get rid of MS's _popen/_pclose

Fix possible crash if content-type is not set.

These functions are not necessary - that's what sapi_register_post_entry()
and sapi_unregister_post_entry() are for...

Also, please maintain K&R code layout, it's very messy to have diff

These functions are not necessary - that's what sapi_register_post_entry()
and sapi_unregister_post_entry() are for...

Also, please maintain K&R code layout, it's very messy to have different
styles intermixed in the same codebase, and especially in the same files!

show more ...

- Fix copyright notices with 2001

Many patches. I hope I remember them all:

- Make sapi_module available to external modules (PHPAPI)
- Make the php.ini path reported in phpinfo() always point to
real full path of

Many patches. I hope I remember them all:

- Make sapi_module available to external modules (PHPAPI)
- Make the php.ini path reported in phpinfo() always point to
real full path of the php.ini file
- Optimized the ISAPI module not to read unnecessary server
variables and read necessary variables at most once.

show more ...

Added the capability to specify a different HTTP Redirection response code
before the Location Header.

Ex. header("HTTP/1.1 307 Temporary Redirect");
header("Location: URL");

- Import Jade Nicoletti's transparent gzip encoding support as an output
handler. Works quite nicely!
- Fix buglets in output buffering
- Add output_handler INI directive

Add sapi_add_header_ex, which lets you specify whether you want
to add or replace a header.

Changing datatype to remove compiler warning

post handler registration done right
(never use emalloc in an extension MINIT function)

@ - POST handler for Adobe FDF format (Hartmut)
the FDF handler is now working and totaly living
in the fdf extension, no more special code in
main is needed

More security-related (control) patches:
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit. Defaults to 8MB.
- Impleme

More security-related (control) patches:
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit. Defaults to 8MB.
- Implemented file_uploads on/off directive (defaults to on).

show more ...

Security related updates:
- Introduce php_open_temporary_file(), in place of tempnam(). Still
needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the

Security related updates:
- Introduce php_open_temporary_file(), in place of tempnam(). Still
needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the mechanism for unlinking uploaded files at the end of the request
(was it ever tested?). Files moved with move_uploaded_file() will not be unlink()'d
again, to avoid (albeit very unlikely) race conditions.

show more ...

Implement move_uploaded_file() (untested)

- Implemented is_upload_file()

Restore the headers_only test to the centralized SAPI startup. If necessary, it can
be overriden in the activate() callback.

- This shouldn't have been commited.
There are quite a few modules which are using VIRTUAL_DIR. I don't think
this should be happening.

- Found my bug and managed to move the V_* macros to TSRM

Fix strlcpy use at this place.

newtype has a length of newlen+1, 'len' refers to the length of *mimetype
here.

Use size_t as parameter type in the getenv member of struct sapi_module

Avoid an endless loop situation in case of an error situation while sending headers

Leave this initialization in

Heads up! I have moved the headers_only and response_code checks out of
SAPI and down into the individual SAPI modules. I have made the
appropriate changes in all the SAPI modules, but plea

Heads up! I have moved the headers_only and response_code checks out of
SAPI and down into the individual SAPI modules. I have made the
appropriate changes in all the SAPI modules, but please verify these.
The reason for this change is that Apache sometimes will feed PHP
a request_method of GET but have r->header_only set to true. This happens
in an ErrorDocument redirect. In this same scenario we want to preserve
the status code as well instead of just overwriting it with a 200 and
losing this information. For now the other sapi modules act exactly as
before since they probably do not make this distinction, and they may
not even have a valid response code this early in the request.
@ Fix HEAD request bug on an Apache ErrorDocument redirect and preserve
@ the status code across the redirect as well. (Rasmus)

show more ...

Disable the hash_apply() protection on hashes that persist across requests - it's unsafe
because we may be aborted at any point
@- Fixed a possible data corruption in case of a huge amount of

Disable the hash_apply() protection on hashes that persist across requests - it's unsafe
because we may be aborted at any point
@- Fixed a possible data corruption in case of a huge amount of aborted requests (Zeev)

show more ...