johannes Mon, 25 Jan 2010 23:26:15 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=294031
Log:
Merge rfc1867.c changes
r292762 - Fixed bug #48190 (Content-type parameter "boundary" is not case-
insensitive in HTTP uploads). (iliaa)
r292771 - WS + CS + folding tags (jani)
r292777 - Sync with HEAD (jani)
Bug: http://bugs.php.net/48190 (Closed) Content-type parameter "boundary" is
not case-insensitive in HTTP uploads
Changed paths:
_U php/php-src/branches/PHP_5_3_2/
U php/php-src/branches/PHP_5_3_2/NEWS
U php/php-src/branches/PHP_5_3_2/main/rfc1867.c
Property changes on: php/php-src/branches/PHP_5_3_2
___________________________________________________________________
Modified: svn:mergeinfo
- /php/php-src/branches/PHP_5_3:292504,292574,292594-292595,292611,292624,292630,292632-292635,292654,292677,292682-292683,292693,292719,292765
/php/php-src/trunk:284726
+ /php/php-src/branches/PHP_5_3:292504,292574,292594-292595,292611,292624,292630,292632-292635,292654,292677,292682-292683,292693,292719,292762,292765,292771,292777
/php/php-src/trunk:284726
Modified: php/php-src/branches/PHP_5_3_2/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3_2/NEWS 2010-01-25 23:17:52 UTC (rev 294030)
+++ php/php-src/branches/PHP_5_3_2/NEWS 2010-01-25 23:26:15 UTC (rev 294031)
@@ -7,6 +7,8 @@
(Ilia)
- Added stream_resolve_include_path(). (Mikko)
+- Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive
+ in HTTP uploads). (Ilia)
- Fixed bug #47409 (extract() problem with array containing word "this").
(Ilia, chrisstocktonaz at gmail dot com)
Modified: php/php-src/branches/PHP_5_3_2/main/rfc1867.c
===================================================================
--- php/php-src/branches/PHP_5_3_2/main/rfc1867.c 2010-01-25 23:17:52 UTC (rev 294030)
+++ php/php-src/branches/PHP_5_3_2/main/rfc1867.c 2010-01-25 23:26:15 UTC (rev 294031)
@@ -13,7 +13,7 @@
| lice...@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
| Authors: Rasmus Lerdorf <ras...@php.net> |
- | Jani Taskinen <sni...@php.net> |
+ | Jani Taskinen <j...@php.net> |
+----------------------------------------------------------------------+
*/
@@ -23,7 +23,7 @@
* This product includes software developed by the Apache Group
* for use in the Apache HTTP server project (http://www.apache.org/).
*
- */
+ */
#include <stdio.h>
#include "php.h"
@@ -32,6 +32,7 @@
#include "php_globals.h"
#include "php_variables.h"
#include "rfc1867.h"
+#include "ext/standard/php_string.h"
#define DEBUG_FILE_UPLOAD ZEND_DEBUG
@@ -43,7 +44,7 @@
static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC);
#define SAFE_RETURN { \
- php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr TSRMLS_CC); \
+ php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr TSRMLS_CC); \
if (lbuf) efree(lbuf); \
if (abuf) efree(abuf); \
if (array_index) efree(array_index); \
@@ -55,7 +56,7 @@
if (mbuff) efree(mbuff); \
return; }
-void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr TSRMLS_DC)
+void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr TSRMLS_DC) /* {{{ */
{
int i;
if (php_mb_encoding_translation(TSRMLS_C)) {
@@ -63,17 +64,18 @@
php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) {
php_mb_gpc_encoding_converter(val_list, len_list, num_vars, NULL, NULL TSRMLS_CC);
}
- for (i=0; i<num_vars; i+=2){
+ for (i = 0; i<num_vars; i += 2) {
safe_php_register_variable(val_list[i], val_list[i+1], len_list[i+1], array_ptr, 0 TSRMLS_CC);
efree(val_list[i]);
efree(val_list[i+1]);
- }
+ }
efree(val_list);
efree(len_list);
}
}
+/* }}} */
-void php_mb_gpc_realloc_buffer(char ***pval_list, int **plen_list, int *num_vars_max, int inc TSRMLS_DC)
+void php_mb_gpc_realloc_buffer(char ***pval_list, int **plen_list, int *num_vars_max, int inc TSRMLS_DC) /* {{{ */
{
/* allow only even increments */
if (inc & 1) {
@@ -83,15 +85,15 @@
*pval_list = (char **)erealloc(*pval_list, (*num_vars_max+2)*sizeof(char *));
*plen_list = (int *)erealloc(*plen_list, (*num_vars_max+2)*sizeof(int));
}
+/* }}} */
-void php_mb_gpc_stack_variable(char *param, char *value, char ***pval_list, int **plen_list, int *num_vars, int *num_vars_max TSRMLS_DC)
+void php_mb_gpc_stack_variable(char *param, char *value, char ***pval_list, int **plen_list, int *num_vars, int *num_vars_max TSRMLS_DC) /* {{{ */
{
- char **val_list=*pval_list;
- int *len_list=*plen_list;
+ char **val_list = *pval_list;
+ int *len_list = *plen_list;
- if (*num_vars>=*num_vars_max){
- php_mb_gpc_realloc_buffer(pval_list, plen_list, num_vars_max,
- 16 TSRMLS_CC);
+ if (*num_vars >= *num_vars_max) {
+ php_mb_gpc_realloc_buffer(pval_list, plen_list, num_vars_max, 16 TSRMLS_CC);
/* in case realloc relocated the buffer */
val_list = *pval_list;
len_list = *plen_list;
@@ -104,6 +106,7 @@
len_list[*num_vars] = strlen(value);
(*num_vars)++;
}
+/* }}} */
#else
@@ -136,7 +139,7 @@
#define UPLOAD_ERROR_F 7 /* Failed to write file to disk */
#define UPLOAD_ERROR_X 8 /* File upload stopped by extension */
-void php_rfc1867_register_constants(TSRMLS_D)
+void php_rfc1867_register_constants(TSRMLS_D) /* {{{ */
{
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_OK", UPLOAD_ERROR_OK, CONST_CS | CONST_PERSISTENT);
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_INI_SIZE", UPLOAD_ERROR_A, CONST_CS | CONST_PERSISTENT);
@@ -147,26 +150,27 @@
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_CANT_WRITE", UPLOAD_ERROR_F, CONST_CS | CONST_PERSISTENT);
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_EXTENSION", UPLOAD_ERROR_X, CONST_CS | CONST_PERSISTENT);
}
+/* }}} */
-static void normalize_protected_variable(char *varname TSRMLS_DC)
+static void normalize_protected_variable(char *varname TSRMLS_DC) /* {{{ */
{
- char *s=varname, *index=NULL, *indexend=NULL, *p;
-
+ char *s = varname, *index = NULL, *indexend = NULL, *p;
+
/* overjump leading space */
while (*s == ' ') {
s++;
}
-
+
/* and remove it */
if (s != varname) {
memmove(varname, s, strlen(s)+1);
}
- for (p=varname; *p && *p != '['; p++) {
+ for (p = varname; *p && *p != '['; p++) {
switch(*p) {
case ' ':
case '.':
- *p='_';
+ *p = '_';
break;
}
}
@@ -175,20 +179,19 @@
index = strchr(varname, '[');
if (index) {
index++;
- s=index;
+ s = index;
} else {
return;
}
/* done? */
while (index) {
-
while (*index == ' ' || *index == '\r' || *index == '\n' || *index=='\t') {
index++;
}
indexend = strchr(index, ']');
indexend = indexend ? indexend + 1 : index + strlen(index);
-
+
if (s != index) {
memmove(s, index, strlen(index)+1);
s += indexend-index;
@@ -201,46 +204,45 @@
index = s;
} else {
index = NULL;
- }
+ }
}
-
*s = '\0';
}
+/* }}} */
-
-static void add_protected_variable(char *varname TSRMLS_DC)
+static void add_protected_variable(char *varname TSRMLS_DC) /* {{{ */
{
- int dummy=1;
+ int dummy = 1;
normalize_protected_variable(varname TSRMLS_CC);
zend_hash_add(&PG(rfc1867_protected_variables), varname, strlen(varname)+1, &dummy, sizeof(int), NULL);
}
+/* }}} */
-
-static zend_bool is_protected_variable(char *varname TSRMLS_DC)
+static zend_bool is_protected_variable(char *varname TSRMLS_DC) /* {{{ */
{
normalize_protected_variable(varname TSRMLS_CC);
return zend_hash_exists(&PG(rfc1867_protected_variables), varname, strlen(varname)+1);
}
+/* }}} */
-
-static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC)
+static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */
{
if (override_protection || !is_protected_variable(var TSRMLS_CC)) {
php_register_variable_safe(var, strval, val_len, track_vars_array TSRMLS_CC);
}
}
+/* }}} */
-
-static void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars_array, zend_bool override_protection TSRMLS_DC)
+static void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */
{
if (override_protection || !is_protected_variable(var TSRMLS_CC)) {
php_register_variable_ex(var, val, track_vars_array TSRMLS_CC);
}
}
+/* }}} */
-
-static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC)
+static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */
{
int register_globals = PG(register_globals);
@@ -248,9 +250,9 @@
safe_php_register_variable(strvar, val, strlen(val), http_post_files, override_protection TSRMLS_CC);
PG(register_globals) = register_globals;
}
+/* }}} */
-
-static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC)
+static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */
{
int register_globals = PG(register_globals);
@@ -258,28 +260,25 @@
safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC);
PG(register_globals) = register_globals;
}
+/* }}} */
-
-static int unlink_filename(char **filename TSRMLS_DC)
+static int unlink_filename(char **filename TSRMLS_DC) /* {{{ */
{
VCWD_UNLINK(*filename);
return 0;
}
+/* }}} */
-
-void destroy_uploaded_files_hash(TSRMLS_D)
+void destroy_uploaded_files_hash(TSRMLS_D) /* {{{ */
{
zend_hash_apply(SG(rfc1867_uploaded_files), (apply_func_t) unlink_filename TSRMLS_CC);
zend_hash_destroy(SG(rfc1867_uploaded_files));
FREE_HASHTABLE(SG(rfc1867_uploaded_files));
}
+/* }}} */
+/* {{{ Following code is based on apache_multipart_buffer.c from libapreq-0.33 package. */
-/*
- * Following code is based on apache_multipart_buffer.c from libapreq-0.33 package.
- *
- */
-
#define FILLUNIT (1024 * 5)
typedef struct {
@@ -297,17 +296,15 @@
} multipart_buffer;
-
typedef struct {
char *key;
char *value;
} mime_header_entry;
-
/*
- fill up the buffer with client data.
- returns number of bytes added to buffer.
-*/
+ * Fill up the buffer with client data.
+ * Returns number of bytes added to buffer.
+ */
static int fill_buffer(multipart_buffer *self TSRMLS_DC)
{
int bytes_to_read, total_read = 0, actual_read = 0;
@@ -343,7 +340,6 @@
return total_read;
}
-
/* eof if we are out of bytes, or if we hit the final boundary */
static int multipart_buffer_eof(multipart_buffer *self TSRMLS_DC)
{
@@ -354,7 +350,6 @@
}
}
-
/* create new multipart_buffer structure */
static multipart_buffer *multipart_buffer_new(char *boundary, int boundary_len)
{
@@ -367,7 +362,7 @@
self->bufsize = minsize;
spprintf(&self->boundary, 0, "--%s", boundary);
-
+
self->boundary_next_len = spprintf(&self->boundary_next, 0, "\n--%s", boundary);
self->buf_begin = self->buffer;
@@ -376,17 +371,16 @@
return self;
}
-
/*
- gets the next CRLF terminated line from the input buffer.
- if it doesn't find a CRLF, and the buffer isn't completely full, returns
- NULL; otherwise, returns the beginning of the null-terminated line,
- minus the CRLF.
-
- note that we really just look for LF terminated lines. this works
- around a bug in internet explorer for the macintosh which sends mime
- boundaries that are only LF terminated when you use an image submit
- button in a multipart/form-data form.
+ * Gets the next CRLF terminated line from the input buffer.
+ * If it doesn't find a CRLF, and the buffer isn't completely full, returns
+ * NULL; otherwise, returns the beginning of the null-terminated line,
+ * minus the CRLF.
+ *
+ * Note that we really just look for LF terminated lines. This works
+ * around a bug in internet explorer for the macintosh which sends mime
+ * boundaries that are only LF terminated when you use an image submit
+ * button in a multipart/form-data form.
*/
static char *next_line(multipart_buffer *self)
{
@@ -406,7 +400,7 @@
/* bump the pointer */
self->buf_begin = ptr + 1;
self->bytes_in_buffer -= (self->buf_begin - line);
-
+
} else { /* no LF found */
/* buffer isn't completely full, fail */
@@ -422,8 +416,7 @@
return line;
}
-
-/* returns the next CRLF terminated line from the client */
+/* Returns the next CRLF terminated line from the client */
static char *get_line(multipart_buffer *self TSRMLS_DC)
{
char* ptr = next_line(self);
@@ -436,7 +429,6 @@
return ptr;
}
-
/* Free header entry */
static void php_free_hdr_entry(mime_header_entry *h)
{
@@ -448,7 +440,6 @@
}
}
-
/* finds a boundary */
static int find_boundary(multipart_buffer *self, char *boundary TSRMLS_DC)
{
@@ -467,14 +458,13 @@
return 0;
}
-
/* parse headers */
static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header TSRMLS_DC)
{
char *line;
mime_header_entry prev_entry, entry;
int prev_len, cur_len;
-
+
/* didn't find boundary, abort */
if (!find_boundary(self, self->boundary TSRMLS_CC)) {
return 0;
@@ -485,10 +475,9 @@
while( (line = get_line(self TSRMLS_CC)) && strlen(line) > 0 )
{
/* add header to table */
-
char *key = line;
char *value = NULL;
-
+
/* space in the beginning means same header */
if (!isspace(line[0])) {
value = strchr(line, ':');
@@ -512,7 +501,7 @@
entry.value[cur_len + prev_len] = '\0';
entry.key = estrdup(prev_entry.key);
-
+
zend_llist_remove_tail(header);
} else {
continue;
@@ -525,7 +514,6 @@
return 1;
}
-
static char *php_mime_get_hdr_value(zend_llist header, char *key)
{
mime_header_entry *entry;
@@ -533,7 +521,7 @@
if (key == NULL) {
return NULL;
}
-
+
entry = zend_llist_get_first(&header);
while (entry) {
if (!strcasecmp(entry->key, key)) {
@@ -541,18 +529,16 @@
}
entry = zend_llist_get_next(&header);
}
-
+
return NULL;
}
-
static char *php_ap_getword(char **line, char stop)
{
char *pos = *line, quote;
char *res;
while (*pos && *pos != stop) {
-
if ((quote = *pos) == '"' || quote == '\'') {
++pos;
while (*pos && *pos != quote) {
@@ -566,7 +552,6 @@
++pos;
}
} else ++pos;
-
}
if (*pos == '\0') {
res = estrdup(*line);
@@ -584,7 +569,6 @@
return res;
}
-
static char *substring_conf(char *start, int len, char quote TSRMLS_DC)
{
char *result = emalloc(len + 2);
@@ -615,7 +599,6 @@
return result;
}
-
static char *php_ap_getword_conf(char **line TSRMLS_DC)
{
char *str = *line, *strend, *res, quote;
@@ -677,12 +660,11 @@
return res;
}
-
/*
- search for a string in a fixed-length byte string.
- if partial is true, partial matches are allowed at the end of the buffer.
- returns NULL if not found, or a pointer to the start of the first match.
-*/
+ * Search for a string in a fixed-length byte string.
+ * If partial is true, partial matches are allowed at the end of the buffer.
+ * Returns NULL if not found, or a pointer to the start of the first match.
+ */
static void *php_ap_memstr(char *haystack, int haystacklen, char *needle, int needlen, int partial)
{
int len = haystacklen;
@@ -706,7 +688,6 @@
return ptr;
}
-
/* read until a boundary condition */
static int multipart_buffer_read(multipart_buffer *self, char *buf, int bytes, int *end TSRMLS_DC)
{
@@ -750,7 +731,6 @@
return len;
}
-
/*
XXX: this is horrible memory-usage-wise, but we only expect
to do this on small pieces of form data.
@@ -766,32 +746,35 @@
total_bytes += read_bytes;
}
- if (out) out[total_bytes] = '\0';
+ if (out) {
+ out[total_bytes] = '\0';
+ }
*len = total_bytes;
return out;
}
+/* }}} */
-
/*
* The combined READER/HANDLER
*
*/
-SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
+SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
{
- char *boundary, *s=NULL, *boundary_end = NULL, *start_arr=NULL, *array_index=NULL;
- char *temp_filename=NULL, *lbuf=NULL, *abuf=NULL;
- int boundary_len=0, total_bytes=0, cancel_upload=0, is_arr_upload=0, array_len=0;
- int max_file_size=0, skip_upload=0, anonindex=0, is_anonymous;
- zval *http_post_files=NULL; HashTable *uploaded_files=NULL;
+ char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL;
+ char *temp_filename = NULL, *lbuf = NULL, *abuf = NULL;
+ int boundary_len = 0, total_bytes = 0, cancel_upload = 0, is_arr_upload = 0, array_len = 0;
+ int max_file_size = 0, skip_upload = 0, anonindex = 0, is_anonymous;
+ zval *http_post_files = NULL;
+ HashTable *uploaded_files = NULL;
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL;
char **val_list = NULL;
#endif
multipart_buffer *mbuff;
zval *array_ptr = (zval *) arg;
- int fd=-1;
+ int fd = -1;
zend_llist header;
void *event_extra_data = NULL;
int llen = 0;
@@ -804,7 +787,19 @@
/* Get the boundary */
boundary = strstr(content_type_dup, "boundary");
- if (!boundary || !(boundary=strchr(boundary, '='))) {
+ if (!boundary) {
+ int content_type_len = strlen(content_type_dup);
+ char *content_type_lcase = estrndup(content_type_dup, content_type_len);
+
+ php_strtolower(content_type_lcase, content_type_len);
+ boundary = strstr(content_type_lcase, "boundary");
+ if (boundary) {
+ boundary = content_type_dup + (boundary - content_type_lcase);
+ }
+ efree(content_type_lcase);
+ }
+
+ if (!boundary || !(boundary = strchr(boundary, '='))) {
sapi_module.sapi_error(E_WARNING, "Missing boundary in multipart/form-data POST data");
return;
}
@@ -815,7 +810,7 @@
if (boundary[0] == '"') {
boundary++;
boundary_end = strchr(boundary, '"');
- if (!boundary_end) {
+ if (!boundary_end) {
sapi_module.sapi_error(E_WARNING, "Invalid boundary in multipart/form-data POST data");
return;
}
@@ -866,8 +861,8 @@
while (!multipart_buffer_eof(mbuff TSRMLS_CC))
{
char buff[FILLUNIT];
- char *cd=NULL,*param=NULL,*filename=NULL, *tmp=NULL;
- size_t blen=0, wlen=0;
+ char *cd = NULL, *param = NULL, *filename = NULL, *tmp = NULL;
+ size_t blen = 0, wlen = 0;
off_t offset;
zend_llist_clean(&header);
@@ -877,16 +872,16 @@
}
if ((cd = php_mime_get_hdr_value(header, "Content-Disposition"))) {
- char *pair=NULL;
- int end=0;
-
+ char *pair = NULL;
+ int end = 0;
+
while (isspace(*cd)) {
++cd;
}
while (*cd && (pair = php_ap_getword(&cd, ';')))
{
- char *key=NULL, *word = pair;
+ char *key = NULL, *word = pair;
while (isspace(*cd)) {
++cd;
@@ -894,7 +889,7 @@
if (strchr(pair, '=')) {
key = php_ap_getword(&pair, '=');
-
+
if (!strcasecmp(key, "name")) {
if (param) {
efree(param);
@@ -943,8 +938,7 @@
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
if (php_mb_encoding_translation(TSRMLS_C)) {
- php_mb_gpc_stack_variable(param, value, &val_list, &len_list,
- &num_vars, &num_vars_max TSRMLS_CC);
+ php_mb_gpc_stack_variable(param, value, &val_list, &len_list, &num_vars, &num_vars_max TSRMLS_CC);
} else {
safe_php_register_variable(param, value, new_val_len, array_ptr, 0 TSRMLS_CC);
}
@@ -984,7 +978,7 @@
sapi_module.sapi_error(E_WARNING, "File Upload Mime headers garbled");
goto fileupload_done;
}
-
+
if (!param) {
is_anonymous = 1;
param = emalloc(MAX_SIZE_ANONNAME);
@@ -992,12 +986,12 @@
} else {
is_anonymous = 0;
}
-
+
/* New Rule: never repair potential malicious user input */
if (!skip_upload) {
char *tmp = param;
long c = 0;
-
+
while (*tmp) {
if (*tmp == '[') {
c++;
@@ -1012,7 +1006,7 @@
skip_upload = 1;
break;
}
- tmp++;
+ tmp++;
}
}
@@ -1022,12 +1016,12 @@
/* Handle file */
fd = php_open_temporary_fd_ex(PG(upload_tmp_dir), "php", &temp_filename, 1 TSRMLS_CC);
upload_cnt--;
- if (fd==-1) {
+ if (fd == -1) {
sapi_module.sapi_error(E_WARNING, "File upload error - unable to create a temporary file");
cancel_upload = UPLOAD_ERROR_E;
}
}
-
+
if (!skip_upload && php_rfc1867_callback != NULL) {
multipart_event_file_start event_file_start;
@@ -1042,21 +1036,20 @@
}
efree(temp_filename);
}
- temp_filename="";
+ temp_filename = "";
efree(param);
efree(filename);
continue;
}
}
-
if (skip_upload) {
efree(param);
efree(filename);
continue;
}
- if(strlen(filename) == 0) {
+ if (strlen(filename) == 0) {
#if DEBUG_FILE_UPLOAD
sapi_module.sapi_error(E_NOTICE, "No file uploaded");
#endif
@@ -1080,8 +1073,7 @@
continue;
}
}
-
-
+
if (PG(upload_max_filesize) > 0 && (total_bytes+blen) > PG(upload_max_filesize)) {
#if DEBUG_FILE_UPLOAD
sapi_module.sapi_error(E_NOTICE, "upload_max_filesize of %ld bytes exceeded - file [%s=%s] not saved", PG(upload_max_filesize), param, filename);
@@ -1093,9 +1085,8 @@
#endif
cancel_upload = UPLOAD_ERROR_B;
} else if (blen > 0) {
-
wlen = write(fd, buff, blen);
-
+
if (wlen == -1) {
/* write failed */
#if DEBUG_FILE_UPLOAD
@@ -1110,11 +1101,10 @@
} else {
total_bytes += wlen;
}
-
offset += wlen;
- }
+ }
}
- if (fd!=-1) { /* may not be initialized if file could not be created */
+ if (fd != -1) { /* may not be initialized if file could not be created */
close(fd);
}
if (!cancel_upload && !end) {
@@ -1124,12 +1114,11 @@
cancel_upload = UPLOAD_ERROR_C;
}
#if DEBUG_FILE_UPLOAD
- if(strlen(filename) > 0 && total_bytes == 0 && !cancel_upload) {
+ if (strlen(filename) > 0 && total_bytes == 0 && !cancel_upload) {
sapi_module.sapi_error(E_WARNING, "Uploaded file size 0 - file [%s=%s] not saved", param, filename);
cancel_upload = 5;
}
-#endif
-
+#endif
if (php_rfc1867_callback != NULL) {
multipart_event_file_end event_file_end;
@@ -1148,15 +1137,14 @@
}
efree(temp_filename);
}
- temp_filename="";
+ temp_filename = "";
} else {
zend_hash_add(SG(rfc1867_uploaded_files), temp_filename, strlen(temp_filename) + 1, &temp_filename, sizeof(char *), NULL);
}
/* is_arr_upload is true when name of file upload field
* ends in [.*]
- * start_arr is set to point to 1st [
- */
+ * start_arr is set to point to 1st [ */
is_arr_upload = (start_arr = strchr(param,'[')) && (param[strlen(param)-1] == ']');
if (is_arr_upload) {
@@ -1164,16 +1152,16 @@
if (array_index) {
efree(array_index);
}
- array_index = estrndup(start_arr+1, array_len-2);
+ array_index = estrndup(start_arr + 1, array_len - 2);
}
-
+
/* Add $foo_name */
if (llen < strlen(param) + MAX_SIZE_OF_INDEX + 1) {
llen = strlen(param);
lbuf = (char *) safe_erealloc(lbuf, llen, 1, MAX_SIZE_OF_INDEX + 1);
llen += MAX_SIZE_OF_INDEX + 1;
}
-
+
if (is_arr_upload) {
if (abuf) efree(abuf);
abuf = estrndup(param, strlen(param)-array_len);
@@ -1184,14 +1172,13 @@
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
if (php_mb_encoding_translation(TSRMLS_C)) {
- if (num_vars>=num_vars_max){
- php_mb_gpc_realloc_buffer(&val_list, &len_list, &num_vars_max,
- 1 TSRMLS_CC);
+ if (num_vars >= num_vars_max) {
+ php_mb_gpc_realloc_buffer(&val_list, &len_list, &num_vars_max, 1 TSRMLS_CC);
}
val_list[num_vars] = filename;
len_list[num_vars] = strlen(filename);
num_vars++;
- if(php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) {
+ if (php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) {
str_len = strlen(filename);
php_mb_gpc_encoding_converter(&filename, &str_len, 1, NULL, NULL TSRMLS_CC);
}
@@ -1202,13 +1189,12 @@
num_vars--;
goto filedone;
}
-#endif
+#endif
/* The \ check should technically be needed for win32 systems only where
* it is a valid path separator. However, IE in all it's wisdom always sends
* the full path of the file on the user's filesystem, which means that unless
- * the user does basename() they get a bogus file name. Until IE's user base drops
- * to nill or problem is fixed this code must remain enabled for all systems.
- */
+ * the user does basename() they get a bogus file name. Until IE's user base drops
+ * to nill or problem is fixed this code must remain enabled for all systems. */
s = strrchr(filename, '\\');
if ((tmp = strrchr(filename, '/')) > s) {
s = tmp;
@@ -1224,9 +1210,9 @@
#endif
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
-filedone:
+filedone:
#endif
-
+
if (!is_anonymous) {
if (s && s > filename) {
safe_php_register_variable(lbuf, s+1, strlen(s+1), NULL, 0 TSRMLS_CC);
@@ -1248,11 +1234,11 @@
}
efree(filename);
s = NULL;
-
+
/* Possible Content-Type: */
if (cancel_upload || !(cd = php_mime_get_hdr_value(header, "Content-Type"))) {
cd = "";
- } else {
+ } else {
/* fix for Opera 6.01 */
s = strchr(cd, ';');
if (s != NULL) {
@@ -1297,7 +1283,7 @@
ZVAL_STRING(&zfilename, temp_filename, 1);
safe_php_register_variable_ex(param, &zfilename, NULL, 1 TSRMLS_CC);
}
-
+
/* Add $foo[tmp_name] */
if (is_arr_upload) {
snprintf(lbuf, llen, "%s[tmp_name][%s]", abuf, array_index);
@@ -1322,8 +1308,8 @@
} else {
file_size.value.lval = total_bytes;
file_size.type = IS_LONG;
- }
-
+ }
+
if (is_arr_upload) {
snprintf(lbuf, llen, "%s[error][%s]", abuf, array_index);
} else {
@@ -1339,7 +1325,7 @@
}
if (!is_anonymous) {
safe_php_register_variable_ex(lbuf, &file_size, NULL, 0 TSRMLS_CC);
- }
+ }
/* Add $foo[size] */
if (is_arr_upload) {
@@ -1352,16 +1338,18 @@
efree(param);
}
}
+
fileupload_done:
if (php_rfc1867_callback != NULL) {
multipart_event_end event_end;
-
+
event_end.post_bytes_processed = SG(read_post_bytes);
php_rfc1867_callback(MULTIPART_EVENT_END, &event_end, &event_extra_data TSRMLS_CC);
}
-
+
SAFE_RETURN;
}
+/* }}} */
/*
* Local variables:
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
