Worked on beautifying rfc1867.c a bit

@- Introduced $HTTP_POST_FILES[], that contains information about files uploaded
@  through HTTP upload (Zeev)

3 files changed, 106 insertions, 28 deletions

diff --git a/main/php_variables.c b/main/php_variables.c
index aa2fcfe70e..b7efaef3d0 100644
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -28,12 +28,29 @@
 #include "zend_globals.h"
 
 
-PHPAPI void php_register_variable(char *var, char *val, pval *track_vars_array ELS_DC PLS_DC)
+PHPAPI void php_register_variable(char *var, char *strval, zval *track_vars_array ELS_DC PLS_DC)
+{
+	zval new_entry;
+
+	/* Prepare value */
+	new_entry.value.str.len = strlen(strval);
+	if (PG(magic_quotes_gpc)) {
+		new_entry.value.str.val = php_addslashes(strval, new_entry.value.str.len, &new_entry.value.str.len, 0);
+	} else {
+		strval = estrndup(strval, new_entry.value.str.len);
+	}
+	new_entry.type = IS_STRING;
+
+	php_register_variable_ex(var, &new_entry, track_vars_array ELS_CC PLS_CC);
+}
+
+
+PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_array ELS_DC PLS_DC)
 {
 	char *p = NULL;
 	char *ip;		/* index pointer */
 	char *index;
-	int var_len, val_len, index_len;
+	int var_len, index_len;
 	zval *gpc_element, **gpc_element_p, **top_gpc_p=NULL;
 	zend_bool is_array;
 	zend_bool free_index;
@@ -52,6 +69,7 @@ PHPAPI void php_register_variable(char *var, char *val, pval *track_vars_array E
 	}
 	if (!symtable1) {
 		/* we don't need track_vars, and we're not setting GPC globals either. */
+		zval_dtor(val);
 		return;
 	}
 
@@ -71,6 +89,7 @@ PHPAPI void php_register_variable(char *var, char *val, pval *track_vars_array E
 	}
 	var_len = strlen(var);
 	if (var_len==0) { /* empty variable name, or variable name with a space in it */
+		zval_dtor(val);
 		return;
 	}
 	/* ensure that we don't have spaces or dots in the variable name (not binary safe) */
@@ -83,14 +102,6 @@ PHPAPI void php_register_variable(char *var, char *val, pval *track_vars_array E
 		}
 	}
 
-	/* Prepare value */
-	val_len = strlen(val);
-	if (PG(magic_quotes_gpc)) {
-		val = php_addslashes(val, val_len, &val_len, 0);
-	} else {
-		val = estrndup(val, val_len);
-	}
-
 	index = var;
 	index_len = var_len;
 	free_index = 0;
@@ -150,9 +161,8 @@ PHPAPI void php_register_variable(char *var, char *val, pval *track_vars_array E
 			}
 		} else {
 			MAKE_STD_ZVAL(gpc_element);
-			gpc_element->value.str.val = val;
-			gpc_element->value.str.len = val_len;
-			gpc_element->type = IS_STRING;
+			gpc_element->value = val->value;
+			gpc_element->type = val->type;
 			if (!index) {
 				zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
 			} else {
@@ -225,6 +235,7 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC)
 						zend_hash_add_ptr(&EG(symbol_table), "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"), array_ptr, sizeof(pval *),NULL);
 						break;
 				}
+				array_ptr->refcount++;  /* If someone overwrites us, array_ptr must stay valid */
 			} else {
 				array_ptr=NULL;
 			}
@@ -236,6 +247,9 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC)
 
 	if (arg==PARSE_POST) {
 		sapi_handle_post(array_ptr SLS_CC);
+		if (array_ptr) {
+			zval_ptr_dtor(&array_ptr);
+		}
 		return;
 	}
 
@@ -261,6 +275,9 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC)
 	}
 
 	if (!res) {
+		if (array_ptr) {
+			zval_ptr_dtor(&array_ptr);
+		}
 		return;
 	}
 
@@ -290,6 +307,9 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC)
 	if (free_buffer) {
 		efree(res);
 	}
+	if (array_ptr) {
+		zval_ptr_dtor(&array_ptr);
+	}
 }
 
 
diff --git a/main/php_variables.h b/main/php_variables.h
index 33797f8333..7c36d6fd28 100644
--- a/main/php_variables.h
+++ b/main/php_variables.h
@@ -43,6 +43,7 @@
 void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC);
 void php_import_environment_variables(ELS_D PLS_DC);
 PHPAPI void php_register_variable(char *var, char *val, pval *track_vars_array ELS_DC PLS_DC);
+PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_array ELS_DC PLS_DC);
 
 
 #endif /* _PHP_VARIABLES_H */
diff --git a/main/rfc1867.c b/main/rfc1867.c
index a4d041f457..45ba94fff0 100644
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -30,6 +30,27 @@
 #define NEW_BOUNDARY_CHECK 1
 #define SAFE_RETURN { if (namebuf) efree(namebuf); if (filenamebuf) efree(filenamebuf); if (lbuf) efree(lbuf); return; }
 
+
+static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files ELS_DC PLS_DC)
+{
+	int register_globals = PG(register_globals);
+	
+	PG(register_globals) = 0;
+	php_register_variable(strvar, val, http_post_files ELS_CC PLS_CC);
+	PG(register_globals) = register_globals;
+}
+
+
+static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files ELS_DC PLS_DC)
+{
+	int register_globals = PG(register_globals);
+	
+	PG(register_globals) = 0;
+	php_register_variable_ex(var, val, http_post_files ELS_CC PLS_CC);
+	PG(register_globals) = register_globals;
+}
+
+
 /*
  * Split raw mime stream up into appropriate components
  */
@@ -42,9 +63,18 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr)
 	char *namebuf=NULL, *filenamebuf=NULL, *lbuf=NULL;
 	FILE *fp;
 	int itype;
+	zval *http_post_files=NULL;
 	ELS_FETCH();
 	PLS_FETCH();
 
+	if (PG(track_vars)) {
+		ALLOC_ZVAL(http_post_files);
+		array_init(http_post_files);
+		INIT_PZVAL(http_post_files);
+		zend_hash_add_ptr(&EG(symbol_table), "HTTP_POST_FILES", sizeof("HTTP_POST_FILES"), http_post_files, sizeof(zval *),NULL);
+	}
+
+
 	ptr = buf;
 	rem = cnt;
 	len = strlen(boundary);
@@ -96,7 +126,7 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr)
 					if (lbuf) {
 						efree(lbuf);
 					}
-					lbuf = emalloc(s-name + MAX(MAX(sizeof("_name"),sizeof("_size")),sizeof("_type")));
+					lbuf = emalloc(s-name + MAX(MAX(sizeof("[name]"),sizeof("[size]")),sizeof("[type]")));
 					state = 2;
 					loc2 = memchr(loc + 1, '\n', rem);
 					rem -= (loc2 - ptr) + 1;
@@ -117,19 +147,37 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr)
 						efree(filenamebuf);
 					}
 					filenamebuf = estrndup(filename, s-filename);
+
+					/* Add $foo_name */
 					sprintf(lbuf, "%s_name", namebuf);
 					s = strrchr(filenamebuf, '\\');
 					if (s && s > filenamebuf) {
-						SET_VAR_STRING(lbuf, estrdup(s + 1));
+						php_register_variable(lbuf, s+1, NULL ELS_CC PLS_CC);
 					} else {
-						SET_VAR_STRING(lbuf, estrdup(filenamebuf));
+						php_register_variable(lbuf, filenamebuf, NULL ELS_CC PLS_CC);
 					}
+
+					/* Add $foo[name] */
+					sprintf(lbuf, "%s[name]", namebuf);
+					if (s && s > filenamebuf) {
+						register_http_post_files_variable(lbuf, s+1, http_post_files ELS_CC PLS_CC);
+					} else {
+						register_http_post_files_variable(lbuf, filenamebuf, http_post_files ELS_CC PLS_CC);
+					}
+
 					state = 3;
 					if ((loc2 - loc) > 2) {
 						if (!strncasecmp(loc + 1, "Content-Type:", 13)) {
 							*(loc2 - 1) = '\0';
+
+							/* Add $foo_type */
 							sprintf(lbuf, "%s_type", namebuf);
-							SET_VAR_STRING(lbuf, estrdup(loc + 15));
+							php_register_variable(lbuf, loc+15, NULL ELS_CC PLS_CC);
+
+							/* Add $foo[type] */
+							sprintf(lbuf, "%s[type]", namebuf);
+							register_http_post_files_variable(lbuf, loc+15, http_post_files ELS_CC PLS_CC);
+
 							*(loc2 - 1) = '\n';
 						}
 						rem -= 2;
@@ -154,7 +202,6 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr)
 				}
 				*(loc - 4) = '\0';
 
-				/* Magic function that figures everything out */
 				php_register_variable(namebuf, ptr, array_ptr ELS_CC PLS_CC);
 
 				/* And a little kludge to pick out special MAX_FILE_SIZE */
@@ -196,18 +243,16 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr)
 					php_error(E_WARNING, "File Upload Error - No Mime boundary found after start of file header");
 					SAFE_RETURN;
 				}
-					fn = tempnam(PG(upload_tmp_dir), "php");
+				bytes = 0;
+				fn = tempnam(PG(upload_tmp_dir), "php");
 				if ((loc - ptr - 4) > PG(upload_max_filesize)) {
 					php_error(E_WARNING, "Max file size of %ld bytes exceeded - file [%s] not saved", PG(upload_max_filesize),namebuf);
-					bytes=0;	
-					SET_VAR_STRING(namebuf, estrdup("none"));
+					fn = "none";
 				} else if (max_file_size && ((loc - ptr - 4) > max_file_size)) {
 					php_error(E_WARNING, "Max file size exceeded - file [%s] not saved", namebuf);
-					bytes = 0;
-					SET_VAR_STRING(namebuf, estrdup("none"));
+					fn = "none";
 				} else if ((loc - ptr - 4) <= 0) {
-					bytes = 0;
-					SET_VAR_STRING(namebuf, estrdup("none"));
+					fn = "none";
 				} else {
 					fp = fopen(fn, "wb");
 					if (!fp) {
@@ -220,10 +265,22 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr)
 					if (bytes < (loc - ptr - 4)) {
 						php_error(E_WARNING, "Only %d bytes were written, expected to write %ld", bytes, loc - ptr - 4);
 					}
-					SET_VAR_STRING(namebuf, estrdup(fn));
 				}
-				sprintf(lbuf, "%s_size", namebuf);
-				SET_VAR_LONG(lbuf, bytes);
+				php_register_variable(namebuf, fn, NULL ELS_CC PLS_CC);
+				{
+					zval file_size;
+
+					file_size.value.lval = bytes;
+					file_size.type = IS_LONG;
+
+					/* Add $foo_size */
+					sprintf(lbuf, "%s_size", namebuf);
+					php_register_variable_ex(lbuf, &file_size, NULL ELS_CC PLS_CC);
+
+					/* Add $foo[size] */
+					sprintf(lbuf, "%s[size]", namebuf);
+					register_http_post_files_variable_ex(lbuf, &file_size, http_post_files ELS_CC PLS_CC);
+				}
 				state = 0;
 				rem -= (loc - ptr);
 				ptr = loc;