[PHP-CVS] cvs: php-src(PHP_5_3) /main rfc1867.c /tests/basic bug46313-win.phpt bug46313.phpt

Mon, 20 Oct 2008 10:09:54 -0700 

lbarnaud                Mon Oct 20 17:09:11 2008 UTC

  Added files:                 (Branch: PHP_5_3)
    /php-src/tests/basic        bug46313.phpt bug46313-win.phpt 

  Modified files:              
    /php-src/main       rfc1867.c 
  Log:
  Fixed #46313 (Magic quotes broke $_FILES)
  # magic_quotes_gpc was disabled during registration of 
$_FILES["x"]["tmp_name"]
  # and $GLOBALS["x"] (which is tmp_name with register_globals enabled). This
  # caused "x" to not be escaped so there was 2 different keys for the same file
  # in $_FILES, one with tmp_name and the other without.
  # All other variables (name, size, etc) are registered with magic_quotes_gpc
  # untouched, both in $_FILES and $GLOBALS and I did not found a reason for
  # disabling it for tmp_name.
  
  
http://cvs.php.net/viewvc.cgi/php-src/main/rfc1867.c?r1=1.173.2.1.2.9.2.5&r2=1.173.2.1.2.9.2.6&diff_format=u
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.173.2.1.2.9.2.5 
php-src/main/rfc1867.c:1.173.2.1.2.9.2.6
--- php-src/main/rfc1867.c:1.173.2.1.2.9.2.5    Tue Sep 23 15:18:26 2008
+++ php-src/main/rfc1867.c      Mon Oct 20 17:09:10 2008
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: rfc1867.c,v 1.173.2.1.2.9.2.5 2008/09/23 15:18:26 nlopess Exp $ */
+/* $Id: rfc1867.c,v 1.173.2.1.2.9.2.6 2008/10/20 17:09:10 lbarnaud Exp $ */
 
 /*
  *  This product includes software developed by the Apache Group
@@ -1283,8 +1283,6 @@
                        /* Initialize variables */
                        add_protected_variable(param TSRMLS_CC);
 
-                       magic_quotes_gpc = PG(magic_quotes_gpc);
-                       PG(magic_quotes_gpc) = 0;
                        /* if param is of form xxx[.*] this will cut it to xxx 
*/
                        if (!is_anonymous) {
                                safe_php_register_variable(param, 
temp_filename, strlen(temp_filename), NULL, 1 TSRMLS_CC);
@@ -1299,8 +1297,6 @@
                        add_protected_variable(lbuf TSRMLS_CC);
                        register_http_post_files_variable(lbuf, temp_filename, 
http_post_files, 1 TSRMLS_CC);
 
-                       PG(magic_quotes_gpc) = magic_quotes_gpc;
-
                        {
                                zval file_size, error_type;
 

http://cvs.php.net/viewvc.cgi/php-src/tests/basic/bug46313.phpt?view=markup&rev=1.1
Index: php-src/tests/basic/bug46313.phpt
+++ php-src/tests/basic/bug46313.phpt

http://cvs.php.net/viewvc.cgi/php-src/tests/basic/bug46313-win.phpt?view=markup&rev=1.1
Index: php-src/tests/basic/bug46313-win.phpt
+++ php-src/tests/basic/bug46313-win.phpt



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to