1 /*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | https://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Authors: Sara Golemon <pollita@php.net> |
14 +----------------------------------------------------------------------+
15 */
16
17 #include "php_http.h"
18 #include "php_ini.h"
19 #include "url.h"
20
21 #define URL_DEFAULT_ARG_SEP "&"
22
23 /* {{{ php_url_encode_hash */
php_url_encode_hash_ex(HashTable * ht,smart_str * formstr,const char * num_prefix,size_t num_prefix_len,const char * key_prefix,size_t key_prefix_len,const char * key_suffix,size_t key_suffix_len,zval * type,const char * arg_sep,int enc_type)24 PHPAPI void php_url_encode_hash_ex(HashTable *ht, smart_str *formstr,
25 const char *num_prefix, size_t num_prefix_len,
26 const char *key_prefix, size_t key_prefix_len,
27 const char *key_suffix, size_t key_suffix_len,
28 zval *type, const char *arg_sep, int enc_type)
29 {
30 zend_string *key = NULL;
31 char *newprefix, *p;
32 const char *prop_name;
33 size_t arg_sep_len, newprefix_len, prop_len;
34 zend_ulong idx;
35 zval *zdata = NULL;
36 ZEND_ASSERT(ht);
37
38 if (GC_IS_RECURSIVE(ht)) {
39 /* Prevent recursion */
40 return;
41 }
42
43 if (!arg_sep) {
44 arg_sep = INI_STR("arg_separator.output");
45 if (!arg_sep || !strlen(arg_sep)) {
46 arg_sep = URL_DEFAULT_ARG_SEP;
47 }
48 }
49 arg_sep_len = strlen(arg_sep);
50
51 ZEND_HASH_FOREACH_KEY_VAL(ht, idx, key, zdata) {
52 bool is_dynamic = 1;
53 if (Z_TYPE_P(zdata) == IS_INDIRECT) {
54 zdata = Z_INDIRECT_P(zdata);
55 if (Z_ISUNDEF_P(zdata)) {
56 continue;
57 }
58
59 is_dynamic = 0;
60 }
61
62 /* handling for private & protected object properties */
63 if (key) {
64 prop_name = ZSTR_VAL(key);
65 prop_len = ZSTR_LEN(key);
66
67 if (type != NULL && zend_check_property_access(Z_OBJ_P(type), key, is_dynamic) != SUCCESS) {
68 /* property not visible in this scope */
69 continue;
70 }
71
72 if (ZSTR_VAL(key)[0] == '\0' && type != NULL) {
73 const char *tmp;
74 zend_unmangle_property_name_ex(key, &tmp, &prop_name, &prop_len);
75 } else {
76 prop_name = ZSTR_VAL(key);
77 prop_len = ZSTR_LEN(key);
78 }
79 } else {
80 prop_name = NULL;
81 prop_len = 0;
82 }
83
84 ZVAL_DEREF(zdata);
85 if (Z_TYPE_P(zdata) == IS_ARRAY || Z_TYPE_P(zdata) == IS_OBJECT) {
86 if (key) {
87 zend_string *ekey;
88 if (enc_type == PHP_QUERY_RFC3986) {
89 ekey = php_raw_url_encode(prop_name, prop_len);
90 } else {
91 ekey = php_url_encode(prop_name, prop_len);
92 }
93 newprefix_len = key_suffix_len + ZSTR_LEN(ekey) + key_prefix_len + 3 /* %5B */;
94 newprefix = emalloc(newprefix_len + 1);
95 p = newprefix;
96
97 if (key_prefix) {
98 memcpy(p, key_prefix, key_prefix_len);
99 p += key_prefix_len;
100 }
101
102 memcpy(p, ZSTR_VAL(ekey), ZSTR_LEN(ekey));
103 p += ZSTR_LEN(ekey);
104 zend_string_free(ekey);
105
106 if (key_suffix) {
107 memcpy(p, key_suffix, key_suffix_len);
108 p += key_suffix_len;
109 }
110 *(p++) = '%';
111 *(p++) = '5';
112 *(p++) = 'B';
113 *p = '\0';
114 } else {
115 char *ekey;
116 size_t ekey_len;
117 /* Is an integer key */
118 ekey_len = spprintf(&ekey, 0, ZEND_LONG_FMT, idx);
119 newprefix_len = key_prefix_len + num_prefix_len + ekey_len + key_suffix_len + 3 /* %5B */;
120 newprefix = emalloc(newprefix_len + 1);
121 p = newprefix;
122
123 if (key_prefix) {
124 memcpy(p, key_prefix, key_prefix_len);
125 p += key_prefix_len;
126 }
127
128 if (num_prefix) {
129 memcpy(p, num_prefix, num_prefix_len);
130 p += num_prefix_len;
131 }
132
133 memcpy(p, ekey, ekey_len);
134 p += ekey_len;
135 efree(ekey);
136
137 if (key_suffix) {
138 memcpy(p, key_suffix, key_suffix_len);
139 p += key_suffix_len;
140 }
141 *(p++) = '%';
142 *(p++) = '5';
143 *(p++) = 'B';
144 *p = '\0';
145 }
146 GC_TRY_PROTECT_RECURSION(ht);
147 php_url_encode_hash_ex(HASH_OF(zdata), formstr, NULL, 0, newprefix, newprefix_len, "%5D", 3, (Z_TYPE_P(zdata) == IS_OBJECT ? zdata : NULL), arg_sep, enc_type);
148 GC_TRY_UNPROTECT_RECURSION(ht);
149 efree(newprefix);
150 } else if (Z_TYPE_P(zdata) == IS_NULL || Z_TYPE_P(zdata) == IS_RESOURCE) {
151 /* Skip these types */
152 continue;
153 } else {
154 if (formstr->s) {
155 smart_str_appendl(formstr, arg_sep, arg_sep_len);
156 }
157 /* Simple key=value */
158 if (key_prefix) {
159 smart_str_appendl(formstr, key_prefix, key_prefix_len);
160 }
161 if (key) {
162 zend_string *ekey;
163 if (enc_type == PHP_QUERY_RFC3986) {
164 ekey = php_raw_url_encode(prop_name, prop_len);
165 } else {
166 ekey = php_url_encode(prop_name, prop_len);
167 }
168 smart_str_append(formstr, ekey);
169 zend_string_free(ekey);
170 } else {
171 /* Numeric key */
172 if (num_prefix) {
173 smart_str_appendl(formstr, num_prefix, num_prefix_len);
174 }
175 smart_str_append_long(formstr, idx);
176 }
177 if (key_suffix) {
178 smart_str_appendl(formstr, key_suffix, key_suffix_len);
179 }
180 smart_str_appendl(formstr, "=", 1);
181 switch (Z_TYPE_P(zdata)) {
182 case IS_STRING: {
183 zend_string *ekey;
184 if (enc_type == PHP_QUERY_RFC3986) {
185 ekey = php_raw_url_encode(Z_STRVAL_P(zdata), Z_STRLEN_P(zdata));
186 } else {
187 ekey = php_url_encode(Z_STRVAL_P(zdata), Z_STRLEN_P(zdata));
188 }
189 smart_str_append(formstr, ekey);
190 zend_string_free(ekey);
191 }
192 break;
193 case IS_LONG:
194 smart_str_append_long(formstr, Z_LVAL_P(zdata));
195 break;
196 case IS_FALSE:
197 smart_str_appendl(formstr, "0", sizeof("0")-1);
198 break;
199 case IS_TRUE:
200 smart_str_appendl(formstr, "1", sizeof("1")-1);
201 break;
202 default:
203 {
204 zend_string *ekey;
205 zend_string *tmp;
206 zend_string *str= zval_get_tmp_string(zdata, &tmp);
207 if (enc_type == PHP_QUERY_RFC3986) {
208 ekey = php_raw_url_encode(ZSTR_VAL(str), ZSTR_LEN(str));
209 } else {
210 ekey = php_url_encode(ZSTR_VAL(str), ZSTR_LEN(str));
211 }
212 smart_str_append(formstr, ekey);
213 zend_tmp_string_release(tmp);
214 zend_string_free(ekey);
215 }
216 }
217 }
218 } ZEND_HASH_FOREACH_END();
219 }
220 /* }}} */
221
222 /* {{{ Generates a form-encoded query string from an associative array or object. */
PHP_FUNCTION(http_build_query)223 PHP_FUNCTION(http_build_query)
224 {
225 zval *formdata;
226 char *prefix = NULL, *arg_sep=NULL;
227 size_t arg_sep_len = 0, prefix_len = 0;
228 smart_str formstr = {0};
229 zend_long enc_type = PHP_QUERY_RFC1738;
230
231 ZEND_PARSE_PARAMETERS_START(1, 4)
232 Z_PARAM_ARRAY_OR_OBJECT(formdata)
233 Z_PARAM_OPTIONAL
234 Z_PARAM_STRING(prefix, prefix_len)
235 Z_PARAM_STRING_OR_NULL(arg_sep, arg_sep_len)
236 Z_PARAM_LONG(enc_type)
237 ZEND_PARSE_PARAMETERS_END();
238
239 php_url_encode_hash_ex(HASH_OF(formdata), &formstr, prefix, prefix_len, NULL, 0, NULL, 0, (Z_TYPE_P(formdata) == IS_OBJECT ? formdata : NULL), arg_sep, (int)enc_type);
240
241 if (!formstr.s) {
242 RETURN_EMPTY_STRING();
243 }
244
245 smart_str_0(&formstr);
246
247 RETURN_NEW_STR(formstr.s);
248 }
249 /* }}} */
250
