wez Sat Sep 10 13:48:45 2005 EDT
Added files: (Branch: PHP_5_1)
/php-src/ext/pdo/tests pecl_bug_5217.phpt
Modified files:
/php-src/ext/pdo pdo_dbh.c pdo_stmt.c
Log:
add __sleep and __wakeup functions to prevent serialize/deserialize from
being used on PDO objects. Refs PECL #5217
http://cvs.php.net/diff.php/php-src/ext/pdo/pdo_dbh.c?r1=1.82&r2=1.82.2.1&ty=u
Index: php-src/ext/pdo/pdo_dbh.c
diff -u php-src/ext/pdo/pdo_dbh.c:1.82 php-src/ext/pdo/pdo_dbh.c:1.82.2.1
--- php-src/ext/pdo/pdo_dbh.c:1.82 Mon Jul 11 22:40:59 2005
+++ php-src/ext/pdo/pdo_dbh.c Sat Sep 10 13:48:43 2005
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: pdo_dbh.c,v 1.82 2005/07/12 02:40:59 wez Exp $ */
+/* $Id: pdo_dbh.c,v 1.82.2.1 2005/09/10 17:48:43 wez Exp $ */
/* The PDO Database Handle Class */
@@ -960,6 +960,22 @@
}
/* }}} */
+/* {{{ proto int PDO::__wakeup()
+ Prevents use of a PDO instance that has been unserialized */
+static PHP_METHOD(PDO, __wakeup)
+{
+ zend_throw_exception_ex(php_pdo_get_exception(), 0 TSRMLS_CC, "You
cannot serialize or unserialize PDO instances");
+}
+/* }}} */
+
+/* {{{ proto int PDO::__sleep()
+ Prevents serialization of a PDO instance */
+static PHP_METHOD(PDO, __sleep)
+{
+ zend_throw_exception_ex(php_pdo_get_exception(), 0 TSRMLS_CC, "You
cannot serialize or unserialize PDO instances");
+}
+/* }}} */
+
function_entry pdo_dbh_functions[] = {
PHP_ME_MAPPING(__construct, dbh_constructor, NULL)
@@ -975,6 +991,8 @@
PHP_ME(PDO, errorInfo, NULL,
ZEND_ACC_PUBLIC)
PHP_ME(PDO, getAttribute, NULL,
ZEND_ACC_PUBLIC)
PHP_ME(PDO, quote, NULL,
ZEND_ACC_PUBLIC)
+ PHP_ME(PDO, __wakeup, NULL,
ZEND_ACC_PUBLIC|ZEND_ACC_FINAL)
+ PHP_ME(PDO, __sleep, NULL,
ZEND_ACC_PUBLIC|ZEND_ACC_FINAL)
{NULL, NULL, NULL}
};
http://cvs.php.net/diff.php/php-src/ext/pdo/pdo_stmt.c?r1=1.118.2.2&r2=1.118.2.3&ty=u
Index: php-src/ext/pdo/pdo_stmt.c
diff -u php-src/ext/pdo/pdo_stmt.c:1.118.2.2
php-src/ext/pdo/pdo_stmt.c:1.118.2.3
--- php-src/ext/pdo/pdo_stmt.c:1.118.2.2 Sat Sep 10 11:32:04 2005
+++ php-src/ext/pdo/pdo_stmt.c Sat Sep 10 13:48:44 2005
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: pdo_stmt.c,v 1.118.2.2 2005/09/10 15:32:04 wez Exp $ */
+/* $Id: pdo_stmt.c,v 1.118.2.3 2005/09/10 17:48:44 wez Exp $ */
/* The PDO Statement Handle Class */
@@ -1859,6 +1859,21 @@
}
/* }}} */
+/* {{{ proto int PDOStatement::__wakeup()
+ Prevents use of a PDOStatement instance that has been unserialized */
+static PHP_METHOD(PDOStatement, __wakeup)
+{
+ zend_throw_exception_ex(php_pdo_get_exception(), 0 TSRMLS_CC, "You
cannot serialize or unserialize PDOStatement instances");
+}
+/* }}} */
+
+/* {{{ proto int PDOStatement::__sleep()
+ Prevents serialization of a PDOStatement instance */
+static PHP_METHOD(PDOStatement, __sleep)
+{
+ zend_throw_exception_ex(php_pdo_get_exception(), 0 TSRMLS_CC, "You
cannot serialize or unserialize PDOStatement instances");
+}
+/* }}} */
function_entry pdo_dbstmt_functions[] = {
PHP_ME(PDOStatement, execute, NULL,
ZEND_ACC_PUBLIC)
@@ -1880,6 +1895,8 @@
PHP_ME(PDOStatement, nextRowset, NULL,
ZEND_ACC_PUBLIC)
PHP_ME(PDOStatement, closeCursor, NULL,
ZEND_ACC_PUBLIC)
PHP_ME(PDOStatement, debugDumpParams, NULL,
ZEND_ACC_PUBLIC)
+ PHP_ME(PDOStatement, __wakeup, NULL,
ZEND_ACC_PUBLIC|ZEND_ACC_FINAL)
+ PHP_ME(PDOStatement, __sleep, NULL,
ZEND_ACC_PUBLIC|ZEND_ACC_FINAL)
{NULL, NULL, NULL}
};
http://cvs.php.net/co.php/php-src/ext/pdo/tests/pecl_bug_5217.phpt?r=1.1&p=1
Index: php-src/ext/pdo/tests/pecl_bug_5217.phpt
+++ php-src/ext/pdo/tests/pecl_bug_5217.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
