + zend_bool initialized_dummy_track_vars_array=0; + int i; + char *track_vars_names[] = { + "HTTP_POST_VARS", + "HTTP_GET_VARS", + "HTTP_COOKIE_VARS", + "HTTP_SERVER_VARS", + "HTTP_ENV_VARS", + "HTTP_POST_FILES", + NULL + }; + int track_vars_names_length[] = { + sizeof("HTTP_POST_VARS"), + sizeof("HTTP_GET_VARS"), + sizeof("HTTP_COOKIE_VARS"), + sizeof("HTTP_SERVER_VARS"), + sizeof("HTTP_ENV_VARS"), + sizeof("HTTP_POST_FILES") + }; + + + for (i=0; i<6; i++) { + PG(http_globals)[i] = NULL; + } if (PG(variables_order)) { p = PG(variables_order); @@ -1008,25 +1028,18 @@ static int php_hash_environment(ELS_D SLS_DC PLS_DC) php_register_server_variables(ELS_C SLS_CC PLS_CC); } - if (PG(http_globals).post) { - zend_hash_update(&EG(symbol_table), "HTTP_POST_VARS", sizeof("HTTP_POST_VARS"), &PG(http_globals).post, sizeof(zval *), NULL); - } - if (PG(http_globals).get) { - zend_hash_update(&EG(symbol_table), "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"), &PG(http_globals).get, sizeof(zval *), NULL); - } - if (PG(http_globals).cookie) { - zend_hash_update(&EG(symbol_table), "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"), &PG(http_globals).cookie, sizeof(zval *), NULL); - } - if (PG(http_globals).server) { - zend_hash_update(&EG(symbol_table), "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS"), &PG(http_globals).server, sizeof(zval *), NULL); - } - if (PG(http_globals).environment) { - zend_hash_update(&EG(symbol_table), "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS"), &PG(http_globals).environment, sizeof(zval *), NULL); - } - if (PG(http_globals).post_files) { - zend_hash_update(&EG(symbol_table), "HTTP_POST_FILES", sizeof("HTTP_POST_FILES"), &PG(http_globals).post_files, sizeof(zval *),NULL); + for (i=0; i<6; i++) { + if (!PG(http_globals)[i] && !initialized_dummy_track_vars_array) { + ALLOC_ZVAL(dummy_track_vars_array); + array_init(dummy_track_vars_array); + INIT_PZVAL(dummy_track_vars_array); + initialized_dummy_track_vars_array = 1; + } else { + dummy_track_vars_array->refcount++; + PG(http_globals)[i] = dummy_track_vars_array; + } + zend_hash_update(&EG(symbol_table), track_vars_names[i], track_vars_names_length[i], &PG(http_globals)[i], sizeof(zval *), NULL); } - return SUCCESS; } @@ -1036,9 +1049,6 @@ static void php_build_argv(char *s, zval *track_vars_array ELS_DC PLS_DC) pval *arr, *argc, *tmp; int count = 0; char *ss, *space; - - if (!PG(register_globals) && !PG(track_vars)) - return; ALLOC_ZVAL(arr); array_init(arr); @@ -1084,15 +1094,12 @@ static void php_build_argv(char *s, zval *track_vars_array ELS_DC PLS_DC) zend_hash_add(&EG(symbol_table), "argc", sizeof("argc"), &argc, sizeof(zval *), NULL); } - if (PG(track_vars)) { - if (PG(register_globals)) { - arr->refcount++; - argc->refcount++; - } - zend_hash_update(track_vars_array->value.ht, "argv", sizeof("argv"), &arr, sizeof(pval *), NULL); - zend_hash_update(track_vars_array->value.ht, "argc", sizeof("argc"), &argc, sizeof(pval *), NULL); + if (PG(register_globals)) { + arr->refcount++; + argc->refcount++; } - + zend_hash_update(track_vars_array->value.ht, "argv", sizeof("argv"), &arr, sizeof(pval *), NULL); + zend_hash_update(track_vars_array->value.ht, "argc", sizeof("argc"), &argc, sizeof(pval *), NULL); } diff --git a/main/network.c b/main/network.c index 76f6bdc4a6..781fb76c99 100644 --- a/main/network.c +++ b/main/network.c @@ -37,8 +37,12 @@ #include <netinet/in.h> #include <netdb.h> #include <arpa/inet.h> +#else +int inet_aton(const char *, struct in_addr *); #endif +#include "php_network.h" + #ifdef PHP_WIN32 #undef AF_UNIX #endif @@ -150,7 +154,7 @@ static int php_network_getaddresses(const char *host, struct sockaddr ***sal) * port, returns the created socket on success, else returns -1. * timeout gives timeout in seconds, 0 means blocking mode. */ -int php_hostconnect(char *host, int port, int socktype, int timeout) +int php_hostconnect(char *host, unsigned short port, int socktype, int timeout) { int s; struct sockaddr **sal, **psal; diff --git a/main/php_globals.h b/main/php_globals.h index 37ffe2be9f..f75c168791 100644 --- a/main/php_globals.h +++ b/main/php_globals.h @@ -42,14 +42,13 @@ extern PHPAPI int core_globals_id; extern ZEND_API struct _php_core_globals core_globals; #endif -typedef struct _php_http_globals { - zval *post; - zval *get; - zval *cookie; - zval *server; - zval *environment; - zval *post_files; -} php_http_globals; + +#define TRACK_VARS_POST 1 +#define TRACK_VARS_GET 2 +#define TRACK_VARS_COOKIE 3 +#define TRACK_VARS_SERVER 4 +#define TRACK_VARS_ENV 5 +#define TRACK_VARS_FILES 6 struct _php_tick_function_entry; @@ -103,11 +102,10 @@ struct _php_core_globals { zend_llist tick_functions; - php_http_globals http_globals; + zval *http_globals[6]; zend_bool expose_php; - zend_bool track_vars; zend_bool register_globals; zend_bool register_argc_argv; diff --git a/main/php_network.h b/main/php_network.h index 7ce11c22ec..f448117c99 100644 --- a/main/php_network.h +++ b/main/php_network.h @@ -17,7 +17,12 @@ */ /* $Id$ */ -int php_hostconnect(char *host, int port, int socktype, int timeout); +#ifndef _PHP_NETWORK_H +#define _PHP_NETWORK_H + +int php_hostconnect(char *host, unsigned short port, int socktype, int timeout); + +#endif /* _PHP_NETWORK_H */ /* * Local variables: diff --git a/main/php_variables.c b/main/php_variables.c index 3fa22a9c33..65baee6248 100644 --- a/main/php_variables.c +++ b/main/php_variables.c @@ -57,7 +57,7 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_arra zend_bool free_index; HashTable *symtable1=NULL; HashTable *symtable2=NULL; - + if (PG(register_globals)) { symtable1 = EG(active_symbol_table); } @@ -69,7 +69,7 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_arra } } if (!symtable1) { - /* we don't need track_vars, and we're not setting GPC globals either. */ + /* Nothing to do */ zval_dtor(val); return; } @@ -220,23 +220,19 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC) case PARSE_POST: case PARSE_GET: case PARSE_COOKIE: - if (PG(track_vars)) { - ALLOC_ZVAL(array_ptr); - array_init(array_ptr); - INIT_PZVAL(array_ptr); - switch (arg) { - case PARSE_POST: - PG(http_globals).post = array_ptr; - break; - case PARSE_GET: - PG(http_globals).get = array_ptr; - break; - case PARSE_COOKIE: - PG(http_globals).cookie = array_ptr; - break; - } - } else { - array_ptr=NULL; + ALLOC_ZVAL(array_ptr); + array_init(array_ptr); + INIT_PZVAL(array_ptr); + switch (arg) { + case PARSE_POST: + PG(http_globals)[TRACK_VARS_POST] = array_ptr; + break; + case PARSE_GET: + PG(http_globals)[TRACK_VARS_GET] = array_ptr; + break; + case PARSE_COOKIE: + PG(http_globals)[TRACK_VARS_COOKIE] = array_ptr; + break; } break; default: @@ -309,12 +305,10 @@ void php_import_environment_variables(ELS_D PLS_DC) char **env, *p, *t; zval *array_ptr=NULL; - if (PG(track_vars)) { - ALLOC_ZVAL(array_ptr); - array_init(array_ptr); - INIT_PZVAL(array_ptr); - PG(http_globals).environment = array_ptr; - } + ALLOC_ZVAL(array_ptr); + array_init(array_ptr); + INIT_PZVAL(array_ptr); + PG(http_globals)[TRACK_VARS_ENV] = array_ptr; for (env = environ; env != NULL && *env != NULL; env++) { p = strchr(*env, '='); diff --git a/main/rfc1867.c b/main/rfc1867.c index 37fe2c7db0..3b9f4fc534 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -102,12 +102,10 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr) zend_hash_init(&PG(rfc1867_protected_variables), 5, NULL, NULL, 0); - if (PG(track_vars)) { - ALLOC_ZVAL(http_post_files); - array_init(http_post_files); - INIT_PZVAL(http_post_files); - PG(http_globals).post_files = http_post_files; - } + ALLOC_ZVAL(http_post_files); + array_init(http_post_files); + INIT_PZVAL(http_post_files); + PG(http_globals)[TRACK_VARS_POST] = http_post_files; ptr = buf; rem = cnt; diff --git a/php.ini-dist b/php.ini-dist index 39228fc511..af572acc85 100644 --- a/php.ini-dist +++ b/php.ini-dist @@ -181,6 +181,7 @@ warn_plus_overloading = Off ; warn if the + operator is used with strings ;;;;;;;;;;;;;;;;; ; Data Handling ; ;;;;;;;;;;;;;;;;; +; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 variables_order = "EGPCS" ; This directive describes the order in which PHP registers ; GET, POST, Cookie, Environment and Built-in variables (G, P, ; C, E & S respectively, often referred to as EGPCS or GPC). @@ -192,12 +193,14 @@ register_globals = On ; Whether or not to register the EGPCS variables as globa ; most sense when coupled with track_vars - in which case you can ; access all of the GPC variables through the $HTTP_*_VARS[], ; variables. + ; You should do your best to write your scripts so that they do + ; not require register_globals to be on; Using form variables + ; as globals can easily lead to possible security problems, if + ; the code is not very well thought of. register_argc_argv = On ; This directive tells PHP whether to declare the argv&argc ; variables (that would contain the GET information). If you ; don't use these variables, you should turn it off for ; increased performance -track_vars = On ; enable the $HTTP_*_VARS[] arrays, where * is one of - ; ENV, POST, GET, COOKIE or SERVER. gpc_order = "GPC" ; This directive is deprecated. Use variables_order instead. ; Magic quotes diff --git a/php.ini-optimized b/php.ini-optimized index 425f4f191a..901f300dd6 100644 --- a/php.ini-optimized +++ b/php.ini-optimized @@ -182,9 +182,8 @@ register_globals = Off ; Whether or not to register the EGPCS variables as glob register_argc_argv = Off ; This directive tells PHP whether to declare the argv&argc ; variables (that would contain the GET information). If you ; don't use these variables, you should turn it off for - ; increased performance -track_vars = On ; enable the $HTTP_*_VARS[] arrays, where * is one of - ; ENV, POST, GET, COOKIE or SERVER. + ; increased performance (you should try not to use it anyway, + ; for less likelihood of security bugs in your code). gpc_order = "GPC" ; This directive is deprecated. Use variables_order instead. ; Magic quotes diff --git a/php.ini-recommended b/php.ini-recommended index 425f4f191a..901f300dd6 100644 --- a/php.ini-recommended +++ b/php.ini-recommended @@ -182,9 +182,8 @@ register_globals = Off ; Whether or not to register the EGPCS variables as glob register_argc_argv = Off ; This directive tells PHP whether to declare the argv&argc ; variables (that would contain the GET information). If you ; don't use these variables, you should turn it off for - ; increased performance -track_vars = On ; enable the $HTTP_*_VARS[] arrays, where * is one of - ; ENV, POST, GET, COOKIE or SERVER. + ; increased performance (you should try not to use it anyway, + ; for less likelihood of security bugs in your code). gpc_order = "GPC" ; This directive is deprecated. Use variables_order instead. ; Magic quotes diff --git a/win32/php4dllts.dsp b/win32/php4dllts.dsp index a58509e934..35174c9140 100644 --- a/win32/php4dllts.dsp +++ b/win32/php4dllts.dsp @@ -153,6 +153,10 @@ SOURCE=..\main\mergesort.c # End Source File
# Begin Source File
+SOURCE=..\main\network.c
+# End Source File
+# Begin Source File
+
SOURCE=..\main\php_content_types.c
# End Source File
# Begin Source File
|