[PHP-CVS] cvs: php-src(PHP_4_3) / NEWS /main rfc1867.c

Fri, 21 May 2004 01:14:26 -0700 

derick          Fri May 21 04:14:25 2004 EDT

  Modified files:              (Branch: PHP_4_3)
    /php-src/main       rfc1867.c 
    /php-src    NEWS 
  Log:
  - MFH: Fixed bug #28456 (Problem with enclosed / in uploaded files). 
  
  
http://cvs.php.net/diff.php/php-src/main/rfc1867.c?r1=1.122.2.18&r2=1.122.2.19&ty=u
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.122.2.18 php-src/main/rfc1867.c:1.122.2.19
--- php-src/main/rfc1867.c:1.122.2.18   Sun May  2 06:17:36 2004
+++ php-src/main/rfc1867.c      Fri May 21 04:14:24 2004
@@ -16,7 +16,7 @@
    |          Jani Taskinen <[EMAIL PROTECTED]>                              |
    +----------------------------------------------------------------------+
  */
-/* $Id: rfc1867.c,v 1.122.2.18 2004/05/02 10:17:36 sesser Exp $ */
+/* $Id: rfc1867.c,v 1.122.2.19 2004/05/21 08:14:24 derick Exp $ */
 
 /*
  *  This product includes software developed by the Apache Group
@@ -830,7 +830,7 @@
        while (!multipart_buffer_eof(mbuff TSRMLS_CC))
        {
                char buff[FILLUNIT];
-               char *cd=NULL,*param=NULL,*filename=NULL;
+               char *cd=NULL,*param=NULL,*filename=NULL, *tmp=NULL;
                int blen=0, wlen=0;
 
                zend_llist_clean(&header);
@@ -1031,12 +1031,21 @@
                                        php_mb_gpc_encoding_converter(&filename, 
&str_len, 1, NULL, NULL TSRMLS_CC);
                                }
                                s = php_mb_strrchr(filename, '\\' TSRMLS_CC);
+                               if (tmp = php_mb_strrchr(filename, '/')) {
+                                       s = tmp;
+                               }
                                num_vars--;
                        } else {
                                s = strrchr(filename, '\\');
+                               if (tmp = strrchr(filename, '/')) {
+                                       s = tmp;
+                               }
                        }
 #else
                        s = strrchr(filename, '\\');
+                       if (tmp = strrchr(filename, '/')) {
+                               s = tmp;
+                       }
 #endif
                        if (s && s > filename) {
                                safe_php_register_variable(lbuf, s+1, NULL, 0 
TSRMLS_CC);
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.663&r2=1.1247.2.664&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.663 php-src/NEWS:1.1247.2.664
--- php-src/NEWS:1.1247.2.663   Tue May 18 09:43:33 2004
+++ php-src/NEWS        Fri May 21 04:14:24 2004
@@ -10,6 +10,7 @@
   images. (Ilia)
 - Fixed handling of return values from storred procedures in mssql_execute()
   with multiple result sets returned. (Frank)
+- Fixed bug #28456 (Problem with enclosed / in uploaded files). (Antony)
 - Fixed logic bug in session_register() which allowed registering _SESSION
   and/or HTTP_SESSION_VARS. (Sara)
 - Fixed bug #28386 (wordwrap() wraps lines 1 character too soon). (Ilia)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to