iliaa Wed Mar 8 14:41:45 2006 UTC
Modified files:
/php-src Makefile.gcov Makefile.global configure.in php.ini-dist
php.ini-recommended run-tests.php server-tests.php
/php-src/ext/standard basic_functions.c basic_functions.h
/php-src/ext/tidy tidy.c
/php-src/ext/zlib zlib.c
/php-src/main SAPI.c config.w32.h fopen_wrappers.c main.c php.h
php_globals.h php_ini.c
/php-src/main/streams plain_wrapper.c
/php-src/win32 install.txt php5dll.dsp php5dllts.dsp
/php-src/win32/build config.w32
Log:
So long safe_mode mode.
Also removed the magic_quotes configure option, no longer relevant since
the magic is gone :-).
http://cvs.php.net/viewcvs.cgi/php-src/Makefile.gcov?r1=1.11&r2=1.12&diff_format=u
Index: php-src/Makefile.gcov
diff -u php-src/Makefile.gcov:1.11 php-src/Makefile.gcov:1.12
--- php-src/Makefile.gcov:1.11 Fri Dec 9 21:40:55 2005
+++ php-src/Makefile.gcov Wed Mar 8 14:41:45 2006
@@ -13,13 +13,13 @@
TEST_PHP_EXECUTABLE=$(PHP_EXECUTABLE) \
TEST_PHP_SRCDIR=$(top_srcdir) \
CC="$(CC)" \
- $(PHP_EXECUTABLE) -d 'open_basedir=' -d 'safe_mode=0'
-d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -d
'extension_dir=modules/' -d `( . $(PHP_MODULES) ; echo extension=$$dlname)`
tests/; \
+ $(PHP_EXECUTABLE) -d 'open_basedir=' -d
'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -d
'extension_dir=modules/' -d `( . $(PHP_MODULES) ; echo extension=$$dlname)`
tests/; \
elif test ! -z "$(SAPI_CLI_PATH)" && test -x "$(SAPI_CLI_PATH)"; then \
NO_INTERACTION=1 \
TEST_PHP_EXECUTABLE=$(top_builddir)/$(SAPI_CLI_PATH) \
TEST_PHP_SRCDIR=$(top_srcdir) \
CC="$(CC)" \
- $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d
'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1'
$(top_srcdir)/run-tests.php $(TESTS); \
+ $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d
'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php $(TESTS);
\
else \
echo "ERROR: Cannot run tests without CLI sapi."; \
fi
http://cvs.php.net/viewcvs.cgi/php-src/Makefile.global?r1=1.66&r2=1.67&diff_format=u
Index: php-src/Makefile.global
diff -u php-src/Makefile.global:1.66 php-src/Makefile.global:1.67
--- php-src/Makefile.global:1.66 Fri Dec 23 21:01:05 2005
+++ php-src/Makefile.global Wed Mar 8 14:41:45 2006
@@ -72,12 +72,12 @@
TEST_PHP_EXECUTABLE=$(PHP_EXECUTABLE) \
TEST_PHP_SRCDIR=$(top_srcdir) \
CC="$(CC)" \
- $(PHP_EXECUTABLE) -d 'open_basedir=' -d 'safe_mode=0'
-d 'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -d
'extension_dir=modules/' -d `( . $(PHP_MODULES) ; echo extension=$$dlname)`
tests/; \
+ $(PHP_EXECUTABLE) -d 'open_basedir=' -d
'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -d
'extension_dir=modules/' -d `( . $(PHP_MODULES) ; echo extension=$$dlname)`
tests/; \
elif test ! -z "$(SAPI_CLI_PATH)" && test -x "$(SAPI_CLI_PATH)"; then \
TEST_PHP_EXECUTABLE=$(top_builddir)/$(SAPI_CLI_PATH) \
TEST_PHP_SRCDIR=$(top_srcdir) \
CC="$(CC)" \
- $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d
'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1'
$(top_srcdir)/run-tests.php -U $(TESTS); \
+ $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d
'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -U
$(TESTS); \
else \
echo "ERROR: Cannot run tests without CLI sapi."; \
fi
@@ -87,7 +87,7 @@
TEST_PHP_EXECUTABLE=$(top_builddir)/$(SAPI_CLI_PATH) \
TEST_PHP_SRCDIR=$(top_srcdir) \
CC="$(CC)" \
- $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d
'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1'
$(top_srcdir)/run-tests.php -u $(TESTS); \
+ $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d
'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -u
$(TESTS); \
else \
echo "ERROR: Cannot run tests without CLI sapi."; \
fi
@@ -97,7 +97,7 @@
TEST_PHP_EXECUTABLE=$(top_builddir)/$(SAPI_CLI_PATH) \
TEST_PHP_SRCDIR=$(top_srcdir) \
CC="$(CC)" \
- $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d
'safe_mode=0' -d 'output_buffering=0' -d 'memory_limit=-1'
$(top_srcdir)/run-tests.php -N $(TESTS); \
+ $(top_builddir)/$(SAPI_CLI_PATH) -d 'open_basedir=' -d
'output_buffering=0' -d 'memory_limit=-1' $(top_srcdir)/run-tests.php -N
$(TESTS); \
else \
echo "ERROR: Cannot run tests without CLI sapi."; \
fi
http://cvs.php.net/viewcvs.cgi/php-src/configure.in?r1=1.599&r2=1.600&diff_format=u
Index: php-src/configure.in
diff -u php-src/configure.in:1.599 php-src/configure.in:1.600
--- php-src/configure.in:1.599 Wed Jan 4 12:22:23 2006
+++ php-src/configure.in Wed Mar 8 14:41:45 2006
@@ -1,4 +1,4 @@
- ## $Id: configure.in,v 1.599 2006/01/04 12:22:23 derick Exp $ -*- autoconf -*-
+ ## $Id: configure.in,v 1.600 2006/03/08 14:41:45 iliaa Exp $ -*- autoconf -*-
dnl ## Process this file with autoconf to produce a configure script.
divert(1)
@@ -713,37 +713,6 @@
test -n "$DEBUG_CFLAGS" && CFLAGS="$CFLAGS $DEBUG_CFLAGS"
-PHP_ARG_ENABLE(safe-mode, whether to enable safe mode by default,
-[ --enable-safe-mode Enable safe mode by default], no, no)
-
-if test "$PHP_SAFE_MODE" = "yes"; then
- AC_DEFINE(PHP_SAFE_MODE,1,[ ])
-else
- AC_DEFINE(PHP_SAFE_MODE,0,[ ])
-fi
-
-AC_MSG_CHECKING([for safe mode exec dir])
-AC_ARG_WITH(exec-dir,
-[ --with-exec-dir[=DIR] Only allow executables in DIR under safe-mode
- [/usr/local/php/bin]],
-[
- if test "$withval" != "no"; then
- if test "$withval" = "yes"; then
- AC_DEFINE(PHP_SAFE_MODE_EXEC_DIR,"/usr/local/php/bin", [ ])
- AC_MSG_RESULT([/usr/local/php/bin])
- else
- AC_DEFINE_UNQUOTED(PHP_SAFE_MODE_EXEC_DIR,"$withval", [ ])
- AC_MSG_RESULT([$withval])
- fi
- else
- AC_DEFINE(PHP_SAFE_MODE_EXEC_DIR,"/usr/local/php/bin", [ ])
- AC_MSG_RESULT([/usr/local/php/bin])
- fi
-],[
- AC_DEFINE(PHP_SAFE_MODE_EXEC_DIR,"/usr/local/php/bin", [ ])
- AC_MSG_RESULT([/usr/local/php/bin])
-])
-
PHP_ARG_ENABLE(sigchild,whether to enable PHP's own SIGCHLD handler,
[ --enable-sigchild Enable PHP's own SIGCHLD handler], no, no)
@@ -753,15 +722,6 @@
AC_DEFINE(PHP_SIGCHILD, 0, [ ])
fi
-PHP_ARG_ENABLE(magic-quotes,whether to enable magic quotes by default,
-[ --enable-magic-quotes Enable magic quotes by default.], no, no)
-
-if test "$PHP_MAGIC_QUOTES" = "yes"; then
- AC_DEFINE(MAGIC_QUOTES, 1, [ ])
-else
- AC_DEFINE(MAGIC_QUOTES, 0, [ ])
-fi
-
PHP_ARG_ENABLE(rpath, whether to enable runpaths,
[ --disable-rpath Disable passing additional runtime library
search paths], yes, no)
@@ -1262,7 +1222,7 @@
PHP_ADD_SOURCES(TSRM, TSRM.c tsrm_strtok_r.c tsrm_virtual_cwd.c)
PHP_ADD_SOURCES(main, main.c snprintf.c spprintf.c php_sprintf.c \
- safe_mode.c fopen_wrappers.c alloca.c php_scandir.c \
+ fopen_wrappers.c alloca.c php_scandir.c \
php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
network.c php_open_temporary_file.c php_logos.c \
http://cvs.php.net/viewcvs.cgi/php-src/php.ini-dist?r1=1.247&r2=1.248&diff_format=u
Index: php-src/php.ini-dist
diff -u php-src/php.ini-dist:1.247 php-src/php.ini-dist:1.248
--- php-src/php.ini-dist:1.247 Wed Mar 8 00:43:27 2006
+++ php-src/php.ini-dist Wed Mar 8 14:41:45 2006
@@ -162,41 +162,6 @@
; reference).
allow_call_time_pass_reference = On
-;
-; Safe Mode
-;
-safe_mode = Off
-
-; By default, Safe Mode does a UID compare check when
-; opening files. If you want to relax this to a GID compare,
-; then turn on safe_mode_gid.
-safe_mode_gid = Off
-
-; When safe_mode is on, UID/GID checks are bypassed when
-; including files from this directory and its subdirectories.
-; (directory must also be in include_path or full path must
-; be used when including)
-safe_mode_include_dir =
-
-; When safe_mode is on, only executables located in the safe_mode_exec_dir
-; will be allowed to be executed via the exec family of functions.
-safe_mode_exec_dir =
-
-; Setting certain environment variables may be a potential security breach.
-; This directive contains a comma-delimited list of prefixes. In Safe Mode,
-; the user may only alter environment variables whose names begin with the
-; prefixes supplied here. By default, users will only be able to set
-; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
-;
-; Note: If this directive is empty, PHP will let the user modify ANY
-; environment variable!
-safe_mode_allowed_env_vars = PHP_
-
-; This directive contains a comma-delimited list of environment variables that
-; the end user won't be able to change using putenv(). These variables will be
-; protected even if safe_mode_allowed_env_vars is set to allow to change them.
-safe_mode_protected_env_vars = LD_LIBRARY_PATH
-
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
http://cvs.php.net/viewcvs.cgi/php-src/php.ini-recommended?r1=1.196&r2=1.197&diff_format=u
Index: php-src/php.ini-recommended
diff -u php-src/php.ini-recommended:1.196 php-src/php.ini-recommended:1.197
--- php-src/php.ini-recommended:1.196 Wed Mar 8 00:43:27 2006
+++ php-src/php.ini-recommended Wed Mar 8 14:41:45 2006
@@ -204,41 +204,6 @@
; reference).
allow_call_time_pass_reference = Off
-;
-; Safe Mode
-;
-safe_mode = Off
-
-; By default, Safe Mode does a UID compare check when
-; opening files. If you want to relax this to a GID compare,
-; then turn on safe_mode_gid.
-safe_mode_gid = Off
-
-; When safe_mode is on, UID/GID checks are bypassed when
-; including files from this directory and its subdirectories.
-; (directory must also be in include_path or full path must
-; be used when including)
-safe_mode_include_dir =
-
-; When safe_mode is on, only executables located in the safe_mode_exec_dir
-; will be allowed to be executed via the exec family of functions.
-safe_mode_exec_dir =
-
-; Setting certain environment variables may be a potential security breach.
-; This directive contains a comma-delimited list of prefixes. In Safe Mode,
-; the user may only alter environment variables whose names begin with the
-; prefixes supplied here. By default, users will only be able to set
-; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
-;
-; Note: If this directive is empty, PHP will let the user modify ANY
-; environment variable!
-safe_mode_allowed_env_vars = PHP_
-
-; This directive contains a comma-delimited list of environment variables that
-; the end user won't be able to change using putenv(). These variables will be
-; protected even if safe_mode_allowed_env_vars is set to allow to change them.
-safe_mode_protected_env_vars = LD_LIBRARY_PATH
-
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
http://cvs.php.net/viewcvs.cgi/php-src/run-tests.php?r1=1.280&r2=1.281&diff_format=u
Index: php-src/run-tests.php
diff -u php-src/run-tests.php:1.280 php-src/run-tests.php:1.281
--- php-src/run-tests.php:1.280 Thu Feb 16 06:29:32 2006
+++ php-src/run-tests.php Wed Mar 8 14:41:45 2006
@@ -23,7 +23,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: run-tests.php,v 1.280 2006/02/16 06:29:32 tony2001 Exp $ */
+/* $Id: run-tests.php,v 1.281 2006/03/08 14:41:45 iliaa Exp $ */
/* Sanity check to ensure that pcre extension needed by this script is
available.
* In the event it is not, print a nice error message indicating that this
script will
@@ -82,21 +82,6 @@
error_reporting(E_ALL);
ini_set('magic_quotes_runtime',0); // this would break tests by modifying
EXPECT sections
-if (ini_get('safe_mode')) {
- echo <<< SAFE_MODE_WARNING
-
-+-----------------------------------------------------------+
-| ! WARNING ! |
-| You are running the test-suite with "safe_mode" ENABLED ! |
-| |
-| Chances are high that no test will work at all, |
-| depending on how you configured "safe_mode" ! |
-+-----------------------------------------------------------+
-
-
-SAFE_MODE_WARNING;
-}
-
$environment = isset($_ENV) ? $_ENV : array();
// Don't ever guess at the PHP executable location.
@@ -145,7 +130,6 @@
$ini_overwrites = array(
'output_handler=',
'open_basedir=',
- 'safe_mode=0',
'disable_functions=',
'output_buffering=Off',
'error_reporting=8191',
@@ -405,7 +389,7 @@
$html_output = is_resource($html_file);
break;
case '--version':
- echo '$Revision: 1.280 $'."\n";
+ echo '$Revision: 1.281 $'."\n";
exit(1);
default:
echo "Illegal switch specified!\n";
http://cvs.php.net/viewcvs.cgi/php-src/server-tests.php?r1=1.5&r2=1.6&diff_format=u
Index: php-src/server-tests.php
diff -u php-src/server-tests.php:1.5 php-src/server-tests.php:1.6
--- php-src/server-tests.php:1.5 Sun Jan 1 13:09:48 2006
+++ php-src/server-tests.php Wed Mar 8 14:41:45 2006
@@ -48,14 +48,6 @@
| with --with-pcre-regex or if you have compiled pcre as a |
| shared module load it via php.ini. |
+-----------------------------------------------------------+');
-define('SAFE_MODE_WARNING',
-'+-----------------------------------------------------------+
-| ! WARNING ! |
-| You are running the test-suite with "safe_mode" ENABLED ! |
-| |
-| Chances are high that no test will work at all, |
-| depending on how you configured "safe_mode" ! |
-+-----------------------------------------------------------+');
define('TMP_MISSING',
'+-----------------------------------------------------------+
| ! ERROR ! |
@@ -464,7 +456,6 @@
'output_handler'=>'',
'zlib.output_compression'=>'Off',
'open_basedir'=>'',
- 'safe_mode'=>'0',
'disable_functions'=>'',
'output_buffering'=>'Off',
'error_reporting'=>'4095',
@@ -762,9 +753,6 @@
$this->writemsg(PCRE_MISSING_ERROR);
exit;
}
- if (ini_get('safe_mode')) {
- $this->writemsg(SAFE_MODE_WARNING);
- }
}
//
http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/basic_functions.c?r1=1.760&r2=1.761&diff_format=u
Index: php-src/ext/standard/basic_functions.c
diff -u php-src/ext/standard/basic_functions.c:1.760
php-src/ext/standard/basic_functions.c:1.761
--- php-src/ext/standard/basic_functions.c:1.760 Wed Mar 8 00:43:28 2006
+++ php-src/ext/standard/basic_functions.c Wed Mar 8 14:41:45 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: basic_functions.c,v 1.760 2006/03/08 00:43:28 pajoye Exp $ */
+/* $Id: basic_functions.c,v 1.761 2006/03/08 14:41:45 iliaa Exp $ */
#include "php.h"
#include "php_streams.h"
@@ -1961,6 +1961,35 @@
return SUCCESS;
}
+PHPAPI char *php_get_current_user()
+{
+ struct passwd *pwd;
+ struct stat *pstat;
+ TSRMLS_FETCH();
+
+ if (SG(request_info).current_user) {
+ return SG(request_info).current_user;
+ }
+
+ /* FIXME: I need to have this somehow handled if
+ USE_SAPI is defined, because cgi will also be
+ interfaced in USE_SAPI */
+
+ pstat = sapi_get_stat(TSRMLS_C);
+
+ if (!pstat) {
+ return "";
+ }
+
+ if ((pwd=getpwuid(pstat->st_uid))==NULL) {
+ return "";
+ }
+ SG(request_info).current_user_length = strlen(pwd->pw_name);
+ SG(request_info).current_user = estrndup(pwd->pw_name,
SG(request_info).current_user_length);
+
+ return SG(request_info).current_user;
+}
+
/* {{{ proto mixed call_user_func(string function_name [, mixed parmeter] [,
mixed ...])
Call a user function which is the first parameter */
PHP_FUNCTION(call_user_func)
http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/basic_functions.h?r1=1.144&r2=1.145&diff_format=u
Index: php-src/ext/standard/basic_functions.h
diff -u php-src/ext/standard/basic_functions.h:1.144
php-src/ext/standard/basic_functions.h:1.145
--- php-src/ext/standard/basic_functions.h:1.144 Mon Mar 6 14:27:45 2006
+++ php-src/ext/standard/basic_functions.h Wed Mar 8 14:41:45 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: basic_functions.h,v 1.144 2006/03/06 14:27:45 iliaa Exp $ */
+/* $Id: basic_functions.h,v 1.145 2006/03/08 14:41:45 iliaa Exp $ */
#ifndef BASIC_FUNCTIONS_H
#define BASIC_FUNCTIONS_H
@@ -134,6 +134,7 @@
PHP_RSHUTDOWN_FUNCTION(user_filters);
PHPAPI int _php_error_log(int opt_err, char *message, char *opt, char *headers
TSRMLS_DC);
+PHPAPI char *php_get_current_user();
#if SIZEOF_INT == 4
/* Most 32-bit and 64-bit systems have 32-bit ints */
http://cvs.php.net/viewcvs.cgi/php-src/ext/tidy/tidy.c?r1=1.75&r2=1.76&diff_format=u
Index: php-src/ext/tidy/tidy.c
diff -u php-src/ext/tidy/tidy.c:1.75 php-src/ext/tidy/tidy.c:1.76
--- php-src/ext/tidy/tidy.c:1.75 Sun Feb 19 04:29:41 2006
+++ php-src/ext/tidy/tidy.c Wed Mar 8 14:41:45 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: tidy.c,v 1.75 2006/02/19 04:29:41 andi Exp $ */
+/* $Id: tidy.c,v 1.76 2006/03/08 14:41:45 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -29,7 +29,6 @@
#include "php_ini.h"
#include "ext/standard/info.h"
-#include "safe_mode.h"
#include "Zend/zend_exceptions.h"
#include "Zend/zend_object_handlers.h"
@@ -983,7 +982,7 @@
php_info_print_table_start();
php_info_print_table_header(2, "Tidy support", "enabled");
php_info_print_table_row(2, "libTidy Release", (char
*)tidyReleaseDate());
- php_info_print_table_row(2, "Extension Version",
PHP_TIDY_MODULE_VERSION " ($Id: tidy.c,v 1.75 2006/02/19 04:29:41 andi Exp $)");
+ php_info_print_table_row(2, "Extension Version",
PHP_TIDY_MODULE_VERSION " ($Id: tidy.c,v 1.76 2006/03/08 14:41:45 iliaa Exp
$)");
php_info_print_table_end();
DISPLAY_INI_ENTRIES();
http://cvs.php.net/viewcvs.cgi/php-src/ext/zlib/zlib.c?r1=1.191&r2=1.192&diff_format=u
Index: php-src/ext/zlib/zlib.c
diff -u php-src/ext/zlib/zlib.c:1.191 php-src/ext/zlib/zlib.c:1.192
--- php-src/ext/zlib/zlib.c:1.191 Wed Mar 8 00:43:29 2006
+++ php-src/ext/zlib/zlib.c Wed Mar 8 14:41:45 2006
@@ -19,7 +19,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: zlib.c,v 1.191 2006/03/08 00:43:29 pajoye Exp $ */
+/* $Id: zlib.c,v 1.192 2006/03/08 14:41:45 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -42,7 +42,6 @@
/* #include <sys/uio.h> */
#endif
#include "ext/standard/head.h"
-#include "safe_mode.h"
#include "ext/standard/php_standard.h"
#include "ext/standard/info.h"
#include "php_zlib.h"
http://cvs.php.net/viewcvs.cgi/php-src/main/SAPI.c?r1=1.211&r2=1.212&diff_format=u
Index: php-src/main/SAPI.c
diff -u php-src/main/SAPI.c:1.211 php-src/main/SAPI.c:1.212
--- php-src/main/SAPI.c:1.211 Mon Feb 13 10:23:58 2006
+++ php-src/main/SAPI.c Wed Mar 8 14:41:45 2006
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: SAPI.c,v 1.211 2006/02/13 10:23:58 dmitry Exp $ */
+/* $Id: SAPI.c,v 1.212 2006/03/08 14:41:45 iliaa Exp $ */
#include <ctype.h>
#include <sys/stat.h>
@@ -665,74 +665,9 @@
sapi_update_response_code(401 TSRMLS_CC); /*
authentication-required */
- if(PG(safe_mode))
-#if (HAVE_PCRE || HAVE_BUNDLED_PCRE) && !defined(COMPILE_DL_PCRE)
- {
- zval *repl_temp;
- char *ptr = colon_offset+1, *result,
*newheader;
- int ptr_len=0, result_len = 0, newlen =
0;
-
- /* skip white space */
- while (isspace(*ptr)) {
- ptr++;
- }
-
- myuid = php_getuid();
-
- ptr_len = strlen(ptr);
- MAKE_STD_ZVAL(repl_temp);
- Z_TYPE_P(repl_temp) = IS_STRING;
- Z_STRVAL_P(repl_temp) = emalloc(32);
- Z_STRLEN_P(repl_temp) =
sprintf(Z_STRVAL_P(repl_temp), "realm=\"\\1-%ld\"", myuid);
- /* Modify quoted realm value */
- result =
php_pcre_replace("/realm=\"(.*?)\"/i", 16,
-
ptr, ptr_len,
-
repl_temp,
-
0, &result_len, -1, NULL TSRMLS_CC);
- if(result_len==ptr_len) {
- efree(result);
- sprintf(Z_STRVAL_P(repl_temp),
"realm=\\1-%ld\\2", myuid);
- /* modify unquoted realm value
*/
- result =
php_pcre_replace("/realm=([^\\s]+)(.*)/i", 21,
-
ptr, ptr_len,
-
repl_temp,
-
0, &result_len, -1, NULL TSRMLS_CC);
- if(result_len==ptr_len) {
- char *lower_temp =
estrdup(ptr);
- char conv_temp[32];
- int conv_len;
-
-
php_strtolower(lower_temp,strlen(lower_temp));
- /* If there is no realm
string at all, append one */
-
if(!strstr(lower_temp,"realm")) {
- efree(result);
- conv_len =
sprintf(conv_temp, " realm=\"%ld\"",myuid);
- result =
emalloc(ptr_len+conv_len+1);
- result_len =
ptr_len+conv_len;
- memcpy(result,
ptr, ptr_len);
-
memcpy(result+ptr_len, conv_temp, conv_len);
-
*(result+ptr_len+conv_len) = '\0';
- }
- efree(lower_temp);
- }
- }
- newlen = sizeof("WWW-Authenticate: ") -
1 + result_len;
- newheader = emalloc(newlen+1);
- sprintf(newheader,"WWW-Authenticate:
%s", result);
- efree(header_line);
- sapi_header.header = newheader;
- sapi_header.header_len = newlen;
- efree(result);
- efree(Z_STRVAL_P(repl_temp));
- efree(repl_temp);
- }
-#else
- {
- myuid = php_getuid();
- efree(header_line);
- sapi_header.header_len =
spprintf(&sapi_header.header, 0, "WWW-Authenticate: Basic realm=\"%ld\"",
myuid);
- }
-#endif
+ myuid = php_getuid();
+ efree(header_line);
+ sapi_header.header_len =
spprintf(&sapi_header.header, 0, "WWW-Authenticate: Basic realm=\"%ld\"",
myuid);
}
if (sapi_header.header==header_line) {
*colon_offset = ':';
http://cvs.php.net/viewcvs.cgi/php-src/main/config.w32.h?r1=1.86&r2=1.87&diff_format=u
Index: php-src/main/config.w32.h
diff -u php-src/main/config.w32.h:1.86 php-src/main/config.w32.h:1.87
--- php-src/main/config.w32.h:1.86 Thu Sep 15 19:10:13 2005
+++ php-src/main/config.w32.h Wed Mar 8 14:41:45 2006
@@ -2,7 +2,7 @@
Build Configuration for Win32.
This has only been tested with MS VisualC++ 6 (and later).
- $Id: config.w32.h,v 1.86 2005/09/15 19:10:13 derick Exp $
+ $Id: config.w32.h,v 1.87 2006/03/08 14:41:45 iliaa Exp $
*/
/* Default PHP / PEAR directories */
@@ -82,8 +82,6 @@
/* PHP Runtime Configuration */
#define FORCE_CGI_REDIRECT 1
#define PHP_URL_FOPEN 1
-#define PHP_SAFE_MODE 0
-#define MAGIC_QUOTES 0
#define USE_CONFIG_FILE 1
#define DEFAULT_SHORT_OPEN_TAG "1"
#define ENABLE_PATHINFO_CHECK 1
http://cvs.php.net/viewcvs.cgi/php-src/main/fopen_wrappers.c?r1=1.180&r2=1.181&diff_format=u
Index: php-src/main/fopen_wrappers.c
diff -u php-src/main/fopen_wrappers.c:1.180 php-src/main/fopen_wrappers.c:1.181
--- php-src/main/fopen_wrappers.c:1.180 Thu Mar 2 13:12:45 2006
+++ php-src/main/fopen_wrappers.c Wed Mar 8 14:41:45 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: fopen_wrappers.c,v 1.180 2006/03/02 13:12:45 dmitry Exp $ */
+/* $Id: fopen_wrappers.c,v 1.181 2006/03/08 14:41:45 iliaa Exp $ */
/* {{{ includes
*/
@@ -39,7 +39,6 @@
#include <sys/param.h>
#endif
-#include "safe_mode.h"
#include "ext/standard/head.h"
#include "ext/standard/php_standard.h"
#include "zend_compile.h"
@@ -332,11 +331,6 @@
return php_fopen_and_set_opened_path(filename, mode,
opened_path TSRMLS_CC);
}
- /*
- * files in safe_mode_include_dir (or subdir) are excluded from
- * safe mode GID/UID checks
- */
-
/* Absolute path open */
/* FIXME: Andi - Do we actually need the if()? */
if (IS_ABSOLUTE_PATH(filename, filename_length) || (!path || (path &&
!*path))) {
http://cvs.php.net/viewcvs.cgi/php-src/main/main.c?r1=1.669&r2=1.670&diff_format=u
Index: php-src/main/main.c
diff -u php-src/main/main.c:1.669 php-src/main/main.c:1.670
--- php-src/main/main.c:1.669 Wed Mar 8 00:43:29 2006
+++ php-src/main/main.c Wed Mar 8 14:41:45 2006
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: main.c,v 1.669 2006/03/08 00:43:29 pajoye Exp $ */
+/* $Id: main.c,v 1.670 2006/03/08 14:41:45 iliaa Exp $ */
/* {{{ includes
*/
@@ -324,9 +324,7 @@
}
/* }}} */
-/* Need to convert to strings and make use of:
- * PHP_SAFE_MODE
- *
+/*
* Need to be read from the environment (?):
* PHP_AUTO_PREPEND_FILE
* PHP_AUTO_APPEND_FILE
@@ -335,10 +333,6 @@
* PHP_INCLUDE_PATH
*/
-#ifndef PHP_SAFE_MODE_EXEC_DIR
-# define PHP_SAFE_MODE_EXEC_DIR ""
-#endif
-
#if defined(PHP_PROG_SENDMAIL) && !defined(NETWARE)
# define DEFAULT_SENDMAIL_PATH PHP_PROG_SENDMAIL " -t -i "
#else
@@ -380,13 +374,6 @@
STD_PHP_INI_BOOLEAN("register_argc_argv", "1",
PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_argc_argv,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("register_long_arrays", "1",
PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_long_arrays,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("auto_globals_jit", "1",
PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, auto_globals_jit,
php_core_globals, core_globals)
-#if PHP_SAFE_MODE
- STD_PHP_INI_BOOLEAN("safe_mode", "1",
PHP_INI_SYSTEM, OnUpdateBool, safe_mode,
php_core_globals, core_globals)
-#else
- STD_PHP_INI_BOOLEAN("safe_mode", "0",
PHP_INI_SYSTEM, OnUpdateBool, safe_mode,
php_core_globals, core_globals)
-#endif
- STD_PHP_INI_ENTRY("safe_mode_include_dir", NULL,
PHP_INI_SYSTEM, OnUpdateString, safe_mode_include_dir,
php_core_globals, core_globals)
- STD_PHP_INI_BOOLEAN("safe_mode_gid", "0",
PHP_INI_SYSTEM, OnUpdateBool, safe_mode_gid,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("short_open_tag", DEFAULT_SHORT_OPEN_TAG,
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool,
short_tags, zend_compiler_globals,
compiler_globals)
STD_PHP_INI_BOOLEAN("sql.safe_mode", "0",
PHP_INI_SYSTEM, OnUpdateBool, sql_safe_mode,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("track_errors", "0",
PHP_INI_ALL, OnUpdateBool, track_errors,
php_core_globals, core_globals)
@@ -408,7 +395,6 @@
STD_PHP_INI_ENTRY("include_path",
PHP_INCLUDE_PATH, PHP_INI_ALL, OnUpdateStringUnempty,
include_path, php_core_globals, core_globals)
PHP_INI_ENTRY("max_execution_time", "30",
PHP_INI_ALL, OnUpdateTimeout)
STD_PHP_INI_ENTRY("open_basedir", NULL,
PHP_INI_SYSTEM, OnUpdateString, open_basedir,
php_core_globals, core_globals)
- STD_PHP_INI_ENTRY("safe_mode_exec_dir", PHP_SAFE_MODE_EXEC_DIR,
PHP_INI_SYSTEM, OnUpdateString, safe_mode_exec_dir,
php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("file_uploads", "1",
PHP_INI_SYSTEM, OnUpdateBool, file_uploads,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY("upload_max_filesize", "2M",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong,
upload_max_filesize, php_core_globals, core_globals)
@@ -973,11 +959,6 @@
{
zval **new_timeout;
- if (PG(safe_mode)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot set time
limit in safe mode");
- RETURN_FALSE;
- }
-
if (ZEND_NUM_ARGS() != 1 || zend_get_parameters_ex(1, &new_timeout) ==
FAILURE) {
WRONG_PARAM_COUNT;
}
http://cvs.php.net/viewcvs.cgi/php-src/main/php.h?r1=1.228&r2=1.229&diff_format=u
Index: php-src/main/php.h
diff -u php-src/main/php.h:1.228 php-src/main/php.h:1.229
--- php-src/main/php.h:1.228 Tue Mar 7 22:37:18 2006
+++ php-src/main/php.h Wed Mar 8 14:41:45 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php.h,v 1.228 2006/03/07 22:37:18 alexwaugh Exp $ */
+/* $Id: php.h,v 1.229 2006/03/08 14:41:45 iliaa Exp $ */
#ifndef PHP_H
#define PHP_H
@@ -189,8 +189,6 @@
# endif
#endif
-#include "safe_mode.h"
-
#ifndef HAVE_STRERROR
char *strerror(int);
#endif
http://cvs.php.net/viewcvs.cgi/php-src/main/php_globals.h?r1=1.102&r2=1.103&diff_format=u
Index: php-src/main/php_globals.h
diff -u php-src/main/php_globals.h:1.102 php-src/main/php_globals.h:1.103
--- php-src/main/php_globals.h:1.102 Wed Mar 8 00:43:29 2006
+++ php-src/main/php_globals.h Wed Mar 8 14:41:45 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_globals.h,v 1.102 2006/03/08 00:43:29 pajoye Exp $ */
+/* $Id: php_globals.h,v 1.103 2006/03/08 14:41:45 iliaa Exp $ */
#ifndef PHP_GLOBALS_H
#define PHP_GLOBALS_H
@@ -50,15 +50,11 @@
} arg_separators;
struct _php_core_globals {
- zend_bool safe_mode;
-
zend_bool allow_call_time_pass_reference;
zend_bool implicit_flush;
long output_buffering;
- char *safe_mode_include_dir;
- zend_bool safe_mode_gid;
zend_bool sql_safe_mode;
zend_bool enable_dl;
@@ -67,8 +63,6 @@
char *unserialize_callback_func;
long serialize_precision;
- char *safe_mode_exec_dir;
-
long memory_limit;
long max_input_time;
http://cvs.php.net/viewcvs.cgi/php-src/main/php_ini.c?r1=1.141&r2=1.142&diff_format=u
Index: php-src/main/php_ini.c
diff -u php-src/main/php_ini.c:1.141 php-src/main/php_ini.c:1.142
--- php-src/main/php_ini.c:1.141 Mon Feb 13 10:23:58 2006
+++ php-src/main/php_ini.c Wed Mar 8 14:41:45 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_ini.c,v 1.141 2006/02/13 10:23:58 dmitry Exp $ */
+/* $Id: php_ini.c,v 1.142 2006/03/08 14:41:45 iliaa Exp $ */
#include "php.h"
#include "ext/standard/info.h"
@@ -259,7 +259,6 @@
int php_init_config(TSRMLS_D)
{
char *php_ini_search_path = NULL;
- int safe_mode_state;
char *open_basedir;
int free_ini_search_path = 0;
zend_file_handle fh;
@@ -282,7 +281,6 @@
zend_llist_init(&extension_lists.functions, sizeof(zval),
(llist_dtor_func_t) ZVAL_DESTRUCTOR, 1);
zend_llist_init(&scanned_ini_list, sizeof(char *), (llist_dtor_func_t)
free_estring, 1);
- safe_mode_state = PG(safe_mode);
open_basedir = PG(open_basedir);
if (sapi_module.php_ini_path_override) {
@@ -415,7 +413,6 @@
#endif
}
- PG(safe_mode) = 0;
PG(open_basedir) = NULL;
memset(&fh, 0, sizeof(fh));
@@ -455,7 +452,6 @@
efree(php_ini_search_path);
}
- PG(safe_mode) = safe_mode_state;
PG(open_basedir) = open_basedir;
if (fh.handle.fp) {
http://cvs.php.net/viewcvs.cgi/php-src/main/streams/plain_wrapper.c?r1=1.63&r2=1.64&diff_format=u
Index: php-src/main/streams/plain_wrapper.c
diff -u php-src/main/streams/plain_wrapper.c:1.63
php-src/main/streams/plain_wrapper.c:1.64
--- php-src/main/streams/plain_wrapper.c:1.63 Thu Mar 2 13:12:45 2006
+++ php-src/main/streams/plain_wrapper.c Wed Mar 8 14:41:45 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: plain_wrapper.c,v 1.63 2006/03/02 13:12:45 dmitry Exp $ */
+/* $Id: plain_wrapper.c,v 1.64 2006/03/08 14:41:45 iliaa Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -1194,11 +1194,6 @@
return php_stream_fopen_rel(filename, mode, opened_path,
options);
}
- /*
- * files in safe_mode_include_dir (or subdir) are excluded from
- * safe mode GID/UID checks
- */
-
not_relative_path:
/* Absolute path open */
http://cvs.php.net/viewcvs.cgi/php-src/win32/install.txt?r1=1.34&r2=1.35&diff_format=u
Index: php-src/win32/install.txt
diff -u php-src/win32/install.txt:1.34 php-src/win32/install.txt:1.35
--- php-src/win32/install.txt:1.34 Wed Mar 30 13:15:05 2005
+++ php-src/win32/install.txt Wed Mar 8 14:41:45 2006
@@ -1575,15 +1575,12 @@
Example 5-2. Apache configuration example
<IfModule mod_php5.c>
php_value include_path ".:/usr/local/lib/php"
- php_admin_flag safe_mode on
</IfModule>
<IfModule mod_php4.c>
php_value include_path ".:/usr/local/lib/php"
- php_admin_flag safe_mode on
</IfModule>
<IfModule mod_php3.c>
php3_include_path ".:/usr/local/lib/php"
- php3_safe_mode on
</IfModule>
Caution
http://cvs.php.net/viewcvs.cgi/php-src/win32/php5dll.dsp?r1=1.4&r2=1.5&diff_format=u
Index: php-src/win32/php5dll.dsp
diff -u php-src/win32/php5dll.dsp:1.4 php-src/win32/php5dll.dsp:1.5
--- php-src/win32/php5dll.dsp:1.4 Tue Dec 6 00:44:22 2005
+++ php-src/win32/php5dll.dsp Wed Mar 8 14:41:45 2006
@@ -196,10 +196,6 @@
# End Source File
# Begin Source File
-SOURCE=..\main\safe_mode.c
-# End Source File
-# Begin Source File
-
SOURCE=..\main\SAPI.c
# End Source File
# Begin Source File
@@ -316,10 +312,6 @@
# End Source File
# Begin Source File
-SOURCE=..\main\safe_mode.h
-# End Source File
-# Begin Source File
-
SOURCE=..\main\SAPI.h
# End Source File
# Begin Source File
http://cvs.php.net/viewcvs.cgi/php-src/win32/php5dllts.dsp?r1=1.7&r2=1.8&diff_format=u
Index: php-src/win32/php5dllts.dsp
diff -u php-src/win32/php5dllts.dsp:1.7 php-src/win32/php5dllts.dsp:1.8
--- php-src/win32/php5dllts.dsp:1.7 Tue Dec 6 00:44:22 2005
+++ php-src/win32/php5dllts.dsp Wed Mar 8 14:41:45 2006
@@ -237,10 +237,6 @@
# End Source File
# Begin Source File
-SOURCE=..\main\safe_mode.c
-# End Source File
-# Begin Source File
-
SOURCE=..\main\SAPI.c
# End Source File
# Begin Source File
@@ -353,10 +349,6 @@
# End Source File
# Begin Source File
-SOURCE=..\main\safe_mode.h
-# End Source File
-# Begin Source File
-
SOURCE=..\main\SAPI.h
# End Source File
# Begin Source File
http://cvs.php.net/viewcvs.cgi/php-src/win32/build/config.w32?r1=1.51&r2=1.52&diff_format=u
Index: php-src/win32/build/config.w32
diff -u php-src/win32/build/config.w32:1.51 php-src/win32/build/config.w32:1.52
--- php-src/win32/build/config.w32:1.51 Tue Nov 22 00:29:30 2005
+++ php-src/win32/build/config.w32 Wed Mar 8 14:41:45 2006
@@ -1,5 +1,5 @@
// vim:ft=javascript
-// $Id: config.w32,v 1.51 2005/11/22 00:29:30 fmk Exp $
+// $Id: config.w32,v 1.52 2006/03/08 14:41:45 iliaa Exp $
// "Master" config file; think of it as a configure.in
// equivalent.
@@ -273,7 +273,7 @@
zend_object_handlers.c zend_objects_API.c zend_unicode.c zend_strtol.c
\
zend_mm.c zend_default_classes.c zend_execute.c zend_strtod.c");
-ADD_SOURCES("main", "main.c snprintf.c spprintf.c safe_mode.c fopen_wrappers.c
\
+ADD_SOURCES("main", "main.c snprintf.c spprintf.c fopen_wrappers.c \
php_scandir.c php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c
network.c \
php_open_temporary_file.c php_logos.c output.c internal_functions.c
php_sprintf.c");
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
