main php_variables.c

Ilia Alshanetsky Mon, 13 Oct 2003 20:47:16 -0700

iliaa           Mon Oct 13 23:48:10 2003 EDT

  Modified files:              (Branch: PHP_4_3)
    /php-src    NEWS 
    /php-src/main       php_variables.c 
  Log:
  MFH: Fixed bug #25836 (last key of multi-dimensional array passed via GPC 
  not being escaped when magic_quotes_gpc is on).
  
  
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.435 php-src/NEWS:1.1247.2.436
--- php-src/NEWS:1.1247.2.435   Mon Oct 13 00:28:34 2003
+++ php-src/NEWS        Mon Oct 13 23:48:08 2003
@@ -3,6 +3,8 @@
 ?? Oct 2003, Version 4.3.4RC2
 - Fixed multibyte regex engine to properly handle ".*" pattern under
   POSIX compatible mode. (K.Kosako <kosako at sofnec.co.jp>, Moriyoshi)
+- Fixed bug #25836 (last key of multi-dimensional array passed via GPC not
+  being escaped when magic_quotes_gpc is on). (Ilia)
 - Fixed bug #25814 (Make flock() return correct value when 3rd argument is
   used). (Ilia)
 - Fixed bug #25800 (parse_url() could not parse urls with empty port). (Ilia)
Index: php-src/main/php_variables.c
diff -u php-src/main/php_variables.c:1.45.2.5 php-src/main/php_variables.c:1.45.2.6
--- php-src/main/php_variables.c:1.45.2.5       Mon Jun 16 15:25:06 2003
+++ php-src/main/php_variables.c        Mon Oct 13 23:48:09 2003
@@ -16,7 +16,7 @@
    |          Zeev Suraski <[EMAIL PROTECTED]>                                |
    +----------------------------------------------------------------------+
  */
-/* $Id: php_variables.c,v 1.45.2.5 2003/06/16 19:25:06 iliaa Exp $ */
+/* $Id: php_variables.c,v 1.45.2.6 2003/10/14 03:48:09 iliaa Exp $ */
 
 #include <stdio.h>
 #include "php.h"
@@ -178,7 +178,13 @@
                        if (!index) {
                                zend_hash_next_index_insert(symtable1, &gpc_element, 
sizeof(zval *), (void **) &gpc_element_p);
                        } else {
-                               zend_hash_update(symtable1, index, index_len+1, 
&gpc_element, sizeof(zval *), (void **) &gpc_element_p);
+                               if (PG(magic_quotes_gpc) && (index!=var)) {
+                                       char *escaped_index = php_addslashes(index, 
index_len, &index_len, 0 TSRMLS_CC);
+                                       zend_hash_update(symtable1, escaped_index, 
index_len+1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
+                                       efree(escaped_index);
+                               } else {
+                                       zend_hash_update(symtable1, index, 
index_len+1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
+                               }
                        }
                        break;
                }


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_4_3) / NEWS /main php_variables.c

Reply via email to