rasmus Sun Nov 5 20:44:52 2006 UTC
Modified files:
/php-src/ext/standard php_fopen_wrapper.c
Log:
data: and php:stdin/input allow_url_include checks
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/php_fopen_wrapper.c?r1=1.55&r2=1.56&diff_format=u
Index: php-src/ext/standard/php_fopen_wrapper.c
diff -u php-src/ext/standard/php_fopen_wrapper.c:1.55
php-src/ext/standard/php_fopen_wrapper.c:1.56
--- php-src/ext/standard/php_fopen_wrapper.c:1.55 Fri Nov 3 13:34:39 2006
+++ php-src/ext/standard/php_fopen_wrapper.c Sun Nov 5 20:44:52 2006
@@ -17,7 +17,7 @@
| Hartmut Holzgraefe <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: php_fopen_wrapper.c,v 1.55 2006/11/03 13:34:39 iliaa Exp $ */
+/* $Id: php_fopen_wrapper.c,v 1.56 2006/11/05 20:44:52 rasmus Exp $ */
#include <stdio.h>
#include <stdlib.h>
@@ -185,12 +185,24 @@
if (!strcasecmp(path, "output")) {
return php_stream_alloc(&php_stream_output_ops, NULL, 0, "wb");
}
-
+
if (!strcasecmp(path, "input")) {
+ if ((options & STREAM_OPEN_FOR_INCLUDE) &&
!PG(allow_url_include) ) {
+ if (options & REPORT_ERRORS) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
"URL file-access is disabled in the server configuration");
+ }
+ return NULL;
+ }
return php_stream_alloc(&php_stream_input_ops, ecalloc(1,
sizeof(off_t)), 0, "rb");
}
if (!strcasecmp(path, "stdin")) {
+ if ((options & STREAM_OPEN_FOR_INCLUDE) &&
!PG(allow_url_include) ) {
+ if (options & REPORT_ERRORS) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
"URL file-access is disabled in the server configuration");
+ }
+ return NULL;
+ }
if (!strcmp(sapi_module.name, "cli")) {
static int cli_in = 0;
fd = STDIN_FILENO;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
