Hi Ilia, CGI is even doesn't compile after you patch.
Dmitry. > -----Original Message----- > From: Ilia Alshanetsky [mailto:[EMAIL PROTECTED] > Sent: Monday, October 23, 2006 11:18 PM > To: php-cvs@lists.php.net > Subject: [PHP-CVS] cvs: php-src /sapi/apache mod_php5.c > /sapi/apache2filter sapi_apache2.c /sapi/apache2handler > sapi_apache2.c /sapi/cgi cgi_main.c > > > iliaa Mon Oct 23 19:17:51 2006 UTC > > Modified files: > /php-src/sapi/apache mod_php5.c > /php-src/sapi/apache2filter sapi_apache2.c > /php-src/sapi/apache2handler sapi_apache2.c > /php-src/sapi/cgi cgi_main.c > Log: > Added filter support for $_SERVER in cgi/apache2 sapis > Make sure PHP_SELF if filtered in Apache 1 sapi > > > http://cvs.php.net/viewvc.cgi/php-src/sapi/apache/mod_php5.c?r > 1=1.39&r2=1.40&diff_format=u > Index: php-src/sapi/apache/mod_php5.c > diff -u php-src/sapi/apache/mod_php5.c:1.39 > php-src/sapi/apache/mod_php5.c:1.40 > --- php-src/sapi/apache/mod_php5.c:1.39 Thu Oct 12 20:13:07 2006 > +++ php-src/sapi/apache/mod_php5.c Mon Oct 23 19:17:50 2006 > @@ -17,7 +17,7 @@ > | PHP 4.0 patches by Zeev Suraski <[EMAIL PROTECTED]> > | > > +------------------------------------------------------------- > ---------+ > */ > -/* $Id: mod_php5.c,v 1.39 2006/10/12 20:13:07 bfrance Exp $ */ > +/* $Id: mod_php5.c,v 1.40 2006/10/23 19:17:50 iliaa Exp $ */ > > #include "php_apache_http.h" > #include "http_conf_globals.h" > @@ -242,10 +242,11 @@ > table_entry *elts = (table_entry *) arr->elts; > zval **path_translated; > HashTable *symbol_table; > + int new_val_len; > > for (i = 0; i < arr->nelts; i++) { > char *val; > - int val_len, new_val_len; > + int val_len; > > if (elts[i].val) { > val = elts[i].val; > @@ -270,7 +271,9 @@ > php_register_variable("PATH_TRANSLATED", > Z_STRVAL_PP(path_translated), track_vars_array TSRMLS_CC); > } > > - php_register_variable("PHP_SELF", ((request_rec *) > SG(server_context))->uri, track_vars_array TSRMLS_CC); > + if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", > &((request_rec *) SG(server_context))->uri, > strlen(((request_rec *) SG(server_context))->uri), > &new_val_len TSRMLS_CC)) { > + php_register_variable("PHP_SELF", ((request_rec > *) SG(server_context))->uri, track_vars_array TSRMLS_CC); > + } > } > /* }}} */ > > http://cvs.php.net/viewvc.cgi/php-src/sapi/apache2filter/sapi_ > apache2.c?r1=1.141&r2=1.142&diff_format=u > Index: php-src/sapi/apache2filter/sapi_apache2.c > diff -u php-src/sapi/apache2filter/sapi_apache2.c:1.141 > php-src/sapi/apache2filter/sapi_apache2.c:1.142 > --- php-src/sapi/apache2filter/sapi_apache2.c:1.141 Tue Jul > 25 13:41:08 2006 > +++ php-src/sapi/apache2filter/sapi_apache2.c Mon Oct 23 19:17:50 2006 > @@ -18,7 +18,7 @@ > > +------------------------------------------------------------- > ---------+ > */ > > -/* $Id: sapi_apache2.c,v 1.141 2006/07/25 13:41:08 dmitry Exp $ */ > +/* $Id: sapi_apache2.c,v 1.142 2006/10/23 19:17:50 iliaa Exp $ */ > > #include <fcntl.h> > > @@ -220,11 +220,18 @@ > char *key, *val; > > APR_ARRAY_FOREACH_OPEN(arr, key, val) > - if (!val) val = ""; > - php_register_variable(key, val, > track_vars_array TSRMLS_CC); > + if (!val) { > + val = ""; > + } > + if (sapi_module.input_filter(PARSE_SERVER, key, > &val, strlen(val), &new_val_len TSRMLS_CC)) { > + php_register_variable_safe(key, val, > new_val_len, track_vars_array TSRMLS_CC); > + } > APR_ARRAY_FOREACH_CLOSE() > > php_register_variable("PHP_SELF", ctx->r->uri, > track_vars_array TSRMLS_CC); > + if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", > &ctx->r->uri, strlen(ctx->r->uri), &new_val_len TSRMLS_CC)) { > + php_register_variable_safe("PHP_SELF", > ctx->r->uri, new_val_len, track_vars_array TSRMLS_CC); > + } > } > > static void > http://cvs.php.net/viewvc.cgi/php-src/sapi/apache2handler/sapi > _apache2.c?r1=1.74&r2=1.75&diff_format=u > Index: php-src/sapi/apache2handler/sapi_apache2.c > diff -u php-src/sapi/apache2handler/sapi_apache2.c:1.74 > php-src/sapi/apache2handler/sapi_apache2.c:1.75 > --- php-src/sapi/apache2handler/sapi_apache2.c:1.74 Thu Aug > 10 13:43:59 2006 > +++ php-src/sapi/apache2handler/sapi_apache2.c Mon Oct > 23 19:17:51 2006 > @@ -18,7 +18,7 @@ > > +------------------------------------------------------------- > ---------+ > */ > > -/* $Id: sapi_apache2.c,v 1.74 2006/08/10 13:43:59 tony2001 Exp $ */ > +/* $Id: sapi_apache2.c,v 1.75 2006/10/23 19:17:51 iliaa Exp $ */ > > #define ZEND_INCLUDE_FULL_WINDOWS_HEADERS > > @@ -232,13 +232,20 @@ > php_struct *ctx = SG(server_context); > const apr_array_header_t *arr = > apr_table_elts(ctx->r->subprocess_env); > char *key, *val; > + int new_val_len; > > APR_ARRAY_FOREACH_OPEN(arr, key, val) > - if (!val) val = ""; > - php_register_variable(key, val, > track_vars_array TSRMLS_CC); > + if (!val) { > + val = ""; > + } > + if (sapi_module.input_filter(PARSE_SERVER, key, > &val, strlen(val), &new_val_len TSRMLS_CC)) { > + php_register_variable_safe(key, val, > new_val_len, track_vars_array TSRMLS_CC); > + } > APR_ARRAY_FOREACH_CLOSE() > > - php_register_variable("PHP_SELF", ctx->r->uri, > track_vars_array TSRMLS_CC); > + if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", > &ctx->r->uri, strlen(ctx->r->uri), &new_val_len TSRMLS_CC)) { > + php_register_variable_safe("PHP_SELF", > ctx->r->uri, new_val_len, track_vars_array TSRMLS_CC); > + } > } > > static void > http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1 > .300&r2=1.301&diff_format=u > Index: php-src/sapi/cgi/cgi_main.c > diff -u php-src/sapi/cgi/cgi_main.c:1.300 > php-src/sapi/cgi/cgi_main.c:1.301 > --- php-src/sapi/cgi/cgi_main.c:1.300 Sat Sep 23 12:27:35 2006 > +++ php-src/sapi/cgi/cgi_main.c Mon Oct 23 19:17:51 2006 > @@ -21,7 +21,7 @@ > > +------------------------------------------------------------- > ---------+ > */ > > -/* $Id: cgi_main.c,v 1.300 2006/09/23 12:27:35 tony2001 Exp $ */ > +/* $Id: cgi_main.c,v 1.301 2006/10/23 19:17:51 iliaa Exp $ */ > > #include "php.h" > #include "php_globals.h" > @@ -467,19 +467,26 @@ > > zend_hash_get_current_key_ex(&request->env, &var, &var_len, > &idx, 0, &pos) == HASH_KEY_IS_STRING && > > zend_hash_get_current_data_ex(&request->env, (void **) &val, > &pos) == SUCCESS; > zend_hash_move_forward_ex(&request->env, &pos)) { > - php_register_variable(var.s, *val, > array_ptr TSRMLS_CC); > + int new_val_len; > + if > (sapi_module.input_filter(PARSE_SERVER, var.s, val, > strlen(*val), &new_val_len TSRMLS_CC)) { > + > php_register_variable_safe(var.s, *val, new_val_len, > array_ptr TSRMLS_CC); > + } > } > } > } > > static void sapi_cgi_register_variables(zval > *track_vars_array TSRMLS_DC) { > + int new_val_len; > + char *val = SG(request_info).request_uri ? > +SG(request_info).request_uri : ""; > /* In CGI mode, we consider the environment to be a > part of the server > * variables > */ > php_import_environment_variables(track_vars_array TSRMLS_CC); > /* Build the special-case PHP_SELF variable for the CGI > version */ > - php_register_variable("PHP_SELF", > (SG(request_info).request_uri ? SG(request_info).request_uri > : ""), track_vars_array TSRMLS_CC); > + if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", > &val, strlen(val), &new_val_len TSRMLS_CC)) { > + php_register_variable_safe("PHP_SELF", var, > new_val_len, track_vars_array TSRMLS_CC); > + } > } > > static void sapi_cgi_log_message(char *message) > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
