1 /*
2 +----------------------------------------------------------------------+
3 | PHP Version 7 |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 1997-2018 The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Rasmus Lerdorf <rasmus@php.net> |
16 | Derick Rethans <derick@php.net> |
17 | Pierre-A. Joye <pierre@php.net> |
18 | Ilia Alshanetsky <iliaa@php.net> |
19 +----------------------------------------------------------------------+
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include "config.h"
24 #endif
25
26 #include "php_filter.h"
27
28 ZEND_DECLARE_MODULE_GLOBALS(filter)
29
30 #include "filter_private.h"
31
32 typedef struct filter_list_entry {
33 const char *name;
34 int id;
35 void (*function)(PHP_INPUT_FILTER_PARAM_DECL);
36 } filter_list_entry;
37
38 /* {{{ filter_list */
39 static const filter_list_entry filter_list[] = {
40 { "int", FILTER_VALIDATE_INT, php_filter_int },
41 { "boolean", FILTER_VALIDATE_BOOLEAN, php_filter_boolean },
42 { "float", FILTER_VALIDATE_FLOAT, php_filter_float },
43
44 { "validate_regexp", FILTER_VALIDATE_REGEXP, php_filter_validate_regexp },
45 { "validate_domain", FILTER_VALIDATE_DOMAIN, php_filter_validate_domain },
46 { "validate_url", FILTER_VALIDATE_URL, php_filter_validate_url },
47 { "validate_email", FILTER_VALIDATE_EMAIL, php_filter_validate_email },
48 { "validate_ip", FILTER_VALIDATE_IP, php_filter_validate_ip },
49 { "validate_mac", FILTER_VALIDATE_MAC, php_filter_validate_mac },
50
51 { "string", FILTER_SANITIZE_STRING, php_filter_string },
52 { "stripped", FILTER_SANITIZE_STRING, php_filter_string },
53 { "encoded", FILTER_SANITIZE_ENCODED, php_filter_encoded },
54 { "special_chars", FILTER_SANITIZE_SPECIAL_CHARS, php_filter_special_chars },
55 { "full_special_chars", FILTER_SANITIZE_FULL_SPECIAL_CHARS, php_filter_full_special_chars },
56 { "unsafe_raw", FILTER_UNSAFE_RAW, php_filter_unsafe_raw },
57 { "email", FILTER_SANITIZE_EMAIL, php_filter_email },
58 { "url", FILTER_SANITIZE_URL, php_filter_url },
59 { "number_int", FILTER_SANITIZE_NUMBER_INT, php_filter_number_int },
60 { "number_float", FILTER_SANITIZE_NUMBER_FLOAT, php_filter_number_float },
61 { "magic_quotes", FILTER_SANITIZE_MAGIC_QUOTES, php_filter_add_slashes },
62 { "add_slashes", FILTER_SANITIZE_ADD_SLASHES, php_filter_add_slashes },
63
64 { "callback", FILTER_CALLBACK, php_filter_callback },
65 };
66 /* }}} */
67
68 #ifndef PARSE_ENV
69 #define PARSE_ENV 4
70 #endif
71
72 #ifndef PARSE_SERVER
73 #define PARSE_SERVER 5
74 #endif
75
76 #ifndef PARSE_SESSION
77 #define PARSE_SESSION 6
78 #endif
79
80 static unsigned int php_sapi_filter(int arg, char *var, char **val, size_t val_len, size_t *new_val_len);
81 static unsigned int php_sapi_filter_init(void);
82
83 /* {{{ arginfo */
84 ZEND_BEGIN_ARG_INFO_EX(arginfo_filter_input, 0, 0, 2)
85 ZEND_ARG_INFO(0, type)
86 ZEND_ARG_INFO(0, variable_name)
87 ZEND_ARG_INFO(0, filter)
88 ZEND_ARG_INFO(0, options)
89 ZEND_END_ARG_INFO()
90
91 ZEND_BEGIN_ARG_INFO_EX(arginfo_filter_var, 0, 0, 1)
92 ZEND_ARG_INFO(0, variable)
93 ZEND_ARG_INFO(0, filter)
94 ZEND_ARG_INFO(0, options)
95 ZEND_END_ARG_INFO()
96
97 ZEND_BEGIN_ARG_INFO_EX(arginfo_filter_input_array, 0, 0, 1)
98 ZEND_ARG_INFO(0, type)
99 ZEND_ARG_INFO(0, definition)
100 ZEND_ARG_INFO(0, add_empty)
101 ZEND_END_ARG_INFO()
102
103 ZEND_BEGIN_ARG_INFO_EX(arginfo_filter_var_array, 0, 0, 1)
104 ZEND_ARG_INFO(0, data)
105 ZEND_ARG_INFO(0, definition)
106 ZEND_ARG_INFO(0, add_empty)
107 ZEND_END_ARG_INFO()
108
109 ZEND_BEGIN_ARG_INFO(arginfo_filter_list, 0)
110 ZEND_END_ARG_INFO()
111
112 ZEND_BEGIN_ARG_INFO_EX(arginfo_filter_has_var, 0, 0, 2)
113 ZEND_ARG_INFO(0, type)
114 ZEND_ARG_INFO(0, variable_name)
115 ZEND_END_ARG_INFO()
116
117 ZEND_BEGIN_ARG_INFO_EX(arginfo_filter_id, 0, 0, 1)
118 ZEND_ARG_INFO(0, filtername)
119 ZEND_END_ARG_INFO()
120 /* }}} */
121
122 /* {{{ filter_functions[]
123 */
124 static const zend_function_entry filter_functions[] = {
125 PHP_FE(filter_input, arginfo_filter_input)
126 PHP_FE(filter_var, arginfo_filter_var)
127 PHP_FE(filter_input_array, arginfo_filter_input_array)
128 PHP_FE(filter_var_array, arginfo_filter_var_array)
129 PHP_FE(filter_list, arginfo_filter_list)
130 PHP_FE(filter_has_var, arginfo_filter_has_var)
131 PHP_FE(filter_id, arginfo_filter_id)
132 PHP_FE_END
133 };
134 /* }}} */
135
136 /* {{{ filter_module_entry
137 */
138 zend_module_entry filter_module_entry = {
139 STANDARD_MODULE_HEADER,
140 "filter",
141 filter_functions,
142 PHP_MINIT(filter),
143 PHP_MSHUTDOWN(filter),
144 NULL,
145 PHP_RSHUTDOWN(filter),
146 PHP_MINFO(filter),
147 PHP_FILTER_VERSION,
148 STANDARD_MODULE_PROPERTIES
149 };
150 /* }}} */
151
152 #ifdef COMPILE_DL_FILTER
153 #ifdef ZTS
154 ZEND_TSRMLS_CACHE_DEFINE()
155 #endif
ZEND_GET_MODULE(filter)156 ZEND_GET_MODULE(filter)
157 #endif
158
159 static PHP_INI_MH(UpdateDefaultFilter) /* {{{ */
160 {
161 int i, size = sizeof(filter_list) / sizeof(filter_list_entry);
162
163 for (i = 0; i < size; ++i) {
164 if ((strcasecmp(ZSTR_VAL(new_value), filter_list[i].name) == 0)) {
165 IF_G(default_filter) = filter_list[i].id;
166 return SUCCESS;
167 }
168 }
169 /* Fallback to the default filter */
170 IF_G(default_filter) = FILTER_DEFAULT;
171 return SUCCESS;
172 }
173 /* }}} */
174
175 /* {{{ PHP_INI
176 */
PHP_INI_MH(OnUpdateFlags)177 static PHP_INI_MH(OnUpdateFlags)
178 {
179 if (!new_value) {
180 IF_G(default_filter_flags) = FILTER_FLAG_NO_ENCODE_QUOTES;
181 } else {
182 IF_G(default_filter_flags) = atoi(ZSTR_VAL(new_value));
183 }
184 return SUCCESS;
185 }
186
187 PHP_INI_BEGIN()
188 STD_PHP_INI_ENTRY("filter.default", "unsafe_raw", PHP_INI_SYSTEM|PHP_INI_PERDIR, UpdateDefaultFilter, default_filter, zend_filter_globals, filter_globals)
189 PHP_INI_ENTRY("filter.default_flags", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateFlags)
PHP_INI_END()190 PHP_INI_END()
191 /* }}} */
192
193 static void php_filter_init_globals(zend_filter_globals *filter_globals) /* {{{ */
194 {
195 #if defined(COMPILE_DL_FILTER) && defined(ZTS)
196 ZEND_TSRMLS_CACHE_UPDATE();
197 #endif
198 ZVAL_UNDEF(&filter_globals->post_array);
199 ZVAL_UNDEF(&filter_globals->get_array);
200 ZVAL_UNDEF(&filter_globals->cookie_array);
201 ZVAL_UNDEF(&filter_globals->env_array);
202 ZVAL_UNDEF(&filter_globals->server_array);
203 #if 0
204 ZVAL_UNDEF(&filter_globals->session_array);
205 #endif
206 filter_globals->default_filter = FILTER_DEFAULT;
207 }
208 /* }}} */
209
210 #define PARSE_REQUEST 99
211
212 /* {{{ PHP_MINIT_FUNCTION
213 */
PHP_MINIT_FUNCTION(filter)214 PHP_MINIT_FUNCTION(filter)
215 {
216 ZEND_INIT_MODULE_GLOBALS(filter, php_filter_init_globals, NULL);
217
218 REGISTER_INI_ENTRIES();
219
220 REGISTER_LONG_CONSTANT("INPUT_POST", PARSE_POST, CONST_CS | CONST_PERSISTENT);
221 REGISTER_LONG_CONSTANT("INPUT_GET", PARSE_GET, CONST_CS | CONST_PERSISTENT);
222 REGISTER_LONG_CONSTANT("INPUT_COOKIE", PARSE_COOKIE, CONST_CS | CONST_PERSISTENT);
223 REGISTER_LONG_CONSTANT("INPUT_ENV", PARSE_ENV, CONST_CS | CONST_PERSISTENT);
224 REGISTER_LONG_CONSTANT("INPUT_SERVER", PARSE_SERVER, CONST_CS | CONST_PERSISTENT);
225 REGISTER_LONG_CONSTANT("INPUT_SESSION", PARSE_SESSION, CONST_CS | CONST_PERSISTENT);
226 REGISTER_LONG_CONSTANT("INPUT_REQUEST", PARSE_REQUEST, CONST_CS | CONST_PERSISTENT);
227
228 REGISTER_LONG_CONSTANT("FILTER_FLAG_NONE", FILTER_FLAG_NONE, CONST_CS | CONST_PERSISTENT);
229
230 REGISTER_LONG_CONSTANT("FILTER_REQUIRE_SCALAR", FILTER_REQUIRE_SCALAR, CONST_CS | CONST_PERSISTENT);
231 REGISTER_LONG_CONSTANT("FILTER_REQUIRE_ARRAY", FILTER_REQUIRE_ARRAY, CONST_CS | CONST_PERSISTENT);
232 REGISTER_LONG_CONSTANT("FILTER_FORCE_ARRAY", FILTER_FORCE_ARRAY, CONST_CS | CONST_PERSISTENT);
233 REGISTER_LONG_CONSTANT("FILTER_NULL_ON_FAILURE", FILTER_NULL_ON_FAILURE, CONST_CS | CONST_PERSISTENT);
234
235 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_INT", FILTER_VALIDATE_INT, CONST_CS | CONST_PERSISTENT);
236 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_BOOLEAN", FILTER_VALIDATE_BOOLEAN, CONST_CS | CONST_PERSISTENT);
237 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_FLOAT", FILTER_VALIDATE_FLOAT, CONST_CS | CONST_PERSISTENT);
238
239 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_REGEXP", FILTER_VALIDATE_REGEXP, CONST_CS | CONST_PERSISTENT);
240 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_DOMAIN", FILTER_VALIDATE_DOMAIN, CONST_CS | CONST_PERSISTENT);
241 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_URL", FILTER_VALIDATE_URL, CONST_CS | CONST_PERSISTENT);
242 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_EMAIL", FILTER_VALIDATE_EMAIL, CONST_CS | CONST_PERSISTENT);
243 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_IP", FILTER_VALIDATE_IP, CONST_CS | CONST_PERSISTENT);
244 REGISTER_LONG_CONSTANT("FILTER_VALIDATE_MAC", FILTER_VALIDATE_MAC, CONST_CS | CONST_PERSISTENT);
245
246 REGISTER_LONG_CONSTANT("FILTER_DEFAULT", FILTER_DEFAULT, CONST_CS | CONST_PERSISTENT);
247 REGISTER_LONG_CONSTANT("FILTER_UNSAFE_RAW", FILTER_UNSAFE_RAW, CONST_CS | CONST_PERSISTENT);
248
249 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_STRING", FILTER_SANITIZE_STRING, CONST_CS | CONST_PERSISTENT);
250 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_STRIPPED", FILTER_SANITIZE_STRING, CONST_CS | CONST_PERSISTENT);
251 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_ENCODED", FILTER_SANITIZE_ENCODED, CONST_CS | CONST_PERSISTENT);
252 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_SPECIAL_CHARS", FILTER_SANITIZE_SPECIAL_CHARS, CONST_CS | CONST_PERSISTENT);
253 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_FULL_SPECIAL_CHARS", FILTER_SANITIZE_FULL_SPECIAL_CHARS, CONST_CS | CONST_PERSISTENT);
254 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_EMAIL", FILTER_SANITIZE_EMAIL, CONST_CS | CONST_PERSISTENT);
255 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_URL", FILTER_SANITIZE_URL, CONST_CS | CONST_PERSISTENT);
256 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_NUMBER_INT", FILTER_SANITIZE_NUMBER_INT, CONST_CS | CONST_PERSISTENT);
257 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_NUMBER_FLOAT", FILTER_SANITIZE_NUMBER_FLOAT, CONST_CS | CONST_PERSISTENT);
258 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_MAGIC_QUOTES", FILTER_SANITIZE_MAGIC_QUOTES, CONST_CS | CONST_PERSISTENT);
259 REGISTER_LONG_CONSTANT("FILTER_SANITIZE_ADD_SLASHES", FILTER_SANITIZE_ADD_SLASHES, CONST_CS | CONST_PERSISTENT);
260
261 REGISTER_LONG_CONSTANT("FILTER_CALLBACK", FILTER_CALLBACK, CONST_CS | CONST_PERSISTENT);
262
263 REGISTER_LONG_CONSTANT("FILTER_FLAG_ALLOW_OCTAL", FILTER_FLAG_ALLOW_OCTAL, CONST_CS | CONST_PERSISTENT);
264 REGISTER_LONG_CONSTANT("FILTER_FLAG_ALLOW_HEX", FILTER_FLAG_ALLOW_HEX, CONST_CS | CONST_PERSISTENT);
265
266 REGISTER_LONG_CONSTANT("FILTER_FLAG_STRIP_LOW", FILTER_FLAG_STRIP_LOW, CONST_CS | CONST_PERSISTENT);
267 REGISTER_LONG_CONSTANT("FILTER_FLAG_STRIP_HIGH", FILTER_FLAG_STRIP_HIGH, CONST_CS | CONST_PERSISTENT);
268 REGISTER_LONG_CONSTANT("FILTER_FLAG_STRIP_BACKTICK", FILTER_FLAG_STRIP_BACKTICK, CONST_CS | CONST_PERSISTENT);
269 REGISTER_LONG_CONSTANT("FILTER_FLAG_ENCODE_LOW", FILTER_FLAG_ENCODE_LOW, CONST_CS | CONST_PERSISTENT);
270 REGISTER_LONG_CONSTANT("FILTER_FLAG_ENCODE_HIGH", FILTER_FLAG_ENCODE_HIGH, CONST_CS | CONST_PERSISTENT);
271 REGISTER_LONG_CONSTANT("FILTER_FLAG_ENCODE_AMP", FILTER_FLAG_ENCODE_AMP, CONST_CS | CONST_PERSISTENT);
272 REGISTER_LONG_CONSTANT("FILTER_FLAG_NO_ENCODE_QUOTES", FILTER_FLAG_NO_ENCODE_QUOTES, CONST_CS | CONST_PERSISTENT);
273 REGISTER_LONG_CONSTANT("FILTER_FLAG_EMPTY_STRING_NULL", FILTER_FLAG_EMPTY_STRING_NULL, CONST_CS | CONST_PERSISTENT);
274
275 REGISTER_LONG_CONSTANT("FILTER_FLAG_ALLOW_FRACTION", FILTER_FLAG_ALLOW_FRACTION, CONST_CS | CONST_PERSISTENT);
276 REGISTER_LONG_CONSTANT("FILTER_FLAG_ALLOW_THOUSAND", FILTER_FLAG_ALLOW_THOUSAND, CONST_CS | CONST_PERSISTENT);
277 REGISTER_LONG_CONSTANT("FILTER_FLAG_ALLOW_SCIENTIFIC", FILTER_FLAG_ALLOW_SCIENTIFIC, CONST_CS | CONST_PERSISTENT);
278
279 REGISTER_LONG_CONSTANT("FILTER_FLAG_SCHEME_REQUIRED", FILTER_FLAG_SCHEME_REQUIRED, CONST_CS | CONST_PERSISTENT);
280 REGISTER_LONG_CONSTANT("FILTER_FLAG_HOST_REQUIRED", FILTER_FLAG_HOST_REQUIRED, CONST_CS | CONST_PERSISTENT);
281 REGISTER_LONG_CONSTANT("FILTER_FLAG_PATH_REQUIRED", FILTER_FLAG_PATH_REQUIRED, CONST_CS | CONST_PERSISTENT);
282 REGISTER_LONG_CONSTANT("FILTER_FLAG_QUERY_REQUIRED", FILTER_FLAG_QUERY_REQUIRED, CONST_CS | CONST_PERSISTENT);
283
284 REGISTER_LONG_CONSTANT("FILTER_FLAG_IPV4", FILTER_FLAG_IPV4, CONST_CS | CONST_PERSISTENT);
285 REGISTER_LONG_CONSTANT("FILTER_FLAG_IPV6", FILTER_FLAG_IPV6, CONST_CS | CONST_PERSISTENT);
286 REGISTER_LONG_CONSTANT("FILTER_FLAG_NO_RES_RANGE", FILTER_FLAG_NO_RES_RANGE, CONST_CS | CONST_PERSISTENT);
287 REGISTER_LONG_CONSTANT("FILTER_FLAG_NO_PRIV_RANGE", FILTER_FLAG_NO_PRIV_RANGE, CONST_CS | CONST_PERSISTENT);
288
289 REGISTER_LONG_CONSTANT("FILTER_FLAG_HOSTNAME", FILTER_FLAG_HOSTNAME, CONST_CS | CONST_PERSISTENT);
290
291 REGISTER_LONG_CONSTANT("FILTER_FLAG_EMAIL_UNICODE", FILTER_FLAG_EMAIL_UNICODE, CONST_CS | CONST_PERSISTENT);
292
293 sapi_register_input_filter(php_sapi_filter, php_sapi_filter_init);
294
295 return SUCCESS;
296 }
297 /* }}} */
298
299 /* {{{ PHP_MSHUTDOWN_FUNCTION
300 */
PHP_MSHUTDOWN_FUNCTION(filter)301 PHP_MSHUTDOWN_FUNCTION(filter)
302 {
303 UNREGISTER_INI_ENTRIES();
304
305 return SUCCESS;
306 }
307 /* }}} */
308
309 /* {{{ PHP_RSHUTDOWN_FUNCTION
310 */
311 #define VAR_ARRAY_COPY_DTOR(a) \
312 if (!Z_ISUNDEF(IF_G(a))) { \
313 zval_ptr_dtor(&IF_G(a)); \
314 ZVAL_UNDEF(&IF_G(a)); \
315 }
316
PHP_RSHUTDOWN_FUNCTION(filter)317 PHP_RSHUTDOWN_FUNCTION(filter)
318 {
319 VAR_ARRAY_COPY_DTOR(get_array)
320 VAR_ARRAY_COPY_DTOR(post_array)
321 VAR_ARRAY_COPY_DTOR(cookie_array)
322 VAR_ARRAY_COPY_DTOR(server_array)
323 VAR_ARRAY_COPY_DTOR(env_array)
324 #if 0
325 VAR_ARRAY_COPY_DTOR(session_array)
326 #endif
327 return SUCCESS;
328 }
329 /* }}} */
330
331 /* {{{ PHP_MINFO_FUNCTION
332 */
PHP_MINFO_FUNCTION(filter)333 PHP_MINFO_FUNCTION(filter)
334 {
335 php_info_print_table_start();
336 php_info_print_table_row( 2, "Input Validation and Filtering", "enabled" );
337 php_info_print_table_end();
338
339 DISPLAY_INI_ENTRIES();
340 }
341 /* }}} */
342
php_find_filter(zend_long id)343 static filter_list_entry php_find_filter(zend_long id) /* {{{ */
344 {
345 int i, size = sizeof(filter_list) / sizeof(filter_list_entry);
346
347 for (i = 0; i < size; ++i) {
348 if (filter_list[i].id == id) {
349 return filter_list[i];
350 }
351 }
352 /* Fallback to "string" filter */
353 for (i = 0; i < size; ++i) {
354 if (filter_list[i].id == FILTER_DEFAULT) {
355 return filter_list[i];
356 }
357 }
358 /* To shut up GCC */
359 return filter_list[0];
360 }
361 /* }}} */
362
php_sapi_filter_init(void)363 static unsigned int php_sapi_filter_init(void)
364 {
365 ZVAL_UNDEF(&IF_G(get_array));
366 ZVAL_UNDEF(&IF_G(post_array));
367 ZVAL_UNDEF(&IF_G(cookie_array));
368 ZVAL_UNDEF(&IF_G(server_array));
369 ZVAL_UNDEF(&IF_G(env_array));
370 #if 0
371 ZVAL_UNDEF(&IF_G(session_array));
372 #endif
373 return SUCCESS;
374 }
375
php_zval_filter(zval * value,zend_long filter,zend_long flags,zval * options,char * charset,zend_bool copy)376 static void php_zval_filter(zval *value, zend_long filter, zend_long flags, zval *options, char* charset, zend_bool copy) /* {{{ */
377 {
378 filter_list_entry filter_func;
379
380 filter_func = php_find_filter(filter);
381
382 if (!filter_func.id) {
383 /* Find default filter */
384 filter_func = php_find_filter(FILTER_DEFAULT);
385 }
386
387 /* #49274, fatal error with object without a toString method
388 Fails nicely instead of getting a recovarable fatal error. */
389 if (Z_TYPE_P(value) == IS_OBJECT) {
390 zend_class_entry *ce;
391
392 ce = Z_OBJCE_P(value);
393 if (!ce->__tostring) {
394 zval_ptr_dtor(value);
395 /* #67167: doesn't return null on failure for objects */
396 if (flags & FILTER_NULL_ON_FAILURE) {
397 ZVAL_NULL(value);
398 } else {
399 ZVAL_FALSE(value);
400 }
401 goto handle_default;
402 }
403 }
404
405 /* Here be strings */
406 convert_to_string(value);
407
408 filter_func.function(value, flags, options, charset);
409
410 handle_default:
411 if (options && (Z_TYPE_P(options) == IS_ARRAY || Z_TYPE_P(options) == IS_OBJECT) &&
412 ((flags & FILTER_NULL_ON_FAILURE && Z_TYPE_P(value) == IS_NULL) ||
413 (!(flags & FILTER_NULL_ON_FAILURE) && Z_TYPE_P(value) == IS_FALSE)) &&
414 zend_hash_str_exists(HASH_OF(options), "default", sizeof("default") - 1)) {
415 zval *tmp;
416 if ((tmp = zend_hash_str_find(HASH_OF(options), "default", sizeof("default") - 1)) != NULL) {
417 ZVAL_COPY(value, tmp);
418 }
419 }
420 }
421 /* }}} */
422
php_sapi_filter(int arg,char * var,char ** val,size_t val_len,size_t * new_val_len)423 static unsigned int php_sapi_filter(int arg, char *var, char **val, size_t val_len, size_t *new_val_len) /* {{{ */
424 {
425 zval new_var, raw_var;
426 zval *array_ptr = NULL, *orig_array_ptr = NULL;
427 int retval = 0;
428
429 assert(*val != NULL);
430
431 #define PARSE_CASE(s,a,t) \
432 case s: \
433 if (Z_ISUNDEF(IF_G(a))) { \
434 array_init(&IF_G(a)); \
435 } \
436 array_ptr = &IF_G(a); \
437 orig_array_ptr = &PG(http_globals)[t]; \
438 break;
439
440 switch (arg) {
441 PARSE_CASE(PARSE_POST, post_array, TRACK_VARS_POST)
442 PARSE_CASE(PARSE_GET, get_array, TRACK_VARS_GET)
443 PARSE_CASE(PARSE_COOKIE, cookie_array, TRACK_VARS_COOKIE)
444 PARSE_CASE(PARSE_SERVER, server_array, TRACK_VARS_SERVER)
445 PARSE_CASE(PARSE_ENV, env_array, TRACK_VARS_ENV)
446
447 case PARSE_STRING: /* PARSE_STRING is used by parse_str() function */
448 retval = 1;
449 break;
450 }
451
452 /*
453 * According to rfc2965, more specific paths are listed above the less specific ones.
454 * If we encounter a duplicate cookie name, we should skip it, since it is not possible
455 * to have the same (plain text) cookie name for the same path and we should not overwrite
456 * more specific cookies with the less specific ones.
457 */
458 if (arg == PARSE_COOKIE && orig_array_ptr &&
459 zend_symtable_str_exists(Z_ARRVAL_P(orig_array_ptr), var, strlen(var))) {
460 return 0;
461 }
462
463 if (array_ptr) {
464 /* Store the RAW variable internally */
465 ZVAL_STRINGL(&raw_var, *val, val_len);
466 php_register_variable_ex(var, &raw_var, array_ptr);
467 }
468
469 if (val_len) {
470 /* Register mangled variable */
471 if (IF_G(default_filter) != FILTER_UNSAFE_RAW) {
472 ZVAL_STRINGL(&new_var, *val, val_len);
473 php_zval_filter(&new_var, IF_G(default_filter), IF_G(default_filter_flags), NULL, NULL, 0);
474 } else {
475 ZVAL_STRINGL(&new_var, *val, val_len);
476 }
477 } else { /* empty string */
478 ZVAL_EMPTY_STRING(&new_var);
479 }
480
481 if (orig_array_ptr) {
482 php_register_variable_ex(var, &new_var, orig_array_ptr);
483 }
484
485 if (retval) {
486 if (new_val_len) {
487 *new_val_len = Z_STRLEN(new_var);
488 }
489 efree(*val);
490 if (Z_STRLEN(new_var)) {
491 *val = estrndup(Z_STRVAL(new_var), Z_STRLEN(new_var));
492 } else {
493 *val = estrdup("");
494 }
495 zval_ptr_dtor(&new_var);
496 }
497
498 return retval;
499 }
500 /* }}} */
501
php_zval_filter_recursive(zval * value,zend_long filter,zend_long flags,zval * options,char * charset,zend_bool copy)502 static void php_zval_filter_recursive(zval *value, zend_long filter, zend_long flags, zval *options, char *charset, zend_bool copy) /* {{{ */
503 {
504 if (Z_TYPE_P(value) == IS_ARRAY) {
505 zval *element;
506
507 if (Z_IS_RECURSIVE_P(value)) {
508 return;
509 }
510 Z_PROTECT_RECURSION_P(value);
511
512 ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(value), element) {
513 ZVAL_DEREF(element);
514 if (Z_TYPE_P(element) == IS_ARRAY) {
515 SEPARATE_ARRAY(element);
516 php_zval_filter_recursive(element, filter, flags, options, charset, copy);
517 } else {
518 php_zval_filter(element, filter, flags, options, charset, copy);
519 }
520 } ZEND_HASH_FOREACH_END();
521 Z_UNPROTECT_RECURSION_P(value);
522 } else {
523 php_zval_filter(value, filter, flags, options, charset, copy);
524 }
525 }
526 /* }}} */
527
php_filter_get_storage(zend_long arg)528 static zval *php_filter_get_storage(zend_long arg)/* {{{ */
529
530 {
531 zval *array_ptr = NULL;
532
533 switch (arg) {
534 case PARSE_GET:
535 array_ptr = &IF_G(get_array);
536 break;
537 case PARSE_POST:
538 array_ptr = &IF_G(post_array);
539 break;
540 case PARSE_COOKIE:
541 array_ptr = &IF_G(cookie_array);
542 break;
543 case PARSE_SERVER:
544 if (PG(auto_globals_jit)) {
545 zend_is_auto_global_str(ZEND_STRL("_SERVER"));
546 }
547 array_ptr = &IF_G(server_array);
548 break;
549 case PARSE_ENV:
550 if (PG(auto_globals_jit)) {
551 zend_is_auto_global_str(ZEND_STRL("_ENV"));
552 }
553 array_ptr = !Z_ISUNDEF(IF_G(env_array)) ? &IF_G(env_array) : &PG(http_globals)[TRACK_VARS_ENV];
554 break;
555 case PARSE_SESSION:
556 /* FIXME: Implement session source */
557 php_error_docref(NULL, E_WARNING, "INPUT_SESSION is not yet implemented");
558 break;
559 case PARSE_REQUEST:
560 /* FIXME: Implement request source */
561 php_error_docref(NULL, E_WARNING, "INPUT_REQUEST is not yet implemented");
562 break;
563 }
564
565 return array_ptr;
566 }
567 /* }}} */
568
569 /* {{{ proto mixed filter_has_var(constant type, string variable_name)
570 * Returns true if the variable with the name 'name' exists in source.
571 */
PHP_FUNCTION(filter_has_var)572 PHP_FUNCTION(filter_has_var)
573 {
574 zend_long arg;
575 zend_string *var;
576 zval *array_ptr = NULL;
577
578 if (zend_parse_parameters(ZEND_NUM_ARGS(), "lS", &arg, &var) == FAILURE) {
579 RETURN_FALSE;
580 }
581
582 array_ptr = php_filter_get_storage(arg);
583
584 if (array_ptr && HASH_OF(array_ptr) && zend_hash_exists(HASH_OF(array_ptr), var)) {
585 RETURN_TRUE;
586 }
587
588 RETURN_FALSE;
589 }
590 /* }}} */
591
php_filter_call(zval * filtered,zend_long filter,zval * filter_args,const int copy,zend_long filter_flags)592 static void php_filter_call(zval *filtered, zend_long filter, zval *filter_args, const int copy, zend_long filter_flags) /* {{{ */
593 {
594 zval *options = NULL;
595 zval *option;
596 char *charset = NULL;
597
598 if (filter_args && Z_TYPE_P(filter_args) != IS_ARRAY) {
599 zend_long lval = zval_get_long(filter_args);
600
601 if (filter != -1) { /* handler for array apply */
602 /* filter_args is the filter_flags */
603 filter_flags = lval;
604
605 if (!(filter_flags & FILTER_REQUIRE_ARRAY || filter_flags & FILTER_FORCE_ARRAY)) {
606 filter_flags |= FILTER_REQUIRE_SCALAR;
607 }
608 } else {
609 filter = lval;
610 }
611 } else if (filter_args) {
612 if ((option = zend_hash_str_find(HASH_OF(filter_args), "filter", sizeof("filter") - 1)) != NULL) {
613 filter = zval_get_long(option);
614 }
615
616 if ((option = zend_hash_str_find(HASH_OF(filter_args), "flags", sizeof("flags") - 1)) != NULL) {
617 filter_flags = zval_get_long(option);
618
619 if (!(filter_flags & FILTER_REQUIRE_ARRAY || filter_flags & FILTER_FORCE_ARRAY)) {
620 filter_flags |= FILTER_REQUIRE_SCALAR;
621 }
622 }
623
624 if ((option = zend_hash_str_find(HASH_OF(filter_args), "options", sizeof("options") - 1)) != NULL) {
625 /* avoid reference type */
626 ZVAL_DEREF(option);
627
628 if (filter != FILTER_CALLBACK) {
629 if (Z_TYPE_P(option) == IS_ARRAY) {
630 options = option;
631 }
632 } else {
633 options = option;
634 filter_flags = 0;
635 }
636 }
637 }
638
639 if (Z_TYPE_P(filtered) == IS_ARRAY) {
640 if (filter_flags & FILTER_REQUIRE_SCALAR) {
641 zval_ptr_dtor(filtered);
642 if (filter_flags & FILTER_NULL_ON_FAILURE) {
643 ZVAL_NULL(filtered);
644 } else {
645 ZVAL_FALSE(filtered);
646 }
647 return;
648 }
649 php_zval_filter_recursive(filtered, filter, filter_flags, options, charset, copy);
650 return;
651 }
652 if (filter_flags & FILTER_REQUIRE_ARRAY) {
653 zval_ptr_dtor(filtered);
654 if (filter_flags & FILTER_NULL_ON_FAILURE) {
655 ZVAL_NULL(filtered);
656 } else {
657 ZVAL_FALSE(filtered);
658 }
659 return;
660 }
661
662 php_zval_filter(filtered, filter, filter_flags, options, charset, copy);
663 if (filter_flags & FILTER_FORCE_ARRAY) {
664 zval tmp;
665 ZVAL_COPY_VALUE(&tmp, filtered);
666 array_init(filtered);
667 add_next_index_zval(filtered, &tmp);
668 }
669 }
670 /* }}} */
671
php_filter_array_handler(zval * input,zval * op,zval * return_value,zend_bool add_empty)672 static void php_filter_array_handler(zval *input, zval *op, zval *return_value, zend_bool add_empty) /* {{{ */
673 {
674 zend_string *arg_key;
675 zval *tmp, *arg_elm;
676
677 if (!op) {
678 zval_ptr_dtor(return_value);
679 ZVAL_DUP(return_value, input);
680 php_filter_call(return_value, FILTER_DEFAULT, NULL, 0, FILTER_REQUIRE_ARRAY);
681 } else if (Z_TYPE_P(op) == IS_LONG) {
682 zval_ptr_dtor(return_value);
683 ZVAL_DUP(return_value, input);
684 php_filter_call(return_value, Z_LVAL_P(op), NULL, 0, FILTER_REQUIRE_ARRAY);
685 } else if (Z_TYPE_P(op) == IS_ARRAY) {
686 array_init(return_value);
687
688 ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(op), arg_key, arg_elm) {
689 if (arg_key == NULL) {
690 php_error_docref(NULL, E_WARNING, "Numeric keys are not allowed in the definition array");
691 zval_ptr_dtor(return_value);
692 RETURN_FALSE;
693 }
694 if (ZSTR_LEN(arg_key) == 0) {
695 php_error_docref(NULL, E_WARNING, "Empty keys are not allowed in the definition array");
696 zval_ptr_dtor(return_value);
697 RETURN_FALSE;
698 }
699 if ((tmp = zend_hash_find(Z_ARRVAL_P(input), arg_key)) == NULL) {
700 if (add_empty) {
701 add_assoc_null_ex(return_value, ZSTR_VAL(arg_key), ZSTR_LEN(arg_key));
702 }
703 } else {
704 zval nval;
705 ZVAL_DEREF(tmp);
706 ZVAL_DUP(&nval, tmp);
707 php_filter_call(&nval, -1, arg_elm, 0, FILTER_REQUIRE_SCALAR);
708 zend_hash_update(Z_ARRVAL_P(return_value), arg_key, &nval);
709 }
710 } ZEND_HASH_FOREACH_END();
711 } else {
712 RETURN_FALSE;
713 }
714 }
715 /* }}} */
716
717 /* {{{ proto mixed filter_input(constant type, string variable_name [, int filter [, mixed options]])
718 * Returns the filtered variable 'name'* from source `type`.
719 */
PHP_FUNCTION(filter_input)720 PHP_FUNCTION(filter_input)
721 {
722 zend_long fetch_from, filter = FILTER_DEFAULT;
723 zval *filter_args = NULL, *tmp;
724 zval *input = NULL;
725 zend_string *var;
726
727 if (zend_parse_parameters(ZEND_NUM_ARGS(), "lS|lz", &fetch_from, &var, &filter, &filter_args) == FAILURE) {
728 return;
729 }
730
731 if (!PHP_FILTER_ID_EXISTS(filter)) {
732 RETURN_FALSE;
733 }
734
735 input = php_filter_get_storage(fetch_from);
736
737 if (!input || !HASH_OF(input) || (tmp = zend_hash_find(HASH_OF(input), var)) == NULL) {
738 zend_long filter_flags = 0;
739 zval *option, *opt, *def;
740 if (filter_args) {
741 if (Z_TYPE_P(filter_args) == IS_LONG) {
742 filter_flags = Z_LVAL_P(filter_args);
743 } else if (Z_TYPE_P(filter_args) == IS_ARRAY && (option = zend_hash_str_find(HASH_OF(filter_args), "flags", sizeof("flags") - 1)) != NULL) {
744 filter_flags = zval_get_long(option);
745 }
746 if (Z_TYPE_P(filter_args) == IS_ARRAY &&
747 (opt = zend_hash_str_find(HASH_OF(filter_args), "options", sizeof("options") - 1)) != NULL &&
748 Z_TYPE_P(opt) == IS_ARRAY &&
749 (def = zend_hash_str_find(HASH_OF(opt), "default", sizeof("default") - 1)) != NULL) {
750 ZVAL_COPY(return_value, def);
751 return;
752 }
753 }
754
755 /* The FILTER_NULL_ON_FAILURE flag inverts the usual return values of
756 * the function: normally when validation fails false is returned, and
757 * when the input value doesn't exist NULL is returned. With the flag
758 * set, NULL and false should be returned, respectively. Ergo, although
759 * the code below looks incorrect, it's actually right. */
760 if (filter_flags & FILTER_NULL_ON_FAILURE) {
761 RETURN_FALSE;
762 } else {
763 RETURN_NULL();
764 }
765 }
766
767 ZVAL_DUP(return_value, tmp);
768
769 php_filter_call(return_value, filter, filter_args, 1, FILTER_REQUIRE_SCALAR);
770 }
771 /* }}} */
772
773 /* {{{ proto mixed filter_var(mixed variable [, int filter [, mixed options]])
774 * Returns the filtered version of the variable.
775 */
PHP_FUNCTION(filter_var)776 PHP_FUNCTION(filter_var)
777 {
778 zend_long filter = FILTER_DEFAULT;
779 zval *filter_args = NULL, *data;
780
781 if (zend_parse_parameters(ZEND_NUM_ARGS(), "z|lz", &data, &filter, &filter_args) == FAILURE) {
782 return;
783 }
784
785 if (!PHP_FILTER_ID_EXISTS(filter)) {
786 RETURN_FALSE;
787 }
788
789 ZVAL_DUP(return_value, data);
790
791 php_filter_call(return_value, filter, filter_args, 1, FILTER_REQUIRE_SCALAR);
792 }
793 /* }}} */
794
795 /* {{{ proto mixed filter_input_array(constant type, [, mixed options [, bool add_empty]]])
796 * Returns an array with all arguments defined in 'definition'.
797 */
PHP_FUNCTION(filter_input_array)798 PHP_FUNCTION(filter_input_array)
799 {
800 zend_long fetch_from;
801 zval *array_input = NULL, *op = NULL;
802 zend_bool add_empty = 1;
803
804 if (zend_parse_parameters(ZEND_NUM_ARGS(), "l|zb", &fetch_from, &op, &add_empty) == FAILURE) {
805 return;
806 }
807
808 if (op && (Z_TYPE_P(op) != IS_ARRAY) && !(Z_TYPE_P(op) == IS_LONG && PHP_FILTER_ID_EXISTS(Z_LVAL_P(op)))) {
809 RETURN_FALSE;
810 }
811
812 array_input = php_filter_get_storage(fetch_from);
813
814 if (!array_input || !HASH_OF(array_input)) {
815 zend_long filter_flags = 0;
816 zval *option;
817 if (op) {
818 if (Z_TYPE_P(op) == IS_LONG) {
819 filter_flags = Z_LVAL_P(op);
820 } else if (Z_TYPE_P(op) == IS_ARRAY && (option = zend_hash_str_find(HASH_OF(op), "flags", sizeof("flags") - 1)) != NULL) {
821 filter_flags = zval_get_long(option);
822 }
823 }
824
825 /* The FILTER_NULL_ON_FAILURE flag inverts the usual return values of
826 * the function: normally when validation fails false is returned, and
827 * when the input value doesn't exist NULL is returned. With the flag
828 * set, NULL and false should be returned, respectively. Ergo, although
829 * the code below looks incorrect, it's actually right. */
830 if (filter_flags & FILTER_NULL_ON_FAILURE) {
831 RETURN_FALSE;
832 } else {
833 RETURN_NULL();
834 }
835 }
836
837 php_filter_array_handler(array_input, op, return_value, add_empty);
838 }
839 /* }}} */
840
841 /* {{{ proto mixed filter_var_array(array data, [, mixed options [, bool add_empty]]])
842 * Returns an array with all arguments defined in 'definition'.
843 */
PHP_FUNCTION(filter_var_array)844 PHP_FUNCTION(filter_var_array)
845 {
846 zval *array_input = NULL, *op = NULL;
847 zend_bool add_empty = 1;
848
849 if (zend_parse_parameters(ZEND_NUM_ARGS(), "a|zb", &array_input, &op, &add_empty) == FAILURE) {
850 return;
851 }
852
853 if (op && (Z_TYPE_P(op) != IS_ARRAY) && !(Z_TYPE_P(op) == IS_LONG && PHP_FILTER_ID_EXISTS(Z_LVAL_P(op)))) {
854 RETURN_FALSE;
855 }
856
857 php_filter_array_handler(array_input, op, return_value, add_empty);
858 }
859 /* }}} */
860
861 /* {{{ proto filter_list()
862 * Returns a list of all supported filters */
PHP_FUNCTION(filter_list)863 PHP_FUNCTION(filter_list)
864 {
865 int i, size = sizeof(filter_list) / sizeof(filter_list_entry);
866
867 if (zend_parse_parameters_none() == FAILURE) {
868 return;
869 }
870
871 array_init(return_value);
872 for (i = 0; i < size; ++i) {
873 add_next_index_string(return_value, (char *)filter_list[i].name);
874 }
875 }
876 /* }}} */
877
878 /* {{{ proto filter_id(string filtername)
879 * Returns the filter ID belonging to a named filter */
PHP_FUNCTION(filter_id)880 PHP_FUNCTION(filter_id)
881 {
882 int i;
883 size_t filter_len;
884 int size = sizeof(filter_list) / sizeof(filter_list_entry);
885 char *filter;
886
887 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &filter, &filter_len) == FAILURE) {
888 return;
889 }
890
891 for (i = 0; i < size; ++i) {
892 if (strcmp(filter_list[i].name, filter) == 0) {
893 RETURN_LONG(filter_list[i].id);
894 }
895 }
896
897 RETURN_FALSE;
898 }
899 /* }}} */
900
901 /*
902 * Local variables:
903 * tab-width: 4
904 * c-basic-offset: 4
905 * End:
906 * vim600: noet sw=4 ts=4 fdm=marker
907 * vim<600: noet sw=4 ts=4
908 */
909
