diff options
author | Pierre Joye <pajoye@php.net> | 2006-03-07 00:20:54 +0000 |
---|---|---|
committer | Pierre Joye <pajoye@php.net> | 2006-03-07 00:20:54 +0000 |
commit | 303bfea78f7f7b8c7a0354ef297b4ccb81e8ff77 (patch) | |
tree | 0b35f85104a2516e18bc281125a646745cbb5d35 | |
parent | b83d7e31514fb92c23561ceed42e3d27284a1496 (diff) | |
download | php-git-303bfea78f7f7b8c7a0354ef297b4ccb81e8ff77.tar.gz |
- remove register_globals support (aka "Kill the f***ing thing" :)
34 files changed, 72 insertions, 354 deletions
@@ -2,6 +2,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? ????, PHP 6.0 - Unicode support. (Andrei, Dmitry, et al) +- Droped register_globals support (Pierre) + - session_register, session_unregister and session_is_registered removed they + depend on register_globals - Cleaned CGI code. Now FastCGI can not be disabled. See sapi/cgi/CHANGES for more details. (Dmitry) - Removed support for "continue" and "break" operators with non-constant diff --git a/ext/mbstring/mb_gpc.c b/ext/mbstring/mb_gpc.c index 8cfe56a4d1..59bf838886 100644 --- a/ext/mbstring/mb_gpc.c +++ b/ext/mbstring/mb_gpc.c @@ -146,7 +146,6 @@ MBSTRING_API SAPI_TREAT_DATA_FUNC(mbstr_treat_data) info.data_type = arg; info.separator = separator; - info.force_register_globals = 0; info.report_errors = 0; info.to_encoding = MBSTRG(internal_encoding); info.to_language = MBSTRG(language); @@ -203,14 +202,6 @@ enum mbfl_no_encoding _php_mb_encoding_handler_ex(const php_mb_encoding_handler_ mbfl_string_init_set(&resvar, info->to_language, info->to_encoding); mbfl_string_init_set(&resval, info->to_language, info->to_encoding); - /* register_globals stuff - * XXX: this feature is going to be deprecated? */ - - if (info->force_register_globals) { - prev_rg_state = PG(register_globals); - PG(register_globals) = 1; - } - if (!res || *res == '\0') { goto out; } @@ -340,11 +331,6 @@ enum mbfl_no_encoding _php_mb_encoding_handler_ex(const php_mb_encoding_handler_ } out: - /* register_global stuff */ - if (info->force_register_globals) { - PG(register_globals) = prev_rg_state; - } - if (convd != NULL) { mbfl_buffer_converter_delete(convd); } @@ -369,7 +355,6 @@ SAPI_POST_HANDLER_FUNC(php_mb_post_handler) info.data_type = PARSE_POST; info.separator = "&"; - info.force_register_globals = 0; info.report_errors = 0; info.to_encoding = MBSTRG(internal_encoding); info.to_language = MBSTRG(language); diff --git a/ext/mbstring/mb_gpc.h b/ext/mbstring/mb_gpc.h index 593b413253..83090c3bc9 100644 --- a/ext/mbstring/mb_gpc.h +++ b/ext/mbstring/mb_gpc.h @@ -32,7 +32,6 @@ typedef struct _php_mb_encoding_handler_info_t { int data_type; const char *separator; - unsigned int force_register_globals: 1; unsigned int report_errors: 1; enum mbfl_no_language to_language; enum mbfl_no_encoding to_encoding; diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c index 32dbe8ac82..d854dc70aa 100644 --- a/ext/mbstring/mbstring.c +++ b/ext/mbstring/mbstring.c @@ -1401,7 +1401,6 @@ PHP_FUNCTION(mb_parse_str) info.data_type = PARSE_STRING; info.separator = PG(arg_separator).input; - info.force_register_globals = (track_vars_array == NULL); info.report_errors = 1; info.to_encoding = MBSTRG(current_internal_encoding); info.to_language = MBSTRG(current_language); diff --git a/ext/mbstring/tests/mb_parse_str.phpt b/ext/mbstring/tests/mb_parse_str.phpt index 8b320b0845..fcfbbd9fe4 100644 --- a/ext/mbstring/tests/mb_parse_str.phpt +++ b/ext/mbstring/tests/mb_parse_str.phpt @@ -4,7 +4,6 @@ mb_parse_str() <?php extension_loaded('mbstring') or die('skip mbstring not available'); ?> --INI-- arg_separator.input=& -register_globals=0 --FILE-- <?php $queries = array( diff --git a/ext/mbstring/tests/mb_parse_str02.phpt b/ext/mbstring/tests/mb_parse_str02.phpt index 51cfb63cb9..44ed44865c 100644 --- a/ext/mbstring/tests/mb_parse_str02.phpt +++ b/ext/mbstring/tests/mb_parse_str02.phpt @@ -4,7 +4,6 @@ mb_parse_str() test 2 <?php extension_loaded('mbstring') or die('skip mbstring not available'); ?> --INI-- arg_separator.input=&# -register_globals=0 --FILE-- <?php $queries = array( diff --git a/ext/session/php_session.h b/ext/session/php_session.h index f2b70d4ed7..ac70ff7885 100644 --- a/ext/session/php_session.h +++ b/ext/session/php_session.h @@ -138,9 +138,6 @@ PHP_FUNCTION(session_save_path); PHP_FUNCTION(session_id); PHP_FUNCTION(session_regenerate_id); PHP_FUNCTION(session_decode); -PHP_FUNCTION(session_register); -PHP_FUNCTION(session_unregister); -PHP_FUNCTION(session_is_registered); PHP_FUNCTION(session_encode); PHP_FUNCTION(session_start); PHP_FUNCTION(session_destroy); diff --git a/ext/session/session.c b/ext/session/session.c index 0e8f7a3ed1..892d7fb76d 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -63,9 +63,6 @@ zend_function_entry session_functions[] = { PHP_FE(session_id, NULL) PHP_FE(session_regenerate_id, NULL) PHP_FE(session_decode, NULL) - PHP_FE(session_register, NULL) - PHP_FE(session_unregister, NULL) - PHP_FE(session_is_registered, NULL) PHP_FE(session_encode, NULL) PHP_FE(session_start, NULL) PHP_FE(session_destroy, NULL) @@ -281,79 +278,17 @@ PHPAPI void php_add_session_var(char *name, size_t namelen TSRMLS_DC) zend_hash_find(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1, (void *) &sym_track); + if (sym_track == NULL) { + zval *empty_var; - /* - * Set up a proper reference between $_SESSION["x"] and $x. - */ - - if (PG(register_globals)) { - zval **sym_global = NULL; - - zend_hash_find(&EG(symbol_table), name, namelen + 1, - (void *) &sym_global); - - if (sym_global == NULL && sym_track == NULL) { - zval *empty_var; - - ALLOC_INIT_ZVAL(empty_var); /* this sets refcount to 1 */ - empty_var->refcount = 0; /* our module does not maintain a ref */ - /* The next call will increase refcount by NR_OF_SYM_TABLES==2 */ - zend_set_hash_symbol(empty_var, name, namelen, 1, 2, Z_ARRVAL_P(PS(http_session_vars)), &EG(symbol_table)); - } else if (sym_global == NULL) { - SEPARATE_ZVAL_IF_NOT_REF(sym_track); - zend_set_hash_symbol(*sym_track, name, namelen, 1, 1, &EG(symbol_table)); - } else if (sym_track == NULL) { - SEPARATE_ZVAL_IF_NOT_REF(sym_global); - zend_set_hash_symbol(*sym_global, name, namelen, 1, 1, Z_ARRVAL_P(PS(http_session_vars))); - } - } else { - if (sym_track == NULL) { - zval *empty_var; - - ALLOC_INIT_ZVAL(empty_var); - ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, empty_var, 1, 0); - } + ALLOC_INIT_ZVAL(empty_var); + ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, empty_var, 1, 0); } } PHPAPI void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC) { - if (PG(register_globals)) { - zval **old_symbol; - if (zend_hash_find(&EG(symbol_table),name,namelen+1,(void *)&old_symbol) == SUCCESS) { - - /* - * A global symbol with the same name exists already. That - * symbol might have been created by other means (e.g. $_GET). - * - * hash_update in zend_set_hash_symbol is not good, because - * it will leave referenced variables (such as local instances - * of a global variable) dangling. - * - * BTW: if you use register_globals references between - * session-vars won't work because of this very reason! - */ - - - REPLACE_ZVAL_VALUE(old_symbol,state_val,1); - - /* - * The following line will update the reference table used for - * unserialization. It is optional, because some storage - * formats may not be able to represent references. - */ - - if (var_hash) { - PHP_VAR_UNSERIALIZE_ZVAL_CHANGED(var_hash,state_val,*old_symbol); - } - - zend_set_hash_symbol(*old_symbol, name, namelen, 1, 1, Z_ARRVAL_P(PS(http_session_vars))); - } else { - zend_set_hash_symbol(state_val, name, namelen, 1, 2, Z_ARRVAL_P(PS(http_session_vars)), &EG(symbol_table)); - } - } else IF_SESSION_VARS() { - zend_set_hash_symbol(state_val, name, namelen, PZVAL_IS_REF(state_val), 1, Z_ARRVAL_P(PS(http_session_vars))); - } + zend_set_hash_symbol(state_val, name, namelen, PZVAL_IS_REF(state_val), 1, Z_ARRVAL_P(PS(http_session_vars))); } PHPAPI int php_get_session_var(char *name, size_t namelen, zval ***state_var TSRMLS_DC) @@ -364,23 +299,6 @@ PHPAPI int php_get_session_var(char *name, size_t namelen, zval ***state_var TSR ret = zend_hash_find(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, (void **) state_var); - /* - * If register_globals is enabled, and - * if there is an entry for the slot in $_SESSION, and - * if that entry is still set to NULL, and - * if the global var exists, then - * we prefer the same key in the global sym table - */ - - if (PG(register_globals) && ret == SUCCESS - && Z_TYPE_PP(*state_var) == IS_NULL) { - zval **tmp; - - if (zend_hash_find(&EG(symbol_table), name, namelen + 1, - (void **) &tmp) == SUCCESS) { - *state_var = tmp; - } - } } return ret; @@ -811,7 +729,7 @@ static void php_session_save_current_state(TSRMLS_D) int ret = FAILURE; IF_SESSION_VARS() { - if (PS(bug_compat) && !PG(register_globals)) { + if (PS(bug_compat)) { HashTable *ht = Z_ARRVAL_P(PS(http_session_vars)); HashPosition pos; zval **val; @@ -829,7 +747,7 @@ static void php_session_save_current_state(TSRMLS_D) } if (do_warn && PS(bug_compat_warn)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively."); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively."); } } @@ -1562,90 +1480,6 @@ static void php_register_var(zval** entry TSRMLS_DC) } /* }}} */ -/* {{{ proto bool session_register(mixed var_names [, mixed ...]) - Adds varname(s) to the list of variables which are freezed at the session end */ -PHP_FUNCTION(session_register) -{ - zval ***args; - int argc = ZEND_NUM_ARGS(); - int i; - - if (argc <= 0) - RETURN_FALSE - else - args = (zval ***)safe_emalloc(argc, sizeof(zval **), 0); - - if (zend_get_parameters_array_ex(argc, args) == FAILURE) { - efree(args); - WRONG_PARAM_COUNT; - } - - if (PS(session_status) == php_session_none || PS(session_status) == php_session_disabled) { - php_session_start(TSRMLS_C); - } - - if (PS(session_status) == php_session_disabled) { - efree(args); - RETURN_FALSE; - } - - for (i = 0; i < argc; i++) { - if (Z_TYPE_PP(args[i]) == IS_ARRAY) - SEPARATE_ZVAL(args[i]); - php_register_var(args[i] TSRMLS_CC); - } - - efree(args); - - RETURN_TRUE; -} -/* }}} */ - -/* {{{ proto bool session_unregister(string varname) - Removes varname from the list of variables which are freezed at the session end */ -PHP_FUNCTION(session_unregister) -{ - zval **p_name; - int ac = ZEND_NUM_ARGS(); - - if (ac != 1 || zend_get_parameters_ex(ac, &p_name) == FAILURE) - WRONG_PARAM_COUNT; - - convert_to_string_ex(p_name); - - PS_DEL_VARL(Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name)); - - RETURN_TRUE; -} -/* }}} */ - -/* {{{ proto bool session_is_registered(string varname) - Checks if a variable is registered in session */ -PHP_FUNCTION(session_is_registered) -{ - zval **p_name; - zval *p_var; - int ac = ZEND_NUM_ARGS(); - - if (ac != 1 || zend_get_parameters_ex(ac, &p_name) == FAILURE) - WRONG_PARAM_COUNT; - - convert_to_string_ex(p_name); - - if (PS(session_status) == php_session_none) - RETURN_FALSE; - - IF_SESSION_VARS() { - if (zend_hash_find(Z_ARRVAL_P(PS(http_session_vars)), - Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name)+1, - (void **)&p_var) == SUCCESS) { - RETURN_TRUE; - } - } - RETURN_FALSE; -} -/* }}} */ - /* {{{ proto string session_encode(void) Serializes the current setup and returns the serialized representation */ PHP_FUNCTION(session_encode) @@ -1725,21 +1559,6 @@ PHP_FUNCTION(session_unset) IF_SESSION_VARS() { HashTable *ht = Z_ARRVAL_P(PS(http_session_vars)); - if (PG(register_globals)) { - uint str_len; - zstr str; - ulong num_key; - HashPosition pos; - - zend_hash_internal_pointer_reset_ex(ht, &pos); - - while (zend_hash_get_current_key_ex(ht, &str, &str_len, &num_key, - 0, &pos) == HASH_KEY_IS_STRING) { - zend_delete_global_variable(str.s, str_len-1 TSRMLS_CC); - zend_hash_move_forward_ex(ht, &pos); - } - } - /* Clean $_SESSION. */ zend_hash_clean(ht); } diff --git a/ext/session/tests/001.phpt b/ext/session/tests/001.phpt index 934987f1c9..790ce6f6c4 100644 --- a/ext/session/tests/001.phpt +++ b/ext/session/tests/001.phpt @@ -5,7 +5,6 @@ session object serialization --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.serialize_handler=php session.save_handler=files --FILE-- @@ -23,12 +22,10 @@ $baz->method(); $arr[3] = new foo; $arr[3]->method(); - -session_register("baz"); -session_register("arr"); - -print session_encode()."\n"; - +session_start(); +$_SESSION["baz"] = $baz; +$_SESSION["arr"] = $arr; +print session_encode(); session_destroy(); --EXPECT-- baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";s:4:"done";}arr|a:1:{i:3;O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";s:4:"done";}} diff --git a/ext/session/tests/003.phpt b/ext/session/tests/003.phpt index 9972358e1a..42b1e5b1be 100644 --- a/ext/session/tests/003.phpt +++ b/ext/session/tests/003.phpt @@ -5,7 +5,6 @@ session object deserialization --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.serialize_handler=php session.save_handler=files --FILE-- @@ -20,6 +19,8 @@ class foo { session_id("abtest"); session_start(); session_decode('baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:1;}arr|a:1:{i:3;O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:1;}}'); +$baz = $_SESSION['baz']; +$arr = $_SESSION['arr']; $baz->method(); $arr[3]->method(); diff --git a/ext/session/tests/004.phpt b/ext/session/tests/004.phpt index 2040476bc0..56507ea866 100644 --- a/ext/session/tests/004.phpt +++ b/ext/session/tests/004.phpt @@ -5,7 +5,6 @@ session_set_save_handler test --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.name=PHPSESSID session.serialize_handler=php --FILE-- @@ -56,6 +55,8 @@ session_set_save_handler(array($hnd, "open"), array($hnd, "close"), array($hnd, session_id("abtest"); session_start(); +$baz = $_SESSION['baz']; +$arr = $_SESSION['arr']; $baz->method(); $arr[3]->method(); @@ -72,10 +73,10 @@ var_dump($arr); session_destroy(); ?> ---EXPECT-- +--EXPECTF-- OPEN: PHPSESSID READ: abtest -object(foo)#2 (2) { +object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -83,7 +84,7 @@ object(foo)#2 (2) { } array(1) { [3]=> - object(foo)#3 (2) { + object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -93,7 +94,7 @@ array(1) { WRITE: abtest, baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:2;}arr|a:1:{i:3;O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:2;}} OPEN: PHPSESSID READ: abtest -object(foo)#4 (2) { +object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -101,7 +102,7 @@ object(foo)#4 (2) { } array(1) { [3]=> - object(foo)#2 (2) { + object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> diff --git a/ext/session/tests/005.phpt b/ext/session/tests/005.phpt index 5638376b9d..efc7f239d0 100644 --- a/ext/session/tests/005.phpt +++ b/ext/session/tests/005.phpt @@ -5,7 +5,6 @@ custom save handler, multiple session_start()s, complex data structure test. --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.name=PHPSESSID session.serialize_handler=php --FILE-- @@ -58,6 +57,8 @@ session_set_save_handler(array($hnd, "open"), array($hnd, "close"), array($hnd, session_id("abtest"); session_start(); +$baz = $_SESSION['baz']; +$arr = $_SESSION['arr']; $baz->method(); $arr[3]->method(); @@ -68,12 +69,16 @@ session_write_close(); session_set_save_handler(array($hnd, "open"), array($hnd, "close"), array($hnd, "read"), array($hnd, "write"), array($hnd, "destroy"), array($hnd, "gc")); session_start(); +$baz = $_SESSION['baz']; +$arr = $_SESSION['arr']; + + $baz->method(); $arr[3]->method(); $c = 123; -session_register("c"); +$_SESSION['c'] = $c; var_dump($baz); var_dump($arr); var_dump($c); session_write_close(); @@ -84,10 +89,10 @@ var_dump($baz); var_dump($arr); var_dump($c); session_destroy(); ?> ---EXPECT-- +--EXPECTF-- OPEN: PHPSESSID READ: abtest -object(foo)#2 (2) { +object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -95,7 +100,7 @@ object(foo)#2 (2) { } array(1) { [3]=> - object(foo)#3 (2) { + object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -106,7 +111,7 @@ WRITE: abtest, baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:2;}arr|a:1:{i:3;O CLOSE OPEN: PHPSESSID READ: abtest -object(foo)#4 (2) { +object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -114,7 +119,7 @@ object(foo)#4 (2) { } array(1) { [3]=> - object(foo)#2 (2) { + object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -126,7 +131,7 @@ WRITE: abtest, baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:3;}arr|a:1:{i:3;O CLOSE OPEN: PHPSESSID READ: abtest -object(foo)#3 (2) { +object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -134,7 +139,7 @@ object(foo)#3 (2) { } array(1) { [3]=> - object(foo)#4 (2) { + object(foo)#%d (2) { ["bar"]=> string(2) "ok" ["yes"]=> diff --git a/ext/session/tests/006.phpt b/ext/session/tests/006.phpt index e3e18bf9dd..5466a30c9f 100644 --- a/ext/session/tests/006.phpt +++ b/ext/session/tests/006.phpt @@ -5,7 +5,6 @@ correct instantiation of references between variables in sessions --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.serialize_handler=php session.save_handler=files --FILE-- @@ -32,15 +31,16 @@ $b = new b($a); echo "original values:\n"; var_dump($a,$b); -session_register("a"); -session_register("b"); -session_write_close(); +$_SESSION['a'] = $a; +$_SESSION['b'] = $b; -session_unregister("a"); -session_unregister("b"); +session_write_close(); +unset($_SESSION['a']); +unset($_SESSION['b']); session_start(); - +$a = $_SESSION['a']; +$b = $_SESSION['b']; echo "values after session:\n"; var_dump($a,$b); ?> diff --git a/ext/session/tests/007.phpt b/ext/session/tests/007.phpt index 7ed74ea474..6d7916cef1 100644 --- a/ext/session/tests/007.phpt +++ b/ext/session/tests/007.phpt @@ -1,12 +1,11 @@ --TEST-- bug compatibility: unset($c) with enabled register_globals --SKIPIF-- -<?php include('skipif.inc'); ?> +<?php die('skip');/* RG removed */ ?> --INI-- register_long_arrays=1 session.use_cookies=0 session.cache_limiter= -register_globals=1 session.bug_compat_42=1 session.serialize_handler=php session.save_handler=files @@ -22,7 +21,8 @@ session_destroy(); ### Phase 2 $HTTP_SESSION_VARS["c"] does not contain any value session_id("abtest"); -session_register("c"); +$_SESSION['c'] = $c; + unset($c); $c = 3.14; session_write_close(); @@ -31,6 +31,7 @@ unset($c); ### Phase 3 $HTTP_SESSION_VARS["c"] is set session_start(); +$c = $_SESSION['c']; var_dump($c); var_dump($HTTP_SESSION_VARS); unset($c); @@ -43,6 +44,7 @@ unset($c); ### Phase 4 final session_start(); +$c = $_SESSION['c']; var_dump($c); var_dump($HTTP_SESSION_VARS); diff --git a/ext/session/tests/008-php4.2.3.phpt b/ext/session/tests/008-php4.2.3.phpt index 0057f2be44..96c46dccf2 100644 --- a/ext/session/tests/008-php4.2.3.phpt +++ b/ext/session/tests/008-php4.2.3.phpt @@ -2,13 +2,13 @@ bug compatibility: global is used albeit register_globals=0 --SKIPIF-- <?php include('skipif.inc'); +die("skip, no more RG and session_register"); if (version_compare(PHP_VERSION,"4.2.3-dev", "<")) die("skip this is for PHP >= 4.2.3"); ?> --INI-- register_long_arrays=1 session.use_cookies=0 session.cache_limiter= -register_globals=0 session.bug_compat_42=1 session.bug_compat_warn=1 track_errors=1 @@ -21,14 +21,14 @@ session.save_handler=files --FILE-- <?php session_id("abtest"); - ### Phase 1 cleanup session_start(); session_destroy(); ### Phase 2 $HTTP_SESSION_VARS["c"] does not contain any value session_id("abtest"); -session_register("c"); +$_SESSION['c'] = NULL; +$c = $_SESSION['c']; var_dump($c); unset($c); $c = 3.14; @@ -40,6 +40,7 @@ unset($c); ### Phase 3 $HTTP_SESSION_VARS["c"] is set session_start(); +$c = $_SESSION['c']; var_dump($HTTP_SESSION_VARS); unset($c); $c = 2.78; @@ -51,6 +52,7 @@ unset($c); ### Phase 4 final session_start(); +$c = $_SESSION['c']; var_dump($c); var_dump($HTTP_SESSION_VARS); diff --git a/ext/session/tests/008.phpt b/ext/session/tests/008.phpt index 044a6f2536..cd88f79d25 100644 --- a/ext/session/tests/008.phpt +++ b/ext/session/tests/008.phpt @@ -7,7 +7,6 @@ bug compatibility: global is used albeit register_globals=0 --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=0 session.bug_compat_42=1 session.bug_compat_warn=0 --FILE-- diff --git a/ext/session/tests/009.phpt b/ext/session/tests/009.phpt index 903b8be3a5..6c3eee1dbb 100644 --- a/ext/session/tests/009.phpt +++ b/ext/session/tests/009.phpt @@ -6,7 +6,6 @@ unset($_SESSION["name"]); should work with register_globals=off register_long_arrays=1 session.use_cookies=0 session.cache_limiter= -register_globals=0 session.bug_compat_42=1 session.bug_compat_warn=0 session.serialize_handler=php diff --git a/ext/session/tests/010.phpt b/ext/session/tests/010.phpt index e1af8ce87f..9ece4e187b 100644 --- a/ext/session/tests/010.phpt +++ b/ext/session/tests/010.phpt @@ -5,7 +5,6 @@ $session_array = explode(";", session_encode()); should not segfault --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=0 session.bug_compat_42=1 session.bug_compat_warn=0 --FILE-- diff --git a/ext/session/tests/011.phpt b/ext/session/tests/011.phpt index 6aaa6bd797..809ee3fd3d 100644 --- a/ext/session/tests/011.phpt +++ b/ext/session/tests/011.phpt @@ -5,7 +5,6 @@ session_decode(); should not segfault --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=0 session.bug_compat_42=1 session.bug_compat_warn=0 --FILE-- diff --git a/ext/session/tests/012.phpt b/ext/session/tests/012.phpt index a3d33d3602..d471d1c795 100644 --- a/ext/session/tests/012.phpt +++ b/ext/session/tests/012.phpt @@ -1,11 +1,10 @@ --TEST-- registering $_SESSION should not segfault --SKIPIF-- -<?php include('skipif.inc'); ?> +<?php die("skip no more RG or session_register"); ?> --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.bug_compat_42=1 session.bug_compat_warn=0 session.serialize_handler=php diff --git a/ext/session/tests/013.phpt b/ext/session/tests/013.phpt index 54ccaeddb7..e67a115604 100644 --- a/ext/session/tests/013.phpt +++ b/ext/session/tests/013.phpt @@ -5,7 +5,6 @@ redefining SID should not cause warnings --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.bug_compat_42=1 session.bug_compat_warn=0 session.serialize_handler=php diff --git a/ext/session/tests/014.phpt b/ext/session/tests/014.phpt index 4c5b14c697..20273aea71 100644 --- a/ext/session/tests/014.phpt +++ b/ext/session/tests/014.phpt @@ -6,7 +6,6 @@ a script should not be able to modify session.use_trans_sid session.use_trans_sid=1 session.use_cookies=0 session.cache_limiter= -register_globals=1 session.bug_compat_42=1 session.bug_compat_warn=0 session.name=PHPSESSID diff --git a/ext/session/tests/019.phpt b/ext/session/tests/019.phpt index 2d819c6762..9e8037ac6c 100644 --- a/ext/session/tests/019.phpt +++ b/ext/session/tests/019.phpt @@ -1,11 +1,10 @@ --TEST-- serializing references test case using globals --SKIPIF-- -<?php include('skipif.inc'); ?> +<?php die("skip no more RG or session_register");include('skipif.inc'); ?> --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.serialize_handler=php session.save_handler=files --FILE-- @@ -25,7 +24,8 @@ class TFoo { session_id("abtest"); session_start(); -session_register('o1', 'o2' ); +$_SESSION['o1'] = $o1; +$_SESSION['o2'] = $o2; $o1 = new TFoo(42); $o2 =& $o1; diff --git a/ext/session/tests/bug24592.phpt b/ext/session/tests/bug24592.phpt index ccad794267..f70974d119 100644 --- a/ext/session/tests/bug24592.phpt +++ b/ext/session/tests/bug24592.phpt @@ -3,7 +3,6 @@ Bug #24592 (crash when multiple NULL values are being stored) --SKIPIF-- <?php include('skipif.inc'); ?> --INI-- -register_globals=0 html_errors=0 session.save_handler=files --FILE-- diff --git a/ext/session/tests/bug26862.phpt b/ext/session/tests/bug26862.phpt index 44e7418cd0..7990f74359 100644 --- a/ext/session/tests/bug26862.phpt +++ b/ext/session/tests/bug26862.phpt @@ -3,7 +3,6 @@ Bug #26862 (ob_flush() before output_reset_rewrite_vars() results in data loss) --SKIPIF-- <?php include('skipif.inc'); ?> --INI-- -register_globals=0 html_errors=0 session.use_trans_sid=0 session.save_handler=files diff --git a/main/main.c b/main/main.c index 1ae58af442..c5b02cc1c5 100644 --- a/main/main.c +++ b/main/main.c @@ -381,7 +381,6 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY("output_buffering", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLong, output_buffering, php_core_globals, core_globals) STD_PHP_INI_ENTRY("output_handler", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateString, output_handler, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_argc_argv, php_core_globals, core_globals) - STD_PHP_INI_BOOLEAN("register_globals", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_globals, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("register_long_arrays", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_long_arrays, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("auto_globals_jit", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, auto_globals_jit, php_core_globals, core_globals) #if PHP_SAFE_MODE diff --git a/main/php_globals.h b/main/php_globals.h index 582a472277..ae14971a60 100644 --- a/main/php_globals.h +++ b/main/php_globals.h @@ -118,7 +118,6 @@ struct _php_core_globals { zend_bool expose_php; - zend_bool register_globals; zend_bool register_long_arrays; zend_bool register_argc_argv; zend_bool auto_globals_jit; diff --git a/main/php_variables.c b/main/php_variables.c index c955787cae..5b8fcf4897 100644 --- a/main/php_variables.c +++ b/main/php_variables.c @@ -90,9 +90,8 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra if (track_vars_array) { symtable1 = Z_ARRVAL_P(track_vars_array); - } else if (PG(register_globals)) { - symtable1 = EG(active_symbol_table); } + if (!symtable1) { /* Nothing to do */ zval_dtor(val); @@ -253,9 +252,8 @@ PHPAPI void php_u_register_variable_ex(UChar *var, zval *val, zval *track_vars_a if (track_vars_array) { symtable1 = Z_ARRVAL_P(track_vars_array); - } else if (PG(register_globals)) { - symtable1 = EG(active_symbol_table); } + if (!symtable1) { /* Nothing to do */ zval_dtor(val); @@ -669,8 +667,7 @@ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) int count = 0; char *ss, *space; - if (! (PG(register_globals) || SG(request_info).argc || - PG(http_globals)[TRACK_VARS_SERVER]) ) { + if (! (SG(request_info).argc || PG(http_globals)[TRACK_VARS_SERVER]) ) { return; } @@ -727,7 +724,7 @@ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) argc->is_ref = 0; argc->refcount = 0; - if (PG(register_globals) || SG(request_info).argc) { + if (SG(request_info).argc) { arr->refcount++; argc->refcount++; zend_hash_update(&EG(symbol_table), "argv", sizeof("argv"), &arr, sizeof(zval *), NULL); @@ -812,7 +809,6 @@ static void php_autoglobal_merge(HashTable *dest, HashTable *src TSRMLS_DC) ulong num_key; HashPosition pos; int key_type; - int globals_check = (PG(register_globals) && (dest == (&EG(symbol_table)))); zend_hash_internal_pointer_reset_ex(src, &pos); while (zend_hash_get_current_data_ex(src, (void **)&src_entry, &pos) == SUCCESS) { @@ -826,7 +822,7 @@ static void php_autoglobal_merge(HashTable *dest, HashTable *src TSRMLS_DC) (*src_entry)->refcount++; if (key_type == HASH_KEY_IS_STRING) { /* if register_globals is on and working with main symbol table, prevent overwriting of GLOBALS */ - if (!globals_check || string_key_len != sizeof("GLOBALS") || memcmp(string_key.s, "GLOBALS", sizeof("GLOBALS") - 1)) { + if (string_key_len != sizeof("GLOBALS") || memcmp(string_key.s, "GLOBALS", sizeof("GLOBALS") - 1)) { zend_u_hash_update(dest, key_type, string_key, string_key_len, src_entry, sizeof(zval *), NULL); } else { (*src_entry)->refcount--; @@ -855,7 +851,7 @@ int php_hash_environment(TSRMLS_D) unsigned char _gpc_flags[5] = {0, 0, 0, 0, 0}; zval *dummy_track_vars_array = NULL; zend_bool initialized_dummy_track_vars_array=0; - zend_bool jit_initialization = (PG(auto_globals_jit) && !PG(register_globals) && !PG(register_long_arrays) && !PG(register_argc_argv)); + zend_bool jit_initialization = (PG(auto_globals_jit) && !PG(register_long_arrays) && !PG(register_argc_argv)); struct auto_global_record { char *name; uint name_len; @@ -885,9 +881,6 @@ int php_hash_environment(TSRMLS_D) if (!_gpc_flags[0] && !SG(headers_sent) && SG(request_info).request_method && !strcasecmp(SG(request_info).request_method, "POST")) { sapi_module.treat_data(PARSE_POST, NULL, NULL TSRMLS_CC); /* POST Data */ _gpc_flags[0] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_POST]) TSRMLS_CC); - } } break; case 'c': @@ -895,9 +888,6 @@ int php_hash_environment(TSRMLS_D) if (!_gpc_flags[1]) { sapi_module.treat_data(PARSE_COOKIE, NULL, NULL TSRMLS_CC); /* Cookie Data */ _gpc_flags[1] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_COOKIE]) TSRMLS_CC); - } } break; case 'g': @@ -905,9 +895,6 @@ int php_hash_environment(TSRMLS_D) if (!_gpc_flags[2]) { sapi_module.treat_data(PARSE_GET, NULL, NULL TSRMLS_CC); /* GET Data */ _gpc_flags[2] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_GET]) TSRMLS_CC); - } } break; case 'e': @@ -916,9 +903,6 @@ int php_hash_environment(TSRMLS_D) zend_auto_global_disable_jit("_ENV", sizeof("_ENV")-1 TSRMLS_CC); php_auto_globals_create_env("_ENV", sizeof("_ENV")-1 TSRMLS_CC); _gpc_flags[3] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_ENV]) TSRMLS_CC); - } } break; case 's': @@ -927,9 +911,6 @@ int php_hash_environment(TSRMLS_D) zend_auto_global_disable_jit("_SERVER", sizeof("_SERVER")-1 TSRMLS_CC); php_register_server_variables(TSRMLS_C); _gpc_flags[4] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]) TSRMLS_CC); - } } break; } diff --git a/main/rfc1867.c b/main/rfc1867.c index abdcbd58f6..63eb92846d 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -316,41 +316,25 @@ static void safe_u_php_register_variable_ex(UChar *var, zval *val, zval *track_v static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) { - int register_globals = PG(register_globals); - - PG(register_globals) = 0; safe_php_register_variable(strvar, val, http_post_files, override_protection TSRMLS_CC); - PG(register_globals) = register_globals; } static void register_u_http_post_files_variable(UChar *strvar, UChar *val, int val_len, zval *http_post_files, zend_bool override_protection TSRMLS_DC) { - int register_globals = PG(register_globals); - - PG(register_globals) = 0; safe_u_php_register_variable(strvar, val, val_len, http_post_files, override_protection TSRMLS_CC); - PG(register_globals) = register_globals; } static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) { - int register_globals = PG(register_globals); - - PG(register_globals) = 0; safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC); - PG(register_globals) = register_globals; } static void register_u_http_post_files_variable_ex(UChar *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) { - int register_globals = PG(register_globals); - - PG(register_globals) = 0; safe_u_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC); - PG(register_globals) = register_globals; } diff --git a/php.ini-dist b/php.ini-dist index bc4e6f044f..f6a5e51ee2 100644 --- a/php.ini-dist +++ b/php.ini-dist @@ -388,17 +388,6 @@ track_errors = Off ; values override older values. variables_order = "EGPCS" -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. This makes most sense when coupled with track_vars - in which -; case you can access all of the GPC variables through the $HTTP_*_VARS[], -; variables. -; -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -register_globals = Off - ; Whether or not to register the old-style input arrays, HTTP_GET_VARS ; and friends. If you're not using them, it's recommended to turn them off, ; for performance reasons. @@ -412,8 +401,8 @@ register_argc_argv = On ; When enabled, the SERVER and ENV variables are created when they're first ; used (Just In Time) instead of when the script starts. If these variables ; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. +; performance gain. The PHP directives register_long_arrays and +; register_argc_argv must be disabled for this directive to have any affect. auto_globals_jit = On ; Maximum size of POST data that PHP will accept. diff --git a/php.ini-recommended b/php.ini-recommended index d327e1c33a..2b51ace1a1 100644 --- a/php.ini-recommended +++ b/php.ini-recommended @@ -67,18 +67,6 @@ ; PHP. Please make sure you read what's different, and modify your scripts ; accordingly, if you decide to use this file instead. ; -; - register_globals = Off [Security, Performance] -; Global variables are no longer registered for input data (POST, GET, cookies, -; environment and other server variables). Instead of using $foo, you must use -; you can use $_REQUEST["foo"] (includes any variable that arrives through the -; request, namely, POST, GET and cookie variables), or use one of the specific -; $_GET["foo"], $_POST["foo"], $_COOKIE["foo"] or $_FILES["foo"], depending -; on where the input originates. Also, you can look at the -; import_request_variables() function. -; Note that register_globals is going to be depracated (i.e., turned off by -; default) in the next version of PHP, because it often leads to security bugs. -; Read http://php.net/manual/en/security.registerglobals.php for further -; information. ; - register_long_arrays = Off [Performance] ; Disables registration of the older (and deprecated) long predefined array ; variables ($HTTP_*_VARS). Instead, use the superglobals that were @@ -446,17 +434,6 @@ track_errors = Off ; values override older values. variables_order = "GPCS" -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. This makes most sense when coupled with track_vars - in which -; case you can access all of the GPC variables through the $HTTP_*_VARS[], -; variables. -; -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -register_globals = Off - ; Whether or not to register the old-style input arrays, HTTP_GET_VARS ; and friends. If you're not using them, it's recommended to turn them off, ; for performance reasons. @@ -470,8 +447,8 @@ register_argc_argv = Off ; When enabled, the SERVER and ENV variables are created when they're first ; used (Just In Time) instead of when the script starts. If these variables ; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. +; performance gain. The PHP directives register_long_arrays and +; register_argc_argv must be disabled for this directive to have any affect. auto_globals_jit = On ; Maximum size of POST data that PHP will accept. @@ -1005,8 +982,8 @@ session.gc_maxlifetime = 1440 ; cd /path/to/sessions; find -cmin +24 | xargs rm ; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, albeit register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; to initialize a session variable in the global scope. +; PHP 4.3 and later will warn you, if this feature is used. ; You can disable the feature and the warning separately. At this time, ; the warning is only displayed, if bug_compat_42 is enabled. diff --git a/sapi/apache/mod_php5.c b/sapi/apache/mod_php5.c index 74042ad777..3fe6f0f0b3 100644 --- a/sapi/apache/mod_php5.c +++ b/sapi/apache/mod_php5.c @@ -262,9 +262,6 @@ static void sapi_apache_register_server_variables(zval *track_vars_array TSRMLS_ /* If PATH_TRANSLATED doesn't exist, copy it from SCRIPT_FILENAME */ if (track_vars_array) { symbol_table = track_vars_array->value.ht; - } else if (PG(register_globals)) { - /* should never happen nowadays */ - symbol_table = EG(active_symbol_table); } else { symbol_table = NULL; } diff --git a/sapi/apache_hooks/mod_php5.c b/sapi/apache_hooks/mod_php5.c index 6fb54fcac6..c23dfc1d5c 100644 --- a/sapi/apache_hooks/mod_php5.c +++ b/sapi/apache_hooks/mod_php5.c @@ -384,9 +384,6 @@ static void sapi_apache_register_server_variables(zval *track_vars_array TSRMLS_ /* If PATH_TRANSLATED doesn't exist, copy it from SCRIPT_FILENAME */ if (track_vars_array) { symbol_table = track_vars_array->value.ht; - } else if (PG(register_globals)) { - /* should never happen nowadays */ - symbol_table = EG(active_symbol_table); } else { symbol_table = NULL; } diff --git a/sapi/apache_hooks/sapi_apache.c b/sapi/apache_hooks/sapi_apache.c index dd7f54e286..7c9c0e2a2a 100644 --- a/sapi/apache_hooks/sapi_apache.c +++ b/sapi/apache_hooks/sapi_apache.c @@ -79,12 +79,8 @@ int apache_php_module_hook(request_rec *r, php_handler *handler, zval **ret TSRM } req = php_apache_request_new(r); - if(PG(register_globals)) { - php_register_variable_ex("request", req, NULL TSRMLS_CC); - } - else { - php_register_variable_ex("request", req, PG(http_globals)[TRACK_VARS_SERVER] TSRMLS_CC); - } + php_register_variable_ex("request", req, PG(http_globals)[TRACK_VARS_SERVER] TSRMLS_CC); + switch(handler->type) { case AP_HANDLER_TYPE_FILE: php_register_variable("PHP_SELF_HOOK", handler->name, PG(http_globals)[TRACK_VARS_SERVER] TSRMLS_CC); |