X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=php_http_url.c;h=4560848ece40d3e53a754ed9d61b92a23ab05d42;hp=b9ea708ce3512477ef3aacd59bf833eaf46bb8ef;hb=4308cb174a56bdbca09b8a30e869eb2e751f5f9b;hpb=61c5a47e7530b142df6b67332e60a339998c2492 diff --git a/php_http_url.c b/php_http_url.c index b9ea708..4560848 100644 --- a/php_http_url.c +++ b/php_http_url.c @@ -92,7 +92,9 @@ static php_url *php_http_url_from_env(php_url *url TSRMLS_DC) if ((((zhost = php_http_env_get_server_var(ZEND_STRL("HTTP_HOST"), 1 TSRMLS_CC)) || (zhost = php_http_env_get_server_var(ZEND_STRL("SERVER_NAME"), 1 TSRMLS_CC)) || (zhost = php_http_env_get_server_var(ZEND_STRL("SERVER_ADDR"), 1 TSRMLS_CC)))) && Z_STRLEN_P(zhost)) { - url->host = estrndup(Z_STRVAL_P(zhost), Z_STRLEN_P(zhost)); + size_t stop_at = strspn(Z_STRVAL_P(zhost), "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-."); + + url->host = estrndup(Z_STRVAL_P(zhost), stop_at); } else { url->host = localhostname(); } @@ -222,7 +224,8 @@ PHP_HTTP_API void php_http_url(int flags, const php_url *old_url, const php_url STR_SET(url->path, path); } /* replace directory references if path is not a single slash */ - if (url->path[0] && (url->path[0] != '/' || url->path[1])) { + if ((flags & PHP_HTTP_URL_SANITIZE_PATH) + && url->path[0] && (url->path[0] != '/' || url->path[1])) { char *ptr, *end = url->path + strlen(url->path) + 1; for (ptr = strchr(url->path, '/'); ptr; ptr = strchr(ptr, '/')) { @@ -346,11 +349,7 @@ PHP_HTTP_API STATUS php_http_url_encode_hash(HashTable *hash, const char *pre_en php_http_url_argsep(&arg_sep_str, &arg_sep_len TSRMLS_CC); - if (pre_encoded_len && pre_encoded_str) { - php_http_buffer_append(qstr, pre_encoded_str, pre_encoded_len); - } - - if (SUCCESS != php_http_url_encode_hash_ex(hash, qstr, arg_sep_str, arg_sep_len, ZEND_STRL("="), NULL, 0 TSRMLS_CC)) { + if (SUCCESS != php_http_url_encode_hash_ex(hash, qstr, arg_sep_str, arg_sep_len, "=", 1, pre_encoded_str, pre_encoded_len TSRMLS_CC)) { php_http_buffer_free(&qstr); return FAILURE; } @@ -361,91 +360,16 @@ PHP_HTTP_API STATUS php_http_url_encode_hash(HashTable *hash, const char *pre_en return SUCCESS; } -PHP_HTTP_API STATUS php_http_url_encode_hash_ex(HashTable *ht, php_http_buffer_t *str, const char *arg_sep_str, size_t arg_sep_len, const char *val_sep_str, size_t val_sep_len, const char *prefix_str, size_t prefix_len TSRMLS_DC) +PHP_HTTP_API STATUS php_http_url_encode_hash_ex(HashTable *hash, php_http_buffer_t *qstr, const char *arg_sep_str, size_t arg_sep_len, const char *val_sep_str, size_t val_sep_len, const char *pre_encoded_str, size_t pre_encoded_len TSRMLS_DC) { - php_http_array_hashkey_t key = php_http_array_hashkey_init(0); - zval **data = NULL; - HashPosition pos; + if (pre_encoded_len && pre_encoded_str) { + php_http_buffer_append(qstr, pre_encoded_str, pre_encoded_len); + } - if (!ht || !str) { - php_http_error(HE_WARNING, PHP_HTTP_E_INVALID_PARAM, "Invalid parameters"); + if (!php_http_params_to_string(qstr, hash, arg_sep_str, arg_sep_len, "", 0, val_sep_str, val_sep_len, PHP_HTTP_PARAMS_QUERY TSRMLS_CC)) { return FAILURE; } - if (ht->nApplyCount > 0) { - return SUCCESS; - } - - FOREACH_HASH_KEYVAL(pos, ht, key, data) { - char *encoded_key; - int encoded_len; - php_http_buffer_t new_prefix; - - if (!data || !*data) { - php_http_buffer_dtor(str); - return FAILURE; - } - - if (key.type == HASH_KEY_IS_STRING) { - if (!*key.str) { - /* only public properties */ - continue; - } - if (key.len && key.str[key.len - 1] == '\0') { - --key.len; - } - encoded_key = php_url_encode(key.str, key.len, &encoded_len); - } else { - encoded_len = spprintf(&encoded_key, 0, "%ld", key.num); - } - - { - php_http_buffer_init(&new_prefix); - if (prefix_str && prefix_len) { - php_http_buffer_append(&new_prefix, prefix_str, prefix_len); - php_http_buffer_appends(&new_prefix, "%5B"); - } - - php_http_buffer_append(&new_prefix, encoded_key, encoded_len); - efree(encoded_key); - - if (prefix_str && prefix_len) { - php_http_buffer_appends(&new_prefix, "%5D"); - } - php_http_buffer_fix(&new_prefix); - } - - if (Z_TYPE_PP(data) == IS_ARRAY || Z_TYPE_PP(data) == IS_OBJECT) { - STATUS status; - ++ht->nApplyCount; - status = php_http_url_encode_hash_ex(HASH_OF(*data), str, arg_sep_str, arg_sep_len, val_sep_str, val_sep_len, PHP_HTTP_BUFFER_VAL(&new_prefix), PHP_HTTP_BUFFER_LEN(&new_prefix) TSRMLS_CC); - --ht->nApplyCount; - if (SUCCESS != status) { - php_http_buffer_dtor(&new_prefix); - php_http_buffer_dtor(str); - return FAILURE; - } - } else { - zval *val = php_http_ztyp(IS_STRING, *data); - - if (PHP_HTTP_BUFFER_LEN(str)) { - php_http_buffer_append(str, arg_sep_str, arg_sep_len); - } - php_http_buffer_append(str, PHP_HTTP_BUFFER_VAL(&new_prefix), PHP_HTTP_BUFFER_LEN(&new_prefix)); - php_http_buffer_append(str, val_sep_str, val_sep_len); - - if (Z_STRLEN_P(val) && Z_STRVAL_P(val)) { - char *encoded_val; - int encoded_len; - - encoded_val = php_url_encode(Z_STRVAL_P(val), Z_STRLEN_P(val), &encoded_len); - php_http_buffer_append(str, encoded_val, encoded_len); - efree(encoded_val); - } - - zval_ptr_dtor(&val); - } - php_http_buffer_dtor(&new_prefix); - } + return SUCCESS; } @@ -466,8 +390,14 @@ PHP_HTTP_BEGIN_ARGS(mod, 1) PHP_HTTP_ARG_VAL(flags, 0) PHP_HTTP_END_ARGS; -zend_class_entry *php_http_url_class_entry; -zend_function_entry php_http_url_method_entry[] = { +static zend_class_entry *php_http_url_class_entry; + +zend_class_entry *php_http_url_get_class_entry(void) +{ + return php_http_url_class_entry; +} + +static zend_function_entry php_http_url_method_entry[] = { PHP_HTTP_URL_ME(__construct, ZEND_ACC_PUBLIC|ZEND_ACC_CTOR) PHP_HTTP_URL_ME(mod, ZEND_ACC_PUBLIC) PHP_HTTP_URL_ME(toString, ZEND_ACC_PUBLIC) @@ -478,12 +408,12 @@ zend_function_entry php_http_url_method_entry[] = { PHP_METHOD(HttpUrl, __construct) { - with_error_handling(EH_THROW, php_http_exception_class_entry) { + with_error_handling(EH_THROW, php_http_exception_get_class_entry()) { zval *new_url = NULL, *old_url = NULL; long flags = PHP_HTTP_URL_FROM_ENV; if (SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|z!z!l", &old_url, &new_url, &flags)) { - with_error_handling(EH_THROW, php_http_exception_class_entry) { + with_error_handling(EH_THROW, php_http_exception_get_class_entry()) { php_url *res_purl, *new_purl = NULL, *old_purl = NULL; if (new_url) { @@ -495,7 +425,7 @@ PHP_METHOD(HttpUrl, __construct) default: { zval *cpy = php_http_ztyp(IS_STRING, new_url); - new_purl = php_url_parse(Z_STRVAL_P(new_url)); + new_purl = php_url_parse(Z_STRVAL_P(cpy)); zval_ptr_dtor(&cpy); break; } @@ -513,7 +443,7 @@ PHP_METHOD(HttpUrl, __construct) default: { zval *cpy = php_http_ztyp(IS_STRING, old_url); - old_purl = php_url_parse(Z_STRVAL_P(old_url)); + old_purl = php_url_parse(Z_STRVAL_P(cpy)); zval_ptr_dtor(&cpy); break; } @@ -613,7 +543,7 @@ PHP_METHOD(HttpUrl, toArray) PHP_MINIT_FUNCTION(http_url) { - PHP_HTTP_REGISTER_CLASS(http, Url, http_url, php_http_object_class_entry, 0); + PHP_HTTP_REGISTER_CLASS(http, Url, http_url, php_http_object_get_class_entry(), 0); zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("scheme"), ZEND_ACC_PUBLIC TSRMLS_CC); zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("user"), ZEND_ACC_PUBLIC TSRMLS_CC); @@ -636,6 +566,7 @@ PHP_MINIT_FUNCTION(http_url) zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_FRAGMENT"), PHP_HTTP_URL_STRIP_FRAGMENT TSRMLS_CC); zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_ALL"), PHP_HTTP_URL_STRIP_ALL TSRMLS_CC); zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("FROM_ENV"), PHP_HTTP_URL_FROM_ENV TSRMLS_CC); + zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("SANITIZE_PATH"), PHP_HTTP_URL_SANITIZE_PATH TSRMLS_CC); return SUCCESS; }