diff options
| author | Andrei Zmievski <andrei@php.net> | 2001-04-25 20:14:29 +0000 |
|---|---|---|
| committer | Andrei Zmievski <andrei@php.net> | 2001-04-25 20:14:29 +0000 |
| commit | 07a5e3fb9cb37efc5f618b01333bf5c47f159a24 (patch) | |
| tree | 2f1ff742f97226a4f5175402adea4ea5369a4fc8 /ext/wddx | |
| parent | a09c88cb6a259e347268cfa13b0e2ef9c348741e (diff) | |
| download | php-git-07a5e3fb9cb37efc5f618b01333bf5c47f159a24.tar.gz | |
* Made ENT_* defines availabe to other functions.
* The key/variable names in WDDX are now html escaped to not break XML.
@- Fixed WDDX serialization to HTML-escape key/variable names so as not to
@ break the XML packet. (Andrei)
Diffstat (limited to 'ext/wddx')
| -rw-r--r-- | ext/wddx/php_wddx_api.h | 2 | ||||
| -rw-r--r-- | ext/wddx/wddx.c | 40 |
2 files changed, 25 insertions, 17 deletions
diff --git a/ext/wddx/php_wddx_api.h b/ext/wddx/php_wddx_api.h index a9347aa31b..0d7318059b 100644 --- a/ext/wddx/php_wddx_api.h +++ b/ext/wddx/php_wddx_api.h @@ -59,7 +59,7 @@ wddx_packet *php_wddx_constructor(void); void php_wddx_packet_start(wddx_packet *packet, char *comment, int comment_len); void php_wddx_packet_end(wddx_packet *packet); -void php_wddx_serialize_var(wddx_packet *packet, zval *var, char *name); +void php_wddx_serialize_var(wddx_packet *packet, zval *var, char *name, int name_len); int php_wddx_deserialize_ex(char *, int, zval *return_value); #define php_wddx_gather(packet) estrndup(packet->c, packet->len) diff --git a/ext/wddx/wddx.c b/ext/wddx/wddx.c index 409659c7fc..97021f763f 100644 --- a/ext/wddx/wddx.c +++ b/ext/wddx/wddx.c @@ -41,6 +41,7 @@ #include "ext/standard/base64.h" #include "ext/standard/info.h" #include "ext/standard/php_smart_str.h" +#include "ext/standard/html.h" #define WDDX_BUF_LEN 256 #define PHP_CLASS_NAME_VAR "php_class_name" @@ -368,13 +369,15 @@ static void php_wddx_serialize_object(wddx_packet *packet, zval *obj) } if (zend_hash_find(HASH_OF(obj), Z_STRVAL_PP(varname), Z_STRLEN_PP(varname)+1, (void **)&ent) == SUCCESS) { - php_wddx_serialize_var(packet, *ent, Z_STRVAL_PP(varname)); + php_wddx_serialize_var(packet, *ent, Z_STRVAL_PP(varname), Z_STRLEN_PP(varname)); } } php_wddx_add_chunk_static(packet, WDDX_STRUCT_E); } } else { + ulong key_len; + PHP_CLASS_ATTRIBUTES; PHP_SET_CLASS_ATTRIBUTES(obj); @@ -395,11 +398,11 @@ static void php_wddx_serialize_object(wddx_packet *packet, zval *obj) if (*ent == obj) continue; - if (zend_hash_get_current_key(HASH_OF(obj), &key, &idx, 0) == HASH_KEY_IS_STRING) { - php_wddx_serialize_var(packet, *ent, key); + if (zend_hash_get_current_key_ex(HASH_OF(obj), &key, &key_len, &idx, 0, NULL) == HASH_KEY_IS_STRING) { + php_wddx_serialize_var(packet, *ent, key, key_len); } else { - sprintf(tmp_buf, "%ld", idx); - php_wddx_serialize_var(packet, *ent, tmp_buf); + key_len = sprintf(tmp_buf, "%ld", idx); + php_wddx_serialize_var(packet, *ent, tmp_buf, key_len); } } php_wddx_add_chunk_static(packet, WDDX_STRUCT_E); @@ -416,6 +419,7 @@ static void php_wddx_serialize_array(wddx_packet *packet, zval *arr) { zval **ent; char *key; + ulong key_len; int is_struct = 0, ent_type; ulong idx; HashTable *target_hash; @@ -442,7 +446,7 @@ static void php_wddx_serialize_array(wddx_packet *packet, zval *arr) } ind++; - } + } if (is_struct) { php_wddx_add_chunk_static(packet, WDDX_STRUCT_S); @@ -458,16 +462,16 @@ static void php_wddx_serialize_array(wddx_packet *packet, zval *arr) continue; if (is_struct) { - ent_type = zend_hash_get_current_key(target_hash, &key, &idx, 0); + ent_type = zend_hash_get_current_key_ex(target_hash, &key, &key_len, &idx, 0, NULL); if (ent_type == HASH_KEY_IS_STRING) { - php_wddx_serialize_var(packet, *ent, key); + php_wddx_serialize_var(packet, *ent, key, key_len); } else { - sprintf(tmp_buf, "%ld", idx); - php_wddx_serialize_var(packet, *ent, tmp_buf); + key_len = sprintf(tmp_buf, "%ld", idx); + php_wddx_serialize_var(packet, *ent, tmp_buf, key_len); } } else - php_wddx_serialize_var(packet, *ent, NULL); + php_wddx_serialize_var(packet, *ent, NULL, 0); } if (is_struct) { @@ -478,13 +482,17 @@ static void php_wddx_serialize_array(wddx_packet *packet, zval *arr) } -void php_wddx_serialize_var(wddx_packet *packet, zval *var, char *name) +void php_wddx_serialize_var(wddx_packet *packet, zval *var, char *name, int name_len) { char tmp_buf[WDDX_BUF_LEN]; - + char *name_esc; + int name_esc_len; + if (name) { - sprintf(tmp_buf, WDDX_VAR_S, name); + name_esc = php_escape_html_entities(name, name_len, &name_esc_len, 0, ENT_QUOTES); + sprintf(tmp_buf, WDDX_VAR_S, name_esc); php_wddx_add_chunk(packet, tmp_buf); + efree(name_esc); } switch(Z_TYPE_P(var)) { @@ -530,7 +538,7 @@ static void php_wddx_add_var(wddx_packet *packet, zval *name_var) { if (zend_hash_find(EG(active_symbol_table), Z_STRVAL_P(name_var), Z_STRLEN_P(name_var)+1, (void**)&val) != FAILURE) { - php_wddx_serialize_var(packet, *val, Z_STRVAL_P(name_var)); + php_wddx_serialize_var(packet, *val, Z_STRVAL_P(name_var), Z_STRLEN_P(name_var)); } } else if (Z_TYPE_P(name_var) == IS_ARRAY || Z_TYPE_P(name_var) == IS_OBJECT) @@ -887,7 +895,7 @@ PHP_FUNCTION(wddx_serialize_value) else php_wddx_packet_start(packet, NULL, 0); - php_wddx_serialize_var(packet, (*var), NULL); + php_wddx_serialize_var(packet, (*var), NULL, 0); php_wddx_packet_end(packet); ZVAL_STRINGL(return_value, packet->c, packet->len, 1); |