+static inline void prepare_default(zval *zv TSRMLS_DC)
+{
+ if (Z_TYPE_P(zv) == IS_STRING) {
+ int len = Z_STRLEN_P(zv);
+
+ Z_STRVAL_P(zv) = php_addslashes(Z_STRVAL_P(zv), Z_STRLEN_P(zv), &Z_STRLEN_P(zv), 1 TSRMLS_CC);
+
+ if (len != Z_STRLEN_P(zv)) {
+ zval tmp = *zv;
+ int len = Z_STRLEN_P(zv) + 2;
+ char *str = emalloc(len + 1);
+
+ str[0] = '"';
+ memcpy(&str[1], Z_STRVAL_P(zv), Z_STRLEN_P(zv));
+ str[len-1] = '"';
+ str[len] = '\0';
+
+ zval_dtor(&tmp);
+ ZVAL_STRINGL(zv, str, len, 0);
+ }
+ } else {
+ zval_dtor(zv);
+ ZVAL_EMPTY_STRING(zv);
+ }
+}
+
+static inline void sanitize_urlencoded(zval *zv TSRMLS_DC)
+{
+ Z_STRLEN_P(zv) = php_raw_url_decode(Z_STRVAL_P(zv), Z_STRLEN_P(zv));
+}
+
+static inline void prepare_urlencoded(zval *zv TSRMLS_DC)
+{
+ int len;
+ char *str = php_url_encode(Z_STRVAL_P(zv), Z_STRLEN_P(zv), &len);
+
+ zval_dtor(zv);
+ ZVAL_STRINGL(zv, str, len, 0);
+}
+
+static void sanitize_dimension(zval *zv TSRMLS_DC)
+{
+ zval *arr = NULL, *tmp = NULL, **cur = NULL;
+ char *var = NULL, *ptr = Z_STRVAL_P(zv), *end = Z_STRVAL_P(zv) + Z_STRLEN_P(zv);
+ long level = 0;
+
+ MAKE_STD_ZVAL(arr);
+ array_init(arr);
+ cur = &arr;
+
+ while (ptr < end) {
+ if (!var) {
+ var = ptr;
+ }
+
+ switch (*ptr) {
+ case '[':
+ if (++level > PG(max_input_nesting_level)) {
+ zval_ptr_dtor(&arr);
+ php_http_error(HE_WARNING, PHP_HTTP_E_QUERYSTRING, "Max input nesting level of %ld exceeded", PG(max_input_nesting_level));
+ return;
+ }
+ if (ptr - var == 0) {
+ ++var;
+ break;
+ }
+ /* no break */
+
+ case ']':
+
+ MAKE_STD_ZVAL(tmp);
+ ZVAL_NULL(tmp);
+ convert_to_array(*cur);
+
+ if (ptr - var) {
+ char chr = *ptr;
+ *ptr = '\0';
+ zend_symtable_update(Z_ARRVAL_PP(cur), var, ptr - var + 1, (void *) &tmp, sizeof(zval *), (void *) &cur);
+ *ptr = chr;
+ } else {
+ zend_hash_next_index_insert(Z_ARRVAL_PP(cur), (void *) &tmp, sizeof(zval *), (void *) &cur);
+ }
+
+ var = NULL;
+ break;
+ }
+
+ ++ptr;
+ }
+
+ if (zend_hash_num_elements(Z_ARRVAL_P(arr))) {
+ zval_dtor(zv);
+#if PHP_VERSION_ID >= 50400
+ ZVAL_COPY_VALUE(zv, arr);
+#else
+ zv->value = arr->value;
+ Z_TYPE_P(zv) = Z_TYPE_P(arr);
+#endif
+ FREE_ZVAL(arr);
+ } else {
+ zval_ptr_dtor(&arr);
+ }
+}
+
+static inline void shift_key(php_http_buffer_t *buf, char *key_str, size_t key_len, const char *ass, size_t asl, unsigned flags TSRMLS_DC);
+static inline void shift_val(php_http_buffer_t *buf, zval *zvalue, const char *vss, size_t vsl, unsigned flags TSRMLS_DC);
+
+static void prepare_dimension(php_http_buffer_t *buf, php_http_buffer_t *keybuf, zval *zvalue, const char *pss, size_t psl, const char *vss, size_t vsl, unsigned flags TSRMLS_DC)
+{
+ HashTable *ht = HASH_OF(zvalue);
+ HashPosition pos;
+ php_http_array_hashkey_t key = php_http_array_hashkey_init(0);
+ zval **val;
+ php_http_buffer_t prefix;
+
+ if (!ht->nApplyCount++) {
+ php_http_buffer_init(&prefix);
+ php_http_buffer_append(&prefix, keybuf->data, keybuf->used);
+
+ FOREACH_HASH_KEYVAL(pos, ht, key, val) {
+ if (key.type == HASH_KEY_IS_STRING && !*key.str) {
+ /* only public properties */
+ continue;
+ }
+
+ php_http_buffer_appends(&prefix, "[");
+ if (key.type == HASH_KEY_IS_STRING) {
+ php_http_buffer_append(&prefix, key.str, key.len - 1);
+ } else {
+ php_http_buffer_appendf(&prefix, "%lu", key.num);
+ }
+ php_http_buffer_appends(&prefix, "]");
+
+ if (Z_TYPE_PP(val) == IS_ARRAY || Z_TYPE_PP(val) == IS_OBJECT) {
+ prepare_dimension(buf, &prefix, *val, pss, psl, vss, vsl, flags TSRMLS_CC);
+ } else {
+ zval *cpy = php_http_ztyp(IS_STRING, *val);
+
+ shift_key(buf, prefix.data, prefix.used, pss, psl, flags TSRMLS_CC);
+ shift_val(buf, cpy, vss, vsl, flags TSRMLS_CC);
+ zval_ptr_dtor(&cpy);
+ }
+
+ php_http_buffer_cut(&prefix, keybuf->used, prefix.used - keybuf->used);
+ }
+ php_http_buffer_dtor(&prefix);
+ }
+ --ht->nApplyCount;
+}
+
+static inline void sanitize_key(unsigned flags, char *str, size_t len, zval *zv TSRMLS_DC)
+{
+ zval_dtor(zv);
+ php_trim(str, len, NULL, 0, zv, 3 TSRMLS_CC);
+
+ if (flags & PHP_HTTP_PARAMS_DEFAULT) {
+ sanitize_default(zv TSRMLS_CC);
+ }
+
+ if (flags & PHP_HTTP_PARAMS_URLENCODED) {
+ sanitize_urlencoded(zv TSRMLS_CC);
+ }
+
+ if (flags & PHP_HTTP_PARAMS_DIMENSION) {
+ sanitize_dimension(zv TSRMLS_CC);
+ }
+}
+
+static inline void sanitize_value(unsigned flags, char *str, size_t len, zval *zv TSRMLS_DC)
+{
+ zval_dtor(zv);
+ php_trim(str, len, NULL, 0, zv, 3 TSRMLS_CC);
+
+ if (flags & PHP_HTTP_PARAMS_DEFAULT) {
+ sanitize_default(zv TSRMLS_CC);
+ }
+
+ if (flags & PHP_HTTP_PARAMS_URLENCODED) {
+ sanitize_urlencoded(zv TSRMLS_CC);
+ }
+}
+
+static inline void prepare_key(unsigned flags, char *old_key, size_t old_len, char **new_key, size_t *new_len TSRMLS_DC)
+{
+ zval zv;
+
+ INIT_PZVAL(&zv);
+ ZVAL_STRINGL(&zv, old_key, old_len, 1);
+
+ if (flags & PHP_HTTP_PARAMS_URLENCODED) {
+ prepare_urlencoded(&zv TSRMLS_CC);
+ }
+
+ if (flags & PHP_HTTP_PARAMS_DEFAULT) {
+ prepare_default(&zv TSRMLS_CC);
+ }
+
+ *new_key = Z_STRVAL(zv);
+ *new_len = Z_STRLEN(zv);
+}
+
+static inline void prepare_value(unsigned flags, zval *zv TSRMLS_DC)
+{
+ if (flags & PHP_HTTP_PARAMS_URLENCODED) {
+ prepare_urlencoded(zv TSRMLS_CC);
+ }
+
+ if (flags & PHP_HTTP_PARAMS_DEFAULT) {
+ prepare_default(zv TSRMLS_CC);
+ }
+}
+
+static void merge_param(HashTable *params, zval *zdata, zval ***current_param, zval ***current_args TSRMLS_DC)
+{
+ zval **ptr, **zdata_ptr;
+ php_http_array_hashkey_t hkey = php_http_array_hashkey_init(0);
+
+#if 0
+ {
+ zval tmp;
+ INIT_PZVAL_ARRAY(&tmp, params);
+ fprintf(stderr, "params = ");
+ zend_print_zval_r(&tmp, 1 TSRMLS_CC);
+ fprintf(stderr, "\n");
+ }
+#endif
+
+ hkey.type = zend_hash_get_current_key_ex(Z_ARRVAL_P(zdata), &hkey.str, &hkey.len, &hkey.num, hkey.dup, NULL);
+
+ if ((hkey.type == HASH_KEY_IS_STRING && !zend_hash_exists(params, hkey.str, hkey.len))
+ || (hkey.type == HASH_KEY_IS_LONG && !zend_hash_index_exists(params, hkey.num))
+ ) {
+ zval *tmp, *arg, **args;
+
+ /* create the entry if it doesn't exist */
+ zend_hash_get_current_data(Z_ARRVAL_P(zdata), (void *) &ptr);
+ Z_ADDREF_PP(ptr);
+ MAKE_STD_ZVAL(tmp);
+ array_init(tmp);
+ add_assoc_zval_ex(tmp, ZEND_STRS("value"), *ptr);
+
+ MAKE_STD_ZVAL(arg);
+ array_init(arg);
+ zend_hash_update(Z_ARRVAL_P(tmp), "arguments", sizeof("arguments"), (void *) &arg, sizeof(zval *), (void *) &args);
+ *current_args = args;
+
+ if (hkey.type == HASH_KEY_IS_STRING) {
+ zend_hash_update(params, hkey.str, hkey.len, (void *) &tmp, sizeof(zval *), (void *) &ptr);
+ } else {
+ zend_hash_index_update(params, hkey.num, (void *) &tmp, sizeof(zval *), (void *) &ptr);
+ }
+ } else {
+ /* merge */
+ if (hkey.type == HASH_KEY_IS_STRING) {
+ zend_hash_find(params, hkey.str, hkey.len, (void *) &ptr);
+ } else {
+ zend_hash_index_find(params, hkey.num, (void *) &ptr);
+ }
+
+ zdata_ptr = &zdata;
+
+ if (Z_TYPE_PP(ptr) == IS_ARRAY
+ && SUCCESS == zend_hash_find(Z_ARRVAL_PP(ptr), "value", sizeof("value"), (void *) &ptr)
+ && SUCCESS == zend_hash_get_current_data(Z_ARRVAL_PP(zdata_ptr), (void *) &zdata_ptr)
+ ) {
+ /*
+ * params = [arr => [value => [0 => 1]]]
+ * ^- ptr
+ * zdata = [arr => [0 => NULL]]
+ * ^- zdata_ptr
+ */
+ zval **test_ptr;
+
+ while (Z_TYPE_PP(zdata_ptr) == IS_ARRAY
+ && SUCCESS == zend_hash_get_current_data(Z_ARRVAL_PP(zdata_ptr), (void *) &test_ptr)
+ ) {
+ if (Z_TYPE_PP(test_ptr) == IS_ARRAY) {
+
+ /* now find key in ptr */
+ if (HASH_KEY_IS_STRING == zend_hash_get_current_key_ex(Z_ARRVAL_PP(zdata_ptr), &hkey.str, &hkey.len, &hkey.num, hkey.dup, NULL)) {
+ if (SUCCESS == zend_hash_find(Z_ARRVAL_PP(ptr), hkey.str, hkey.len, (void *) &ptr)) {
+ zdata_ptr = test_ptr;
+ } else {
+ Z_ADDREF_PP(test_ptr);
+ zend_hash_update(Z_ARRVAL_PP(ptr), hkey.str, hkey.len, (void *) test_ptr, sizeof(zval *), (void *) &ptr);
+ break;
+ }
+ } else {
+ if (SUCCESS == zend_hash_index_find(Z_ARRVAL_PP(ptr), hkey.num, (void *) &ptr)) {
+ zdata_ptr = test_ptr;
+ } else if (hkey.num) {
+ Z_ADDREF_PP(test_ptr);
+ zend_hash_index_update(Z_ARRVAL_PP(ptr), hkey.num, (void *) test_ptr, sizeof(zval *), (void *) &ptr);
+ break;
+ } else {
+ Z_ADDREF_PP(test_ptr);
+ zend_hash_next_index_insert(Z_ARRVAL_PP(ptr), (void *) test_ptr, sizeof(zval *), (void *) &ptr);
+ break;
+ }
+ }
+ } else {
+ /* this is the leaf */
+ Z_ADDREF_PP(test_ptr);
+ if (Z_TYPE_PP(ptr) != IS_ARRAY) {
+ zval_dtor(*ptr);
+ array_init(*ptr);
+ }
+ if (HASH_KEY_IS_STRING == zend_hash_get_current_key_ex(Z_ARRVAL_PP(zdata_ptr), &hkey.str, &hkey.len, &hkey.num, hkey.dup, NULL)) {
+ zend_hash_update(Z_ARRVAL_PP(ptr), hkey.str, hkey.len, (void *) test_ptr, sizeof(zval *), (void *) &ptr);
+ } else if (hkey.num) {
+ zend_hash_index_update(Z_ARRVAL_PP(ptr), hkey.num, (void *) test_ptr, sizeof(zval *), (void *) &ptr);
+ } else {
+ zend_hash_next_index_insert(Z_ARRVAL_PP(ptr), (void *) test_ptr, sizeof(zval *), (void *) &ptr);
+ }
+ break;
+ }
+ }
+
+ }
+ }
+
+ /* bubble up */
+ while (Z_TYPE_PP(ptr) == IS_ARRAY && SUCCESS == zend_hash_get_current_data(Z_ARRVAL_PP(ptr), (void *) &ptr));
+ *current_param = ptr;
+}
+