archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

* Made ENT_* defines availabe to other functions.

Browse source 
* The key/variable names in WDDX are now html escaped to not break XML.
@- Fixed WDDX serialization to HTML-escape key/variable names so as not to
@  break the XML packet. (Andrei)
This commit is contained in:
Andrei Zmievski 2001-04-25 20:14:29 +00:00
parent a09c88cb6a
commit 07a5e3fb9c
4 changed files with 29 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

4
ext/standard/html.c
View file

@ -45,10 +45,6 @@ static char EntTable[][7] =
"uuml","yacute","thorn","yuml"
};
#define ENT_COMPAT 1
#define ENT_QUOTES 2
#define ENT_NOQUOTES 4
PHPAPI char *php_escape_html_entities(unsigned char *old, int oldlen, int *newlen, int all, int quote_style)
{
int i, maxlen, len;

4
ext/standard/html.h
View file

@ -21,6 +21,10 @@
#ifndef HTML_H
#define HTML_H
#define ENT_COMPAT 1
#define ENT_QUOTES 2
#define ENT_NOQUOTES 4
void register_html_constants(INIT_FUNC_ARGS);
PHP_FUNCTION(htmlspecialchars);

2
ext/wddx/php_wddx_api.h
View file

@ -59,7 +59,7 @@ wddx_packet *php_wddx_constructor(void);
void php_wddx_packet_start(wddx_packet *packet, char *comment, int comment_len);
void php_wddx_packet_end(wddx_packet *packet);
void php_wddx_serialize_var(wddx_packet *packet, zval *var, char *name);
void php_wddx_serialize_var(wddx_packet *packet, zval *var, char *name, int name_len);
int php_wddx_deserialize_ex(char *, int, zval *return_value);
#define php_wddx_gather(packet) estrndup(packet->c, packet->len)

40
ext/wddx/wddx.c
View file

@ -41,6 +41,7 @@
#include "ext/standard/base64.h"
#include "ext/standard/info.h"
#include "ext/standard/php_smart_str.h"
#include "ext/standard/html.h"
#define WDDX_BUF_LEN 256
#define PHP_CLASS_NAME_VAR "php_class_name"
@ -368,13 +369,15 @@ static void php_wddx_serialize_object(wddx_packet *packet, zval *obj)
}
if (zend_hash_find(HASH_OF(obj), Z_STRVAL_PP(varname), Z_STRLEN_PP(varname)+1, (void **)&ent) == SUCCESS) {
php_wddx_serialize_var(packet, *ent, Z_STRVAL_PP(varname));
php_wddx_serialize_var(packet, *ent, Z_STRVAL_PP(varname), Z_STRLEN_PP(varname));
}
}
php_wddx_add_chunk_static(packet, WDDX_STRUCT_E);
}
} else {
ulong key_len;
PHP_CLASS_ATTRIBUTES;
PHP_SET_CLASS_ATTRIBUTES(obj);
@ -395,11 +398,11 @@ static void php_wddx_serialize_object(wddx_packet *packet, zval *obj)
if (*ent == obj)
continue;
if (zend_hash_get_current_key(HASH_OF(obj), &key, &idx, 0) == HASH_KEY_IS_STRING) {
php_wddx_serialize_var(packet, *ent, key);
if (zend_hash_get_current_key_ex(HASH_OF(obj), &key, &key_len, &idx, 0, NULL) == HASH_KEY_IS_STRING) {
php_wddx_serialize_var(packet, *ent, key, key_len);
} else {
sprintf(tmp_buf, "%ld", idx);
php_wddx_serialize_var(packet, *ent, tmp_buf);
key_len = sprintf(tmp_buf, "%ld", idx);
php_wddx_serialize_var(packet, *ent, tmp_buf, key_len);
}
}
php_wddx_add_chunk_static(packet, WDDX_STRUCT_E);
@ -416,6 +419,7 @@ static void php_wddx_serialize_array(wddx_packet *packet, zval *arr)
{
zval **ent;
char *key;
ulong key_len;
int is_struct = 0, ent_type;
ulong idx;
HashTable *target_hash;
@ -442,7 +446,7 @@ static void php_wddx_serialize_array(wddx_packet *packet, zval *arr)
}
ind++;
}
}
if (is_struct) {
php_wddx_add_chunk_static(packet, WDDX_STRUCT_S);
@ -458,16 +462,16 @@ static void php_wddx_serialize_array(wddx_packet *packet, zval *arr)
continue;
if (is_struct) {
ent_type = zend_hash_get_current_key(target_hash, &key, &idx, 0);
ent_type = zend_hash_get_current_key_ex(target_hash, &key, &key_len, &idx, 0, NULL);
if (ent_type == HASH_KEY_IS_STRING) {
php_wddx_serialize_var(packet, *ent, key);
php_wddx_serialize_var(packet, *ent, key, key_len);
} else {
sprintf(tmp_buf, "%ld", idx);
php_wddx_serialize_var(packet, *ent, tmp_buf);
key_len = sprintf(tmp_buf, "%ld", idx);
php_wddx_serialize_var(packet, *ent, tmp_buf, key_len);
}
} else
php_wddx_serialize_var(packet, *ent, NULL);
php_wddx_serialize_var(packet, *ent, NULL, 0);
}
if (is_struct) {
@ -478,13 +482,17 @@ static void php_wddx_serialize_array(wddx_packet *packet, zval *arr)
}
void php_wddx_serialize_var(wddx_packet *packet, zval *var, char *name)
void php_wddx_serialize_var(wddx_packet *packet, zval *var, char *name, int name_len)
{
char tmp_buf[WDDX_BUF_LEN];
char *name_esc;
int name_esc_len;
if (name) {
sprintf(tmp_buf, WDDX_VAR_S, name);
name_esc = php_escape_html_entities(name, name_len, &name_esc_len, 0, ENT_QUOTES);
sprintf(tmp_buf, WDDX_VAR_S, name_esc);
php_wddx_add_chunk(packet, tmp_buf);
efree(name_esc);
}
switch(Z_TYPE_P(var)) {
@ -530,7 +538,7 @@ static void php_wddx_add_var(wddx_packet *packet, zval *name_var)
{
if (zend_hash_find(EG(active_symbol_table), Z_STRVAL_P(name_var),
Z_STRLEN_P(name_var)+1, (void**)&val) != FAILURE) {
php_wddx_serialize_var(packet, *val, Z_STRVAL_P(name_var));
php_wddx_serialize_var(packet, *val, Z_STRVAL_P(name_var), Z_STRLEN_P(name_var));
}
}
else if (Z_TYPE_P(name_var) == IS_ARRAY || Z_TYPE_P(name_var) == IS_OBJECT)
@ -887,7 +895,7 @@ PHP_FUNCTION(wddx_serialize_value)
else
php_wddx_packet_start(packet, NULL, 0);
php_wddx_serialize_var(packet, (*var), NULL);
php_wddx_serialize_var(packet, (*var), NULL, 0);
php_wddx_packet_end(packet);
ZVAL_STRINGL(return_value, packet->c, packet->len, 1);