diff options
| author | Christian Stocker <chregu@php.net> | 2005-04-06 12:26:29 +0000 |
|---|---|---|
| committer | Christian Stocker <chregu@php.net> | 2005-04-06 12:26:29 +0000 |
| commit | 997690b1325f8aeeb39eddb08ed53de17860a985 (patch) | |
| tree | f51a9f1b8d09914ea0eb94e5cec89aeffabc0f16 /ext/xsl/xsltprocessor.c | |
| parent | e7a2efe053a41742b1305ed5e88b158be156e7e8 (diff) | |
| download | php-git-997690b1325f8aeeb39eddb08ed53de17860a985.tar.gz | |
- Added optional first parameter to XsltProcessor::registerPHPFunctions to only
allow certain functions to be called from XSLT.
Diffstat (limited to 'ext/xsl/xsltprocessor.c')
| -rw-r--r-- | ext/xsl/xsltprocessor.c | 38 |
1 files changed, 36 insertions, 2 deletions
diff --git a/ext/xsl/xsltprocessor.c b/ext/xsl/xsltprocessor.c index 04188c397b..a33a4a6dd2 100644 --- a/ext/xsl/xsltprocessor.c +++ b/ext/xsl/xsltprocessor.c @@ -267,6 +267,10 @@ static void xsl_ext_function_php(xmlXPathParserContextPtr ctxt, int nargs, int t if (!zend_make_callable(&handler, &callable TSRMLS_CC)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to call handler %s()", callable); + } else if ( intern->registerPhpFunctions == 2 && zend_hash_exists(intern->registered_phpfunctions, callable, strlen(callable) + 1) == 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Not allowed to call handler '%s()'.", callable); + // Push an empty string, so that we at least have an xslt result... + valuePush(ctxt, xmlXPathNewString("")); } else { result = zend_call_function(&fci, NULL TSRMLS_CC); if (result == FAILURE) { @@ -685,13 +689,43 @@ PHP_FUNCTION(xsl_xsltprocessor_register_php_functions) { zval *id; xsl_object *intern; + zval *array_value, **entry, *new_string; + int name_len = 0; + char *name; DOM_GET_THIS(id); - intern = (xsl_object *)zend_object_store_get_object(id TSRMLS_CC); - intern->registerPhpFunctions = 1; + if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "a", &array_value) == SUCCESS) { + intern = (xsl_object *)zend_object_store_get_object(id TSRMLS_CC); + zend_hash_internal_pointer_reset(Z_ARRVAL_P(array_value)); + while (zend_hash_get_current_data(Z_ARRVAL_P(array_value), (void **)&entry) == SUCCESS) { + SEPARATE_ZVAL(entry); + convert_to_string_ex(entry); + + MAKE_STD_ZVAL(new_string); + ZVAL_LONG(new_string,1); + + zend_hash_update(intern->registered_phpfunctions, Z_STRVAL_PP(entry), Z_STRLEN_PP(entry) + 1, &new_string, sizeof(zval*), NULL); + zend_hash_move_forward(Z_ARRVAL_P(array_value)); + } + intern->registerPhpFunctions = 2; + RETURN_TRUE; + + } else if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "s", &name, &name_len) == SUCCESS) { + intern = (xsl_object *)zend_object_store_get_object(id TSRMLS_CC); + + MAKE_STD_ZVAL(new_string); + ZVAL_LONG(new_string,1); + zend_hash_update(intern->registered_phpfunctions, name, name_len + 1, &new_string, sizeof(zval*), NULL); + intern->registerPhpFunctions = 2; + + } else { + intern = (xsl_object *)zend_object_store_get_object(id TSRMLS_CC); + intern->registerPhpFunctions = 1; + } + } /* }}} end xsl_xsltprocessor_register_php_functions(); */ |