On 8-Dec-06, at 1:26 PM, Stefan Esser wrote:
php_zval_filter(&tmp_new_var, IF_G(default_filter), IF_G
(default_filter_flags), NULL, NULL/*charset*/, 0 TSRMLS_CC);
- } else if (PG(magic_quotes_gpc)) {
+ } else if (PG(magic_quotes_gpc) && !retval) { /* for
PARSE_STRING php_register_variable_safe() will do the addslashes() */
Z_STRVAL(new_var) = php_addslashes(*val, Z_STRLEN(new_var),
&Z_STRLEN(new_var), 0 TSRMLS_CC);
This comment is wrong. It is not php_register_variable_safe() but
ext/filter that adds the magic_quotes.
This is where you are incorrect, take a look at
php_register_variable_safe() line #51. The reason we don't apply
magic quotes for PARSE_STRING (retval == 1) is because the return
value of the function in this instance is 1, which causes
php_register_variable_safe() to be executed on the returned value.
a) support daisy chaining
Can you not provide your own hooks and have them call the stock
filter functions?
b) does not register the variables itself but actually work as filters
were supposed to do.
I think it makes the API simpler, but it would not be major change to
make if there was a really good reason to do so.
c) Support Cookies correctly...
Can you elaborate in terms of what is missing in cookie support?
Ilia Alshanetsky
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
