Protect arrays as well.

Prevent exploit in [tmp_name] as well

Fix the logic. Tested.

3rd time's a charm

Fix the fix

Fix the file upload security problem with no side effects (untested)

Quick-fix for the file upload security alert
@Quick-fix for the file upload security alert (Rasmus)

Support content-encoding headers in file upload mime parts
@- Support content-encoding headers in file upload MIME parts
@ (Ragnar Kjørstad)

Fix file upload types array handling (#5836)

@ Add support for both indexed and non-indexed arrays of file uploads
@ eg. name="file[]" type="file" (Rasmus)
Add support for both indexed and non-indexed arrays of file uploads
eg. name

@ Add support for both indexed and non-indexed arrays of file uploads
@ eg. name="file[]" type="file" (Rasmus)
Add support for both indexed and non-indexed arrays of file uploads
eg. name="file[]" type="file" (Rasmus)

show more ...

Update the license with the new clause 6

- Change PHP_ to V_ (directory & file functions)

*** empty log message ***

@- Add $HTTP_POST_FILES[filename][tmp_name] - it was previously impossible to
@ retrieve the temporary name of an uploaded file using $HTTP_POST_FILES[] (Zeev)
- Changed IMAP Win32 definitio

@- Add $HTTP_POST_FILES[filename][tmp_name] - it was previously impossible to
@ retrieve the temporary name of an uploaded file using $HTTP_POST_FILES[] (Zeev)
- Changed IMAP Win32 definitions

show more ...

- Baby steps... Use PHP_FOPEN()

- Protect $HTTP_POST_FILES[] as well

Get the license right... (this won't make it to RC1 of B4)

Worked on beautifying rfc1867.c a bit
@- Introduced $HTTP_POST_FILES[], that contains information about files uploaded
@ through HTTP upload (Zeev)

Make POST handling the way it should be. RFC1867, and any future POST handlers we might
have in the future now obey to the variables_order directive, and there's a real way modular
way to ha

Make POST handling the way it should be. RFC1867, and any future POST handlers we might
have in the future now obey to the variables_order directive, and there's a real way modular
way to handle POST content.
This is all untested, BEFORE_SAPI_POST_PATCH_17_FEB_2000 tagged before submission
@- Made multipart/form-data content obey to the variables_order directive (Zeev)

show more ...

@- Fixed RFC1867 file upload under Windows (Zeev)
Fixed a memory leak

@- Workaround for bogus POST-Data from IE/Mac. (Thies)
@ Patch by Alain Malek <alain@virtua.ch>
fix #2944

- Change the argument order of php_register_variable() to something more
intuitive.
- Make the authentication variables be a part of the HTTP_SERVER_VARS[] array

Tried to centralize global variable registration as much as possible:

- Added $HTTP_ENV_VARS[] and $HTTP_SERVER_VARS[] support, which similarly
to $HTTP_GET_VARS[], contain environment

Tried to centralize global variable registration as much as possible:

- Added $HTTP_ENV_VARS[] and $HTTP_SERVER_VARS[] support, which similarly
to $HTTP_GET_VARS[], contain environment and server variables. Setting
register_globals to Off will now also prevent registration of the
environment and server variables into the global scope (Zeev)
- Renamed gpc_globals to register_globals (Zeev)
- Introduced variables_order that deprecates gpc_order, and allows control
over the server and environment variables, in addition to GET/POST/Cookies
(Zeev)

show more ...

Use a more general and descriptive name

post.c really had nothing to do with POST anymore, and it belongs to the top level directory