lbarnaud                Fri May  1 00:15:07 2009 UTC

  Modified files:              
    /php-src/main       rfc1867.c 
  Log:
  Removed code for register_globals in file uploads
  
  
http://cvs.php.net/viewvc.cgi/php-src/main/rfc1867.c?r1=1.207&r2=1.208&diff_format=u
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.207 php-src/main/rfc1867.c:1.208
--- php-src/main/rfc1867.c:1.207        Fri May  1 00:13:22 2009
+++ php-src/main/rfc1867.c      Fri May  1 00:15:07 2009
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: rfc1867.c,v 1.207 2009/05/01 00:13:22 lbarnaud Exp $ */
+/* $Id: rfc1867.c,v 1.208 2009/05/01 00:15:07 lbarnaud Exp $ */
 
 /*
  *  This product includes software developed by the Apache Group
@@ -1136,7 +1136,6 @@
                                array_index = eustrndup(start_arr+1, 
array_len-2);   
                        }
 
-                       /* Add $foo_name */
                        if (lbuf) {
                                efree(lbuf);
                        }
@@ -1146,9 +1145,6 @@
                        if (is_arr_upload) {
                                if (abuf) efree(abuf);
                                abuf = eustrndup(param, 
u_strlen(param)-array_len);
-                               u_snprintf(lbuf, llen, "%S_name[%S]", abuf, 
array_index);
-                       } else {
-                               u_snprintf(lbuf, llen, "%S_name", param);
                        }
 
                        /* The \ check should technically be needed for win32 
systems only where
@@ -1162,14 +1158,6 @@
                                s = tmp;
                        }
 
-                       if (!is_anonymous) {
-                               if (s && s > filename) {
-                                       safe_u_php_register_variable(lbuf, s+1, 
u_strlen(s+1), NULL, 0 TSRMLS_CC);
-                               } else {
-                                       safe_u_php_register_variable(lbuf, 
filename, u_strlen(filename), NULL, 0 TSRMLS_CC);
-                               }
-                       }
-
                        /* Add $foo[name] */
                        if (is_arr_upload) {
                                u_snprintf(lbuf, llen, "%S[name][%S]", abuf, 
array_index);
@@ -1201,16 +1189,6 @@
                                }
                        }
 
-                       /* Add $foo_type */
-                       if (is_arr_upload) {
-                               u_snprintf(lbuf, llen, "%S_type[%S]", abuf, 
array_index);
-                       } else {
-                               u_snprintf(lbuf, llen, "%S_type", param);
-                       }
-                       if (!is_anonymous) {
-                               safe_u_php_register_variable(lbuf, ucd, 
ucd_len, NULL, 0 TSRMLS_CC);
-                       }
-
                        /* Add $foo[type] */
                        if (is_arr_upload) {
                                u_snprintf(lbuf, llen, "%S[type][%S]", abuf, 
array_index);
@@ -1225,11 +1203,6 @@
                        /* Initialize variables */
                        add_u_protected_variable(param TSRMLS_CC);
 
-                       /* if param is of form xxx[.*] this will cut it to xxx 
*/
-                       if (!is_anonymous) {
-                               safe_u_php_register_variable(param, 
temp_filename, u_strlen(temp_filename), NULL, 1 TSRMLS_CC);
-                       }
-
                        /* Add $foo[tmp_name] */
                        if (is_arr_upload) {
                                u_snprintf(lbuf, llen, "%S[tmp_name][%S]", 
abuf, array_index);
@@ -1264,16 +1237,6 @@
                                }
                                register_u_http_post_files_variable_ex(lbuf, 
&error_type, http_post_files, 0 TSRMLS_CC);
 
-                               /* Add $foo_size */
-                               if (is_arr_upload) {
-                                       u_snprintf(lbuf, llen, "%S_size[%S]", 
abuf, array_index);
-                               } else {
-                                       u_snprintf(lbuf, llen, "%S_size", 
param);
-                               }
-                               if (!is_anonymous) {
-                                       safe_u_php_register_variable_ex(lbuf, 
&file_size, NULL, 0 TSRMLS_CC);
-                               }       
-
                                /* Add $foo[size] */
                                if (is_arr_upload) {
                                        u_snprintf(lbuf, llen, "%S[size][%S]", 
abuf, array_index);



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to