X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=php_http_params.c;h=5adeb91c761f390bd3e6705ea71eb6eaf5225422;hp=34bc928e058245b2c8f722148c4faf0c59928b62;hb=aee4dea903f457635993b5cb460d01a0cd71dd03;hpb=d1fb78c1fd8bc565d7f153810015dbd627d46514

diff --git a/php_http_params.c b/php_http_params.c
index 34bc928..5adeb91 100644
--- a/php_http_params.c
+++ b/php_http_params.c
@@ -63,27 +63,32 @@ static inline void sanitize_escaped(zval *zv TSRMLS_DC)
 	php_stripcslashes(Z_STRVAL_P(zv), &Z_STRLEN_P(zv));
 }
 
-static inline void prepare_escaped(zval *zv TSRMLS_DC)
+static inline void quote_string(zval *zv, zend_bool force TSRMLS_DC)
 {
-	if (Z_TYPE_P(zv) == IS_STRING) {
-		int len = Z_STRLEN_P(zv);
+	int len = Z_STRLEN_P(zv);
 
-		Z_STRVAL_P(zv) = php_addcslashes(Z_STRVAL_P(zv), Z_STRLEN_P(zv), &Z_STRLEN_P(zv), 1,
-				ZEND_STRL("\0..\37\173\\\"") TSRMLS_CC);
+	Z_STRVAL_P(zv) = php_addcslashes(Z_STRVAL_P(zv), Z_STRLEN_P(zv), &Z_STRLEN_P(zv), 1,
+			ZEND_STRL("\0..\37\173\\\"") TSRMLS_CC);
 
-		if (len != Z_STRLEN_P(zv) || strpbrk(Z_STRVAL_P(zv), "()<>@,;:\"[]?={} ")) {
-			zval tmp = *zv;
-			int len = Z_STRLEN_P(zv) + 2;
-			char *str = emalloc(len + 1);
+	if (force || len != Z_STRLEN_P(zv) || strpbrk(Z_STRVAL_P(zv), "()<>@,;:\"[]?={} ")) {
+		zval tmp = *zv;
+		int len = Z_STRLEN_P(zv) + 2;
+		char *str = emalloc(len + 1);
 
-			str[0] = '"';
-			memcpy(&str[1], Z_STRVAL_P(zv), Z_STRLEN_P(zv));
-			str[len-1] = '"';
-			str[len] = '\0';
+		str[0] = '"';
+		memcpy(&str[1], Z_STRVAL_P(zv), Z_STRLEN_P(zv));
+		str[len-1] = '"';
+		str[len] = '\0';
 
-			zval_dtor(&tmp);
-			ZVAL_STRINGL(zv, str, len, 0);
-		}
+		zval_dtor(&tmp);
+		ZVAL_STRINGL(zv, str, len, 0);
+	}
+}
+
+static inline void prepare_escaped(zval *zv TSRMLS_DC)
+{
+	if (Z_TYPE_P(zv) == IS_STRING) {
+		quote_string(zv, 0 TSRMLS_CC);
 	} else {
 		zval_dtor(zv);
 		ZVAL_EMPTY_STRING(zv);
@@ -291,6 +296,20 @@ static inline void sanitize_rfc5987(zval *zv, char **language, zend_bool *latin1
 	}
 }
 
+static inline void sanitize_rfc5988(char *str, size_t len, zval *zv TSRMLS_DC)
+{
+	zval_dtor(zv);
+	php_trim(str, len, " ><", 3, zv, 3 TSRMLS_CC);
+}
+
+static inline void prepare_rfc5988(zval *zv TSRMLS_DC)
+{
+	if (Z_TYPE_P(zv) != IS_STRING) {
+		zval_dtor(zv);
+		ZVAL_EMPTY_STRING(zv);
+	}
+}
+
 static void utf8encode(zval *zv)
 {
 	size_t pos, len = 0;
@@ -363,7 +382,11 @@ static inline void prepare_key(unsigned flags, char *old_key, size_t old_len, ch
 	}
 
 	if (flags & PHP_HTTP_PARAMS_ESCAPED) {
-		prepare_escaped(&zv TSRMLS_CC);
+		if (flags & PHP_HTTP_PARAMS_RFC5988) {
+			prepare_rfc5988(&zv TSRMLS_CC);
+		} else {
+			prepare_escaped(&zv TSRMLS_CC);
+		}
 	}
 
 	*new_key = Z_STRVAL(zv);
@@ -542,11 +565,11 @@ static void push_param(HashTable *params, php_http_params_state_t *state, const
 			MAKE_STD_ZVAL(key);
 			ZVAL_NULL(key);
 			if (opts->flags & PHP_HTTP_PARAMS_RFC5988) {
-				state->param.str += 1; /* < */
-				state->param.len -= 2; /* > */
+				sanitize_rfc5988(state->param.str, state->param.len, key TSRMLS_CC);
+			} else {
+				sanitize_key(opts->flags, state->param.str, state->param.len, key, &rfc5987 TSRMLS_CC);
+				state->rfc5987 = rfc5987;
 			}
-			sanitize_key(opts->flags, state->param.str, state->param.len, key, &rfc5987 TSRMLS_CC);
-			state->rfc5987 = rfc5987;
 			if (Z_TYPE_P(key) != IS_STRING) {
 				merge_param(params, key, &state->current.val, &state->current.args TSRMLS_CC);
 			} else if (Z_STRLEN_P(key)) {
@@ -628,7 +651,7 @@ HashTable *php_http_params_parse(HashTable *params, const php_http_params_opts_t
 
 	while (state.input.len) {
 		if ((opts->flags & PHP_HTTP_PARAMS_RFC5988) && !state.arg.str) {
-			if (!state.param.str && *state.input.str == '<') {
+			if (*state.input.str == '<') {
 				state.quotes = 1;
 			} else if (*state.input.str == '>') {
 				state.quotes = 0;
@@ -756,6 +779,17 @@ static inline void shift_rfc5988(php_http_buffer_t *buf, char *key_str, size_t k
 	efree(str);
 }
 
+static inline void shift_rfc5988_val(php_http_buffer_t *buf, zval *zv, const char *vss, size_t vsl, unsigned flags TSRMLS_DC)
+{
+	zval *tmp = php_http_zsep(1, IS_STRING, zv);
+
+	quote_string(tmp, 1 TSRMLS_CC);
+	php_http_buffer_append(buf, vss, vsl);
+	php_http_buffer_append(buf, Z_STRVAL_P(tmp), Z_STRLEN_P(tmp));
+
+	zval_ptr_dtor(&tmp);
+}
+
 static inline void shift_val(php_http_buffer_t *buf, zval *zvalue, const char *vss, size_t vsl, unsigned flags TSRMLS_DC)
 {
 	if (Z_TYPE_P(zvalue) != IS_BOOL) {
@@ -796,6 +830,21 @@ static void shift_arg(php_http_buffer_t *buf, char *key_str, size_t key_len, zva
 		}
 	} else {
 		shift_key(buf, key_str, key_len, ass, asl, flags TSRMLS_CC);
+
+		if (flags & PHP_HTTP_PARAMS_RFC5988) {
+			switch (key_len) {
+			case lenof("rel"):
+			case lenof("title"):
+			case lenof("anchor"):
+				/* some args must be quoted */
+				if (0 <= php_http_select_str(key_str, 3, "rel", "title", "anchor")) {
+					shift_rfc5988_val(buf, zvalue, vss, vsl, flags TSRMLS_CC);
+					return;
+				}
+				break;
+			}
+		}
+
 		shift_val(buf, zvalue, vss, vsl, flags TSRMLS_CC);
 	}
 }