summaryrefslogtreecommitdiff
path: root/main
diff options
context:
space:
mode:
Diffstat (limited to 'main')
-rw-r--r--main/SAPI.c5
-rw-r--r--main/SAPI.h5
-rw-r--r--main/php_content_types.c1
-rw-r--r--main/php_variables.c8
-rw-r--r--main/rfc1867.c1
5 files changed, 20 insertions, 0 deletions
diff --git a/main/SAPI.c b/main/SAPI.c
index cbe23ba575..117d868fc8 100644
--- a/main/SAPI.c
+++ b/main/SAPI.c
@@ -823,6 +823,11 @@ SAPI_API int sapi_register_treat_data(void (*treat_data)(int arg, char *str, zva
return SUCCESS;
}
+SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char *val, unsigned int val_len TSRMLS_DC))
+{
+ sapi_module.input_filter = input_filter;
+ return SUCCESS;
+}
SAPI_API int sapi_flush(TSRMLS_D)
{
diff --git a/main/SAPI.h b/main/SAPI.h
index 4ecc77a8b2..1bc31b26cb 100644
--- a/main/SAPI.h
+++ b/main/SAPI.h
@@ -178,6 +178,7 @@ SAPI_API int sapi_register_post_entry(sapi_post_entry *post_entry);
SAPI_API void sapi_unregister_post_entry(sapi_post_entry *post_entry);
SAPI_API int sapi_register_default_post_reader(void (*default_post_reader)(TSRMLS_D));
SAPI_API int sapi_register_treat_data(void (*treat_data)(int arg, char *str, zval *destArray TSRMLS_DC));
+SAPI_API int sapi_register_input_filter(unsigned int (*input_filter)(int arg, char *var, char *val, unsigned int val_len TSRMLS_DC));
SAPI_API int sapi_flush(TSRMLS_D);
SAPI_API struct stat *sapi_get_stat(TSRMLS_D);
@@ -238,6 +239,8 @@ struct _sapi_module_struct {
int (*get_target_uid)(uid_t * TSRMLS_DC);
int (*get_target_gid)(gid_t * TSRMLS_DC);
+
+ unsigned int (*input_filter)(int arg, char *var, char *val, unsigned int val_len TSRMLS_DC);
};
@@ -266,10 +269,12 @@ struct _sapi_post_entry {
#define SAPI_POST_HANDLER_FUNC(post_handler) void post_handler(char *content_type_dup, void *arg TSRMLS_DC)
#define SAPI_TREAT_DATA_FUNC(treat_data) void treat_data(int arg, char *str, zval* destArray TSRMLS_DC)
+#define SAPI_INPUT_FILTER_FUNC(input_filter) unsigned int input_filter(int arg, char *var, char *val, unsigned int val_len TSRMLS_DC)
SAPI_API SAPI_POST_READER_FUNC(sapi_read_standard_form_data);
SAPI_API SAPI_POST_READER_FUNC(php_default_post_reader);
SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data);
+SAPI_API SAPI_INPUT_FILTER_FUNC(php_default_input_filter);
#define STANDARD_SAPI_MODULE_PROPERTIES
diff --git a/main/php_content_types.c b/main/php_content_types.c
index 2db3ccd7ae..53c241cbe3 100644
--- a/main/php_content_types.c
+++ b/main/php_content_types.c
@@ -77,6 +77,7 @@ int php_startup_sapi_content_types(void)
sapi_register_post_entries(php_post_entries);
sapi_register_default_post_reader(php_default_post_reader);
sapi_register_treat_data(php_default_treat_data);
+ sapi_register_input_filter(php_default_input_filter);
return SUCCESS;
}
/* }}} */
diff --git a/main/php_variables.c b/main/php_variables.c
index 233e6368db..a82c966ef8 100644
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -226,12 +226,19 @@ SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
*val++ = '\0';
php_url_decode(var, strlen(var));
val_len = php_url_decode(val, strlen(val));
+ val_len = sapi_module.input_filter(PARSE_POST, var, val, val_len TSRMLS_CC);
php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
}
var = php_strtok_r(NULL, "&", &strtok_buf);
}
}
+SAPI_API SAPI_INPUT_FILTER_FUNC(php_default_input_filter)
+{
+ /* TODO: check .ini setting here and apply user-defined input filter */
+ return val_len;
+}
+
SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
{
char *res = NULL, *var, *val, *separator=NULL;
@@ -314,6 +321,7 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
*val++ = '\0';
php_url_decode(var, strlen(var));
val_len = php_url_decode(val, strlen(val));
+ val_len = sapi_module.input_filter(arg, var, val, val_len TSRMLS_CC);
php_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);
} else {
php_url_decode(var, strlen(var));
diff --git a/main/rfc1867.c b/main/rfc1867.c
index 3c9b6d56e2..eea22ce6a8 100644
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -805,6 +805,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
value = estrdup("");
}
+ sapi_module.input_filter(PARSE_POST, param, value, strlen(value) TSRMLS_CC);
safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
if (!strcmp(param, "MAX_FILE_SIZE")) {
max_file_size = atol(value);
View Lorry Controller Status