Login   Register  
PHP Classes
elePHPant
Icontem

File: rfc1867.php-4.4.4.patch

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Manuel Lemos  >  Forms generation and validation  >  rfc1867.php-4.4.4.patch  >  Download  
File: rfc1867.php-4.4.4.patch
Role: Auxiliary data
Content type: text/plain
Description: Patch to enable upload progress monitoring in PHP 4.4.4
Class: Forms generation and validation
HTML forms generation and validation.
Author: By
Last change:
Date: 7 years ago
Size: 13,361 bytes
 

Contents

Class file image Download
diff -x '*.o' -x '*.lo' -c -r php-4.4.4.original/main/rfc1867.c php-4.4.4/main/rfc1867.c
*** php-4.4.4.original/main/rfc1867.c	2006-01-01 11:47:00.000000000 -0200
--- php-4.4.4/main/rfc1867.c	2006-12-17 21:53:19.000000000 -0200
***************
*** 34,39 ****
--- 34,41 ----
  
  #undef DEBUG_FILE_UPLOAD
  
+ PHPAPI int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL;
+ 
  #if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
  #include "ext/mbstring/mbstring.h"
  
***************
*** 128,133 ****
--- 130,136 ----
  #define UPLOAD_ERROR_D    4  /* No file uploaded */
  #define UPLOAD_ERROR_E    6  /* Missing /tmp or similar directory */
  #define UPLOAD_ERROR_F    7  /* Failed to write file to disk */
+ #define UPLOAD_ERROR_X    8  /* File upload stopped by extension */
  
  void php_rfc1867_register_constants(TSRMLS_D)
  {
***************
*** 138,143 ****
--- 141,147 ----
  	REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_NO_FILE",    UPLOAD_ERROR_D,  CONST_CS | CONST_PERSISTENT);
  	REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_NO_TMP_DIR", UPLOAD_ERROR_E,  CONST_CS | CONST_PERSISTENT);
  	REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_CANT_WRITE", UPLOAD_ERROR_F,  CONST_CS | CONST_PERSISTENT);
+ 	REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_EXTENSION",  UPLOAD_ERROR_X,  CONST_CS | CONST_PERSISTENT);
  }
  
  static void normalize_protected_variable(char *varname TSRMLS_DC)
***************
*** 749,755 ****
    XXX: this is horrible memory-usage-wise, but we only expect
    to do this on small pieces of form data.
  */
! static char *multipart_buffer_read_body(multipart_buffer *self TSRMLS_DC)
  {
  	char buf[FILLUNIT], *out=NULL;
  	int total_bytes=0, read_bytes=0;
--- 753,759 ----
    XXX: this is horrible memory-usage-wise, but we only expect
    to do this on small pieces of form data.
  */
! static char *multipart_buffer_read_body(multipart_buffer *self, unsigned int *len TSRMLS_DC)
  {
  	char buf[FILLUNIT], *out=NULL;
  	int total_bytes=0, read_bytes=0;
***************
*** 761,766 ****
--- 765,771 ----
  	}
  
  	if (out) out[total_bytes] = '\0';
+ 	*len = total_bytes;
  
  	return out;
  }
***************
*** 786,797 ****
--- 791,805 ----
  	zval *array_ptr = (zval *) arg;
  	int fd=-1;
  	zend_llist header;
+ 	void *event_extra_data = NULL;
  
+     fprintf(stderr, "%s %ld %ld %ld\n", __FILE__, __LINE__, SG(request_info).content_length, SG(post_max_size));
  	if (SG(request_info).content_length > SG(post_max_size)) {
  		sapi_module.sapi_error(E_WARNING, "POST Content-Length of %ld bytes exceeds the limit of %ld bytes", SG(request_info).content_length, SG(post_max_size));
  		return;
  	}
  
+     fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
  	/* Get the boundary */
  	boundary = strstr(content_type_dup, "boundary");
  	if (!boundary || !(boundary=strchr(boundary, '='))) {
***************
*** 802,807 ****
--- 810,816 ----
  	boundary++;
  	boundary_len = strlen(boundary);
  
+     fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
  	if (boundary[0] == '"') {
  		boundary++;
  		boundary_end = strchr(boundary, '"');
***************
*** 818,823 ****
--- 827,833 ----
  		boundary_len = boundary_end-boundary;
  	}
  
+     fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
  	/* Initialize the buffer */
  	if (!(mbuff = multipart_buffer_new(boundary, boundary_len))) {
  		sapi_module.sapi_error(E_WARNING, "Unable to initialize the input buffer");
***************
*** 844,859 ****
  #endif
  	zend_llist_init(&header, sizeof(mime_header_entry), (llist_dtor_func_t) php_free_hdr_entry, 0);
  
  	while (!multipart_buffer_eof(mbuff TSRMLS_CC))
  	{
  		char buff[FILLUNIT];
  		char *cd=NULL,*param=NULL,*filename=NULL, *tmp=NULL;
! 		int blen=0, wlen=0;
  
  		zend_llist_clean(&header);
  
  		if (!multipart_buffer_headers(mbuff, &header TSRMLS_CC)) {
! 			SAFE_RETURN;
  		}
  
  		if ((cd = php_mime_get_hdr_value(header, "Content-Disposition"))) {
--- 854,881 ----
  #endif
  	zend_llist_init(&header, sizeof(mime_header_entry), (llist_dtor_func_t) php_free_hdr_entry, 0);
  
+     fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
+ 	if (php_rfc1867_callback != NULL) {
+ 		multipart_event_start event_start;
+     fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
+ 
+ 		event_start.content_length = SG(request_info).content_length;
+ 		if (php_rfc1867_callback(MULTIPART_EVENT_START, &event_start, &event_extra_data TSRMLS_CC) == FAILURE) {
+ 			goto fileupload_done;
+ 		}
+ 	}
+ 
  	while (!multipart_buffer_eof(mbuff TSRMLS_CC))
  	{
  		char buff[FILLUNIT];
  		char *cd=NULL,*param=NULL,*filename=NULL, *tmp=NULL;
! 		size_t blen=0, wlen=0;
! 		off_t offset;
  
  		zend_llist_clean(&header);
  
  		if (!multipart_buffer_headers(mbuff, &header TSRMLS_CC)) {
! 			goto fileupload_done;
  		}
  
  		if ((cd = php_mime_get_hdr_value(header, "Content-Disposition"))) {
***************
*** 895,907 ****
  
  			/* Normal form variable, safe to read all data into memory */
  			if (!filename && param) {
! 
! 				char *value = multipart_buffer_read_body(mbuff TSRMLS_CC);
  
  				if (!value) {
  					value = estrdup("");
  				}
  
  #if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
  				if (php_mb_encoding_translation(TSRMLS_C)) {
  					php_mb_gpc_stack_variable(param, value, &val_list, &len_list, 
--- 917,941 ----
  
  			/* Normal form variable, safe to read all data into memory */
  			if (!filename && param) {
! 				unsigned int value_len;
! 				char *value = multipart_buffer_read_body(mbuff, &value_len TSRMLS_CC);
! 				unsigned int new_val_len; /* Dummy variable */
  
  				if (!value) {
  					value = estrdup("");
  				}
  
+ 				if (php_rfc1867_callback != NULL) {
+ 					multipart_event_formdata event_formdata;
+ 
+ 					event_formdata.post_bytes_processed = SG(read_post_bytes);
+ 					event_formdata.name = param;
+ 					event_formdata.value = &value;
+ 					event_formdata.length = value_len;
+ 					event_formdata.newlength = NULL;
+ 					php_rfc1867_callback(MULTIPART_EVENT_FORMDATA, &event_formdata, &event_extra_data TSRMLS_CC);
+ 				}
+ 
  #if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
  				if (php_mb_encoding_translation(TSRMLS_C)) {
  					php_mb_gpc_stack_variable(param, value, &val_list, &len_list, 
***************
*** 923,944 ****
  
  			/* If file_uploads=off, skip the file part */
  			if (!PG(file_uploads)) {
! 				if (filename) {
! 					efree(filename);
! 				}
! 				if (param) {
! 					efree(param);
! 				}
! 				continue;
  			}
  
  			/* Return with an error if the posted data is garbled */
! 			if (!param) {
  				sapi_module.sapi_error(E_WARNING, "File Upload Mime headers garbled");
! 				if (filename) {
! 					efree(filename);
! 				}
! 				SAFE_RETURN;
  			}
  			
  			/* New Rule: never repair potential malicious user input */
--- 957,969 ----
  
  			/* If file_uploads=off, skip the file part */
  			if (!PG(file_uploads)) {
! 				skip_upload = 1;
  			}
  
  			/* Return with an error if the posted data is garbled */
! 			if (!param && !filename) {
  				sapi_module.sapi_error(E_WARNING, "File Upload Mime headers garbled");
! 				goto fileupload_done;
  			}
  			
  			/* New Rule: never repair potential malicious user input */
***************
*** 974,979 ****
--- 999,1027 ----
  					cancel_upload = UPLOAD_ERROR_E;
  				}
  			}
+ 			
+ 			if (!skip_upload && php_rfc1867_callback != NULL) {
+ 				multipart_event_file_start event_file_start;
+ 
+ 				event_file_start.post_bytes_processed = SG(read_post_bytes);
+ 				event_file_start.name = param;
+ 				event_file_start.filename = &filename;
+ 				if (php_rfc1867_callback(MULTIPART_EVENT_FILE_START, &event_file_start, &event_extra_data TSRMLS_CC) == FAILURE) {
+ 					if (temp_filename) {
+ 						if (cancel_upload != UPLOAD_ERROR_E) { /* file creation failed */
+ 							close(fd);
+ 							unlink(temp_filename);
+ 						}
+ 						efree(temp_filename);
+ 					}
+ 					temp_filename="";
+ 					efree(param);
+ 					efree(filename);
+ 					continue;
+ 				}
+ 			}
+ 
+ 			
  			if (skip_upload) {
  				efree(param);
  				efree(filename);
***************
*** 987,995 ****
--- 1035,1059 ----
  				cancel_upload = UPLOAD_ERROR_D;
  			}
  
+ 			offset = 0;
  			end = 0;
  			while (!cancel_upload && (blen = multipart_buffer_read(mbuff, buff, sizeof(buff), &end TSRMLS_CC)))
  			{
+ 				if (php_rfc1867_callback != NULL) {
+ 					multipart_event_file_data event_file_data;
+ 
+ 					event_file_data.post_bytes_processed = SG(read_post_bytes);
+ 					event_file_data.offset = offset;
+ 					event_file_data.data = buff;
+ 					event_file_data.length = blen;
+ 					event_file_data.newlength = &blen;
+ 					if (php_rfc1867_callback(MULTIPART_EVENT_FILE_DATA, &event_file_data, &event_extra_data TSRMLS_CC) == FAILURE) {
+ 						cancel_upload = UPLOAD_ERROR_X;
+ 						continue;
+ 					}
+ 				}
+ 				
+ 			
  				if (PG(upload_max_filesize) > 0 && total_bytes > PG(upload_max_filesize)) {
  					sapi_module.sapi_error(E_WARNING, "upload_max_filesize of %ld bytes exceeded - file [%s=%s] not saved", PG(upload_max_filesize), param, filename);
  					cancel_upload = UPLOAD_ERROR_A;
***************
*** 1005,1010 ****
--- 1069,1076 ----
  					} else {
  						total_bytes += wlen;
  					}
+ 					
+ 					offset += wlen;
  				} 
  			} 
  			if (fd!=-1) {
***************
*** 1025,1030 ****
--- 1091,1107 ----
  			}
  #endif		
  
+ 			if (php_rfc1867_callback != NULL) {
+ 				multipart_event_file_end event_file_end;
+ 
+ 				event_file_end.post_bytes_processed = SG(read_post_bytes);
+ 				event_file_end.temp_filename = temp_filename;
+ 				event_file_end.cancel_upload = cancel_upload;
+ 				if (php_rfc1867_callback(MULTIPART_EVENT_FILE_END, &event_file_end, &event_extra_data TSRMLS_CC) == FAILURE) {
+ 					cancel_upload = UPLOAD_ERROR_X;
+ 				}
+ 			}
+ 
  			if (cancel_upload) {
  				if (temp_filename) {
  					if (cancel_upload != UPLOAD_ERROR_E) { /* file creation failed */
***************
*** 1216,1222 ****
  			efree(param);
  		}
  	}
! 
  	SAFE_RETURN;
  }
  
--- 1293,1306 ----
  			efree(param);
  		}
  	}
! fileupload_done:
! 	if (php_rfc1867_callback != NULL) {
! 		multipart_event_end event_end;
! 		
! 		event_end.post_bytes_processed = SG(read_post_bytes);
! 		php_rfc1867_callback(MULTIPART_EVENT_END, &event_end, &event_extra_data TSRMLS_CC);
! 	}
! 	
  	SAFE_RETURN;
  }
  
diff -x '*.o' -x '*.lo' -c -r php-4.4.4.original/main/rfc1867.h php-4.4.4/main/rfc1867.h
*** php-4.4.4.original/main/rfc1867.h	2002-07-11 22:49:58.000000000 -0300
--- php-4.4.4/main/rfc1867.h	2006-12-17 21:51:56.000000000 -0200
***************
*** 1,13 ****
--- 1,76 ----
+ /*
+   +----------------------------------------------------------------------+
+   | PHP Version 5                                                        |
+   +----------------------------------------------------------------------+
+   | Copyright (c) 1997-2006 The PHP Group                                |
+   +----------------------------------------------------------------------+
+   | This source file is subject to version 3.01 of the PHP license,      |
+   | that is bundled with this package in the file LICENSE, and is        |
+   | available through the world-wide-web at the following url:           |
+   | http://www.php.net/license/3_01.txt                                  |
+   | If you did not receive a copy of the PHP license and are unable to   |
+   | obtain it through the world-wide-web, please send a note to          |
+   | license@php.net so we can mail you a copy immediately.               |
+   +----------------------------------------------------------------------+
+   | Author:                                                              |
+   +----------------------------------------------------------------------+
+ */
+ 
+ /* $Id: rfc1867.h,v 1.13.2.1.2.2 2006/07/26 13:22:06 tony2001 Exp $ */
+ 
  #ifndef RFC1867_H
  #define RFC1867_H
  
  #include "SAPI.h"
  
  #define MULTIPART_CONTENT_TYPE "multipart/form-data"
+ #define MULTIPART_EVENT_START		0
+ #define MULTIPART_EVENT_FORMDATA	1
+ #define MULTIPART_EVENT_FILE_START	2
+ #define MULTIPART_EVENT_FILE_DATA	3
+ #define MULTIPART_EVENT_FILE_END	4
+ #define MULTIPART_EVENT_END		5
+ 
+ typedef struct _multipart_event_start {
+ 	size_t	content_length;
+ } multipart_event_start;
+ 
+ typedef struct _multipart_event_formdata {
+ 	size_t	post_bytes_processed;
+ 	char	*name;
+ 	char	**value;
+ 	size_t	length;
+ 	size_t	*newlength;
+ } multipart_event_formdata;
+ 
+ typedef struct _multipart_event_file_start {
+ 	size_t	post_bytes_processed;
+ 	char	*name;
+ 	char	**filename;
+ } multipart_event_file_start;
+ 
+ typedef struct _multipart_event_file_data {
+ 	size_t	post_bytes_processed;
+ 	off_t	offset;
+ 	char	*data;
+ 	size_t	length;
+ 	size_t	*newlength;	
+ } multipart_event_file_data;
+ 
+ typedef struct _multipart_event_file_end {
+ 	size_t	post_bytes_processed;
+ 	char	*temp_filename;
+ 	int	cancel_upload;
+ } multipart_event_file_end;
+ 
+ typedef struct _multipart_event_end {
+ 	size_t	post_bytes_processed;
+ } multipart_event_end;
  
  SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler);
  
  void destroy_uploaded_files_hash(TSRMLS_D);
  void php_rfc1867_register_constants(TSRMLS_D);
+ extern PHPAPI int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC);
  
  #endif /* RFC1867_H */