X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=php_http_url.c;h=aeee9e81bc3ef9c0d61fb15f76433c039d0b8977;hp=40ed57ec8c9fb43fe92ac6fb5c3fd7c578f0a49f;hb=8191c55421fb6ecc86185608a8b0510da1525e1e;hpb=1421b2b78469a66ebe3cd2958a608de9a036bca9

diff --git a/php_http_url.c b/php_http_url.c
index 40ed57e..aeee9e8 100644
--- a/php_http_url.c
+++ b/php_http_url.c
@@ -92,7 +92,9 @@ static php_url *php_http_url_from_env(php_url *url TSRMLS_DC)
 	if ((((zhost = php_http_env_get_server_var(ZEND_STRL("HTTP_HOST"), 1 TSRMLS_CC)) ||
 			(zhost = php_http_env_get_server_var(ZEND_STRL("SERVER_NAME"), 1 TSRMLS_CC)) ||
 			(zhost = php_http_env_get_server_var(ZEND_STRL("SERVER_ADDR"), 1 TSRMLS_CC)))) && Z_STRLEN_P(zhost)) {
-		url->host = estrndup(Z_STRVAL_P(zhost), Z_STRLEN_P(zhost));
+		size_t stop_at = strspn(Z_STRVAL_P(zhost), "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-.");
+
+		url->host = estrndup(Z_STRVAL_P(zhost), stop_at);
 	} else {
 		url->host = localhostname();
 	}
@@ -222,7 +224,8 @@ PHP_HTTP_API void php_http_url(int flags, const php_url *old_url, const php_url
 		STR_SET(url->path, path);
 	}
 	/* replace directory references if path is not a single slash */
-	if (url->path[0] && (url->path[0] != '/' || url->path[1])) {
+	if ((flags & PHP_HTTP_URL_SANITIZE_PATH)
+	&&	url->path[0] && (url->path[0] != '/' || url->path[1])) {
 		char *ptr, *end = url->path + strlen(url->path) + 1;
 			
 		for (ptr = strchr(url->path, '/'); ptr; ptr = strchr(ptr, '/')) {
@@ -284,51 +287,7 @@ PHP_HTTP_API void php_http_url(int flags, const php_url *old_url, const php_url
 	}
 	
 	if (url_str) {
-		size_t len;
-		
-		*url_str = emalloc(PHP_HTTP_URL_MAXLEN + 1);
-		
-		**url_str = '\0';
-		strlcat(*url_str, url->scheme, PHP_HTTP_URL_MAXLEN);
-		strlcat(*url_str, "://", PHP_HTTP_URL_MAXLEN);
-		
-		if (url->user && *url->user) {
-			strlcat(*url_str, url->user, PHP_HTTP_URL_MAXLEN);
-			if (url->pass && *url->pass) {
-				strlcat(*url_str, ":", PHP_HTTP_URL_MAXLEN);
-				strlcat(*url_str, url->pass, PHP_HTTP_URL_MAXLEN);
-			}
-			strlcat(*url_str, "@", PHP_HTTP_URL_MAXLEN);
-		}
-		
-		strlcat(*url_str, url->host, PHP_HTTP_URL_MAXLEN);
-		
-		if (url->port) {
-			char port_str[8];
-			
-			snprintf(port_str, sizeof(port_str), "%d", (int) url->port);
-			strlcat(*url_str, ":", PHP_HTTP_URL_MAXLEN);
-			strlcat(*url_str, port_str, PHP_HTTP_URL_MAXLEN);
-		}
-		
-		strlcat(*url_str, url->path, PHP_HTTP_URL_MAXLEN);
-		
-		if (url->query && *url->query) {
-			strlcat(*url_str, "?", PHP_HTTP_URL_MAXLEN);
-			strlcat(*url_str, url->query, PHP_HTTP_URL_MAXLEN);
-		}
-		
-		if (url->fragment && *url->fragment) {
-			strlcat(*url_str, "#", PHP_HTTP_URL_MAXLEN);
-			strlcat(*url_str, url->fragment, PHP_HTTP_URL_MAXLEN);
-		}
-		
-		if (PHP_HTTP_URL_MAXLEN == (len = strlen(*url_str))) {
-			php_http_error(HE_NOTICE, PHP_HTTP_E_URL, "Length of URL exceeds PHP_HTTP_URL_MAXLEN");
-		}
-		if (url_len) {
-			*url_len = len;
-		}
+		php_http_url_to_string(url, url_str, url_len TSRMLS_CC);
 	}
 	
 	if (url_ptr) {
@@ -346,11 +305,7 @@ PHP_HTTP_API STATUS php_http_url_encode_hash(HashTable *hash, const char *pre_en
 
 	php_http_url_argsep(&arg_sep_str, &arg_sep_len TSRMLS_CC);
 
-	if (pre_encoded_len && pre_encoded_str) {
-		php_http_buffer_append(qstr, pre_encoded_str, pre_encoded_len);
-	}
-
-	if (SUCCESS != php_http_url_encode_hash_ex(hash, qstr, arg_sep_str, arg_sep_len, ZEND_STRL("="), NULL, 0 TSRMLS_CC)) {
+	if (SUCCESS != php_http_url_encode_hash_ex(hash, qstr, arg_sep_str, arg_sep_len, "=", 1, pre_encoded_str, pre_encoded_len TSRMLS_CC)) {
 		php_http_buffer_free(&qstr);
 		return FAILURE;
 	}
@@ -361,91 +316,16 @@ PHP_HTTP_API STATUS php_http_url_encode_hash(HashTable *hash, const char *pre_en
 	return SUCCESS;
 }
 
-PHP_HTTP_API STATUS php_http_url_encode_hash_ex(HashTable *ht, php_http_buffer_t *str, const char *arg_sep_str, size_t arg_sep_len, const char *val_sep_str, size_t val_sep_len, const char *prefix_str, size_t prefix_len TSRMLS_DC)
+PHP_HTTP_API STATUS php_http_url_encode_hash_ex(HashTable *hash, php_http_buffer_t *qstr, const char *arg_sep_str, size_t arg_sep_len, const char *val_sep_str, size_t val_sep_len, const char *pre_encoded_str, size_t pre_encoded_len TSRMLS_DC)
 {
-	php_http_array_hashkey_t key = php_http_array_hashkey_init(0);
-	zval **data = NULL;
-	HashPosition pos;
+	if (pre_encoded_len && pre_encoded_str) {
+		php_http_buffer_append(qstr, pre_encoded_str, pre_encoded_len);
+	}
 
-	if (!ht || !str) {
-		php_http_error(HE_WARNING, PHP_HTTP_E_INVALID_PARAM, "Invalid parameters");
+	if (!php_http_params_to_string(qstr, hash, arg_sep_str, arg_sep_len, "", 0, val_sep_str, val_sep_len, PHP_HTTP_PARAMS_QUERY TSRMLS_CC)) {
 		return FAILURE;
 	}
-	if (ht->nApplyCount > 0) {
-		return SUCCESS;
-	}
-	
-	FOREACH_HASH_KEYVAL(pos, ht, key, data) {
-		char *encoded_key;
-		int encoded_len;
-		php_http_buffer_t new_prefix;
-		
-		if (!data || !*data) {
-			php_http_buffer_dtor(str);
-			return FAILURE;
-		}
-		
-		if (key.type == HASH_KEY_IS_STRING) {
-			if (!*key.str) {
-				/* only public properties */
-				continue;
-			}
-			if (key.len && key.str[key.len - 1] == '\0') {
-				--key.len;
-			}
-			encoded_key = php_url_encode(key.str, key.len, &encoded_len);
-		} else {
-			encoded_len = spprintf(&encoded_key, 0, "%ld", key.num);
-		}
-		
-		{
-			php_http_buffer_init(&new_prefix);
-			if (prefix_str && prefix_len) {
-				php_http_buffer_append(&new_prefix, prefix_str, prefix_len);
-				php_http_buffer_appends(&new_prefix, "%5B");
-			}
-			
-			php_http_buffer_append(&new_prefix, encoded_key, encoded_len);
-			efree(encoded_key);
-			
-			if (prefix_str && prefix_len) {
-				php_http_buffer_appends(&new_prefix, "%5D");
-			}
-			php_http_buffer_fix(&new_prefix);
-		}
-		
-		if (Z_TYPE_PP(data) == IS_ARRAY || Z_TYPE_PP(data) == IS_OBJECT) {
-			STATUS status;
-			++ht->nApplyCount;
-			status = php_http_url_encode_hash_ex(HASH_OF(*data), str, arg_sep_str, arg_sep_len, val_sep_str, val_sep_len, PHP_HTTP_BUFFER_VAL(&new_prefix), PHP_HTTP_BUFFER_LEN(&new_prefix) TSRMLS_CC);
-			--ht->nApplyCount;
-			if (SUCCESS != status) {
-				php_http_buffer_dtor(&new_prefix);
-				php_http_buffer_dtor(str);
-				return FAILURE;
-			}
-		} else {
-			zval *val = php_http_ztyp(IS_STRING, *data);
-			
-			if (PHP_HTTP_BUFFER_LEN(str)) {
-				php_http_buffer_append(str, arg_sep_str, arg_sep_len);
-			}
-			php_http_buffer_append(str, PHP_HTTP_BUFFER_VAL(&new_prefix), PHP_HTTP_BUFFER_LEN(&new_prefix));
-			php_http_buffer_append(str, val_sep_str, val_sep_len);
-			
-			if (Z_STRLEN_P(val) && Z_STRVAL_P(val)) {
-				char *encoded_val;
-				int encoded_len;
-				
-				encoded_val = php_url_encode(Z_STRVAL_P(val), Z_STRLEN_P(val), &encoded_len);
-				php_http_buffer_append(str, encoded_val, encoded_len);
-				efree(encoded_val);
-			}
-			
-			zval_ptr_dtor(&val);
-		}
-		php_http_buffer_dtor(&new_prefix);
-	}
+
 	return SUCCESS;
 }
 
@@ -466,8 +346,14 @@ PHP_HTTP_BEGIN_ARGS(mod, 1)
 	PHP_HTTP_ARG_VAL(flags, 0)
 PHP_HTTP_END_ARGS;
 
-zend_class_entry *php_http_url_class_entry;
-zend_function_entry php_http_url_method_entry[] = {
+static zend_class_entry *php_http_url_class_entry;
+
+zend_class_entry *php_http_url_get_class_entry(void)
+{
+	return php_http_url_class_entry;
+}
+
+static zend_function_entry php_http_url_method_entry[] = {
 	PHP_HTTP_URL_ME(__construct, ZEND_ACC_PUBLIC|ZEND_ACC_CTOR)
 	PHP_HTTP_URL_ME(mod, ZEND_ACC_PUBLIC)
 	PHP_HTTP_URL_ME(toString, ZEND_ACC_PUBLIC)
@@ -478,12 +364,12 @@ zend_function_entry php_http_url_method_entry[] = {
 
 PHP_METHOD(HttpUrl, __construct)
 {
-	with_error_handling(EH_THROW, php_http_exception_class_entry) {
+	with_error_handling(EH_THROW, php_http_exception_get_class_entry()) {
 		zval *new_url = NULL, *old_url = NULL;
 		long flags = PHP_HTTP_URL_FROM_ENV;
 
 		if (SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|z!z!l", &old_url, &new_url, &flags)) {
-			with_error_handling(EH_THROW, php_http_exception_class_entry) {
+			with_error_handling(EH_THROW, php_http_exception_get_class_entry()) {
 				php_url *res_purl, *new_purl = NULL, *old_purl = NULL;
 
 				if (new_url) {
@@ -613,7 +499,7 @@ PHP_METHOD(HttpUrl, toArray)
 
 PHP_MINIT_FUNCTION(http_url)
 {
-	PHP_HTTP_REGISTER_CLASS(http, Url, http_url, php_http_object_class_entry, 0);
+	PHP_HTTP_REGISTER_CLASS(http, Url, http_url, php_http_object_get_class_entry(), 0);
 
 	zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("scheme"), ZEND_ACC_PUBLIC TSRMLS_CC);
 	zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("user"), ZEND_ACC_PUBLIC TSRMLS_CC);
@@ -636,6 +522,7 @@ PHP_MINIT_FUNCTION(http_url)
 	zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_FRAGMENT"), PHP_HTTP_URL_STRIP_FRAGMENT TSRMLS_CC);
 	zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_ALL"), PHP_HTTP_URL_STRIP_ALL TSRMLS_CC);
 	zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("FROM_ENV"), PHP_HTTP_URL_FROM_ENV TSRMLS_CC);
+	zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("SANITIZE_PATH"), PHP_HTTP_URL_SANITIZE_PATH TSRMLS_CC);
 
 	return SUCCESS;
 }