lbarnaud                Mon Oct 20 18:45:24 2008 UTC

  Added files:                 (Branch: PHP_5_2)
    /php-src/tests/basic        bug46313-win.phpt bug46313.phpt 

  Modified files:              
    /php-src/main       rfc1867.c 
    /php-src    NEWS 
  Log:
  MFB PHP_5_3: Fixed #46313 (Magic quotes broke $_FILES)
  
  
http://cvs.php.net/viewvc.cgi/php-src/main/rfc1867.c?r1=1.173.2.1.2.13&r2=1.173.2.1.2.14&diff_format=u
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.173.2.1.2.13 
php-src/main/rfc1867.c:1.173.2.1.2.14
--- php-src/main/rfc1867.c:1.173.2.1.2.13       Sun Sep  7 14:18:11 2008
+++ php-src/main/rfc1867.c      Mon Oct 20 18:45:23 2008
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: rfc1867.c,v 1.173.2.1.2.13 2008/09/07 14:18:11 lbarnaud Exp $ */
+/* $Id: rfc1867.c,v 1.173.2.1.2.14 2008/10/20 18:45:23 lbarnaud Exp $ */
 
 /*
  *  This product includes software developed by the Apache Group
@@ -788,7 +788,6 @@
        int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL;
        char **val_list = NULL;
 #endif
-       zend_bool magic_quotes_gpc;
        multipart_buffer *mbuff;
        zval *array_ptr = (zval *) arg;
        int fd=-1;
@@ -1279,26 +1278,30 @@
                        }
                        s = "";
 
-                       /* Initialize variables */
-                       add_protected_variable(param TSRMLS_CC);
+                       {
+                               /* store temp_filename as-is (without 
magic_quotes_gpc-ing it, in case upload_tmp_dir
+                                * contains escapeable characters. escape only 
the variable name.) */
+                               zval zfilename;
 
-                       magic_quotes_gpc = PG(magic_quotes_gpc);
-                       PG(magic_quotes_gpc) = 0;
-                       /* if param is of form xxx[.*] this will cut it to xxx 
*/
-                       if (!is_anonymous) {
-                               safe_php_register_variable(param, 
temp_filename, strlen(temp_filename), NULL, 1 TSRMLS_CC);
-                       }
-       
-                       /* Add $foo[tmp_name] */
-                       if (is_arr_upload) {
-                               snprintf(lbuf, llen, "%s[tmp_name][%s]", abuf, 
array_index);
-                       } else {
-                               snprintf(lbuf, llen, "%s[tmp_name]", param);
-                       }
-                       add_protected_variable(lbuf TSRMLS_CC);
-                       register_http_post_files_variable(lbuf, temp_filename, 
http_post_files, 1 TSRMLS_CC);
+                               /* Initialize variables */
+                               add_protected_variable(param TSRMLS_CC);
 
-                       PG(magic_quotes_gpc) = magic_quotes_gpc;
+                               /* if param is of form xxx[.*] this will cut it 
to xxx */
+                               if (!is_anonymous) {
+                                       ZVAL_STRING(&zfilename, temp_filename, 
1);
+                                       safe_php_register_variable_ex(param, 
&zfilename, NULL, 1 TSRMLS_CC);
+                               }
+               
+                               /* Add $foo[tmp_name] */
+                               if (is_arr_upload) {
+                                       snprintf(lbuf, llen, 
"%s[tmp_name][%s]", abuf, array_index);
+                               } else {
+                                       snprintf(lbuf, llen, "%s[tmp_name]", 
param);
+                               }
+                               add_protected_variable(lbuf TSRMLS_CC);
+                               ZVAL_STRING(&zfilename, temp_filename, 1);
+                               register_http_post_files_variable_ex(lbuf, 
&zfilename, http_post_files, 1 TSRMLS_CC);
+                       }
 
                        {
                                zval file_size, error_type;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1265&r2=1.2027.2.547.2.1266&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1265 php-src/NEWS:1.2027.2.547.2.1266
--- php-src/NEWS:1.2027.2.547.2.1265    Mon Oct 20 12:46:57 2008
+++ php-src/NEWS        Mon Oct 20 18:45:23 2008
@@ -7,6 +7,7 @@
   (Rob)
 - Fixed bug #46319 (PHP sets default Content-Type header for HTTP 304
   response code, in cgi sapi). (Ilia)
+- Fixed bug #46313 (Magic quotes broke $_FILES). (Arnaud)
 - Fixed bug #46308 (Invalid write when changing property from inside getter).
   (Dmitry)
 - Fixed bug #46292 (PDO::setFetchMode() shouldn't requires the 2nd arg when 

http://cvs.php.net/viewvc.cgi/php-src/tests/basic/bug46313-win.phpt?view=markup&rev=1.1
Index: php-src/tests/basic/bug46313-win.phpt
+++ php-src/tests/basic/bug46313-win.phpt

http://cvs.php.net/viewvc.cgi/php-src/tests/basic/bug46313.phpt?view=markup&rev=1.1
Index: php-src/tests/basic/bug46313.phpt
+++ php-src/tests/basic/bug46313.phpt



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to