archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 06:58:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

- remove magic_quotes_gpc, magic_quotes_runtime, magic_quotes_sybase

Browse source 
(calling ini_set('magic_....') returns 0|false
- get_magic_quotes_gpc, get_magic_quotes_runtime are kept but always return false
- set_magic_quotes_runtime raises an E_CORE_ERROR
This commit is contained in:
Pierre Joye 2006-03-08 00:43:32 +00:00
parent b7d6d705f1
commit bb1ec86f9d
44 changed files with 105 additions and 525 deletions
Download patch file Download diff file Expand all files Collapse all files

4
NEWS
View file

@ -5,6 +5,10 @@ PHP NEWS
- Droped register_globals support (Pierre) - Droped register_globals support (Pierre)
- session_register, session_unregister and session_is_registered removed they - session_register, session_unregister and session_is_registered removed they
depend on register_globals depend on register_globals
- Droped magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase ini
settings (Pierre)
- get_magic_quotes_gpc, get_magic_quotes_runtime are kept but always return
false, set_magic_quotes_runtime raises an E_CORE_ERROR
- Freetype 1.x and GD 1.x support removed (Pierre) - Freetype 1.x and GD 1.x support removed (Pierre)
- Cleaned CGI code. Now FastCGI can not be disabled. See sapi/cgi/CHANGES - Cleaned CGI code. Now FastCGI can not be disabled. See sapi/cgi/CHANGES
for more details. (Dmitry) for more details. (Dmitry)

6
ext/bz2/bz2.c
View file

@ -292,12 +292,6 @@ PHP_FUNCTION(bzread)
Z_STRVAL_P(return_value)[Z_STRLEN_P(return_value)] = 0; Z_STRVAL_P(return_value)[Z_STRLEN_P(return_value)] = 0;
if (PG(magic_quotes_runtime)) {
Z_STRVAL_P(return_value) = php_addslashes( Z_STRVAL_P(return_value),
Z_STRLEN_P(return_value),
&Z_STRLEN_P(return_value), 1 TSRMLS_CC);
}
Z_TYPE_P(return_value) = IS_STRING; Z_TYPE_P(return_value) = IS_STRING;
} }
/* }}} */ /* }}} */

23
ext/dba/dba.c
View file

@ -474,22 +474,10 @@ static void php_dba_update(INTERNAL_FUNCTION_PARAMETERS, int mode)
DBA_WRITE_CHECK; DBA_WRITE_CHECK;
if (PG(magic_quotes_runtime)) { if(info->hnd->update(info, key_str, key_len, VALLEN(val), mode TSRMLS_CC) == SUCCESS)
len = Z_STRLEN_PP(val); {
v = estrndup(Z_STRVAL_PP(val), len); DBA_ID_DONE;
php_stripslashes(v, &len TSRMLS_CC); RETURN_TRUE;
if(info->hnd->update(info, key_str, key_len, v, len, mode TSRMLS_CC) == SUCCESS) {
efree(v);
DBA_ID_DONE;
RETURN_TRUE;
}
efree(v);
} else {
if(info->hnd->update(info, key_str, key_len, VALLEN(val), mode TSRMLS_CC) == SUCCESS)
{
DBA_ID_DONE;
RETURN_TRUE;
}
} }
DBA_ID_DONE; DBA_ID_DONE;
RETURN_FALSE; RETURN_FALSE;
@ -937,9 +925,6 @@ PHP_FUNCTION(dba_fetch)
skip = 0; skip = 0;
} }
if((val = info->hnd->fetch(info, key_str, key_len, skip, &len TSRMLS_CC)) != NULL) { if((val = info->hnd->fetch(info, key_str, key_len, skip, &len TSRMLS_CC)) != NULL) {
if (val && PG(magic_quotes_runtime)) {
val = php_addslashes(val, len, &len, 1 TSRMLS_CC);
}
DBA_ID_DONE; DBA_ID_DONE;
RETURN_STRINGL(val, len, 0); RETURN_STRINGL(val, len, 0);
} }

1
ext/dba/tests/dba008.phpt
View file

@ -2,6 +2,7 @@
DBA magic_quotes_runtime Test DBA magic_quotes_runtime Test
--SKIPIF-- --SKIPIF--
<?php <?php
die('skip, magic_quotes removed');
require_once('skipif.inc'); require_once('skipif.inc');
die("info $HND handler used"); die("info $HND handler used");
?> ?>

4
ext/dba/tests/dba_cdb_make.phpt
View file

@ -1,7 +1,5 @@
--TEST-- --TEST--
DBA CDB_MAKE handler test DBA CDB_MAKE handler test
--INI--
magic_quotes_runtime=1
--SKIPIF-- --SKIPIF--
<?php <?php
$handler = 'cdb_make'; $handler = 'cdb_make';
@ -35,4 +33,4 @@ magic_quotes_runtime=1
--EXPECT-- --EXPECT--
database handler: cdb_make database handler: cdb_make
string(32) "12fc5ba2b9dcfef2480e5324eeb5f3e5" string(32) "12fc5ba2b9dcfef2480e5324eeb5f3e5"
string(32) "12fc5ba2b9dcfef2480e5324eeb5f3e5" string(32) "12fc5ba2b9dcfef2480e5324eeb5f3e5"

33
ext/exif/exif.c
View file

@ -1578,11 +1578,7 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c
case TAG_FMT_STRING: case TAG_FMT_STRING:
if (value) { if (value) {
length = php_strnlen(value, length); length = php_strnlen(value, length);
if (PG(magic_quotes_runtime)) { info_value->s = estrndup(value, length);
info_value->s = php_addslashes(value, length, &length, 0 TSRMLS_CC);
} else {
info_value->s = estrndup(value, length);
}
info_data->length = length; info_data->length = length;
} else { } else {
info_data->length = 0; info_data->length = 0;
@ -1604,12 +1600,7 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c
break; break;
case TAG_FMT_UNDEFINED: case TAG_FMT_UNDEFINED:
if (value) { if (value) {
/* do not recompute length here */ info_value->s = estrndup(value, length);
if (PG(magic_quotes_runtime)) {
info_value->s = php_addslashes(value, length, &length, 0 TSRMLS_CC);
} else {
info_value->s = estrndup(value, length);
}
info_data->length = length; info_data->length = length;
} else { } else {
info_data->length = 0; info_data->length = 0;
@ -1731,11 +1722,7 @@ static void exif_iif_add_str(image_info_type *image_info, int section_index, cha
info_data->format = TAG_FMT_STRING; info_data->format = TAG_FMT_STRING;
info_data->length = 1; info_data->length = 1;
info_data->name = estrdup(name); info_data->name = estrdup(name);
if (PG(magic_quotes_runtime)) { info_data->value.s = estrdup(value);
info_data->value.s = php_addslashes(value, strlen(value), NULL, 0 TSRMLS_CC);
} else {
info_data->value.s = estrdup(value);
}
image_info->sections_found |= 1<<section_index; image_info->sections_found |= 1<<section_index;
image_info->info_list[section_index].count++; image_info->info_list[section_index].count++;
} }
@ -1776,17 +1763,9 @@ static void exif_iif_add_buffer(image_info_type *image_info, int section_index,
info_data->format = TAG_FMT_UNDEFINED; info_data->format = TAG_FMT_UNDEFINED;
info_data->length = length; info_data->length = length;
info_data->name = estrdup(name); info_data->name = estrdup(name);
if (PG(magic_quotes_runtime)) { info_data->value.s = safe_emalloc(length, 1, 1);
#ifdef EXIF_DEBUG memcpy(info_data->value.s, value, length);
exif_error_docref(NULL EXIFERR_CC, image_info, E_NOTICE, "Adding %s as buffer%s", name, exif_char_dump(value, length, 0)); info_data->value.s[length] = 0;
#endif
info_data->value.s = php_addslashes(value, length, &length, 0 TSRMLS_CC);
info_data->length = length;
} else {
info_data->value.s = safe_emalloc(length, 1, 1);
memcpy(info_data->value.s, value, length);
info_data->value.s[length] = 0;
}
image_info->sections_found |= 1<<section_index; image_info->sections_found |= 1<<section_index;
image_info->info_list[section_index].count++; image_info->info_list[section_index].count++;
} }

1
ext/exif/tests/bug34704.phpt
View file

@ -3,7 +3,6 @@ Bug #34704 (Infinite recursion due to corrupt JPEG)
--SKIPIF-- --SKIPIF--
<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?> <?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
--INI-- --INI--
magic_quotes_runtime=0
output_handler= output_handler=
zlib.output_compression=0 zlib.output_compression=0
--FILE-- --FILE--

1
ext/exif/tests/exif002.phpt
View file

@ -3,7 +3,6 @@ Check for exif_thumbnail
--SKIPIF-- --SKIPIF--
<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?> <?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
--INI-- --INI--
magic_quotes_runtime=0
output_handler= output_handler=
zlib.output_compression=0 zlib.output_compression=0
--FILE-- --FILE--

3
ext/exif/tests/exif006.phpt
View file

@ -2,8 +2,7 @@
Check for exif_read_data, magic_quotes_runtime Check for exif_read_data, magic_quotes_runtime
--SKIPIF-- --SKIPIF--
<?php <?php
if (!extension_loaded('exif')) die('skip exif extension not available'); die('skip magic_quotes removed');
if (version_compare(PHP_VERSION, "4.4.0-dev", "<")) die('skip PHP 4.4 required');
?> ?>
--INI-- --INI--
output_handler= output_handler=

1
ext/iconv/tests/translit-utf8.phpt
View file

@ -6,7 +6,6 @@ include('skipif.inc');
( ICONV_IMPL != "libiconv" ) and die("skip ICONV_IMPL != \"libiconv\""); ( ICONV_IMPL != "libiconv" ) and die("skip ICONV_IMPL != \"libiconv\"");
?> ?>
--INI-- --INI--
magic_quotes_runtime=0
error_reporting=2047 error_reporting=2047
--FILE-- --FILE--
<?php // vim600: syn=php <?php // vim600: syn=php

7
ext/interbase/ibase_query.c
View file

@ -1302,12 +1302,7 @@ static int _php_ibase_var_zval(zval *val, void *data, int type, int len, /* {{{
data = ((IBVARY *) data)->vary_string; data = ((IBVARY *) data)->vary_string;
/* no break */ /* no break */
case SQL_TEXT: case SQL_TEXT:
if (PG(magic_quotes_runtime)) { ZVAL_STRINGL(val,(char *) data,len,1);
Z_STRVAL_P(val) = php_addslashes(data, len, &Z_STRLEN_P(val), 0 TSRMLS_CC);
Z_TYPE_P(val) = IS_STRING;
} else {
ZVAL_STRINGL(val,(char *) data,len,1);
}
break; break;
case SQL_SHORT: case SQL_SHORT:
n = *(short *) data; n = *(short *) data;

2
ext/mhash/tests/001.phpt
View file

@ -1,7 +1,5 @@
--TEST-- --TEST--
mhash() test mhash() test
--INI--
magic_quotes_runtime=0
--SKIPIF-- --SKIPIF--
<?php <?php
include "skip.inc"; include "skip.inc";

19
ext/msql/php_msql.c
View file

@ -844,12 +844,8 @@ PHP_FUNCTION(msql_result)
} }
if (sql_row[field_offset]) { if (sql_row[field_offset]) {
if (PG(magic_quotes_runtime)) { Z_STRLEN_P(return_value) = (sql_row[field_offset]?strlen(sql_row[field_offset]):0);
Z_STRVAL_P(return_value) = php_addslashes(sql_row[field_offset],0,&Z_STRLEN_P(return_value),0 TSRMLS_CC); Z_STRVAL_P(return_value) = (char *) safe_estrndup(sql_row[field_offset],Z_STRLEN_P(return_value));
} else {
Z_STRLEN_P(return_value) = (sql_row[field_offset]?strlen(sql_row[field_offset]):0);
Z_STRVAL_P(return_value) = (char *) safe_estrndup(sql_row[field_offset],Z_STRLEN_P(return_value));
}
Z_TYPE_P(return_value) = IS_STRING; Z_TYPE_P(return_value) = IS_STRING;
} else { } else {
ZVAL_FALSE(return_value); ZVAL_FALSE(return_value);
@ -940,14 +936,9 @@ static void php_msql_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, int result_type)
int data_len; int data_len;
int should_copy; int should_copy;
if (PG(magic_quotes_runtime)) { data = msql_row[i];
data = php_addslashes(msql_row[i], 0, &data_len, 0 TSRMLS_CC); data_len = strlen(data);
should_copy = 0; should_copy = 1;
} else {
data = msql_row[i];
data_len = strlen(data);
should_copy = 1;
}
if (result_type & MSQL_NUM) { if (result_type & MSQL_NUM) {
add_index_stringl(return_value, i, data, data_len, should_copy); add_index_stringl(return_value, i, data, data_len, should_copy);

13
ext/mssql/php_mssql.c
View file

@ -1417,16 +1417,9 @@ static void php_mssql_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, int result_type,
int should_copy; int should_copy;
if (Z_TYPE(result->data[result->cur_row][i]) == IS_STRING) { if (Z_TYPE(result->data[result->cur_row][i]) == IS_STRING) {
if (PG(magic_quotes_runtime)) { data = Z_STRVAL(result->data[result->cur_row][i]);
data = php_addslashes(Z_STRVAL(result->data[result->cur_row][i]), Z_STRLEN(result->data[result->cur_row][i]), &data_len, 0 TSRMLS_CC); data_len = Z_STRLEN(result->data[result->cur_row][i]);
should_copy = 0; should_copy = 1;
}
else
{
data = Z_STRVAL(result->data[result->cur_row][i]);
data_len = Z_STRLEN(result->data[result->cur_row][i]);
should_copy = 1;
}
if (result_type & MSSQL_NUM) { if (result_type & MSSQL_NUM) {
add_index_stringl(return_value, i, data, data_len, should_copy); add_index_stringl(return_value, i, data, data_len, should_copy);

16
ext/mysql/php_mysql.c
View file

@ -1841,13 +1841,8 @@ PHP_FUNCTION(mysql_result)
if (sql_row[field_offset]) { if (sql_row[field_offset]) {
Z_TYPE_P(return_value) = IS_STRING; Z_TYPE_P(return_value) = IS_STRING;
Z_STRLEN_P(return_value) = sql_row_lengths[field_offset];
if (PG(magic_quotes_runtime)) { Z_STRVAL_P(return_value) = (char *) safe_estrndup(sql_row[field_offset], Z_STRLEN_P(return_value));
Z_STRVAL_P(return_value) = php_addslashes(sql_row[field_offset], sql_row_lengths[field_offset],&Z_STRLEN_P(return_value), 0 TSRMLS_CC);
} else {
Z_STRLEN_P(return_value) = sql_row_lengths[field_offset];
Z_STRVAL_P(return_value) = (char *) safe_estrndup(sql_row[field_offset], Z_STRLEN_P(return_value));
}
} else { } else {
Z_TYPE_P(return_value) = IS_NULL; Z_TYPE_P(return_value) = IS_NULL;
} }
@ -1970,12 +1965,7 @@ static void php_mysql_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, int result_type,
MAKE_STD_ZVAL(data); MAKE_STD_ZVAL(data);
if (PG(magic_quotes_runtime)) { ZVAL_STRINGL(data, mysql_row[i], mysql_row_lengths[i], 1);
Z_TYPE_P(data) = IS_STRING;
Z_STRVAL_P(data) = php_addslashes(mysql_row[i], mysql_row_lengths[i], &Z_STRLEN_P(data), 0 TSRMLS_CC);
} else {
ZVAL_STRINGL(data, mysql_row[i], mysql_row_lengths[i], 1);
}
if (result_type & MYSQL_NUM) { if (result_type & MYSQL_NUM) {
add_index_zval(return_value, i, data); add_index_zval(return_value, i, data);

8
ext/mysqli/mysqli.c
View file

@ -815,13 +815,7 @@ void php_mysqli_fetch_into_hash(INTERNAL_FUNCTION_PARAMETERS, int override_flags
MAKE_STD_ZVAL(res); MAKE_STD_ZVAL(res);
/* check if we need magic quotes */ ZVAL_STRINGL(res, row[i], field_len[i], 1);
if (PG(magic_quotes_runtime)) {
Z_TYPE_P(res) = IS_STRING;
Z_STRVAL_P(res) = php_addslashes(row[i], field_len[i], &Z_STRLEN_P(res), 0 TSRMLS_CC);
} else {
ZVAL_STRINGL(res, row[i], field_len[i], 1);
}
if (fetchtype & MYSQLI_NUM) { if (fetchtype & MYSQLI_NUM) {
add_index_zval(return_value, i, res); add_index_zval(return_value, i, res);

1
ext/pcre/config0.m4
View file

@ -16,6 +16,7 @@ if test "$PHP_PCRE_REGEX" != "no"; then
PHP_NEW_EXTENSION(pcre, pcrelib/pcre_chartables.c pcrelib/pcre_ucp_searchfuncs.c pcrelib/pcre_compile.c pcrelib/pcre_config.c pcrelib/pcre_dfa_exec.c pcrelib/pcre_exec.c pcrelib/pcre_fullinfo.c pcrelib/pcre_get.c pcrelib/pcre_globals.c pcrelib/pcre_info.c pcrelib/pcre_maketables.c pcrelib/pcre_ord2utf8.c pcrelib/pcre_refcount.c pcrelib/pcre_study.c pcrelib/pcre_tables.c pcrelib/pcre_try_flipped.c pcrelib/pcre_valid_utf8.c pcrelib/pcre_version.c pcrelib/pcre_xclass.c php_pcre.c, $ext_shared,,-DEXPORT= -DNEWLINE=10 -DSUPPORT_UTF8 -DSUPPORT_UCP -DLINK_SIZE=2 -DPOSIX_MALLOC_THRESHOLD=10 -DMATCH_LIMIT=10000000 -DMATCH_LIMIT_RECURSION=10000000 -I@ext_srcdir@/pcrelib) PHP_NEW_EXTENSION(pcre, pcrelib/pcre_chartables.c pcrelib/pcre_ucp_searchfuncs.c pcrelib/pcre_compile.c pcrelib/pcre_config.c pcrelib/pcre_dfa_exec.c pcrelib/pcre_exec.c pcrelib/pcre_fullinfo.c pcrelib/pcre_get.c pcrelib/pcre_globals.c pcrelib/pcre_info.c pcrelib/pcre_maketables.c pcrelib/pcre_ord2utf8.c pcrelib/pcre_refcount.c pcrelib/pcre_study.c pcrelib/pcre_tables.c pcrelib/pcre_try_flipped.c pcrelib/pcre_valid_utf8.c pcrelib/pcre_version.c pcrelib/pcre_xclass.c php_pcre.c, $ext_shared,,-DEXPORT= -DNEWLINE=10 -DSUPPORT_UTF8 -DSUPPORT_UCP -DLINK_SIZE=2 -DPOSIX_MALLOC_THRESHOLD=10 -DMATCH_LIMIT=10000000 -DMATCH_LIMIT_RECURSION=10000000 -I@ext_srcdir@/pcrelib)
PHP_ADD_BUILD_DIR($ext_builddir/pcrelib) PHP_ADD_BUILD_DIR($ext_builddir/pcrelib)
PHP_INSTALL_HEADERS([ext/pcre], [php_pcre.h pcrelib/]) PHP_INSTALL_HEADERS([ext/pcre], [php_pcre.h pcrelib/])
PHP_ADD_INCLUDE(pcrelib)
AC_DEFINE(HAVE_BUNDLED_PCRE, 1, [ ]) AC_DEFINE(HAVE_BUNDLED_PCRE, 1, [ ])
else else
for i in $PHP_PCRE_REGEX $PHP_PCRE_REGEX/include $PHP_PCRE_REGEX/include/pcre; do for i in $PHP_PCRE_REGEX $PHP_PCRE_REGEX/include $PHP_PCRE_REGEX/include/pcre; do

8
ext/pcre/pcrelib/pcre_internal.h
View file

@ -70,7 +70,15 @@ all, it had only been about 10 years then... */
#else #else
# include <php_config.h> # include <php_config.h>
#endif #endif
/*
#ifndef MATCH_LIMIT
#define MATCH_LIMIT 10000000
#endif
#ifndef MATCH_LIMIT_RECURSION
#define MATCH_LIMIT_RECURSION MATCH_LIMIT
#endif
*/
/* Standard C headers plus the external interface definition. The only time /* Standard C headers plus the external interface definition. The only time
setjmp and stdarg are used is when NO_RECURSE is set. */ setjmp and stdarg are used is when NO_RECURSE is set. */

2
ext/pcre/tests/bug33200.phpt
View file

@ -1,5 +1,7 @@
--TEST-- --TEST--
Bug #33200 (magic_quotes_sybase = On makes 'e' modifier misbehave) Bug #33200 (magic_quotes_sybase = On makes 'e' modifier misbehave)
--SKIPIF--
die('skip magic_quotes removed');
--INI-- --INI--
magic_quotes_sybase=1 magic_quotes_sybase=1
--FILE-- --FILE--

1
ext/pdo/tests/pdo_test.inc
View file

@ -11,7 +11,6 @@ if (getenv('PDOTEST_DSN') === false) {
$append = true; $append = true;
} }
} }
if (ini_get('magic_quotes_runtime')) $common = stripslashes($common);
$conf = eval($common); $conf = eval($common);
foreach($conf['ENV'] as $n=>$v) putenv("$n=$v"); foreach($conf['ENV'] as $n=>$v) putenv("$n=$v");
} }

17
ext/pgsql/pgsql.c
View file

@ -1962,12 +1962,8 @@ static void php_pgsql_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, long result_type,
int data_len; int data_len;
int should_copy=0; int should_copy=0;
if (PG(magic_quotes_runtime)) { data = safe_estrndup(element, element_len);
data = php_addslashes(element, element_len, &data_len, 0 TSRMLS_CC); data_len = element_len;
} else {
data = safe_estrndup(element, element_len);
data_len = element_len;
}
if (result_type & PGSQL_NUM) { if (result_type & PGSQL_NUM) {
add_index_stringl(return_value, i, data, data_len, should_copy); add_index_stringl(return_value, i, data, data_len, should_copy);
@ -5583,12 +5579,9 @@ PHP_PGSQL_API int php_pgsql_result2array(PGresult *pg_result, zval *ret_array TS
element = PQgetvalue(pg_result, pg_row, i); element = PQgetvalue(pg_result, pg_row, i);
element_len = (element ? strlen(element) : 0); element_len = (element ? strlen(element) : 0);
if (element) { if (element) {
if (PG(magic_quotes_runtime)) { data = safe_estrndup(element, element_len);
data = php_addslashes(element, element_len, &data_len, 0 TSRMLS_CC); data_len = element_len;
} else {
data = safe_estrndup(element, element_len);
data_len = element_len;
}
field_name = PQfname(pg_result, i); field_name = PQfname(pg_result, i);
add_assoc_stringl(row, field_name, data, data_len, 0); add_assoc_stringl(row, field_name, data, data_len, 0);
} }

5
ext/spl/examples/dbaarray.inc
View file

@ -51,9 +51,6 @@ class DbaArray extends DbaReader implements ArrayAccess
{ {
$data = dba_fetch($name, $this->db); $data = dba_fetch($name, $this->db);
if($data) { if($data) {
if (ini_get('magic_quotes_runtime')) {
$data = stripslashes($data);
}
//return unserialize($data); //return unserialize($data);
return $data; return $data;
} }
@ -95,4 +92,4 @@ class DbaArray extends DbaReader implements ArrayAccess
} }
} }
?> ?>

13
ext/spl/spl_directory.c
View file

@ -1353,11 +1353,6 @@ static int spl_filesystem_file_read(spl_filesystem_object *intern, int silent TS
buf[line_len] = '\0'; buf[line_len] = '\0';
} }
if (PG(magic_quotes_runtime)) {
buf = php_addslashes(buf, line_len, &len, 1 TSRMLS_CC);
line_len = len;
}
intern->u.file.current_line = buf; intern->u.file.current_line = buf;
intern->u.file.current_line_len = line_len; intern->u.file.current_line_len = line_len;
} }
@ -1842,14 +1837,6 @@ SPL_METHOD(SplFileObject, fwrite)
RETURN_LONG(0); RETURN_LONG(0);
} }
if (PG(magic_quotes_runtime)) {
str = estrndup(str, str_len);
php_stripslashes(str, &str_len TSRMLS_CC);
ret = php_stream_write(intern->u.file.stream, str, str_len);
efree(str);
RETURN_LONG(ret);
}
RETURN_LONG(php_stream_write(intern->u.file.stream, str, str_len)); RETURN_LONG(php_stream_write(intern->u.file.stream, str, str_len));
} /* }}} */ } /* }}} */

39
ext/standard/basic_functions.c
View file

@ -442,11 +442,11 @@ zend_function_entry basic_functions[] = {
PHP_FE(get_current_user, NULL) PHP_FE(get_current_user, NULL)
PHP_FE(set_time_limit, NULL) PHP_FE(set_time_limit, NULL)
PHP_FE(get_cfg_var, NULL) PHP_FE(get_cfg_var, NULL)
PHP_FALIAS(magic_quotes_runtime, set_magic_quotes_runtime, NULL) PHP_DEP_FALIAS(magic_quotes_runtime, set_magic_quotes_runtime, NULL)
PHP_FE(set_magic_quotes_runtime, NULL) PHP_DEP_FE(set_magic_quotes_runtime, NULL)
PHP_FE(get_magic_quotes_gpc, NULL) PHP_DEP_FE(get_magic_quotes_gpc, NULL)
PHP_FE(get_magic_quotes_runtime, NULL) PHP_DEP_FE(get_magic_quotes_runtime, NULL)
PHP_FE(import_request_variables, NULL) PHP_FE(import_request_variables, NULL)
PHP_FE(error_log, NULL) PHP_FE(error_log, NULL)
PHP_FE(call_user_func, NULL) PHP_FE(call_user_func, NULL)
@ -1151,9 +1151,6 @@ PHP_RINIT_FUNCTION(basic)
PHP_RINIT(dir)(INIT_FUNC_ARGS_PASSTHRU); PHP_RINIT(dir)(INIT_FUNC_ARGS_PASSTHRU);
PHP_RINIT(url_scanner_ex)(INIT_FUNC_ARGS_PASSTHRU); PHP_RINIT(url_scanner_ex)(INIT_FUNC_ARGS_PASSTHRU);
/* Reset magic_quotes_runtime */
PG(magic_quotes_runtime) = INI_BOOL("magic_quotes_runtime");
/* Setup default context */ /* Setup default context */
FG(default_context) = NULL; FG(default_context) = NULL;
@ -1823,38 +1820,20 @@ PHP_FUNCTION(get_cfg_var)
} }
/* }}} */ /* }}} */
/* {{{ proto bool set_magic_quotes_runtime(int new_setting)
Set the current active configuration setting of magic_quotes_runtime and return previous */
PHP_FUNCTION(set_magic_quotes_runtime) PHP_FUNCTION(set_magic_quotes_runtime)
{ {
zval **new_setting; php_error_docref(NULL TSRMLS_CC, E_CORE_ERROR, "magic_quotes_runtime is not supported anymore");
RETURN_FALSE;
if (ZEND_NUM_ARGS() != 1 || zend_get_parameters_ex(1, &new_setting) == FAILURE) {
RETURN_FALSE;
}
convert_to_boolean_ex(new_setting);
PG(magic_quotes_runtime) = (zend_bool) Z_LVAL_PP(new_setting);
RETURN_TRUE;
} }
/* }}} */
/* {{{ proto int get_magic_quotes_runtime(void)
Get the current active configuration setting of magic_quotes_runtime */
PHP_FUNCTION(get_magic_quotes_runtime) PHP_FUNCTION(get_magic_quotes_runtime)
{ {
RETURN_LONG(PG(magic_quotes_runtime)); RETURN_FALSE;
} }
/* }}} */
/* {{{ proto int get_magic_quotes_gpc(void)
Get the current active configuration setting of magic_quotes_gpc */
PHP_FUNCTION(get_magic_quotes_gpc) PHP_FUNCTION(get_magic_quotes_gpc)
{ {
RETURN_LONG(PG(magic_quotes_gpc)); RETURN_FALSE;
} }
/* }}} */
/* /*
1st arg = error message 1st arg = error message

9
ext/standard/exec.c
View file

@ -135,14 +135,7 @@ int php_exec(int type, char *cmd, zval *array, zval *return_value TSRMLS_DC)
} }
/* Return last line from the shell command */ /* Return last line from the shell command */
if (PG(magic_quotes_runtime)) { RETVAL_STRINGL(buf, bufl, 1);
int len;
tmp = php_addslashes(buf, bufl, &len, 0 TSRMLS_CC);
RETVAL_STRINGL(tmp, len, 0);
} else {
RETVAL_STRINGL(buf, bufl, 1);
}
} else { /* should return NULL, but for BC we return "" */ } else { /* should return NULL, but for BC we return "" */
RETVAL_EMPTY_STRING(); RETVAL_EMPTY_STRING();
} }

66
ext/standard/file.c
View file

@ -413,11 +413,7 @@ PHP_FUNCTION(get_meta_tags)
have_name = 1; have_name = 1;
} else if (saw_content) { } else if (saw_content) {
/* Get the CONTENT attr (Single word attr, non-quoted) */ /* Get the CONTENT attr (Single word attr, non-quoted) */
if (PG(magic_quotes_runtime)) { value = estrndup(md.token_data, md.token_len);
value = php_addslashes(md.token_data, 0, &md.token_len, 0 TSRMLS_CC);
} else {
value = estrndup(md.token_data, md.token_len);
}
have_content = 1; have_content = 1;
} }
@ -451,11 +447,7 @@ PHP_FUNCTION(get_meta_tags)
have_name = 1; have_name = 1;
} else if (saw_content) { } else if (saw_content) {
/* Get the CONTENT attr (Single word attr, non-quoted) */ /* Get the CONTENT attr (Single word attr, non-quoted) */
if (PG(magic_quotes_runtime)) { value = estrndup(md.token_data, md.token_len);
value = php_addslashes(md.token_data, 0, &md.token_len, 0 TSRMLS_CC);
} else {
value = estrndup(md.token_data, md.token_len);
}
have_content = 1; have_content = 1;
} }
@ -543,12 +535,6 @@ PHP_FUNCTION(file_get_contents)
/* uses mmap if possible */ /* uses mmap if possible */
if ((len = php_stream_copy_to_mem(stream, &contents, maxlen, 0)) > 0) { if ((len = php_stream_copy_to_mem(stream, &contents, maxlen, 0)) > 0) {
if (PG(magic_quotes_runtime)) {
contents = php_addslashes(contents, len, &newlen, 1 TSRMLS_CC); /* 1 = free source string */
len = newlen;
}
RETVAL_STRINGL(contents, len, 0); RETVAL_STRINGL(contents, len, 0);
} else if (len == 0) { } else if (len == 0) {
RETVAL_EMPTY_STRING(); RETVAL_EMPTY_STRING();
@ -778,13 +764,7 @@ PHP_FUNCTION(file)
do { do {
p++; p++;
parse_eol: parse_eol:
if (PG(magic_quotes_runtime)) { add_index_stringl(return_value, i++, estrndup(s, p-s), p-s, 0);
/* s is in target_buf which is freed at the end of the function */
slashed = php_addslashes(s, (p-s), &len, 0 TSRMLS_CC);
add_index_stringl(return_value, i++, slashed, len, 0);
} else {
add_index_stringl(return_value, i++, estrndup(s, p-s), p-s, 0);
}
s = p; s = p;
} while ((p = memchr(p, eol_marker, (e-p)))); } while ((p = memchr(p, eol_marker, (e-p))));
} else { } else {
@ -793,13 +773,7 @@ parse_eol:
s = ++p; s = ++p;
continue; continue;
} }
if (PG(magic_quotes_runtime)) { add_index_stringl(return_value, i++, estrndup(s, p-s), p-s, 0);
/* s is in target_buf which is freed at the end of the function */
slashed = php_addslashes(s, (p-s), &len, 0 TSRMLS_CC);
add_index_stringl(return_value, i++, slashed, len, 0);
} else {
add_index_stringl(return_value, i++, estrndup(s, p-s), p-s, 0);
}
s = ++p; s = ++p;
} while ((p = memchr(p, eol_marker, (e-p)))); } while ((p = memchr(p, eol_marker, (e-p))));
} }
@ -1038,18 +1012,9 @@ PHPAPI PHP_FUNCTION(fgets)
} }
if (is_unicode) { if (is_unicode) {
/* UTODO: magic_quotes_runtime */
RETURN_UNICODEL(buf, num_chars, 0); RETURN_UNICODEL(buf, num_chars, 0);
} else { } else {
if (PG(magic_quotes_runtime)) {
int len;
char *str;
str = php_addslashes((char*)buf, num_bytes, &len, 1 TSRMLS_CC);
RETURN_STRINGL(str, len, 0);
} else {
RETURN_STRINGL((char*)buf, num_bytes, 0); RETURN_STRINGL((char*)buf, num_bytes, 0);
}
} }
} }
/* }}} */ /* }}} */
@ -1248,9 +1213,6 @@ PHPAPI PHP_FUNCTION(fwrite)
if (write_len < 0 || write_len > Z_USTRLEN_P(zstring)) { if (write_len < 0 || write_len > Z_USTRLEN_P(zstring)) {
write_len = Z_USTRLEN_P(zstring); write_len = Z_USTRLEN_P(zstring);
} }
/* UTODO Handle magic_quotes_runtime for unicode strings */
ret = php_stream_u_write(stream, Z_USTRVAL_P(zstring), write_len); ret = php_stream_u_write(stream, Z_USTRVAL_P(zstring), write_len);
/* Convert data points back to code units */ /* Convert data points back to code units */
@ -1267,10 +1229,6 @@ PHPAPI PHP_FUNCTION(fwrite)
} }
num_bytes = write_len; num_bytes = write_len;
if (argc < 3 && PG(magic_quotes_runtime)) {
buffer = estrndup(Z_STRVAL_P(zstring), num_bytes);
php_stripslashes(buffer, &num_bytes TSRMLS_CC);
}
ret = php_stream_write(stream, buffer ? buffer : Z_STRVAL_P(zstring), num_bytes); ret = php_stream_write(stream, buffer ? buffer : Z_STRVAL_P(zstring), num_bytes);
if (buffer) { if (buffer) {
efree(buffer); efree(buffer);
@ -1828,16 +1786,11 @@ PHPAPI PHP_FUNCTION(fread)
} }
if (is_unicode) { if (is_unicode) {
/* UTODO - magic_quotes_runtime */
buf[num_bytes] = 0; buf[num_bytes] = 0;
buf[num_bytes + 1] = 0; buf[num_bytes + 1] = 0;
RETURN_UNICODEL((UChar *)buf, num_bytes >> 1, 0); RETURN_UNICODEL((UChar *)buf, num_bytes >> 1, 0);
} else { } else {
buf[num_bytes] = 0; buf[num_bytes] = 0;
if (PG(magic_quotes_runtime)) {
buf = php_addslashes(buf, num_bytes, &num_bytes, 1 TSRMLS_CC);
}
RETURN_STRINGL(buf, num_bytes, 0); RETURN_STRINGL(buf, num_bytes, 0);
} }
} }
@ -1976,16 +1929,7 @@ PHP_FUNCTION(fputcsv)
smart_str_appendc(&csvline, '\n'); smart_str_appendc(&csvline, '\n');
smart_str_0(&csvline); smart_str_0(&csvline);
if (!PG(magic_quotes_runtime)) { ret = php_stream_write(stream, csvline.c, csvline.len);
ret = php_stream_write(stream, csvline.c, csvline.len);
} else {
char *buffer = estrndup(csvline.c, csvline.len);
int len = csvline.len;
php_stripslashes(buffer, &len TSRMLS_CC);
ret = php_stream_write(stream, buffer, len);
efree(buffer);
}
smart_str_free(&csvline); smart_str_free(&csvline);
RETURN_LONG(ret); RETURN_LONG(ret);

15
ext/standard/streamsfuncs.c
View file

@ -370,14 +370,7 @@ PHP_FUNCTION(stream_socket_recvfrom)
} }
read_buf[recvd] = '\0'; read_buf[recvd] = '\0';
if (PG(magic_quotes_runtime)) { RETURN_STRINGL(read_buf, recvd, 0);
Z_TYPE_P(return_value) = IS_STRING;
Z_STRVAL_P(return_value) = php_addslashes(Z_STRVAL_P(return_value),
Z_STRLEN_P(return_value), &Z_STRLEN_P(return_value), 1 TSRMLS_CC);
return;
} else {
RETURN_STRINGL(read_buf, recvd, 0);
}
} }
efree(read_buf); efree(read_buf);
@ -407,12 +400,6 @@ PHP_FUNCTION(stream_get_contents)
} }
if ((len = php_stream_copy_to_mem(stream, &contents, maxlen, 0)) > 0) { if ((len = php_stream_copy_to_mem(stream, &contents, maxlen, 0)) > 0) {
if (PG(magic_quotes_runtime)) {
contents = php_addslashes(contents, len, &newlen, 1 TSRMLS_CC); /* 1 = free source string */
len = newlen;
}
RETVAL_STRINGL(contents, len, 0); RETVAL_STRINGL(contents, len, 0);
} else if (len == 0) { } else if (len == 0) {
RETVAL_EMPTY_STRING(); RETVAL_EMPTY_STRING();

157
ext/standard/string.c
View file

@ -3798,48 +3798,19 @@ PHPAPI void php_u_stripslashes(UChar *str, int *len TSRMLS_DC)
UChar32 ch1, ch2; UChar32 ch1, ch2;
ch1 = -1; ch2 = -1; ch1 = -1; ch2 = -1;
if (PG(magic_quotes_sybase)) { while (i < src_len) {
while (i < src_len) { U16_NEXT(str, i, src_len, ch1);
U16_NEXT(str, i, src_len, ch1); if (ch1 == '\\') {
if (ch1 == '\'') { if (i < src_len) {
tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len); U16_NEXT(str, i, src_len, ch2);
if (i < src_len) { if (ch2 == '0') {
U16_NEXT(str, i, src_len, ch2); tmp_len += zend_codepoint_to_uchar('\0', str+tmp_len);
if (ch2 != '\'') {
tmp_len += zend_codepoint_to_uchar(ch2, str+tmp_len);
}
}
} else if (ch1 == '\\') {
if (i < src_len) {
U16_NEXT(str, i, src_len, ch2);
if (ch2 == '0') {
tmp_len += zend_codepoint_to_uchar('\0', str+tmp_len);
} else {
tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len);
tmp_len += zend_codepoint_to_uchar(ch2, str+tmp_len);
}
} else { } else {
tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len); tmp_len += zend_codepoint_to_uchar(ch2, str+tmp_len);
} }
} else {
tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len);
}
}
} else {
while (i < src_len) {
U16_NEXT(str, i, src_len, ch1);
if (ch1 == '\\') {
if (i < src_len) {
U16_NEXT(str, i, src_len, ch2);
if (ch2 == '0') {
tmp_len += zend_codepoint_to_uchar('\0', str+tmp_len);
} else {
tmp_len += zend_codepoint_to_uchar(ch2, str+tmp_len);
}
}
} else {
tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len);
} }
} else {
tmp_len += zend_codepoint_to_uchar(ch1, str+tmp_len);
} }
} }
*(str+tmp_len) = 0; *(str+tmp_len) = 0;
@ -3865,34 +3836,6 @@ PHPAPI void php_stripslashes(char *str, int *len TSRMLS_DC)
s = str; s = str;
t = str; t = str;
if (PG(magic_quotes_sybase)) {
while (l > 0) {
if (*t == '\'') {
if ((l > 0) && (t[1] == '\'')) {
t++;
if (len != NULL) {
(*len)--;
}
l--;
}
*s++ = *t++;
} else if (*t == '\\' && t[1] == '0' && l > 0) {
*s++='\0';
t+=2;
if (len != NULL) {
(*len)--;
}
l--;
} else {
*s++ = *t++;
}
l--;
}
*s = '\0';
return;
}
while (l > 0) { while (l > 0) {
if (*t == '\\') { if (*t == '\\') {
t++; /* skip the slash */ t++; /* skip the slash */
@ -4179,42 +4122,25 @@ PHPAPI UChar *php_u_addslashes_ex(UChar *str, int length, int *new_length, int s
} }
buf = eumalloc(length * 2); buf = eumalloc(length * 2);
if (!ignore_sybase && PG(magic_quotes_sybase)) {
while (i < length) { while (i < length) {
U16_NEXT(str, i, length, ch); U16_NEXT(str, i, length, ch);
switch (ch) { switch (ch) {
case '\0': case '\0':
*(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */ *(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */
*(buf+buf_len) = (UChar)0x30; buf_len++; /* 0 */ *(buf+buf_len) = (UChar)0x30; buf_len++; /* 0 */
break; break;
case '\'': case '\'':
*(buf+buf_len) = (UChar)0x27; buf_len++; /* ' */ case '\"':
*(buf+buf_len) = (UChar)0x27; buf_len++; /* ' */
break;
default:
buf_len += zend_codepoint_to_uchar(ch, buf+buf_len);
break;
}
}
} else {
while (i < length) {
U16_NEXT(str, i, length, ch);
switch (ch) {
case '\0':
*(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */
*(buf+buf_len) = (UChar)0x30; buf_len++; /* 0 */
break;
case '\'':
case '\"':
case '\\': case '\\':
*(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */ *(buf+buf_len) = (UChar)0x5C; buf_len++; /* \ */
/* break is missing *intentionally* */ /* break is missing *intentionally* */
default: default:
buf_len += zend_codepoint_to_uchar(ch, buf+buf_len); buf_len += zend_codepoint_to_uchar(ch, buf+buf_len);
break; break;
}
} }
} }
*(buf+buf_len) = 0; *(buf+buf_len) = 0;
if (should_free) { if (should_free) {
@ -4256,44 +4182,25 @@ PHPAPI char *php_addslashes_ex(char *str, int length, int *new_length, int shoul
end = source + length; end = source + length;
target = new_str; target = new_str;
if (!ignore_sybase && PG(magic_quotes_sybase)) { while (source < end) {
while (source < end) { switch (*source) {
switch (*source) { case '\0':
case '\0': *target++ = '\\';
*target++ = '\\'; *target++ = '0';
*target++ = '0'; break;
break; case '\'':
case '\'':
*target++ = '\'';
*target++ = '\'';
break;
default:
*target++ = *source;
break;
}
source++;
}
} else {
while (source < end) {
switch (*source) {
case '\0':
*target++ = '\\';
*target++ = '0';
break;
case '\'':
case '\"': case '\"':
case '\\': case '\\':
*target++ = '\\'; *target++ = '\\';
/* break is missing *intentionally* */ /* break is missing *intentionally* */
default: default:
*target++ = *source; *target++ = *source;
break; break;
}
source++;
} }
source++;
} }
*target = 0; *target = 0;
*new_length = target - new_str; *new_length = target - new_str;
if (should_free) { if (should_free) {

2
ext/standard/tests/file/fputcsv.phpt
View file

@ -1,7 +1,5 @@
--TEST-- --TEST--
various fputcsv() functionality tests various fputcsv() functionality tests
--INI--
magic_quotes_runtime=0
--FILE-- --FILE--
<?php <?php

11
ext/standard/tests/strings/add-and-stripslashes.phpt
View file

@ -9,22 +9,11 @@ for($i=0; $i<512; $i++) {
} }
echo "Normal: "; echo "Normal: ";
ini_set('magic_quotes_sybase', 0);
if($input === stripslashes(addslashes($input))) { if($input === stripslashes(addslashes($input))) {
echo "OK\n"; echo "OK\n";
} else { } else {
echo "FAILED\n"; echo "FAILED\n";
} }
echo "Sybase: ";
ini_set('magic_quotes_sybase', 1);
if($input === stripslashes(addslashes($input))) {
echo "OK\n";
} else {
echo "FAILED\n";
}
?> ?>
--EXPECT-- --EXPECT--
Normal: OK Normal: OK
Sybase: OK

3
ext/sybase/php_sybase_db.c
View file

@ -858,9 +858,6 @@ PHP_FUNCTION(sybase_query)
zval *cur_value = result->data[i][j-1]; zval *cur_value = result->data[i][j-1];
convert_to_string(cur_value); convert_to_string(cur_value);
if (PG(magic_quotes_runtime)) {
Z_STRVAL_P(cur_value) = php_addslashes(Z_STRVAL_P(cur_value), Z_STRLEN_P(cur_value), &Z_STRLEN_P(cur_value),0 TSRMLS_CC);
}
} }
} }
retvalue=dbnextrow(sybase_ptr->link); retvalue=dbnextrow(sybase_ptr->link);

6
ext/sybase_ct/php_sybase_ct.c
View file

@ -1780,11 +1780,7 @@ static void php_sybase_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, int numerics)
ALLOC_ZVAL(tmp); ALLOC_ZVAL(tmp);
*tmp = result->data[result->store ? result->cur_row : 0][i]; *tmp = result->data[result->store ? result->cur_row : 0][i];
INIT_PZVAL(tmp); INIT_PZVAL(tmp);
if (PG(magic_quotes_runtime) && Z_TYPE_P(tmp) == IS_STRING) { zval_copy_ctor(tmp);
Z_STRVAL_P(tmp) = php_addslashes(Z_STRVAL_P(tmp), Z_STRLEN_P(tmp), &Z_STRLEN_P(tmp), 0 TSRMLS_CC);
} else {
zval_copy_ctor(tmp);
}
if (numerics) { if (numerics) {
zend_hash_index_update(Z_ARRVAL_P(return_value), i, (void *) &tmp, sizeof(zval *), NULL); zend_hash_index_update(Z_ARRVAL_P(return_value), i, (void *) &tmp, sizeof(zval *), NULL);
tmp->refcount++; tmp->refcount++;

2
ext/xml/tests/xml001.phpt
View file

@ -5,8 +5,6 @@ XML parser test, function callbacks
require_once("skipif.inc"); require_once("skipif.inc");
XML_SAX_IMPL == 'libxml' && die('skip this test is not intended for libxml SAX parser'); XML_SAX_IMPL == 'libxml' && die('skip this test is not intended for libxml SAX parser');
?> ?>
--INI--
magic_quotes_runtime=0
--FILE-- --FILE--
<?php <?php
chdir(dirname(__FILE__)); chdir(dirname(__FILE__));

2
ext/xml/tests/xml002.phpt
View file

@ -5,8 +5,6 @@ XML parser test, object tuple callbacks
require_once("skipif.inc"); require_once("skipif.inc");
XML_SAX_IMPL == 'libxml' && die('skip this test is not intended for libxml SAX parser'); XML_SAX_IMPL == 'libxml' && die('skip this test is not intended for libxml SAX parser');
?> ?>
--INI--
magic_quotes_runtime=0
--FILE-- --FILE--
<?php <?php
chdir(dirname(__FILE__)); chdir(dirname(__FILE__));

2
ext/xml/tests/xml003.phpt
View file

@ -5,8 +5,6 @@ XML parser test, xml_set_object callbacks
require_once("skipif.inc"); require_once("skipif.inc");
XML_SAX_IMPL == 'libxml' && die('skip this test is not intended for libxml SAX parser'); XML_SAX_IMPL == 'libxml' && die('skip this test is not intended for libxml SAX parser');
?> ?>
--INI--
magic_quotes_runtime=0
--FILE-- --FILE--
<?php <?php
chdir(dirname(__FILE__)); chdir(dirname(__FILE__));

2
ext/xml/tests/xml004.phpt
View file

@ -2,8 +2,6 @@
XML parser case folding test XML parser case folding test
--SKIPIF-- --SKIPIF--
<?php include("skipif.inc"); ?> <?php include("skipif.inc"); ?>
--INI--
magic_quotes_runtime=0
--FILE-- --FILE--
<?php <?php
chdir(dirname(__FILE__)); chdir(dirname(__FILE__));

9
ext/zlib/zlib.c
View file

@ -307,14 +307,7 @@ PHP_FUNCTION(gzfile)
memset(buf,0,sizeof(buf)); memset(buf,0,sizeof(buf));
while (php_stream_gets(stream, buf, sizeof(buf) - 1) != NULL) { while (php_stream_gets(stream, buf, sizeof(buf) - 1) != NULL) {
if (PG(magic_quotes_runtime)) { add_index_string(return_value, i++, buf, 1);
int len;
slashed = php_addslashes(buf, 0, &len, 0 TSRMLS_CC); /* 0 = don't free source string */
add_index_stringl(return_value, i++, slashed, len, 0);
} else {
add_index_string(return_value, i++, buf, 1);
}
} }
php_stream_close(stream); php_stream_close(stream);
} }

3
main/main.c
View file

@ -375,9 +375,6 @@ PHP_INI_BEGIN()
STD_PHP_INI_BOOLEAN("ignore_repeated_source", "0", PHP_INI_ALL, OnUpdateBool, ignore_repeated_source, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("ignore_repeated_source", "0", PHP_INI_ALL, OnUpdateBool, ignore_repeated_source, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("report_memleaks", "1", PHP_INI_ALL, OnUpdateBool, report_memleaks, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("report_memleaks", "1", PHP_INI_ALL, OnUpdateBool, report_memleaks, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("report_zend_debug", "1", PHP_INI_ALL, OnUpdateBool, report_zend_debug, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("report_zend_debug", "1", PHP_INI_ALL, OnUpdateBool, report_zend_debug, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("magic_quotes_gpc", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, magic_quotes_gpc, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("magic_quotes_runtime", "0", PHP_INI_ALL, OnUpdateBool, magic_quotes_runtime, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("magic_quotes_sybase", "0", PHP_INI_ALL, OnUpdateBool, magic_quotes_sybase, php_core_globals, core_globals)
STD_PHP_INI_ENTRY("output_buffering", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLong, output_buffering, php_core_globals, core_globals) STD_PHP_INI_ENTRY("output_buffering", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLong, output_buffering, php_core_globals, core_globals)
STD_PHP_INI_ENTRY("output_handler", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateString, output_handler, php_core_globals, core_globals) STD_PHP_INI_ENTRY("output_handler", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateString, output_handler, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_argc_argv, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_argc_argv, php_core_globals, core_globals)

4
main/php_globals.h
View file

@ -50,10 +50,6 @@ typedef struct _arg_separators {
} arg_separators; } arg_separators;
struct _php_core_globals { struct _php_core_globals {
zend_bool magic_quotes_gpc;
zend_bool magic_quotes_runtime;
zend_bool magic_quotes_sybase;
zend_bool safe_mode; zend_bool safe_mode;
zend_bool allow_call_time_pass_reference; zend_bool allow_call_time_pass_reference;

49
main/php_variables.c
View file

@ -47,11 +47,7 @@ PHPAPI void php_register_variable_safe(char *var, char *strval, int str_len, zva
/* Prepare value */ /* Prepare value */
Z_STRLEN(new_entry) = str_len; Z_STRLEN(new_entry) = str_len;
if (PG(magic_quotes_gpc)) { Z_STRVAL(new_entry) = estrndup(strval, Z_STRLEN(new_entry));
Z_STRVAL(new_entry) = php_addslashes(strval, Z_STRLEN(new_entry), &Z_STRLEN(new_entry), 0 TSRMLS_CC);
} else {
Z_STRVAL(new_entry) = estrndup(strval, Z_STRLEN(new_entry));
}
Z_TYPE(new_entry) = IS_STRING; Z_TYPE(new_entry) = IS_STRING;
php_register_variable_ex(var, &new_entry, track_vars_array TSRMLS_CC); php_register_variable_ex(var, &new_entry, track_vars_array TSRMLS_CC);
@ -64,13 +60,7 @@ PHPAPI void php_u_register_variable_safe(UChar *var, UChar *strval, int str_len,
/* Prepare value */ /* Prepare value */
Z_USTRLEN(new_entry) = str_len; Z_USTRLEN(new_entry) = str_len;
if (PG(magic_quotes_gpc)) { Z_USTRVAL(new_entry) = eustrndup(strval, Z_USTRLEN(new_entry));
/* UTODO implement php_u_addslashes() */
//Z_USTRVAL(new_entry) = php_addslashes(strval, Z_USTRLEN(new_entry), &Z_USTRLEN(new_entry), 0 TSRMLS_CC);
Z_USTRVAL(new_entry) = eustrndup(strval, Z_USTRLEN(new_entry));
} else {
Z_USTRVAL(new_entry) = eustrndup(strval, Z_USTRLEN(new_entry));
}
Z_TYPE(new_entry) = IS_UNICODE; Z_TYPE(new_entry) = IS_UNICODE;
php_u_register_variable_ex(var, &new_entry, track_vars_array TSRMLS_CC); php_u_register_variable_ex(var, &new_entry, track_vars_array TSRMLS_CC);
@ -171,12 +161,8 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra
array_init(gpc_element); array_init(gpc_element);
zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
} else { } else {
if (PG(magic_quotes_gpc) && (index != var)) { escaped_index = index;
/* no need to addslashes() the index if it's the main variable name */
escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);
} else {
escaped_index = index;
}
if (zend_symtable_find(symtable1, escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE if (zend_symtable_find(symtable1, escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE
|| Z_TYPE_PP(gpc_element_p) != IS_ARRAY) { || Z_TYPE_PP(gpc_element_p) != IS_ARRAY) {
MAKE_STD_ZVAL(gpc_element); MAKE_STD_ZVAL(gpc_element);
@ -209,11 +195,8 @@ plain_var:
} else { } else {
zval **tmp; zval **tmp;
if (PG(magic_quotes_gpc)) { escaped_index = index;
escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);
} else {
escaped_index = index;
}
/* /*
* According to rfc2965, more specific paths are listed above the less specific ones. * According to rfc2965, more specific paths are listed above the less specific ones.
* If we encounter a duplicate cookie name, we should skip it, since it is not possible * If we encounter a duplicate cookie name, we should skip it, since it is not possible
@ -327,14 +310,8 @@ PHPAPI void php_u_register_variable_ex(UChar *var, zval *val, zval *track_vars_a
array_init(gpc_element); array_init(gpc_element);
zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
} else { } else {
if (PG(magic_quotes_gpc) && (index!=var)) { escaped_index.u = index;
/* UTODO fix for magic_quotes_gpc case */
/* no need to addslashes() the index if it's the main variable name */
//escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);
escaped_index.u = index;
} else {
escaped_index.u = index;
}
if (zend_u_symtable_find(symtable1, IS_UNICODE, escaped_index, index_len+1, (void **) &gpc_element_p)==FAILURE if (zend_u_symtable_find(symtable1, IS_UNICODE, escaped_index, index_len+1, (void **) &gpc_element_p)==FAILURE
|| Z_TYPE_PP(gpc_element_p) != IS_ARRAY) { || Z_TYPE_PP(gpc_element_p) != IS_ARRAY) {
MAKE_STD_ZVAL(gpc_element); MAKE_STD_ZVAL(gpc_element);
@ -629,10 +606,6 @@ void _php_import_environment_variables(zval *array_ptr TSRMLS_DC)
size_t alloc_size = sizeof(buf); size_t alloc_size = sizeof(buf);
unsigned long nlen; /* ptrdiff_t is not portable */ unsigned long nlen; /* ptrdiff_t is not portable */
/* turn off magic_quotes while importing environment variables */
int magic_quotes_gpc = PG(magic_quotes_gpc);
PG(magic_quotes_gpc) = 0;
for (env = environ; env != NULL && *env != NULL; env++) { for (env = environ; env != NULL && *env != NULL; env++) {
p = strchr(*env, '='); p = strchr(*env, '=');
if (!p) { /* malformed entry? */ if (!p) { /* malformed entry? */
@ -650,7 +623,6 @@ void _php_import_environment_variables(zval *array_ptr TSRMLS_DC)
if (t != buf && t != NULL) { if (t != buf && t != NULL) {
efree(t); efree(t);
} }
PG(magic_quotes_gpc) = magic_quotes_gpc;
} }
zend_bool php_std_auto_global_callback(char *name, uint name_len TSRMLS_DC) zend_bool php_std_auto_global_callback(char *name, uint name_len TSRMLS_DC)
@ -760,8 +732,6 @@ PHPAPI int php_handle_special_queries(TSRMLS_D)
static inline void php_register_server_variables(TSRMLS_D) static inline void php_register_server_variables(TSRMLS_D)
{ {
zval *array_ptr = NULL; zval *array_ptr = NULL;
/* turn off magic_quotes while importing server variables */
int magic_quotes_gpc = PG(magic_quotes_gpc);
ALLOC_ZVAL(array_ptr); ALLOC_ZVAL(array_ptr);
array_init(array_ptr); array_init(array_ptr);
@ -770,7 +740,6 @@ static inline void php_register_server_variables(TSRMLS_D)
zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_SERVER]); zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_SERVER]);
} }
PG(http_globals)[TRACK_VARS_SERVER] = array_ptr; PG(http_globals)[TRACK_VARS_SERVER] = array_ptr;
PG(magic_quotes_gpc) = 0;
/* Server variables */ /* Server variables */
if (sapi_module.register_server_variables) { if (sapi_module.register_server_variables) {
@ -794,8 +763,6 @@ static inline void php_register_server_variables(TSRMLS_D)
Z_LVAL(new_entry) = sapi_get_request_time(TSRMLS_C); Z_LVAL(new_entry) = sapi_get_request_time(TSRMLS_C);
php_register_variable_ex("REQUEST_TIME", &new_entry, array_ptr TSRMLS_CC); php_register_variable_ex("REQUEST_TIME", &new_entry, array_ptr TSRMLS_CC);
} }
PG(magic_quotes_gpc) = magic_quotes_gpc;
} }
/* }}} */ /* }}} */

28
main/rfc1867.c
View file

@ -1005,7 +1005,6 @@ static SAPI_POST_HANDLER_FUNC(rfc1867_post_handler_unicode)
int boundary_len=0, total_bytes=0, cancel_upload=0, is_arr_upload=0, array_len=0; int boundary_len=0, total_bytes=0, cancel_upload=0, is_arr_upload=0, array_len=0;
int max_file_size=0, skip_upload=0, anonindex=0, is_anonymous; int max_file_size=0, skip_upload=0, anonindex=0, is_anonymous;
zval *http_post_files=NULL; HashTable *uploaded_files=NULL; zval *http_post_files=NULL; HashTable *uploaded_files=NULL;
zend_bool magic_quotes_gpc;
multipart_buffer *mbuff; multipart_buffer *mbuff;
zval *array_ptr = (zval *) arg; zval *array_ptr = (zval *) arg;
FILE *fp; FILE *fp;
@ -1341,15 +1340,6 @@ var_done:
if ((tmp = u_strrchr(filename, 0x2f /*'/'*/)) > s) { if ((tmp = u_strrchr(filename, 0x2f /*'/'*/)) > s) {
s = tmp; s = tmp;
} }
#ifdef PHP_WIN32
if (PG(magic_quotes_gpc)) {
s = s ? s : filename;
tmp = u_strrchr(s, 0x27 /*'\''*/);
s = tmp > s ? tmp : s;
tmp = u_strrchr(s, 0x22 /*'"'*/);
s = tmp > s ? tmp : s;
}
#endif
if (!is_anonymous) { if (!is_anonymous) {
if (s && s > filename) { if (s && s > filename) {
@ -1418,8 +1408,6 @@ var_done:
/* Initialize variables */ /* Initialize variables */
add_u_protected_variable(param TSRMLS_CC); add_u_protected_variable(param TSRMLS_CC);
magic_quotes_gpc = PG(magic_quotes_gpc);
PG(magic_quotes_gpc) = 0;
/* if param is of form xxx[.*] this will cut it to xxx */ /* if param is of form xxx[.*] this will cut it to xxx */
if (!is_anonymous) { if (!is_anonymous) {
safe_u_php_register_variable(param, temp_filename, u_strlen(temp_filename), NULL, 1 TSRMLS_CC); safe_u_php_register_variable(param, temp_filename, u_strlen(temp_filename), NULL, 1 TSRMLS_CC);
@ -1434,8 +1422,6 @@ var_done:
add_u_protected_variable(lbuf TSRMLS_CC); add_u_protected_variable(lbuf TSRMLS_CC);
register_u_http_post_files_variable(lbuf, temp_filename, u_strlen(temp_filename), http_post_files, 1 TSRMLS_CC); register_u_http_post_files_variable(lbuf, temp_filename, u_strlen(temp_filename), http_post_files, 1 TSRMLS_CC);
PG(magic_quotes_gpc) = magic_quotes_gpc;
{ {
zval file_size, error_type; zval file_size, error_type;
@ -1495,7 +1481,6 @@ static SAPI_POST_HANDLER_FUNC(rfc1867_post_handler_legacy)
int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL; int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL;
char **val_list = NULL; char **val_list = NULL;
#endif #endif
zend_bool magic_quotes_gpc;
multipart_buffer *mbuff; multipart_buffer *mbuff;
zval *array_ptr = (zval *) arg; zval *array_ptr = (zval *) arg;
int fd=-1; int fd=-1;
@ -1822,15 +1807,6 @@ static SAPI_POST_HANDLER_FUNC(rfc1867_post_handler_legacy)
if ((tmp = strrchr(filename, '/')) > s) { if ((tmp = strrchr(filename, '/')) > s) {
s = tmp; s = tmp;
} }
#ifdef PHP_WIN32
if (PG(magic_quotes_gpc)) {
s = s ? s : filename;
tmp = strrchr(s, '\'');
s = tmp > s ? tmp : s;
tmp = strrchr(s, '"');
s = tmp > s ? tmp : s;
}
#endif
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) #if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
filedone: filedone:
@ -1896,8 +1872,6 @@ filedone:
/* Initialize variables */ /* Initialize variables */
add_protected_variable(param TSRMLS_CC); add_protected_variable(param TSRMLS_CC);
magic_quotes_gpc = PG(magic_quotes_gpc);
PG(magic_quotes_gpc) = 0;
/* if param is of form xxx[.*] this will cut it to xxx */ /* if param is of form xxx[.*] this will cut it to xxx */
if (!is_anonymous) { if (!is_anonymous) {
safe_php_register_variable(param, temp_filename, NULL, 1 TSRMLS_CC); safe_php_register_variable(param, temp_filename, NULL, 1 TSRMLS_CC);
@ -1912,8 +1886,6 @@ filedone:
add_protected_variable(lbuf TSRMLS_CC); add_protected_variable(lbuf TSRMLS_CC);
register_http_post_files_variable(lbuf, temp_filename, http_post_files, 1 TSRMLS_CC); register_http_post_files_variable(lbuf, temp_filename, http_post_files, 1 TSRMLS_CC);
PG(magic_quotes_gpc) = magic_quotes_gpc;
{ {
zval file_size, error_type; zval file_size, error_type;

12
php.ini-dist
View file

@ -408,18 +408,6 @@ auto_globals_jit = On
; Maximum size of POST data that PHP will accept. ; Maximum size of POST data that PHP will accept.
post_max_size = 8M post_max_size = 8M
; Magic quotes
;
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = On
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off
; Automatically add files before or after any PHP document. ; Automatically add files before or after any PHP document.
auto_prepend_file = auto_prepend_file =
auto_append_file = auto_append_file =

16
php.ini-recommended
View file

@ -92,10 +92,6 @@
; - register_argc_argv = Off [Performance] ; - register_argc_argv = Off [Performance]
; Disables registration of the somewhat redundant $argv and $argc global ; Disables registration of the somewhat redundant $argv and $argc global
; variables. ; variables.
; - magic_quotes_gpc = Off [Performance]
; Input data is no longer escaped with slashes so that it can be sent into
; SQL databases without further manipulation. Instead, you should use the
; function addslashes() on each input element you wish to send to a database.
; - variables_order = "GPCS" [Performance] ; - variables_order = "GPCS" [Performance]
; The environment variables are not hashed into the $_ENV. To access ; The environment variables are not hashed into the $_ENV. To access
; environment variables, you can use getenv() instead. ; environment variables, you can use getenv() instead.
@ -454,18 +450,6 @@ auto_globals_jit = On
; Maximum size of POST data that PHP will accept. ; Maximum size of POST data that PHP will accept.
post_max_size = 8M post_max_size = 8M
; Magic quotes
;
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off
; Automatically add files before or after any PHP document. ; Automatically add files before or after any PHP document.
auto_prepend_file = auto_prepend_file =
auto_append_file = auto_append_file =

4
sapi/cgi/cgi_main.c
View file

@ -422,10 +422,7 @@ void cgi_php_import_environment_variables(zval *array_ptr TSRMLS_DC)
if (!FCGX_IsCGI()) { if (!FCGX_IsCGI()) {
FCGX_Request *request = (FCGX_Request *) SG(server_context); FCGX_Request *request = (FCGX_Request *) SG(server_context);
char **env, *p, *t; char **env, *p, *t;
int magic_quotes_gpc = PG(magic_quotes_gpc);
/* turn off magic_quotes while importing environment variables */
PG(magic_quotes_gpc) = 0;
for (env = request->envp; env != NULL && *env != NULL; env++) { for (env = request->envp; env != NULL && *env != NULL; env++) {
p = strchr(*env, '='); p = strchr(*env, '=');
if (!p) { /* malformed entry? */ if (!p) { /* malformed entry? */
@ -435,7 +432,6 @@ void cgi_php_import_environment_variables(zval *array_ptr TSRMLS_DC)
php_register_variable(t, p + 1, array_ptr TSRMLS_CC); php_register_variable(t, p + 1, array_ptr TSRMLS_CC);
efree(t); efree(t);
} }
PG(magic_quotes_gpc) = magic_quotes_gpc;
} }
/* call php's original import as a catch-all */ /* call php's original import as a catch-all */
php_php_import_environment_variables(array_ptr TSRMLS_CC); php_php_import_environment_variables(array_ptr TSRMLS_CC);