[PHP-CVS] cvs: php-src(PHP_4_3) / NEWS /sapi/cgi cgi_main.c

Fri, 12 Mar 2004 06:07:23 -0800 

iliaa           Fri Mar 12 09:07:16 2004 EDT

  Modified files:              (Branch: PHP_4_3)
    /php-src    NEWS 
    /php-src/sapi/cgi   cgi_main.c 
  Log:
  MFH: Fixed bug #22127 (Invalid response code when force-cgi-redirect safety
  mechanism is triggered).
  
  
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.589&r2=1.1247.2.590&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.589 php-src/NEWS:1.1247.2.590
--- php-src/NEWS:1.1247.2.589   Thu Mar 11 13:44:26 2004
+++ php-src/NEWS        Fri Mar 12 09:07:13 2004
@@ -30,6 +30,8 @@
   (Jani, Markus dot Lidel at shadowconnect dot com)
 - Fixed bug #26005 (Random "cannot change the session ini settings" errors).
   (Jani, jsnajdr at kerio dot com)
+- Fixed bug #22127 (Invalid response code when force-cgi-redirect safety 
+  mechanism is triggered). (Ilia, scottmacvicar at ntlworld dot com)
 - Fixed bug #21760 (Use of uninitialized pointer inside php_read()). (Ilia, 
   uce at ftc dot gov)
 - Fixed bug #21070 (ftp_genlist/ANSI-tmpfile() fail w/ some platform). (Sara)
http://cvs.php.net/diff.php/php-src/sapi/cgi/cgi_main.c?r1=1.190.2.58&r2=1.190.2.59&ty=u
Index: php-src/sapi/cgi/cgi_main.c
diff -u php-src/sapi/cgi/cgi_main.c:1.190.2.58 php-src/sapi/cgi/cgi_main.c:1.190.2.59
--- php-src/sapi/cgi/cgi_main.c:1.190.2.58      Wed Feb 11 17:00:34 2004
+++ php-src/sapi/cgi/cgi_main.c Fri Mar 12 09:07:14 2004
@@ -20,7 +20,7 @@
    +----------------------------------------------------------------------+
 */
 
-/* $Id: cgi_main.c,v 1.190.2.58 2004/02/11 22:00:34 helly Exp $ */
+/* $Id: cgi_main.c,v 1.190.2.59 2004/03/12 14:07:14 iliaa Exp $ */
 
 #include "php.h"
 #include "php_globals.h"
@@ -1106,6 +1106,7 @@
                            in case some server does something different than above */
                        && (!redirect_status_env || !getenv(redirect_status_env))
                        ) {
+                       SG(sapi_headers).http_response_code = 400;
                        PUTS("<b>Security Alert!</b> The PHP CGI cannot be accessed 
directly.\n\n\
 <p>This PHP CGI binary was compiled with force-cgi-redirect enabled.  This\n\
 means that a page will only be served up if the REDIRECT_STATUS CGI variable is\n\

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to