diff options
45 files changed, 122 insertions, 447 deletions
@@ -716,14 +716,6 @@ CGI environment and recommended modifications in php.ini the web server not from the administration server. Use the command line as root user and start it manually - you will see there are no CGI-like environment variables. - - Simply change your scripts to get CGI variables in the correct way for - PHP 4.x by using the superglobal $_SERVER. If you have older scripts - which use $HTTP_HOST, etc., you should turn on register_globals in - php.ini and change the variable order too (important: remove "E" from - it, because you do not need the environment here): -variables_order = "GPCS" -register_globals = On __________________________________________________________________ Special use for error pages or self-made directory listings (PHP >= 4.3.3) @@ -1532,7 +1524,7 @@ The configuration file ; Boolean values can be set to either: ; true, on, yes ; or false, off, no, none -register_globals = off +html_errors = off track_errors = yes ; you can enclose strings in double-quotes @@ -12,6 +12,7 @@ time are allocated in a single copy and never changed. (Dmitry) - Added an optimization which saves memory and emalloc/efree calls for empty HashTables (Stas, Dmitry) + - Added Tokyo Cabinet abstract DB support to ext/dba. (Michael Maclean) - Added Jenkins's one-at-a-time hash support to ext/hash. (Martin Jansen) - Added FNV-1 hash support to ext/hash. (Michael Maclean) @@ -30,6 +31,7 @@ - Removed legacy features: (Kalle) . define_syslog_variables ini option and its associated function. + . register_globals. . register_long_arrays ini option. . y2k_compliance ini option. diff --git a/README.input_filter b/README.input_filter index 8fb8244bd8..4b83b9d113 100644 --- a/README.input_filter +++ b/README.input_filter @@ -19,9 +19,7 @@ A simple implementation might look like the following. This stores the original raw user data and adds a my_get_raw() function while the normal $_POST, $_GET and $_COOKIE arrays are only populated with stripped data. In this simple example all I am doing is calling strip_tags() on -the data. If register_globals is turned on, the default globals that -are created will be stripped ($foo) while a $RAW_foo is created with the -original user input. +the data. ZEND_BEGIN_MODULE_GLOBALS(my_input_filter) zval *post_array; @@ -155,8 +153,6 @@ PHP_FUNCTION(my_get_raw) int var_len; zval **tmp; zval *array_ptr = NULL; - HashTable *hash_ptr; - char *raw_var; if(zend_parse_parameters(2 TSRMLS_CC, "ls", &arg, &var, &var_len) == FAILURE) { return; @@ -174,23 +170,15 @@ PHP_FUNCTION(my_get_raw) break; } - if(!array_ptr) RETURN_FALSE; - - /* - * I'm changing the variable name here because when running with register_globals on, - * the variable will end up in the global symbol table - */ - raw_var = emalloc(var_len+5); /* RAW_ and a \0 */ - strcpy(raw_var, "RAW_"); - strlcat(raw_var,var,var_len+5); - hash_ptr = HASH_OF(array_ptr); + if(!array_ptr) { + RETURN_FALSE; + } - if(zend_hash_find(hash_ptr, raw_var, var_len+5, (void **)&tmp) == SUCCESS) { + if(zend_hash_find(HASH_OF(array_ptr), var, var_len+5, (void **)&tmp) == SUCCESS) { *return_value = **tmp; zval_copy_ctor(return_value); } else { RETVAL_FALSE; } - efree(raw_var); } diff --git a/Zend/tests/unset_cv06.phpt b/Zend/tests/unset_cv06.phpt index b1ef0cc2ac..dd788158e4 100644 --- a/Zend/tests/unset_cv06.phpt +++ b/Zend/tests/unset_cv06.phpt @@ -3,27 +3,20 @@ unset() CV 6 (indirect unset() of global variable in session_unset()) --SKIPIF-- <?php include(dirname(__FILE__).'/../../ext/session/tests/skipif.inc'); ?> --INI-- -register_globals=1 session.auto_start=0 session.save_handler=files --FILE-- <?php -$x = "1\n"; session_start(); -echo $x; -session_register('x'); -$_SESSION['x'] = "2\n"; -echo $x; +$_SESSION['x'] = "1\n"; +echo $_SESSION['x']; + session_unset(); -echo $x; +echo $_SESSION['x']; echo "ok\n"; ?> --EXPECTF-- -Warning: Directive 'register_globals' is deprecated in PHP %d.%d and greater in Unknown on line 0 1 -Deprecated: Function session_register() is deprecated in %s on line %d -2 - -Notice: Undefined variable: x in %sunset_cv06.php on line %d +Notice: Undefined index: x in %sunset_cv06.php on line %d ok diff --git a/ext/filter/filter.c b/ext/filter/filter.c index 82708dda3b..b64c6bd652 100644 --- a/ext/filter/filter.c +++ b/ext/filter/filter.c @@ -450,8 +450,6 @@ static unsigned int php_sapi_filter(int arg, char *var, char **val, unsigned int orig_var = estrdup(var); /* Store the RAW variable internally */ - /* FIXME: Should not use php_register_variable_ex as that also registers - * globals when register_globals is turned on */ Z_STRLEN(raw_var) = val_len; Z_STRVAL(raw_var) = estrndup(*val, val_len); Z_TYPE(raw_var) = IS_STRING; @@ -461,8 +459,6 @@ static unsigned int php_sapi_filter(int arg, char *var, char **val, unsigned int if (val_len) { /* Register mangled variable */ - /* FIXME: Should not use php_register_variable_ex as that also registers - * globals when register_globals is turned on */ Z_STRLEN(new_var) = val_len; Z_TYPE(new_var) = IS_STRING; @@ -537,7 +533,6 @@ static zval *php_filter_get_storage(long arg TSRMLS_DC)/* {{{ */ { zval *array_ptr = NULL; - zend_bool jit_initialization = (PG(auto_globals_jit) && !PG(register_globals)); switch (arg) { case PARSE_GET: @@ -550,13 +545,13 @@ static zval *php_filter_get_storage(long arg TSRMLS_DC)/* {{{ */ array_ptr = IF_G(cookie_array); break; case PARSE_SERVER: - if (jit_initialization) { + if (PG(auto_globals_jit)) { zend_is_auto_global("_SERVER", sizeof("_SERVER")-1 TSRMLS_CC); } array_ptr = IF_G(server_array); break; case PARSE_ENV: - if (jit_initialization) { + if (PG(auto_globals_jit)) { zend_is_auto_global("_ENV", sizeof("_ENV")-1 TSRMLS_CC); } array_ptr = IF_G(env_array); diff --git a/ext/mbstring/mb_gpc.c b/ext/mbstring/mb_gpc.c index b43aadbd45..c4bf0419d9 100644 --- a/ext/mbstring/mb_gpc.c +++ b/ext/mbstring/mb_gpc.c @@ -151,7 +151,6 @@ MBSTRING_API SAPI_TREAT_DATA_FUNC(mbstr_treat_data) info.data_type = arg; info.separator = separator; - info.force_register_globals = 0; info.report_errors = 0; info.to_encoding = MBSTRG(internal_encoding); info.to_language = MBSTRG(language); @@ -210,13 +209,6 @@ enum mbfl_no_encoding _php_mb_encoding_handler_ex(const php_mb_encoding_handler_ mbfl_string_init_set(&resvar, info->to_language, info->to_encoding); mbfl_string_init_set(&resval, info->to_language, info->to_encoding); - /* register_globals stuff - * XXX: this feature is going to be deprecated? */ - - if (info->force_register_globals && !(prev_rg_state = PG(register_globals))) { - zend_alter_ini_entry("register_globals", sizeof("register_globals"), "1", sizeof("1")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME); - } - if (!res || *res == '\0') { goto out; } @@ -346,11 +338,6 @@ enum mbfl_no_encoding _php_mb_encoding_handler_ex(const php_mb_encoding_handler_ } out: - /* register_global stuff */ - if (info->force_register_globals && !prev_rg_state) { - zend_alter_ini_entry("register_globals", sizeof("register_globals"), "0", sizeof("0")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME); - } - if (convd != NULL) { MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd); mbfl_buffer_converter_delete(convd); @@ -376,7 +363,6 @@ SAPI_POST_HANDLER_FUNC(php_mb_post_handler) info.data_type = PARSE_POST; info.separator = "&"; - info.force_register_globals = 0; info.report_errors = 0; info.to_encoding = MBSTRG(internal_encoding); info.to_language = MBSTRG(language); diff --git a/ext/mbstring/mb_gpc.h b/ext/mbstring/mb_gpc.h index 593b413253..83090c3bc9 100644 --- a/ext/mbstring/mb_gpc.h +++ b/ext/mbstring/mb_gpc.h @@ -32,7 +32,6 @@ typedef struct _php_mb_encoding_handler_info_t { int data_type; const char *separator; - unsigned int force_register_globals: 1; unsigned int report_errors: 1; enum mbfl_no_language to_language; enum mbfl_no_encoding to_encoding; diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c index baa93983a3..1291ce2e2c 100644 --- a/ext/mbstring/mbstring.c +++ b/ext/mbstring/mbstring.c @@ -1896,7 +1896,6 @@ PHP_FUNCTION(mb_parse_str) info.data_type = PARSE_STRING; info.separator = PG(arg_separator).input; - info.force_register_globals = (track_vars_array == NULL); info.report_errors = 1; info.to_encoding = MBSTRG(current_internal_encoding); info.to_language = MBSTRG(language); diff --git a/ext/mbstring/tests/mb_parse_str.phpt b/ext/mbstring/tests/mb_parse_str.phpt index 8b320b0845..fcfbbd9fe4 100644 --- a/ext/mbstring/tests/mb_parse_str.phpt +++ b/ext/mbstring/tests/mb_parse_str.phpt @@ -4,7 +4,6 @@ mb_parse_str() <?php extension_loaded('mbstring') or die('skip mbstring not available'); ?> --INI-- arg_separator.input=& -register_globals=0 --FILE-- <?php $queries = array( diff --git a/ext/mbstring/tests/mb_parse_str02.phpt b/ext/mbstring/tests/mb_parse_str02.phpt index 51cfb63cb9..44ed44865c 100644 --- a/ext/mbstring/tests/mb_parse_str02.phpt +++ b/ext/mbstring/tests/mb_parse_str02.phpt @@ -4,7 +4,6 @@ mb_parse_str() test 2 <?php extension_loaded('mbstring') or die('skip mbstring not available'); ?> --INI-- arg_separator.input=&# -register_globals=0 --FILE-- <?php $queries = array( diff --git a/ext/session/session.c b/ext/session/session.c index 73fc53d741..c6c4a39401 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -131,76 +131,18 @@ PHPAPI void php_add_session_var(char *name, size_t namelen TSRMLS_DC) /* {{{ */ return; } - /* Set up a proper reference between $_SESSION["x"] and $x. */ + if (sym_track == NULL) { + zval *empty_var; - if (PG(register_globals)) { - zval **sym_global = NULL; - - if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void *) &sym_global) == SUCCESS) { - if ((Z_TYPE_PP(sym_global) == IS_ARRAY && Z_ARRVAL_PP(sym_global) == &EG(symbol_table)) || *sym_global == PS(http_session_vars)) { - return; - } - } - - if (sym_global == NULL && sym_track == NULL) { - zval *empty_var; - - ALLOC_INIT_ZVAL(empty_var); /* this sets refcount to 1 */ - Z_SET_REFCOUNT_P(empty_var, 0); /* our module does not maintain a ref */ - /* The next call will increase refcount by NR_OF_SYM_TABLES==2 */ - zend_set_hash_symbol(empty_var, name, namelen, 1, 2, Z_ARRVAL_P(PS(http_session_vars)), &EG(symbol_table)); - } else if (sym_global == NULL) { - SEPARATE_ZVAL_IF_NOT_REF(sym_track); - zend_set_hash_symbol(*sym_track, name, namelen, 1, 1, &EG(symbol_table)); - } else if (sym_track == NULL) { - SEPARATE_ZVAL_IF_NOT_REF(sym_global); - zend_set_hash_symbol(*sym_global, name, namelen, 1, 1, Z_ARRVAL_P(PS(http_session_vars))); - } - } else { - if (sym_track == NULL) { - zval *empty_var; - - ALLOC_INIT_ZVAL(empty_var); - ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, empty_var, 1, 0); - } + ALLOC_INIT_ZVAL(empty_var); + ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, empty_var, 1, 0); } } /* }}} */ PHPAPI void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC) /* {{{ */ { - if (PG(register_globals)) { - zval **old_symbol; - if (zend_hash_find(&EG(symbol_table),name,namelen+1,(void *)&old_symbol) == SUCCESS) { - if ((Z_TYPE_PP(old_symbol) == IS_ARRAY && Z_ARRVAL_PP(old_symbol) == &EG(symbol_table)) || *old_symbol == PS(http_session_vars)) { - return; - } - - /* A global symbol with the same name exists already. That - * symbol might have been created by other means (e.g. $_GET). - * - * hash_update in zend_set_hash_symbol is not good, because - * it will leave referenced variables (such as local instances - * of a global variable) dangling. - * - * BTW: if you use register_globals references between - * session-vars won't work because of this very reason! */ - - REPLACE_ZVAL_VALUE(old_symbol,state_val,1); - - /* The following line will update the reference table used for - * unserialization. It is optional, because some storage - * formats may not be able to represent references. */ - - if (var_hash) { - PHP_VAR_UNSERIALIZE_ZVAL_CHANGED(var_hash,state_val,*old_symbol); - } - - zend_set_hash_symbol(*old_symbol, name, namelen, 1, 1, Z_ARRVAL_P(PS(http_session_vars))); - } else { - zend_set_hash_symbol(state_val, name, namelen, 1, 2, Z_ARRVAL_P(PS(http_session_vars)), &EG(symbol_table)); - } - } else IF_SESSION_VARS() { + IF_SESSION_VARS() { zend_set_hash_symbol(state_val, name, namelen, PZVAL_IS_REF(state_val), 1, Z_ARRVAL_P(PS(http_session_vars))); } } @@ -212,20 +154,6 @@ PHPAPI int php_get_session_var(char *name, size_t namelen, zval ***state_var TSR IF_SESSION_VARS() { ret = zend_hash_find(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1, (void **) state_var); - - /* If register_globals is enabled, and - * if there is an entry for the slot in $_SESSION, and - * if that entry is still set to NULL, and - * if the global var exists, then - * we prefer the same key in the global sym table. */ - - if (PG(register_globals) && ret == SUCCESS && Z_TYPE_PP(*state_var) == IS_NULL) { - zval **tmp; - - if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) { - *state_var = tmp; - } - } } return ret; } @@ -546,7 +474,7 @@ static void php_session_save_current_state(TSRMLS_D) /* {{{ */ int ret = FAILURE; IF_SESSION_VARS() { - if (PS(bug_compat) && !PG(register_globals)) { + if (PS(bug_compat)) { HashTable *ht = Z_ARRVAL_P(PS(http_session_vars)); HashPosition pos; zval **val; @@ -564,7 +492,7 @@ static void php_session_save_current_state(TSRMLS_D) /* {{{ */ } if (do_warn && PS(bug_compat_warn)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively"); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively"); } } @@ -1895,20 +1823,6 @@ static PHP_FUNCTION(session_unset) SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars)); ht = Z_ARRVAL_P(PS(http_session_vars)); - if (PG(register_globals)) { - uint str_len; - char *str; - ulong num_key; - HashPosition pos; - - zend_hash_internal_pointer_reset_ex(ht, &pos); - - while (zend_hash_get_current_key_ex(ht, &str, &str_len, &num_key, 0, &pos) == HASH_KEY_IS_STRING) { - zend_delete_global_variable(str, str_len - 1 TSRMLS_CC); - zend_hash_move_forward_ex(ht, &pos); - } - } - /* Clean $_SESSION. */ zend_hash_clean(ht); } diff --git a/ext/session/tests/001.phpt b/ext/session/tests/001.phpt index 19dff78e1f..eb04dc1147 100644 --- a/ext/session/tests/001.phpt +++ b/ext/session/tests/001.phpt @@ -5,7 +5,6 @@ session object serialization --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.serialize_handler=php session.save_handler=files --FILE-- @@ -24,17 +23,14 @@ $baz->method(); $arr[3] = new foo; $arr[3]->method(); -session_register("baz"); -session_register("arr"); +session_start(); + +$_SESSION["baz"] = $baz; +$_SESSION["arr"] = $arr; print session_encode()."\n"; session_destroy(); ---EXPECTF-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 - -Deprecated: Function session_register() is deprecated in %s on line %d - -Deprecated: Function session_register() is deprecated in %s on line %d +--EXPECT-- baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";s:4:"done";}arr|a:1:{i:3;O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";s:4:"done";}} diff --git a/ext/session/tests/003.phpt b/ext/session/tests/003.phpt index 8a4e0027f8..03c3b95766 100644 --- a/ext/session/tests/003.phpt +++ b/ext/session/tests/003.phpt @@ -5,7 +5,6 @@ session object deserialization --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.serialize_handler=php session.save_handler=files --FILE-- @@ -21,14 +20,13 @@ session_id("abtest"); session_start(); session_decode('baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:1;}arr|a:1:{i:3;O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:1;}}'); -$baz->method(); -$arr[3]->method(); +$_SESSION["baz"]->method(); +$_SESSION["arr"][3]->method(); -var_dump($baz); -var_dump($arr); +var_dump($_SESSION["baz"]); +var_dump($_SESSION["arr"]); session_destroy(); --EXPECT-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 object(foo)#1 (2) { ["bar"]=> string(2) "ok" diff --git a/ext/session/tests/004.phpt b/ext/session/tests/004.phpt index 2ff675e7cd..aeb2c8b363 100644 --- a/ext/session/tests/004.phpt +++ b/ext/session/tests/004.phpt @@ -5,7 +5,6 @@ session_set_save_handler test --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.name=PHPSESSID session.serialize_handler=php --FILE-- @@ -56,24 +55,23 @@ session_set_save_handler(array($hnd, "open"), array($hnd, "close"), array($hnd, session_id("abtest"); session_start(); -$baz->method(); -$arr[3]->method(); +$_SESSION["baz"]->method(); +$_SESSION["arr"][3]->method(); -var_dump($baz); -var_dump($arr); +var_dump($_SESSION["baz"]); +var_dump($_SESSION["arr"]); session_write_close(); session_set_save_handler(array($hnd, "open"), array($hnd, "close"), array($hnd, "read"), array($hnd, "write"), array($hnd, "destroy"), array($hnd, "gc")); session_start(); -var_dump($baz); -var_dump($arr); +var_dump($_SESSION["baz"]); +var_dump($_SESSION["arr"]); session_destroy(); ?> --EXPECT-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 OPEN: PHPSESSID READ: abtest object(foo)#2 (2) { @@ -94,7 +92,7 @@ array(1) { WRITE: abtest, baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:2;}arr|a:1:{i:3;O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:2;}} OPEN: PHPSESSID READ: abtest -object(foo)#4 (2) { +object(foo)#3 (2) { ["bar"]=> string(2) "ok" ["yes"]=> diff --git a/ext/session/tests/005.phpt b/ext/session/tests/005.phpt index 124f0a831e..a970e6b71d 100644 --- a/ext/session/tests/005.phpt +++ b/ext/session/tests/005.phpt @@ -5,7 +5,6 @@ custom save handler, multiple session_start()s, complex data structure test. --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.name=PHPSESSID session.serialize_handler=php --FILE-- @@ -58,37 +57,41 @@ session_set_save_handler(array($hnd, "open"), array($hnd, "close"), array($hnd, session_id("abtest"); session_start(); -$baz->method(); -$arr[3]->method(); +session_decode($hnd->data); -var_dump($baz); -var_dump($arr); +$_SESSION["baz"]->method(); +$_SESSION["arr"][3]->method(); + +var_dump($_SESSION["baz"]); +var_dump($_SESSION["arr"]); session_write_close(); session_set_save_handler(array($hnd, "open"), array($hnd, "close"), array($hnd, "read"), array($hnd, "write"), array($hnd, "destroy"), array($hnd, "gc")); session_start(); -$baz->method(); -$arr[3]->method(); +$_SESSION["baz"]->method(); +$_SESSION["arr"][3]->method(); -$c = 123; -session_register("c"); -var_dump($baz); var_dump($arr); var_dump($c); +$_SESSION["c"] = 123; +var_dump($_SESSION["baz"]); +var_dump($_SESSION["arr"]); +var_dump($_SESSION["c"]); session_write_close(); session_set_save_handler(array($hnd, "open"), array($hnd, "close"), array($hnd, "read"), array($hnd, "write"), array($hnd, "destroy"), array($hnd, "gc")); session_start(); -var_dump($baz); var_dump($arr); var_dump($c); +var_dump($_SESSION["baz"]); +var_dump($_SESSION["arr"]); +var_dump($_SESSION["c"]); session_destroy(); ?> --EXPECTF-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 OPEN: PHPSESSID READ: abtest -object(foo)#2 (2) { +object(foo)#4 (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -96,7 +99,7 @@ object(foo)#2 (2) { } array(1) { [3]=> - object(foo)#3 (2) { + object(foo)#2 (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -107,9 +110,7 @@ WRITE: abtest, baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:2;}arr|a:1:{i:3;O CLOSE OPEN: PHPSESSID READ: abtest - -Deprecated: Function session_register() is deprecated in %s on line %d -object(foo)#4 (2) { +object(foo)#2 (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -117,7 +118,7 @@ object(foo)#4 (2) { } array(1) { [3]=> - object(foo)#2 (2) { + object(foo)#4 (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -129,7 +130,7 @@ WRITE: abtest, baz|O:3:"foo":2:{s:3:"bar";s:2:"ok";s:3:"yes";i:3;}arr|a:1:{i:3;O CLOSE OPEN: PHPSESSID READ: abtest -object(foo)#3 (2) { +object(foo)#4 (2) { ["bar"]=> string(2) "ok" ["yes"]=> @@ -137,7 +138,7 @@ object(foo)#3 (2) { } array(1) { [3]=> - object(foo)#4 (2) { + object(foo)#2 (2) { ["bar"]=> string(2) "ok" ["yes"]=> diff --git a/ext/session/tests/006.phpt b/ext/session/tests/006.phpt index 7c7af61b73..03fca10381 100644 --- a/ext/session/tests/006.phpt +++ b/ext/session/tests/006.phpt @@ -5,7 +5,6 @@ correct instantiation of references between variables in sessions --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.serialize_handler=php session.save_handler=files --FILE-- @@ -32,12 +31,11 @@ $b = new b($a); echo "original values:\n"; var_dump($a,$b); -session_register("a"); -session_register("b"); +$_SESSION["a"] = $a; +$_SESSION["b"] = $b; session_write_close(); -session_unregister("a"); -session_unregister("b"); +unset($_SESSION["a"], $_SESSION["b"]); session_start(); @@ -45,7 +43,6 @@ echo "values after session:\n"; var_dump($a,$b); ?> --EXPECTF-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 original values: object(a)#%d (1) { ["test"]=> @@ -58,14 +55,6 @@ object(b)#%d (1) { string(5) "hallo" } } - -Deprecated: Function session_register() is deprecated in %s on line %d - -Deprecated: Function session_register() is deprecated in %s on line %d - -Deprecated: Function session_unregister() is deprecated in %s on line %d - -Deprecated: Function session_unregister() is deprecated in %s on line %d values after session: object(a)#%d (1) { ["test"]=> @@ -78,4 +67,3 @@ object(b)#%d (1) { string(5) "hallo" } } - diff --git a/ext/session/tests/007.phpt b/ext/session/tests/007.phpt index 61fd0974e3..d17a1ff16e 100644 --- a/ext/session/tests/007.phpt +++ b/ext/session/tests/007.phpt @@ -1,11 +1,10 @@ --TEST-- bug compatibility: unset($c) with enabled register_globals --SKIPIF-- -<?php include('skipif.inc'); ?> +<?php include('skipif.inc'); if (PHP_VERSION_ID < 503099) { echo 'requires register_globals'; } ?> --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.bug_compat_42=1 session.serialize_handler=php session.save_handler=files diff --git a/ext/session/tests/008-php4.2.3.phpt b/ext/session/tests/008-php4.2.3.phpt deleted file mode 100644 index 2b712e9bdc..0000000000 --- a/ext/session/tests/008-php4.2.3.phpt +++ /dev/null @@ -1,71 +0,0 @@ ---TEST-- -bug compatibility: global is used albeit register_globals=0 ---SKIPIF-- -<?php include('skipif.inc'); - if (version_compare(PHP_VERSION,"4.2.3-dev", "<")) die("skip this is for PHP >= 4.2.3"); -?> ---INI-- -session.use_cookies=0 -session.cache_limiter= -register_globals=0 -session.bug_compat_42=1 -session.bug_compat_warn=1 -track_errors=1 -log_errors=0 -html_errors=0 -display_errors=1 -error_reporting=2039; -session.serialize_handler=php -session.save_handler=files -precision=14 ---FILE-- -<?php -session_id("abtest"); - -### Phase 1 cleanup -session_start(); -session_destroy(); - -### Phase 2 $_SESSION["c"] does not contain any value -session_id("abtest"); -session_register("c"); -var_dump($c); -unset($c); -$c = 3.14; -@session_write_close(); // this generates an E_WARNING which will be printed -// by $php_errormsg so we can use "@" here. ANY further message IS an error. -echo $php_errormsg."\n"; -unset($_SESSION); -unset($c); - -### Phase 3 $_SESSION["c"] is set -session_start(); -var_dump($_SESSION); -unset($c); -$c = 2.78; - -session_write_close(); -unset($_SESSION); -unset($c); - -### Phase 4 final - -session_start(); -var_dump($c); -var_dump($_SESSION); - -session_destroy(); -?> ---EXPECTF-- -NULL -session_write_close(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively -array(1) { - ["c"]=> - float(3.14) -} -NULL -array(1) { - ["c"]=> - float(3.14) -} - diff --git a/ext/session/tests/009.phpt b/ext/session/tests/009.phpt index 17aab94a8f..02e6eb17b2 100644 --- a/ext/session/tests/009.phpt +++ b/ext/session/tests/009.phpt @@ -1,11 +1,10 @@ --TEST-- -unset($_SESSION["name"]); should work with register_globals=off +unset($_SESSION["name"]); test --SKIPIF-- <?php include('skipif.inc'); ?> --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=0 session.bug_compat_42=1 session.bug_compat_warn=0 session.serialize_handler=php diff --git a/ext/session/tests/010.phpt b/ext/session/tests/010.phpt index e1af8ce87f..9ece4e187b 100644 --- a/ext/session/tests/010.phpt +++ b/ext/session/tests/010.phpt @@ -5,7 +5,6 @@ $session_array = explode(";", session_encode()); should not segfault --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=0 session.bug_compat_42=1 session.bug_compat_warn=0 --FILE-- diff --git a/ext/session/tests/011.phpt b/ext/session/tests/011.phpt index 6aaa6bd797..809ee3fd3d 100644 --- a/ext/session/tests/011.phpt +++ b/ext/session/tests/011.phpt @@ -5,7 +5,6 @@ session_decode(); should not segfault --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=0 session.bug_compat_42=1 session.bug_compat_warn=0 --FILE-- diff --git a/ext/session/tests/012.phpt b/ext/session/tests/012.phpt index 32aeb29c11..4746b85be0 100644 --- a/ext/session/tests/012.phpt +++ b/ext/session/tests/012.phpt @@ -5,7 +5,6 @@ registering $_SESSION should not segfault --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.bug_compat_42=1 session.bug_compat_warn=0 session.serialize_handler=php @@ -18,7 +17,7 @@ error_reporting(E_ALL); session_id("abtest"); session_start(); -session_register("_SESSION"); +$_SESSION["_SESSION"] = Array(); $_SESSION = "kk"; session_write_close(); @@ -31,8 +30,5 @@ session_destroy(); print "I live\n"; ?> ---EXPECTF-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 - -Deprecated: Function session_register() is deprecated in %s on line %d +--EXPECT-- I live diff --git a/ext/session/tests/013.phpt b/ext/session/tests/013.phpt index ad6c14e13e..e67a115604 100644 --- a/ext/session/tests/013.phpt +++ b/ext/session/tests/013.phpt @@ -5,7 +5,6 @@ redefining SID should not cause warnings --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.bug_compat_42=1 session.bug_compat_warn=0 session.serialize_handler=php @@ -24,5 +23,4 @@ session_destroy(); print "I live\n"; ?> --EXPECT-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 I live diff --git a/ext/session/tests/014.phpt b/ext/session/tests/014.phpt index 4e77a7aeff..0c32dce510 100644 --- a/ext/session/tests/014.phpt +++ b/ext/session/tests/014.phpt @@ -3,10 +3,9 @@ a script should not be able to modify session.use_trans_sid --SKIPIF-- <?php include('skipif.inc'); ?> --INI-- -session.use_trans_sid=1 +session.use_trans_sid=0 session.use_cookies=0 session.cache_limiter= -register_globals=1 session.bug_compat_42=1 session.bug_compat_warn=0 session.name=PHPSESSID @@ -22,22 +21,21 @@ session_start(); ?> <a href="/link"> <?php -ini_set("session.use_trans_sid","0"); +ini_set("session.use_trans_sid","1"); ?> <a href="/link"> <?php -ini_set("session.use_trans_sid","1"); +ini_set("session.use_trans_sid","0"); ?> <a href="/link"> <?php session_destroy(); ?> --EXPECTF-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 -<a href="/link?PHPSESSID=abtest"> +<a href="/link"> Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line %d -<a href="/link?PHPSESSID=abtest"> +<a href="/link"> Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line %d -<a href="/link?PHPSESSID=abtest"> +<a href="/link"> diff --git a/ext/session/tests/019.phpt b/ext/session/tests/019.phpt index 5bdd03b5cf..e0b8256a59 100644 --- a/ext/session/tests/019.phpt +++ b/ext/session/tests/019.phpt @@ -5,7 +5,6 @@ serializing references test case using globals --INI-- session.use_cookies=0 session.cache_limiter= -register_globals=1 session.serialize_handler=php session.save_handler=files --FILE-- @@ -27,27 +26,26 @@ session_id("abtest"); session_start(); session_register('o1', 'o2' ); -$o1 = new TFoo(42); -$o2 =& $o1; +$_SESSION["o1"] = new TFoo(42); +$_SESSION["o2"] =& $_SESSION["o1"]; session_write_close(); -unset($o1); -unset($o2); +unset($_SESSION["o1"]); +unset($_SESSION["o2"]); session_start(); var_dump($_SESSION); -$o1->inc(); -$o2->inc(); +$_SESSION["o1"]->inc(); +$_SESSION["o2"]->inc(); var_dump($_SESSION); session_destroy(); ?> --EXPECTF-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 Deprecated: Function session_register() is deprecated in %s on line %d array(2) { diff --git a/ext/session/tests/bug24592.phpt b/ext/session/tests/bug24592.phpt index 059125ba2e..9f6c395317 100644 --- a/ext/session/tests/bug24592.phpt +++ b/ext/session/tests/bug24592.phpt @@ -3,7 +3,6 @@ Bug #24592 (crash when multiple NULL values are being stored) --SKIPIF-- <?php include('skipif.inc'); ?> --INI-- -register_globals=0 html_errors=0 session.save_handler=files --FILE-- diff --git a/ext/session/tests/bug26862.phpt b/ext/session/tests/bug26862.phpt index 44e7418cd0..7990f74359 100644 --- a/ext/session/tests/bug26862.phpt +++ b/ext/session/tests/bug26862.phpt @@ -3,7 +3,6 @@ Bug #26862 (ob_flush() before output_reset_rewrite_vars() results in data loss) --SKIPIF-- <?php include('skipif.inc'); ?> --INI-- -register_globals=0 html_errors=0 session.use_trans_sid=0 session.save_handler=files diff --git a/ext/soap/TODO.old b/ext/soap/TODO.old index a1cc15c397..59deb4b9dc 100644 --- a/ext/soap/TODO.old +++ b/ext/soap/TODO.old @@ -6,7 +6,6 @@ make internal refrences for soap encoding (use seralization logic) add ini option for always soap_error_handler provide user space overriding of serialization certin objects and types serialization in general needs to be polished/finished... all xsd types -make perstistant objects and work with or without register_globals on look to see if php-soap will work with out always_populate_raw_post_data on see if client will work with ssl.. should be eaiser with php_streams work on soap seralizer (php serialization) diff --git a/ext/standard/tests/general_functions/get_cfg_var_variation8.phpt b/ext/standard/tests/general_functions/get_cfg_var_variation8.phpt index 31bcb80fc3..c22fdd0d16 100644 --- a/ext/standard/tests/general_functions/get_cfg_var_variation8.phpt +++ b/ext/standard/tests/general_functions/get_cfg_var_variation8.phpt @@ -4,17 +4,17 @@ Test function get_cfg_var() by calling deprecated option Francesco Fullone ff@ideato.it #PHPTestFest Cesena Italia on 2009-06-20 --INI-- -register_globals=1 +safe_mode=1 --SKIPIF-- <?php if (version_compare(PHP_VERSION, "5.3", "<")) die("skip requires 5.3 or greater"); ?> --FILE-- <?php echo "*** Test by calling method or function with deprecated option ***\n"; -var_dump(get_cfg_var( 'register_globals' ) ); +var_dump(get_cfg_var( 'safe_mode' ) ); ?> --EXPECTF-- -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in %s on line 0 +Warning: Directive 'safe_mode' is deprecated in PHP 5.3 and greater in %s on line 0 *** Test by calling method or function with deprecated option *** string(1) "1" diff --git a/ext/standard/tests/general_functions/import_request.phpt b/ext/standard/tests/general_functions/import_request.phpt index 0f9e93bf0c..0067632391 100644 --- a/ext/standard/tests/general_functions/import_request.phpt +++ b/ext/standard/tests/general_functions/import_request.phpt @@ -4,8 +4,6 @@ import_request_variables() tests a=1&b=heh&c=3&d[]=5&GLOBALS=test&1=hm --POST-- ap=25&bp=test&cp=blah3&dp[]=ar ---INI-- -register_globals=0 --FILE-- <?php diff --git a/main/main.c b/main/main.c index 3079bd000b..63469f530f 100644 --- a/main/main.c +++ b/main/main.c @@ -458,7 +458,6 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY("output_buffering", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLong, output_buffering, php_core_globals, core_globals) STD_PHP_INI_ENTRY("output_handler", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateString, output_handler, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("register_argc_argv", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_argc_argv, php_core_globals, core_globals) - STD_PHP_INI_BOOLEAN("register_globals", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, register_globals, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("auto_globals_jit", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateBool, auto_globals_jit, php_core_globals, core_globals) #if PHP_SAFE_MODE STD_PHP_INI_BOOLEAN("safe_mode", "1", PHP_INI_SYSTEM, OnUpdateBool, safe_mode, php_core_globals, core_globals) @@ -2054,18 +2053,17 @@ int php_module_startup(sapi_module_struct *sf, zend_module_entry *additional_mod module_initialized = 1; /* Check for deprecated directives */ - /* NOTE: If you add anything here, remember to add it also in Makefile.global! */ + /* NOTE: If you add anything here, remember to add it to Makefile.global! */ { struct { const long error_level; const char *phrase; - const char *directives[6]; /* Remember to change this if the number of directives change */ + const char *directives[5]; /* Remember to change this if the number of directives change */ } directives[] = { { E_CORE_WARNING, "Directive '%s' is deprecated in PHP 5.3 and greater", { - "register_globals", "safe_mode", "magic_quotes_gpc", "magic_quotes_runtime", @@ -2078,6 +2076,7 @@ int php_module_startup(sapi_module_struct *sf, zend_module_entry *additional_mod "Directive '%s' is no longer available in PHP", { "define_syslog_variables", + "register_globals", "register_long_arrays", "zend.ze1_compatibility_mode", NULL diff --git a/main/php_globals.h b/main/php_globals.h index 14a09f2fd0..6619bb30c9 100644 --- a/main/php_globals.h +++ b/main/php_globals.h @@ -122,7 +122,6 @@ struct _php_core_globals { zend_bool expose_php; - zend_bool register_globals; zend_bool register_argc_argv; zend_bool auto_globals_jit; diff --git a/main/php_variables.c b/main/php_variables.c index 7d58fd1c32..a37349ac1d 100644 --- a/main/php_variables.c +++ b/main/php_variables.c @@ -72,12 +72,8 @@ PHPAPI void php_register_variable_ex(char *var_name, zval *val, zval *track_vars if (track_vars_array) { symtable1 = Z_ARRVAL_P(track_vars_array); - } else if (PG(register_globals)) { - if (!EG(active_symbol_table)) { - zend_rebuild_symbol_table(TSRMLS_C); - } - symtable1 = EG(active_symbol_table); } + if (!symtable1) { /* Nothing to do */ zval_dtor(val); @@ -139,9 +135,6 @@ PHPAPI void php_register_variable_ex(char *var_name, zval *val, zval *track_vars if (track_vars_array) { ht = Z_ARRVAL_P(track_vars_array); zend_hash_del(ht, var, var_len + 1); - } else if (PG(register_globals)) { - ht = EG(active_symbol_table); - zend_hash_del(ht, var, var_len + 1); } zval_dtor(val); @@ -467,7 +460,7 @@ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) int count = 0; char *ss, *space; - if (!(PG(register_globals) || SG(request_info).argc || track_vars_array)) { + if (!(SG(request_info).argc || track_vars_array)) { return; } @@ -526,7 +519,7 @@ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) } Z_TYPE_P(argc) = IS_LONG; - if (PG(register_globals) || SG(request_info).argc) { + if (SG(request_info).argc) { Z_ADDREF_P(arr); Z_ADDREF_P(argc); zend_hash_update(&EG(symbol_table), "argv", sizeof("argv"), &arr, sizeof(zval *), NULL); @@ -613,7 +606,7 @@ static void php_autoglobal_merge(HashTable *dest, HashTable *src TSRMLS_DC) ulong num_key; HashPosition pos; int key_type; - int globals_check = (PG(register_globals) && (dest == (&EG(symbol_table)))); + int globals_check = (dest == (&EG(symbol_table))); zend_hash_internal_pointer_reset_ex(src, &pos); while (zend_hash_get_current_data_ex(src, (void **)&src_entry, &pos) == SUCCESS) { @@ -625,7 +618,6 @@ static void php_autoglobal_merge(HashTable *dest, HashTable *src TSRMLS_DC) ) { Z_ADDREF_PP(src_entry); if (key_type == HASH_KEY_IS_STRING) { - /* if register_globals is on and working with main symbol table, prevent overwriting of GLOBALS */ if (!globals_check || string_key_len != sizeof("GLOBALS") || memcmp(string_key, "GLOBALS", sizeof("GLOBALS") - 1)) { zend_hash_update(dest, string_key, string_key_len, src_entry, sizeof(zval *), NULL); } else { @@ -653,7 +645,6 @@ int php_hash_environment(TSRMLS_D) { char *p; unsigned char _gpc_flags[5] = {0, 0, 0, 0, 0}; - zend_bool jit_initialization = (PG(auto_globals_jit) && !PG(register_globals)); struct auto_global_record { char *name; uint name_len; @@ -681,9 +672,6 @@ int php_hash_environment(TSRMLS_D) if (!_gpc_flags[0] && !SG(headers_sent) && SG(request_info).request_method && !strcasecmp(SG(request_info).request_method, "POST")) { sapi_module.treat_data(PARSE_POST, NULL, NULL TSRMLS_CC); /* POST Data */ _gpc_flags[0] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_POST]) TSRMLS_CC); - } } break; case 'c': @@ -691,9 +679,6 @@ int php_hash_environment(TSRMLS_D) if (!_gpc_flags[1]) { sapi_module.treat_data(PARSE_COOKIE, NULL, NULL TSRMLS_CC); /* Cookie Data */ _gpc_flags[1] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_COOKIE]) TSRMLS_CC); - } } break; case 'g': @@ -701,31 +686,22 @@ int php_hash_environment(TSRMLS_D) if (!_gpc_flags[2]) { sapi_module.treat_data(PARSE_GET, NULL, NULL TSRMLS_CC); /* GET Data */ _gpc_flags[2] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_GET]) TSRMLS_CC); - } } break; case 'e': case 'E': - if (!jit_initialization && !_gpc_flags[3]) { + if (!PG(auto_globals_jit) && !_gpc_flags[3]) { zend_auto_global_disable_jit("_ENV", sizeof("_ENV")-1 TSRMLS_CC); php_auto_globals_create_env("_ENV", sizeof("_ENV")-1 TSRMLS_CC); _gpc_flags[3] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_ENV]) TSRMLS_CC); - } } break; case 's': case 'S': - if (!jit_initialization && !_gpc_flags[4]) { + if (!PG(auto_globals_jit) && !_gpc_flags[4]) { zend_auto_global_disable_jit("_SERVER", sizeof("_SERVER")-1 TSRMLS_CC); php_register_server_variables(TSRMLS_C); _gpc_flags[4] = 1; - if (PG(register_globals)) { - php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]) TSRMLS_CC); - } } break; } @@ -737,7 +713,7 @@ int php_hash_environment(TSRMLS_D) } for (i=0; i<num_track_vars; i++) { - if (jit_initialization && auto_global_records[i].jit_initialization) { + if (PG(auto_globals_jit) && auto_global_records[i].jit_initialization) { continue; } if (!PG(http_globals)[i]) { @@ -751,7 +727,7 @@ int php_hash_environment(TSRMLS_D) } /* Create _REQUEST */ - if (!jit_initialization) { + if (!PG(auto_globals_jit)) { zend_auto_global_disable_jit("_REQUEST", sizeof("_REQUEST")-1 TSRMLS_CC); php_auto_globals_create_request("_REQUEST", sizeof("_REQUEST")-1 TSRMLS_CC); } diff --git a/main/rfc1867.c b/main/rfc1867.c index 9823c759cc..c9f5bdb495 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -244,21 +244,13 @@ static void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ { - int register_globals = PG(register_globals); - - PG(register_globals) = 0; safe_php_register_variable(strvar, val, strlen(val), http_post_files, override_protection TSRMLS_CC); - PG(register_globals) = register_globals; } /* }}} */ static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ { - int register_globals = PG(register_globals); - - PG(register_globals) = 0; safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC); - PG(register_globals) = register_globals; } /* }}} */ diff --git a/php.ini-development b/php.ini-development index 8c350201fd..10ac9d2a4d 100644 --- a/php.ini-development +++ b/php.ini-development @@ -646,13 +646,12 @@ html_errors = On ;arg_separator.input = ";&" ; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +: paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. ; Default Value: "EGPCS" ; Development Value: "GPCS" ; Production Value: "GPCS"; @@ -672,15 +671,6 @@ variables_order = "GPCS" ; http://php.net/request-order request_order = "GP" -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - ; This directive determines whether PHP registers $argv & $argc each time it ; runs. $argv contains an array of all the arguments passed to PHP when a script ; is invoked. $argc contains an integer representing the number of arguments @@ -699,8 +689,8 @@ register_argc_argv = Off ; When enabled, the SERVER and ENV variables are created when they're first ; used (Just In Time) instead of when the script starts. If these variables ; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals and register_argc_argv -; must be disabled for this directive to have any affect. +; performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. ; http://php.net/auto-globals-jit auto_globals_jit = On @@ -1524,8 +1514,8 @@ session.gc_maxlifetime = 1440 ; cd /path/to/sessions; find -cmin +24 | xargs rm ; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; to initialize a session variable in the global scope. +; PHP 4.3 and later will warn you, if this feature is used. ; You can disable the feature and the warning separately. At this time, ; the warning is only displayed, if bug_compat_42 is enabled. This feature ; introduces some serious security problems if not handled correctly. It's diff --git a/php.ini-production b/php.ini-production index 16462c0cb5..e8fb6d7123 100644 --- a/php.ini-production +++ b/php.ini-production @@ -646,13 +646,12 @@ html_errors = Off ;arg_separator.input = ";&" ; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +: paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. ; Default Value: "EGPCS" ; Development Value: "GPCS" ; Production Value: "GPCS"; @@ -672,15 +671,6 @@ variables_order = "GPCS" ; http://php.net/request-order request_order = "GP" -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - ; This directive determines whether PHP registers $argv & $argc each time it ; runs. $argv contains an array of all the arguments passed to PHP when a script ; is invoked. $argc contains an integer representing the number of arguments @@ -699,8 +689,8 @@ register_argc_argv = Off ; When enabled, the SERVER and ENV variables are created when they're first ; used (Just In Time) instead of when the script starts. If these variables ; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals and register_argc_argv -; must be disabled for this directive to have any affect. +; performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. ; http://php.net/auto-globals-jit auto_globals_jit = On @@ -1532,8 +1522,8 @@ session.gc_maxlifetime = 1440 ; cd /path/to/sessions; find -cmin +24 | xargs rm ; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; to initialize a session variable in the global scope. +; PHP 4.3 and later will warn you, if this feature is used. ; You can disable the feature and the warning separately. At this time, ; the warning is only displayed, if bug_compat_42 is enabled. This feature ; introduces some serious security problems if not handled correctly. It's diff --git a/sapi/apache/mod_php5.c b/sapi/apache/mod_php5.c index 9711e3fa70..6b287c1a6b 100644 --- a/sapi/apache/mod_php5.c +++ b/sapi/apache/mod_php5.c @@ -278,9 +278,6 @@ static void sapi_apache_register_server_variables(zval *track_vars_array TSRMLS_ /* If PATH_TRANSLATED doesn't exist, copy it from SCRIPT_FILENAME */ if (track_vars_array) { symbol_table = track_vars_array->value.ht; - } else if (PG(register_globals)) { - /* should never happen nowadays */ - symbol_table = EG(active_symbol_table); } else { symbol_table = NULL; } diff --git a/sapi/apache_hooks/mod_php5.c b/sapi/apache_hooks/mod_php5.c index 33d20969be..aaedb69b80 100644 --- a/sapi/apache_hooks/mod_php5.c +++ b/sapi/apache_hooks/mod_php5.c @@ -403,9 +403,6 @@ static void sapi_apache_register_server_variables(zval *track_vars_array TSRMLS_ /* If PATH_TRANSLATED doesn't exist, copy it from SCRIPT_FILENAME */ if (track_vars_array) { symbol_table = track_vars_array->value.ht; - } else if (PG(register_globals)) { - /* should never happen nowadays */ - symbol_table = EG(active_symbol_table); } else { symbol_table = NULL; } diff --git a/sapi/apache_hooks/sapi_apache.c b/sapi/apache_hooks/sapi_apache.c index 5c9fbb7816..b7fd658eb5 100644 --- a/sapi/apache_hooks/sapi_apache.c +++ b/sapi/apache_hooks/sapi_apache.c @@ -78,13 +78,9 @@ int apache_php_module_hook(request_rec *r, php_handler *handler, zval **ret TSRM return FAILURE; } - req = php_apache_request_new(r); - if(PG(register_globals)) { - php_register_variable_ex("request", req, NULL TSRMLS_CC); - } - else { - php_register_variable_ex("request", req, PG(http_globals)[TRACK_VARS_SERVER] TSRMLS_CC); - } + req = php_apache_request_new(r); + php_register_variable_ex("request", req, PG(http_globals)[TRACK_VARS_SERVER] TSRMLS_CC); + switch(handler->type) { case AP_HANDLER_TYPE_FILE: php_register_variable("PHP_SELF_HOOK", handler->name, PG(http_globals)[TRACK_VARS_SERVER] TSRMLS_CC); diff --git a/sapi/cli/README b/sapi/cli/README index 9e519e9bd0..8720250f6a 100644 --- a/sapi/cli/README +++ b/sapi/cli/README @@ -11,8 +11,8 @@ The main differences between the two: * It does not change the working directory to that of the script. (-C switch kept for compatibility) * Plain text error message -* $argc and $argv registered irrespective of register_globals - and register_argc_argv php.ini settings. +* $argc and $argv registered irrespective of the register_argc_argv + php.ini setting. * implicit_flush always on * -r option which allows execution of PHP code directly from the command line (e.g. php -r 'echo md5("test");' ) diff --git a/tests/basic/011.phpt b/tests/basic/011.phpt index 2ec7a6ed12..79256746fe 100644 --- a/tests/basic/011.phpt +++ b/tests/basic/011.phpt @@ -6,11 +6,8 @@ register_argc_argv=1 ab+cd+ef+123+test --FILE-- <?php - -if (!ini_get('register_globals')) { - $argc = $_SERVER['argc']; - $argv = $_SERVER['argv']; -} +$argc = $_SERVER['argc']; +$argv = $_SERVER['argv']; for ($i=0; $i<$argc; $i++) { echo "$i: ".$argv[$i]."\n"; diff --git a/tests/basic/012.phpt b/tests/basic/012.phpt index 3297853286..5c10c7c222 100644 --- a/tests/basic/012.phpt +++ b/tests/basic/012.phpt @@ -9,11 +9,8 @@ variables_order=GPS ab cd ef 123 test --FILE-- <?php - -if (!ini_get('register_globals')) { - $argc = $_SERVER['argc']; - $argv = $_SERVER['argv']; -} +$argc = $_SERVER['argc']; +$argv = $_SERVER['argv']; for ($i=1; $i<$argc; $i++) { echo ($i-1).": ".$argv[$i]."\n"; diff --git a/tests/basic/bug46313-win.phpt b/tests/basic/bug46313-win.phpt index 1971e807bb..457e5eb7b3 100644 --- a/tests/basic/bug46313-win.phpt +++ b/tests/basic/bug46313-win.phpt @@ -5,7 +5,6 @@ Bug #46313 (Magic quotes broke $_FILES) --INI-- magic_quotes_gpc=1 file_uploads=1 -register_globals=1 --POST_RAW-- Content-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737 -----------------------------20896060251896012921717172737 @@ -60,6 +59,4 @@ string(12) "o1" bool(true) string(%d) "%s" bool(true) -Warning: Directive 'register_globals' is deprecated in PHP 5.3 and greater in Unknown on line 0 -Warning: Directive 'magic_quotes_gpc' is deprecated in PHP 5.3 and greater in Unknown on line 0 diff --git a/tests/basic/bug46313.phpt b/tests/basic/bug46313.phpt index 924114161e..8dc713a11c 100644 --- a/tests/basic/bug46313.phpt +++ b/tests/basic/bug46313.phpt @@ -5,7 +5,6 @@ Bug #46313 (Magic quotes broke $_FILES) --INI-- magic_quotes_gpc=1 file_uploads=1 -register_globals=1 display_errors=0 --POST_RAW-- Content-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737 diff --git a/win32/install.txt b/win32/install.txt index c1fc9c20aa..0368e918c8 100644 --- a/win32/install.txt +++ b/win32/install.txt @@ -947,14 +947,6 @@ CGI environment and recommended modifications in php.ini the web server not from the administration server. Use the command line as root user and start it manually - you will see there are no CGI-like environment variables. - - Simply change your scripts to get CGI variables in the correct way for - PHP 5.x by using the superglobal $_SERVER. If you have older scripts - which use $HTTP_HOST, etc., you should turn on register_globals in - php.ini and change the variable order too (important: remove "E" from - it, because you do not need the environment here): -variables_order = "GPCS" -register_globals = On __________________________________________________________________ Special use for error pages or self-made directory listings (PHP >= 4.3.3) @@ -1436,7 +1428,7 @@ The configuration file ; Boolean values can be set to either: ; true, on, yes ; or false, off, no, none -register_globals = off +html_errors = off track_errors = yes ; you can enclose strings in double-quotes |