X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=php_http_params.c;h=ced2507aea8e470ebbfe7e7fc0585ab81f97b43e;hp=2f73cb93d8e8d7af676fbe83f65c0564c2ad4458;hb=468e8d748d365811af4ce890fd8fc4c1f88cc08a;hpb=a41703eafb1f1bb7f2968e97d471499c986a471b

diff --git a/php_http_params.c b/php_http_params.c
index 2f73cb9..ced2507 100644
--- a/php_http_params.c
+++ b/php_http_params.c
@@ -60,14 +60,32 @@ static inline void sanitize_escaped(zval *zv)
 		ZVAL_STR(zv, php_http_cs2zs(deq, deq_len));
 	}
 
-	php_stripcslashes(Z_STRVAL_P(zv), &Z_STRLEN_P(zv));
+	php_stripcslashes(Z_STR_P(zv));
 }
 
-static inline void prepare_escaped(zval *zv)
+static inline void quote_string(zend_string **zs, zend_bool force)
 {
-	if (Z_TYPE_P(zv) == IS_STRING) {
+	int len = (*zs)->len;
+
+	*zs = php_addcslashes(*zs, 1, ZEND_STRL("\0..\37\173\\\""));
+
+	if (force || len != (*zs)->len || strpbrk((*zs)->val, "()<>@,;:\"[]?={} ")) {
+		int len = (*zs)->len + 2;
+
+		*zs = zend_string_extend(*zs, len, 0);
+
+		memmove(&(*zs)->val[1], (*zs)->val, (*zs)->len);
+		(*zs)->val[0] = '"';
+		(*zs)->val[len-1] = '"';
+		(*zs)->val[len] = '\0';
+
+		zend_string_forget_hash_val(*zs);
+	}
+}
+
+/*	if (Z_TYPE_P(zv) == IS_STRING) {
 		size_t len = Z_STRLEN_P(zv);
-		zend_string *stripped = php_addcslashes(Z_STRVAL_P(zv), Z_STRLEN_P(zv), 1,
+		zend_string *stripped = php_addcslashes(Z_STR_P(zv), 0,
 				ZEND_STRL("\0..\37\173\\\""));
 
 		if (len != stripped->len || strpbrk(stripped->val, "()<>@,;:\"[]?={} ")) {
@@ -86,6 +104,12 @@ static inline void prepare_escaped(zval *zv)
 			zval_dtor(zv);
 			ZVAL_STR(zv, stripped);
 		}
+*/
+
+static inline void prepare_escaped(zval *zv)
+{
+	if (Z_TYPE_P(zv) == IS_STRING) {
+		quote_string(&Z_STR_P(zv), 0);
 	} else {
 		zval_dtor(zv);
 		ZVAL_EMPTY_STRING(zv);
@@ -176,7 +200,7 @@ static void prepare_dimension(php_http_buffer_t *buf, php_http_buffer_t *keybuf,
 		php_http_buffer_init(&prefix);
 		php_http_buffer_append(&prefix, keybuf->data, keybuf->used);
 
-		ZEND_HASH_FOREACH_KEY_VAL(ht, key.h, key.key, val)
+		ZEND_HASH_FOREACH_KEY_VAL_IND(ht, key.h, key.key, val)
 		{
 			if (key.key && !*key.key->val) {
 				/* only public properties */
@@ -291,6 +315,23 @@ static inline void sanitize_rfc5987(zval *zv, char **language, zend_bool *latin1
 	}
 }
 
+static inline void sanitize_rfc5988(char *str, size_t len, zval *zv TSRMLS_DC)
+{
+	zend_string *zs = zend_string_init(str, len, 0);
+
+	zval_dtor(zv);
+	ZVAL_STR(zv, php_trim(zs, " ><", 3, 3));
+	zend_string_release(zs);
+}
+
+static inline void prepare_rfc5988(zval *zv TSRMLS_DC)
+{
+	if (Z_TYPE_P(zv) != IS_STRING) {
+		zval_dtor(zv);
+		ZVAL_EMPTY_STRING(zv);
+	}
+}
+
 static void utf8encode(zval *zv)
 {
 	size_t pos, len = 0;
@@ -363,7 +404,11 @@ static inline void prepare_key(unsigned flags, char *old_key, size_t old_len, ch
 	}
 
 	if (flags & PHP_HTTP_PARAMS_ESCAPED) {
-		prepare_escaped(&zv);
+		if (flags & PHP_HTTP_PARAMS_RFC5988) {
+			prepare_rfc5988(&zv);
+		} else {
+			prepare_escaped(&zv);
+		}
 	}
 
 	*new_key = estrndup(Z_STRVAL(zv), Z_STRLEN(zv));
@@ -445,9 +490,12 @@ static void merge_param(HashTable *params, zval *zdata, zval **current_param, zv
 				if (Z_TYPE_P(test_ptr) == IS_ARRAY) {
 					/* now find key in ptr */
 					if (HASH_KEY_IS_STRING == zend_hash_get_current_key(Z_ARRVAL_P(zdata_ptr), &hkey.key, &hkey.h)) {
+						zval *tmp_ptr = ptr;
+
 						if ((ptr = zend_hash_find(Z_ARRVAL_P(ptr), hkey.key))) {
 							zdata_ptr = test_ptr;
 						} else {
+							ptr = tmp_ptr;
 							Z_TRY_ADDREF_P(test_ptr);
 							ptr = zend_hash_update(Z_ARRVAL_P(ptr), hkey.key, test_ptr);
 							break;
@@ -541,12 +589,16 @@ static void push_param(HashTable *params, php_http_params_state_t *state, const
 			zend_bool rfc5987 = 0;
 
 			ZVAL_NULL(&key);
-			sanitize_key(opts->flags, state->param.str, state->param.len, &key, &rfc5987);
-			state->rfc5987 = rfc5987;
+			if (opts->flags & PHP_HTTP_PARAMS_RFC5988) {
+				sanitize_rfc5988(state->param.str, state->param.len, &key);
+			} else {
+				sanitize_key(opts->flags, state->param.str, state->param.len, &key, &rfc5987);
+				state->rfc5987 = rfc5987;
+			}
 			if (Z_TYPE(key) == IS_ARRAY) {
 				merge_param(params, &key, &state->current.val, &state->current.args);
 			} else if (Z_TYPE(key) == IS_STRING && Z_STRLEN(key)) {
-				//array_init_size(&prm, 2);
+				// FIXME: array_init_size(&prm, 2);
 				array_init(&prm);
 
 				if (!Z_ISUNDEF(opts->defval)) {
@@ -560,7 +612,7 @@ static void push_param(HashTable *params, php_http_params_state_t *state, const
 				} else {
 					state->current.val = zend_hash_str_update(Z_ARRVAL(prm), "value", lenof("value"), &val);
 				}
-				//array_init_size(&arg, 3);
+				// FIXME: array_init_size(&arg, 3);
 				array_init(&arg);
 				state->current.args = zend_hash_str_update(Z_ARRVAL(prm), "arguments", lenof("arguments"), &arg);
 				state->current.param = zend_symtable_str_update(params, Z_STRVAL(key), Z_STRLEN(key), &prm);
@@ -620,7 +672,13 @@ HashTable *php_http_params_parse(HashTable *params, const php_http_params_opts_t
 	}
 
 	while (state.input.len) {
-		if (*state.input.str == '"' && !state.escape) {
+		if ((opts->flags & PHP_HTTP_PARAMS_RFC5988) && !state.arg.str) {
+			if (*state.input.str == '<') {
+				state.quotes = 1;
+			} else if (*state.input.str == '>') {
+				state.quotes = 0;
+			}
+		} else if (*state.input.str == '"' && !state.escape) {
 			state.quotes = !state.quotes;
 		} else {
 			state.escape = (*state.input.str == '\\');
@@ -721,6 +779,9 @@ static inline void shift_rfc5987(php_http_buffer_t *buf, zval *zvalue, const cha
 				(int) (key.key->len > INT_MAX ? INT_MAX : key.key->len), key.key->val);
 		php_http_arrkey_dtor(&key);
 
+		if (Z_TYPE_P(zdata) == IS_INDIRECT) {
+			zdata = Z_INDIRECT_P(zdata);
+		}
 		zs = zval_get_string(zdata);
 		ZVAL_STR(&tmp, zs);
 		prepare_value(flags | PHP_HTTP_PARAMS_URLENCODED, &tmp);
@@ -729,6 +790,33 @@ static inline void shift_rfc5987(php_http_buffer_t *buf, zval *zvalue, const cha
 	}
 }
 
+static inline void shift_rfc5988(php_http_buffer_t *buf, char *key_str, size_t key_len, const char *ass, size_t asl, unsigned flags)
+{
+	char *str;
+	size_t len;
+
+	if (buf->used) {
+		php_http_buffer_append(buf, ass, asl);
+	}
+
+	prepare_key(flags, key_str, key_len, &str, &len);
+	php_http_buffer_appends(buf, "<");
+	php_http_buffer_append(buf, str, len);
+	php_http_buffer_appends(buf, ">");
+	efree(str);
+}
+
+static inline void shift_rfc5988_val(php_http_buffer_t *buf, zval *zv, const char *vss, size_t vsl, unsigned flags)
+{
+	zend_string *zs = zval_get_string(zv);
+
+	quote_string(&zs, 1);
+	php_http_buffer_append(buf, vss, vsl);
+	php_http_buffer_append(buf, zs->val, zs->len);
+
+	zend_string_release(zs);
+}
+
 static inline void shift_val(php_http_buffer_t *buf, zval *zvalue, const char *vss, size_t vsl, unsigned flags)
 {
 	zval tmp;
@@ -767,7 +855,7 @@ static void shift_arg(php_http_buffer_t *buf, char *key_str, size_t key_len, zva
 		if (!rfc5987) {
 			shift_key(buf, key_str, key_len, ass, asl, flags);
 		}
-		ZEND_HASH_FOREACH_KEY_VAL(ht, key.h, key.key, val)
+		ZEND_HASH_FOREACH_KEY_VAL_IND(ht, key.h, key.key, val)
 		{
 			/* did you mean recursion? */
 			php_http_arrkey_stringify(&key, NULL);
@@ -782,6 +870,21 @@ static void shift_arg(php_http_buffer_t *buf, char *key_str, size_t key_len, zva
 		ZEND_HASH_FOREACH_END();
 	} else {
 		shift_key(buf, key_str, key_len, ass, asl, flags);
+
+		if (flags & PHP_HTTP_PARAMS_RFC5988) {
+			switch (key_len) {
+			case lenof("rel"):
+			case lenof("title"):
+			case lenof("anchor"):
+				/* some args must be quoted */
+				if (0 <= php_http_select_str(key_str, 3, "rel", "title", "anchor")) {
+					shift_rfc5988_val(buf, zvalue, vss, vsl, flags);
+					return;
+				}
+				break;
+			}
+		}
+
 		shift_val(buf, zvalue, vss, vsl, flags);
 	}
 }
@@ -802,6 +905,11 @@ static void shift_param(php_http_buffer_t *buf, char *key_str, size_t key_len, z
 		}
 	} else {
 		shift_key(buf, key_str, key_len, pss, psl, flags);
+		if (flags & PHP_HTTP_PARAMS_RFC5988) {
+			shift_rfc5988(buf, key_str, key_len, pss, psl, flags);
+		} else {
+			shift_key(buf, key_str, key_len, pss, psl, flags);
+		}
 		shift_val(buf, zvalue, vss, vsl, flags);
 	}
 }
@@ -843,8 +951,9 @@ php_http_buffer_t *php_http_params_to_string(php_http_buffer_t *buf, HashTable *
 				zvalue = tmp;
 			} else if (zvalue == zparam) {
 				continue;
+			} else {
+				zvalue = zparam;
 			}
-			zvalue = zparam;
 		}
 
 		if (Z_TYPE_P(zvalue) == IS_ARRAY) {
@@ -871,15 +980,17 @@ php_http_buffer_t *php_http_params_to_string(php_http_buffer_t *buf, HashTable *
 
 php_http_params_token_t **php_http_params_separator_init(zval *zv)
 {
-	zval *sep;
+	zval *sep, ztmp;
 	php_http_params_token_t **ret, **tmp;
 
 	if (!zv) {
 		return NULL;
 	}
 
-	SEPARATE_ZVAL(zv);
+	ZVAL_DUP(&ztmp, zv);
+	zv = &ztmp;
 	convert_to_array(zv);
+
 	ret = ecalloc(zend_hash_num_elements(Z_ARRVAL_P(zv)) + 1, sizeof(*ret));
 
 	tmp = ret;
@@ -895,7 +1006,8 @@ php_http_params_token_t **php_http_params_separator_init(zval *zv)
 		zend_string_release(zs);
 	}
 	ZEND_HASH_FOREACH_END();
-	zval_ptr_dtor(zv);
+
+	zval_ptr_dtor(&ztmp);
 
 	*tmp = NULL;
 	return ret;
@@ -957,27 +1069,34 @@ PHP_METHOD(HttpParams, __construct)
 				default:
 					zs = zval_get_string(zparams);
 					if (zs->len) {
+						zval tmp;
+
 						php_http_params_opts_t opts = {
 							{zs->val, zs->len},
-							php_http_params_separator_init(zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("param_sep"), 0)),
-							php_http_params_separator_init(zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("arg_sep"), 0)),
-							php_http_params_separator_init(zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("val_sep"), 0)),
+							php_http_params_separator_init(zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("param_sep"), 0, &tmp)),
+							php_http_params_separator_init(zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("arg_sep"), 0, &tmp)),
+							php_http_params_separator_init(zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("val_sep"), 0, &tmp)),
 							{{0}}, flags
 						};
 
-						array_init(zparams);
-						php_http_params_parse(Z_ARRVAL_P(zparams), &opts);
-						zend_update_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), zparams);
+						array_init(&tmp);
+						php_http_params_parse(Z_ARRVAL(tmp), &opts);
+						zend_update_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), &tmp);
+						zval_ptr_dtor(&tmp);
 
 						php_http_params_separator_free(opts.param);
 						php_http_params_separator_free(opts.arg);
 						php_http_params_separator_free(opts.val);
 					}
+					zend_string_release(zs);
 					break;
 			}
 		} else {
-			array_init(zparams);
-			zend_update_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), zparams);
+			zval tmp;
+
+			array_init(&tmp);
+			zend_update_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), &tmp);
+			zval_ptr_dtor(&tmp);
 		}
 	}
 	zend_restore_error_handling(&zeh);
@@ -987,12 +1106,12 @@ ZEND_BEGIN_ARG_INFO_EX(ai_HttpParams_toArray, 0, 0, 0)
 ZEND_END_ARG_INFO();
 PHP_METHOD(HttpParams, toArray)
 {
-	zval *zparams;
+	zval zparams_tmp, *zparams;
 
 	if (SUCCESS != zend_parse_parameters_none()) {
 		return;
 	}
-	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0);
+	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0, &zparams_tmp);
 	RETURN_ZVAL_FAST(zparams);
 }
 
@@ -1001,27 +1120,28 @@ ZEND_END_ARG_INFO();
 PHP_METHOD(HttpParams, toString)
 {
 	zval *tmp, *zparams, *zpsep, *zasep, *zvsep;
+	zval zparams_tmp, flags_tmp, psep_tmp, asep_tmp, vsep_tmp;
 	zend_string *psep, *asep, *vsep;
 	long flags;
 	php_http_buffer_t buf;
 
-	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0);
+	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0, &zparams_tmp);
 	convert_to_array_ex(zparams);
-	flags = zval_get_long(zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("flags"), 0));
+	flags = zval_get_long(zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("flags"), 0, &flags_tmp));
 
-	zpsep = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("param_sep"), 0);
+	zpsep = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("param_sep"), 0, &psep_tmp);
 	if (Z_TYPE_P(zpsep) == IS_ARRAY && (tmp = zend_hash_get_current_data(Z_ARRVAL_P(zpsep)))) {
 		psep = zval_get_string(tmp);
 	} else {
 		psep = zval_get_string(zpsep);
 	}
-	zasep = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("arg_sep"), 0);
+	zasep = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("arg_sep"), 0, &asep_tmp);
 	if (Z_TYPE_P(zasep) == IS_ARRAY && (tmp = zend_hash_get_current_data(Z_ARRVAL_P(zasep)))) {
 		asep = zval_get_string(tmp);
 	} else {
 		asep = zval_get_string(zasep);
 	}
-	zvsep = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("val_sep"), 0);
+	zvsep = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("val_sep"), 0, &vsep_tmp);
 	if (Z_TYPE_P(zvsep) == IS_ARRAY && (tmp = zend_hash_get_current_data(Z_ARRVAL_P(zvsep)))) {
 		vsep = zval_get_string(tmp);
 	} else {
@@ -1044,13 +1164,13 @@ ZEND_END_ARG_INFO();
 PHP_METHOD(HttpParams, offsetExists)
 {
 	zend_string *name;
-	zval *zparam, *zparams;
+	zval zparams_tmp, *zparam, *zparams;
 
 	if (SUCCESS != zend_parse_parameters(ZEND_NUM_ARGS(), "S", &name)) {
 		return;
 	}
 
-	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0);
+	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0, &zparams_tmp);
 
 	if (Z_TYPE_P(zparams) == IS_ARRAY && (zparam = zend_symtable_find(Z_ARRVAL_P(zparams), name))) {
 		RETVAL_BOOL(Z_TYPE_P(zparam) != IS_NULL);
@@ -1065,13 +1185,13 @@ ZEND_END_ARG_INFO();
 PHP_METHOD(HttpParams, offsetGet)
 {
 	zend_string *name;
-	zval *zparam, *zparams;
+	zval zparams_tmp, *zparam, *zparams;
 
 	if (SUCCESS != zend_parse_parameters(ZEND_NUM_ARGS(), "S", &name)) {
 		return;
 	}
 
-	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0);
+	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0, &zparams_tmp);
 
 	if (Z_TYPE_P(zparams) == IS_ARRAY && (zparam = zend_symtable_find(Z_ARRVAL_P(zparams), name))) {
 		RETVAL_ZVAL_FAST(zparam);
@@ -1084,17 +1204,16 @@ ZEND_END_ARG_INFO();
 PHP_METHOD(HttpParams, offsetUnset)
 {
 	zend_string *name;
-	zval *zparams;
+	zval zparams_tmp, *zparams;
 
 	if (SUCCESS != zend_parse_parameters(ZEND_NUM_ARGS(), "S", &name)) {
 		return;
 	}
 
-	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0);
+	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0, &zparams_tmp);
 
 	if (Z_TYPE_P(zparams) == IS_ARRAY) {
 		zend_symtable_del(Z_ARRVAL_P(zparams), name);
-		zend_update_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), zparams);
 	}
 }
 
@@ -1105,36 +1224,29 @@ ZEND_END_ARG_INFO();
 PHP_METHOD(HttpParams, offsetSet)
 {
 	zend_string *name;
-	zval *zparam, *zparams, *nvalue;
+	zval zparams_tmp, *zparam, *zparams, *nvalue;
 
 	if (SUCCESS != zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Sz", &name, &nvalue)) {
 		return;
 	}
 
-	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0);
-	SEPARATE_ZVAL(zparams);
+	zparams = zend_read_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), 0, &zparams_tmp);
 	convert_to_array(zparams);
 
 	if (name->len) {
 		if (Z_TYPE_P(nvalue) == IS_ARRAY) {
-			zval *new_zparam;
-
 			if ((zparam = zend_symtable_find(Z_ARRVAL_P(zparams), name))) {
-				new_zparam = zparam;
-				SEPARATE_ZVAL(new_zparam);
-				convert_to_array(new_zparam);
-				array_join(Z_ARRVAL_P(nvalue), Z_ARRVAL_P(new_zparam), 0, 0);
+				convert_to_array(zparam);
+				array_join(Z_ARRVAL_P(nvalue), Z_ARRVAL_P(zparam), 0, 0);
 			} else {
-				new_zparam = nvalue;
-				Z_TRY_ADDREF_P(new_zparam);
+				Z_TRY_ADDREF_P(nvalue);
+				add_assoc_zval_ex(zparams, name->val, name->len, nvalue);
 			}
-			add_assoc_zval_ex(zparams, name->val, name->len, new_zparam);
 		} else {
 			zval tmp;
 
 			if ((zparam = zend_symtable_find(Z_ARRVAL_P(zparams), name))) {
-				tmp = *zparam;
-				SEPARATE_ZVAL(&tmp);
+				ZVAL_DUP(&tmp, zparam);
 				convert_to_array(&tmp);
 			} else {
 				array_init(&tmp);
@@ -1153,9 +1265,6 @@ PHP_METHOD(HttpParams, offsetSet)
 		add_assoc_zval_ex(zparams, zs->val, zs->len, &arr);
 		zend_string_release(zs);
 	}
-
-	zend_update_property(php_http_params_class_entry, getThis(), ZEND_STRL("params"), zparams);
-	zval_ptr_dtor(zparams);
 }
 
 static zend_function_entry php_http_params_methods[] = {
@@ -1194,6 +1303,7 @@ PHP_MINIT_FUNCTION(http_params)
 	zend_declare_class_constant_long(php_http_params_class_entry, ZEND_STRL("PARSE_URLENCODED"), PHP_HTTP_PARAMS_URLENCODED);
 	zend_declare_class_constant_long(php_http_params_class_entry, ZEND_STRL("PARSE_DIMENSION"), PHP_HTTP_PARAMS_DIMENSION);
 	zend_declare_class_constant_long(php_http_params_class_entry, ZEND_STRL("PARSE_RFC5987"), PHP_HTTP_PARAMS_RFC5987);
+	zend_declare_class_constant_long(php_http_params_class_entry, ZEND_STRL("PARSE_RFC5988"), PHP_HTTP_PARAMS_RFC5988);
 	zend_declare_class_constant_long(php_http_params_class_entry, ZEND_STRL("PARSE_DEFAULT"), PHP_HTTP_PARAMS_DEFAULT);
 	zend_declare_class_constant_long(php_http_params_class_entry, ZEND_STRL("PARSE_QUERY"), PHP_HTTP_PARAMS_QUERY);