iliaa Tue Jan 6 15:07:08 2004 EDT
Added files:
/php-src/ext/standard/tests/strings bug26817.phpt bug26819.phpt
Modified files:
/php-src NEWS
/php-src/ext/standard http.c php_http.h
Log:
Fixed bug #26819 (http_build_query() crashes on NULL output).
Fixed bug #26817 (http_build_query() does not handle private & protected
object properties correctly).
Index: php-src/NEWS
diff -u php-src/NEWS:1.1568 php-src/NEWS:1.1569
--- php-src/NEWS:1.1568 Mon Jan 5 09:31:48 2004
+++ php-src/NEWS Tue Jan 6 15:07:05 2004
@@ -5,6 +5,9 @@
(Derick)
- Fixed problems with longlong values in mysqli. (Georg)
- Fixed class name case preserving of user defined classes. (Marcus)
+- Fixed bug #26819 (http_build_query() crashes on NULL output). (Ilia)
+- Fixed bug #26817 (http_build_query() does not handle private & protected
+ object properties correctly). (Ilia)
- Fixed bug #26762 (unserialize() produces lowercase classnames). (Marcus)
- Fixed bug #26743 (getElementsByTagName doesn't work properly). (Rob)
- Fixed bug #26736 (__autoload not invoked for parent classes). (Marcus)
Index: php-src/ext/standard/http.c
diff -u php-src/ext/standard/http.c:1.8 php-src/ext/standard/http.c:1.9
--- php-src/ext/standard/http.c:1.8 Sat Sep 6 20:00:00 2003
+++ php-src/ext/standard/http.c Tue Jan 6 15:07:06 2004
@@ -1,4 +1,4 @@
-/*
+/*
+----------------------------------------------------------------------+
| PHP Version 4 |
+----------------------------------------------------------------------+
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: http.c,v 1.8 2003/09/07 00:00:00 sniper Exp $ */
+/* $Id: http.c,v 1.9 2004/01/06 20:07:06 iliaa Exp $ */
#include "php_http.h"
#include "php_ini.h"
@@ -28,7 +28,8 @@
PHPAPI int php_url_encode_hash_ex(HashTable *ht, smart_str *formstr,
const char *num_prefix, int num_prefix_len,
const char *key_prefix, int key_prefix_len,
- const char *key_suffix, int key_suffix_len TSRMLS_DC)
+ const char *key_suffix, int key_suffix_len,
+ zval *type TSRMLS_DC)
{
char *arg_sep = NULL, *key = NULL, *ekey, *newprefix, *p;
int arg_sep_len, key_len, ekey_len, key_type, newprefix_len;
@@ -58,6 +59,18 @@
/* We don't want that trailing NULL */
key_len -= 1;
}
+
+ /* handling for private & protected object properties */
+ if (*key == '\0' && type != NULL) {
+ zend_object *zobj = zend_objects_get_address(type TSRMLS_CC);
+ if (zend_check_property_access(zobj, key TSRMLS_CC) !=
SUCCESS) {
+ /* private or protected property access outside of the
class */
+ continue;
+ }
+ char *tmp;
+ zend_unmangle_property_name(key, &tmp, &key);
+ key_len = strlen(key);
+ }
if (zend_hash_get_current_data_ex(ht, (void **)&zdata, NULL) ==
FAILURE || !zdata || !(*zdata)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Error traversing
form data array.");
@@ -113,7 +126,7 @@
*p = '\0';
}
ht->nApplyCount++;
- php_url_encode_hash_ex(HASH_OF(*zdata), formstr, NULL, 0,
newprefix, newprefix_len, "]", 1 TSRMLS_CC);
+ php_url_encode_hash_ex(HASH_OF(*zdata), formstr, NULL, 0,
newprefix, newprefix_len, "]", 1, (Z_TYPE_PP(zdata) == IS_OBJECT ? *zdata : NULL)
TSRMLS_CC);
ht->nApplyCount--;
efree(newprefix);
} else if (Z_TYPE_PP(zdata) == IS_NULL || Z_TYPE_PP(zdata) ==
IS_RESOURCE) {
@@ -134,7 +147,7 @@
if (num_prefix) {
smart_str_appendl(formstr, num_prefix,
num_prefix_len);
}
- ekey_len = spprintf(&ekey, 12, "%ld", idx);
+ ekey_len = spprintf(&ekey, 12, "%ld", idx);
smart_str_appendl(formstr, ekey, ekey_len);
efree(ekey);
}
@@ -163,7 +176,7 @@
smart_str_appendl(formstr, ekey, ekey_len);
efree(ekey);
}
- }
+ }
return SUCCESS;
}
@@ -187,17 +200,23 @@
RETURN_FALSE;
}
- if (php_url_encode_hash_ex(HASH_OF(formdata), &formstr, prefix, prefix_len,
NULL, 0, NULL, 0 TSRMLS_CC) == FAILURE) {
+ if (php_url_encode_hash_ex(HASH_OF(formdata), &formstr, prefix, prefix_len,
NULL, 0, NULL, 0, (Z_TYPE_P(formdata) == IS_OBJECT ? formdata : NULL) TSRMLS_CC) ==
FAILURE) {
if (formstr.c) {
efree(formstr.c);
}
RETURN_FALSE;
}
+
+ if (!formstr.c) {
+ RETURN_NULL();
+ }
+
smart_str_0(&formstr);
+
RETURN_STRINGL(formstr.c, formstr.len, 0);
}
/* }}} */
-
+
/*
* Local variables:
* tab-width: 4
Index: php-src/ext/standard/php_http.h
diff -u php-src/ext/standard/php_http.h:1.1 php-src/ext/standard/php_http.h:1.2
--- php-src/ext/standard/php_http.h:1.1 Sat Sep 6 08:56:02 2003
+++ php-src/ext/standard/php_http.h Tue Jan 6 15:07:06 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_http.h,v 1.1 2003/09/06 12:56:02 sniper Exp $ */
+/* $Id: php_http.h,v 1.2 2004/01/06 20:07:06 iliaa Exp $ */
#ifndef PHP_HTTP_H
#define PHP_HTTP_H
@@ -27,7 +27,8 @@
PHPAPI int php_url_encode_hash_ex(HashTable *ht, smart_str *formstr,
const char *num_prefix, int num_prefix_len,
const char *key_prefix, int key_prefix_len,
- const char *key_suffix, int key_suffix_len TSRMLS_DC);
+ const char *key_suffix, int key_suffix_len,
+ zval *type TSRMLS_DC);
#define php_url_encode_hash(ht, formstr) php_url_encode_hash_ex((ht),
(formstr), NULL, 0, NULL, 0, NULL, 0 TSRMLS_CC)
PHP_FUNCTION(http_build_query);
Index: php-src/ext/standard/tests/strings/bug26817.phpt
+++ php-src/ext/standard/tests/strings/bug26817.phpt
--TEST--
Bug #26817 (http_build_query() did not handle private & protected object properties)
--FILE--
<?php
class test {
protected $foo;
private $bar;
public $test;
function foo()
{
$this->bar = 'meuh';
$this->foo = 'lala';
$this->test = 'test';
var_dump(http_build_query($this));
}
}
$obj = new test();
$obj->foo();
var_dump(http_build_query($obj));
?>
--EXPECT--
string(27) "foo=lala&bar=meuh&test=test"
string(9) "test=test"
Index: php-src/ext/standard/tests/strings/bug26819.phpt
+++ php-src/ext/standard/tests/strings/bug26819.phpt
--TEST--
Bug #26819 (http_build_query() crash on empty output)
--FILE--
<?php
$a = array();
var_dump(http_build_query($a));
?>
--EXPECT--
NULL
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
