rasmus Sun Nov 5 20:08:58 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/standard php_fopen_wrapper.c
Log:
data: and php:stdin/input allow_url_include checks
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/php_fopen_wrapper.c?r1=1.45.2.4.2.3&r2=1.45.2.4.2.4&diff_format=u
Index: php-src/ext/standard/php_fopen_wrapper.c
diff -u php-src/ext/standard/php_fopen_wrapper.c:1.45.2.4.2.3
php-src/ext/standard/php_fopen_wrapper.c:1.45.2.4.2.4
--- php-src/ext/standard/php_fopen_wrapper.c:1.45.2.4.2.3 Fri Nov 3
13:34:18 2006
+++ php-src/ext/standard/php_fopen_wrapper.c Sun Nov 5 20:08:58 2006
@@ -17,7 +17,7 @@
| Hartmut Holzgraefe <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: php_fopen_wrapper.c,v 1.45.2.4.2.3 2006/11/03 13:34:18 iliaa Exp $ */
+/* $Id: php_fopen_wrapper.c,v 1.45.2.4.2.4 2006/11/05 20:08:58 rasmus Exp $ */
#include <stdio.h>
#include <stdlib.h>
@@ -187,10 +187,22 @@
}
if (!strcasecmp(path, "input")) {
+ if ((options & STREAM_OPEN_FOR_INCLUDE) &&
!PG(allow_url_include) ) {
+ if (options & REPORT_ERRORS) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
"URL file-access is disabled in the server configuration");
+ }
+ return NULL;
+ }
return php_stream_alloc(&php_stream_input_ops, ecalloc(1,
sizeof(off_t)), 0, "rb");
- }
+ }
if (!strcasecmp(path, "stdin")) {
+ if ((options & STREAM_OPEN_FOR_INCLUDE) &&
!PG(allow_url_include) ) {
+ if (options & REPORT_ERRORS) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
"URL file-access is disabled in the server configuration");
+ }
+ return NULL;
+ }
if (!strcmp(sapi_module.name, "cli")) {
static int cli_in = 0;
fd = STDIN_FILENO;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
