post handler registration done right
(never use emalloc in an extension MINIT function)

@ - POST handler for Adobe FDF format (Hartmut)
the FDF handler is now working and totaly living
in the fdf extension, no more special code in
main is needed

More security-related (control) patches:
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit. Defaults to 8MB.
- Impleme

More security-related (control) patches:
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit. Defaults to 8MB.
- Implemented file_uploads on/off directive (defaults to on).

show more ...

Security related updates:
- Introduce php_open_temporary_file(), in place of tempnam(). Still
needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the

Security related updates:
- Introduce php_open_temporary_file(), in place of tempnam(). Still
needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the mechanism for unlinking uploaded files at the end of the request
(was it ever tested?). Files moved with move_uploaded_file() will not be unlink()'d
again, to avoid (albeit very unlikely) race conditions.

show more ...

Implement move_uploaded_file() (untested)

- Implemented is_upload_file()

Restore the headers_only test to the centralized SAPI startup. If necessary, it can
be overriden in the activate() callback.

- This shouldn't have been commited.
There are quite a few modules which are using VIRTUAL_DIR. I don't think
this should be happening.

- Found my bug and managed to move the V_* macros to TSRM

Fix strlcpy use at this place.

newtype has a length of newlen+1, 'len' refers to the length of *mimetype
here.

Use size_t as parameter type in the getenv member of struct sapi_module

Avoid an endless loop situation in case of an error situation while sending headers

Leave this initialization in

Heads up! I have moved the headers_only and response_code checks out of
SAPI and down into the individual SAPI modules. I have made the
appropriate changes in all the SAPI modules, but plea

Heads up! I have moved the headers_only and response_code checks out of
SAPI and down into the individual SAPI modules. I have made the
appropriate changes in all the SAPI modules, but please verify these.
The reason for this change is that Apache sometimes will feed PHP
a request_method of GET but have r->header_only set to true. This happens
in an ErrorDocument redirect. In this same scenario we want to preserve
the status code as well instead of just overwriting it with a 200 and
losing this information. For now the other sapi modules act exactly as
before since they probably do not make this distinction, and they may
not even have a valid response code this early in the request.
@ Fix HEAD request bug on an Apache ErrorDocument redirect and preserve
@ the status code across the redirect as well. (Rasmus)

show more ...

Disable the hash_apply() protection on hashes that persist across requests - it's unsafe
because we may be aborted at any point
@- Fixed a possible data corruption in case of a huge amount of

Disable the hash_apply() protection on hashes that persist across requests - it's unsafe
because we may be aborted at any point
@- Fixed a possible data corruption in case of a huge amount of aborted requests (Zeev)

show more ...

- fixed handling of fdf data (application/vnd.fdf)

This is documented to not be case sensitive and it is not case sensitive
in PHP 3, so let's not make it case sensitive.
@Make the special Header("http/...") response be case insensitive like

This is documented to not be case sensitive and it is not case sensitive
in PHP 3, so let's not make it case sensitive.
@Make the special Header("http/...") response be case insensitive like 3.0 (Rasmus)

show more ...

- COMPILE_ERROR should only be used in Zend

Update the license with the new clause 6

no more broken scripts by erroneously terminating header()'s argument
with a CR-LF

- Fix an invalid trick (it was valid when header() was using
zend_get_parameters(), but it became invalid when someone switched it
to zend_get_parameters_ex(), and I decided to remove it

- Fix an invalid trick (it was valid when header() was using
zend_get_parameters(), but it became invalid when someone switched it
to zend_get_parameters_ex(), and I decided to remove it anyway).
- Remove a redundant function call

show more ...

- Add missing V_STAT()

- Create dtor function

- Virtual cwd compiles now (need to uncomment #define in php.h for it to
be enbaled right now).
It seems to work very basic stuff