lbarnaud Mon Oct 20 18:45:24 2008 UTC Added files: (Branch: PHP_5_2) /php-src/tests/basic bug46313-win.phpt bug46313.phpt
Modified files: /php-src/main rfc1867.c /php-src NEWS Log: MFB PHP_5_3: Fixed #46313 (Magic quotes broke $_FILES) http://cvs.php.net/viewvc.cgi/php-src/main/rfc1867.c?r1=1.173.2.1.2.13&r2=1.173.2.1.2.14&diff_format=u Index: php-src/main/rfc1867.c diff -u php-src/main/rfc1867.c:1.173.2.1.2.13 php-src/main/rfc1867.c:1.173.2.1.2.14 --- php-src/main/rfc1867.c:1.173.2.1.2.13 Sun Sep 7 14:18:11 2008 +++ php-src/main/rfc1867.c Mon Oct 20 18:45:23 2008 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: rfc1867.c,v 1.173.2.1.2.13 2008/09/07 14:18:11 lbarnaud Exp $ */ +/* $Id: rfc1867.c,v 1.173.2.1.2.14 2008/10/20 18:45:23 lbarnaud Exp $ */ /* * This product includes software developed by the Apache Group @@ -788,7 +788,6 @@ int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL; char **val_list = NULL; #endif - zend_bool magic_quotes_gpc; multipart_buffer *mbuff; zval *array_ptr = (zval *) arg; int fd=-1; @@ -1279,26 +1278,30 @@ } s = ""; - /* Initialize variables */ - add_protected_variable(param TSRMLS_CC); + { + /* store temp_filename as-is (without magic_quotes_gpc-ing it, in case upload_tmp_dir + * contains escapeable characters. escape only the variable name.) */ + zval zfilename; - magic_quotes_gpc = PG(magic_quotes_gpc); - PG(magic_quotes_gpc) = 0; - /* if param is of form xxx[.*] this will cut it to xxx */ - if (!is_anonymous) { - safe_php_register_variable(param, temp_filename, strlen(temp_filename), NULL, 1 TSRMLS_CC); - } - - /* Add $foo[tmp_name] */ - if (is_arr_upload) { - snprintf(lbuf, llen, "%s[tmp_name][%s]", abuf, array_index); - } else { - snprintf(lbuf, llen, "%s[tmp_name]", param); - } - add_protected_variable(lbuf TSRMLS_CC); - register_http_post_files_variable(lbuf, temp_filename, http_post_files, 1 TSRMLS_CC); + /* Initialize variables */ + add_protected_variable(param TSRMLS_CC); - PG(magic_quotes_gpc) = magic_quotes_gpc; + /* if param is of form xxx[.*] this will cut it to xxx */ + if (!is_anonymous) { + ZVAL_STRING(&zfilename, temp_filename, 1); + safe_php_register_variable_ex(param, &zfilename, NULL, 1 TSRMLS_CC); + } + + /* Add $foo[tmp_name] */ + if (is_arr_upload) { + snprintf(lbuf, llen, "%s[tmp_name][%s]", abuf, array_index); + } else { + snprintf(lbuf, llen, "%s[tmp_name]", param); + } + add_protected_variable(lbuf TSRMLS_CC); + ZVAL_STRING(&zfilename, temp_filename, 1); + register_http_post_files_variable_ex(lbuf, &zfilename, http_post_files, 1 TSRMLS_CC); + } { zval file_size, error_type; http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1265&r2=1.2027.2.547.2.1266&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1265 php-src/NEWS:1.2027.2.547.2.1266 --- php-src/NEWS:1.2027.2.547.2.1265 Mon Oct 20 12:46:57 2008 +++ php-src/NEWS Mon Oct 20 18:45:23 2008 @@ -7,6 +7,7 @@ (Rob) - Fixed bug #46319 (PHP sets default Content-Type header for HTTP 304 response code, in cgi sapi). (Ilia) +- Fixed bug #46313 (Magic quotes broke $_FILES). (Arnaud) - Fixed bug #46308 (Invalid write when changing property from inside getter). (Dmitry) - Fixed bug #46292 (PDO::setFetchMode() shouldn't requires the 2nd arg when http://cvs.php.net/viewvc.cgi/php-src/tests/basic/bug46313-win.phpt?view=markup&rev=1.1 Index: php-src/tests/basic/bug46313-win.phpt +++ php-src/tests/basic/bug46313-win.phpt http://cvs.php.net/viewvc.cgi/php-src/tests/basic/bug46313.phpt?view=markup&rev=1.1 Index: php-src/tests/basic/bug46313.phpt +++ php-src/tests/basic/bug46313.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php