Update of /cvsroot/phpwiki/phpwiki/lib
In directory usw-pr-cvs1:/tmp/cvs-serv3995/lib
Modified Files:
Request.php loadsave.php ziplib.php
Log Message:
Fixed a couple bugs having to do with file uploads, and zip archive
unzipping.
Index: Request.php
===================================================================
RCS file: /cvsroot/phpwiki/phpwiki/lib/Request.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** Request.php 2001年09月18日 19:16:23 1.1
--- Request.php 2001年09月19日 02:58:00 1.2
***************
*** 6,11 ****
function Request() {
!
$this->_fix_magic_quotes_gpc();
switch($this->get('REQUEST_METHOD')) {
--- 6,12 ----
function Request() {
!
$this->_fix_magic_quotes_gpc();
+ $this->_fix_multipart_form_data();
switch($this->get('REQUEST_METHOD')) {
***************
*** 116,119 ****
--- 117,121 ----
}
+
function _stripslashes(&$var) {
if (is_array($var)) {
***************
*** 124,127 ****
--- 126,143 ----
$var = stripslashes($var);
}
+
+ function _fix_multipart_form_data () {
+ if (preg_match('|^multipart/form-data|', $this->get('CONTENT_TYPE')))
+ $this->_strip_leading_nl($GLOBALS['HTTP_POST_VARS']);
+ }
+
+ function _strip_leading_nl(&$var) {
+ if (is_array($var)) {
+ foreach ($var as $key => $val)
+ $this->_strip_leading_nl($var[$key]);
+ }
+ elseif (is_string($var))
+ $var = preg_replace('|^\r?\n?|', '', $var);
+ }
}
***************
*** 199,203 ****
$fileinfo = &$HTTP_POST_FILES[$postname];
! if (!is_uploaded_file($fileinfo['temp_name']))
return false; // possible malicious attack.
--- 215,219 ----
$fileinfo = &$HTTP_POST_FILES[$postname];
! if (!is_uploaded_file($fileinfo['tmp_name']))
return false; // possible malicious attack.
Index: loadsave.php
===================================================================
RCS file: /cvsroot/phpwiki/phpwiki/lib/loadsave.php,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -r1.8 -r1.9
*** loadsave.php 2001年09月18日 19:16:23 1.8
--- loadsave.php 2001年09月19日 02:58:00 1.9
***************
*** 424,440 ****
if (!$upload)
! ExitWiki('No uploade file to upload?');
!
! // Dump http headers.
! $fd = fopen($tmp_name, "rb");
! while ( ($header = fgets($fd, 4096)) )
! if (trim($header) == '')
! break;
StartLoadDump("Uploading " . $upload->getName());
echo "<dl>\n";
if (IsZipFile($fd))
! LoadZip($dbi, $upload->open(), false, array(gettext('RecentChanges')));
else
Loadfile($dbi, $upload->getName(), $upload->getContents());
--- 424,436 ----
if (!$upload)
! ExitWiki('No uploaded file to upload?');
+ // Dump http headers.
StartLoadDump("Uploading " . $upload->getName());
echo "<dl>\n";
+ $fd = $upload->open();
if (IsZipFile($fd))
! LoadZip($dbi, $fd, false, array(gettext('RecentChanges')));
else
Loadfile($dbi, $upload->getName(), $upload->getContents());
Index: ziplib.php
===================================================================
RCS file: /cvsroot/phpwiki/phpwiki/lib/ziplib.php,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -r1.8 -r1.9
*** ziplib.php 2001年09月18日 19:16:23 1.8
--- ziplib.php 2001年09月19日 02:58:00 1.9
***************
*** 74,143 ****
* CRC32 computation. Hacked from Info-zip's zip-2.3 source code.
*/
- /* NOTE: The range of PHP ints seems to be -0x80000000 to 0x7fffffff.
- * So, had to munge these constants.
- */
- $zip_crc_table = array (
- 0x00000000, 0x77073096, -0x11f19ed4, -0x66f6ae46, 0x076dc419,
- 0x706af48f, -0x169c5acb, -0x619b6a5d, 0x0edb8832, 0x79dcb8a4,
- -0x1f2a16e2, -0x682d2678, 0x09b64c2b, 0x7eb17cbd, -0x1847d2f9,
- -0x6f40e26f, 0x1db71064, 0x6ab020f2, -0x0c468eb8, -0x7b41be22,
- 0x1adad47d, 0x6ddde4eb, -0x0b2b4aaf, -0x7c2c7a39, 0x136c9856,
- 0x646ba8c0, -0x029d0686, -0x759a3614, 0x14015c4f, 0x63066cd9,
- -0x05f0c29d, -0x72f7f20b, 0x3b6e20c8, 0x4c69105e, -0x2a9fbe1c,
- -0x5d988e8e, 0x3c03e4d1, 0x4b04d447, -0x2df27a03, -0x5af54a95,
- 0x35b5a8fa, 0x42b2986c, -0x2444362a, -0x534306c0, 0x32d86ce3,
- 0x45df5c75, -0x2329f231, -0x542ec2a7, 0x26d930ac, 0x51de003a,
- -0x3728ae80, -0x402f9eea, 0x21b4f4b5, 0x56b3c423, -0x30456a67,
- -0x47425af1, 0x2802b89e, 0x5f058808, -0x39f3264e, -0x4ef416dc,
- 0x2f6f7c87, 0x58684c11, -0x3e9ee255, -0x4999d2c3, 0x76dc4190,
- 0x01db7106, -0x672ddf44, -0x102aefd6, 0x71b18589, 0x06b6b51f,
- -0x60401b5b, -0x17472bcd, 0x7807c9a2, 0x0f00f934, -0x69f65772,
- -0x1ef167e8, 0x7f6a0dbb, 0x086d3d2d, -0x6e9b9369, -0x199ca3ff,
- 0x6b6b51f4, 0x1c6c6162, -0x7a9acf28, -0x0d9dffb2, 0x6c0695ed,
- 0x1b01a57b, -0x7df70b3f, -0x0af03ba9, 0x65b0d9c6, 0x12b7e950,
- -0x74414716, -0x03467784, 0x62dd1ddf, 0x15da2d49, -0x732c830d,
- -0x042bb39b, 0x4db26158, 0x3ab551ce, -0x5c43ff8c, -0x2b44cf1e,
- 0x4adfa541, 0x3dd895d7, -0x5b2e3b93, -0x2c290b05, 0x4369e96a,
- 0x346ed9fc, -0x529877ba, -0x259f4730, 0x44042d73, 0x33031de5,
- -0x55f5b3a1, -0x22f28337, 0x5005713c, 0x270241aa, -0x41f4eff0,
- -0x36f3df7a, 0x5768b525, 0x206f85b3, -0x46992bf7, -0x319e1b61,
- 0x5edef90e, 0x29d9c998, -0x4f2f67de, -0x3828574c, 0x59b33d17,
- 0x2eb40d81, -0x4842a3c5, -0x3f459353, -0x12477ce0, -0x65404c4a,
- 0x03b6e20c, 0x74b1d29a, -0x152ab8c7, -0x622d8851, 0x04db2615,
- 0x73dc1683, -0x1c9cf4ee, -0x6b9bc47c, 0x0d6d6a3e, 0x7a6a5aa8,
- -0x1bf130f5, -0x6cf60063, 0x0a00ae27, 0x7d079eb1, -0x0ff06cbc,
- -0x78f75c2e, 0x1e01f268, 0x6906c2fe, -0x089da8a3, -0x7f9a9835,
- 0x196c3671, 0x6e6b06e7, -0x012be48a, -0x762cd420, 0x10da7a5a,
- 0x67dd4acc, -0x06462091, -0x71411007, 0x17b7be43, 0x60b08ed5,
- -0x29295c18, -0x5e2e6c82, 0x38d8c2c4, 0x4fdff252, -0x2e44980f,
- -0x5943a899, 0x3fb506dd, 0x48b2364b, -0x27f2d426, -0x50f5e4b4,
- 0x36034af6, 0x41047a60, -0x209f103d, -0x579820ab, 0x316e8eef,
- 0x4669be79, -0x349e4c74, -0x43997ce6, 0x256fd2a0, 0x5268e236,
- -0x33f3886b, -0x44f4b8fd, 0x220216b9, 0x5505262f, -0x3a45c442,
- -0x4d42f4d8, 0x2bb45a92, 0x5cb36a04, -0x3d280059, -0x4a2f30cf,
- 0x2cd99e8b, 0x5bdeae1d, -0x649b3d50, -0x139c0dda, 0x756aa39c,
- 0x026d930a, -0x63f6f957, -0x14f1c9c1, 0x72076785, 0x05005713,
- -0x6a40b57e, -0x1d4785ec, 0x7bb12bae, 0x0cb61b38, -0x6d2d7165,
- -0x1a2a41f3, 0x7cdcefb7, 0x0bdbdf21, -0x792c2d2c, -0x0e2b1dbe,
- 0x68ddb3f8, 0x1fda836e, -0x7e41e933, -0x0946d9a5, 0x6fb077e1,
- 0x18b74777, -0x77f7a51a, -0x00f09590, 0x66063bca, 0x11010b5c,
- -0x709a6101, -0x079d5197, 0x616bffd3, 0x166ccf45, -0x5ff51d88,
- -0x28f22d12, 0x4e048354, 0x3903b3c2, -0x5898d99f, -0x2f9fe909,
- 0x4969474d, 0x3e6e77db, -0x512e95b6, -0x2629a524, 0x40df0b66,
- 0x37d83bf0, -0x564351ad, -0x2144613b, 0x47b2cf7f, 0x30b5ffe9,
- -0x42420de4, -0x35453d76, 0x53b39330, 0x24b4a3a6, -0x452fc9fb,
- -0x3228f96d, 0x54de5729, 0x23d967bf, -0x4c9985d2, -0x3b9eb548,
- 0x5d681b02, 0x2a6f2b94, -0x4bf441c9, -0x3cf3715f, 0x5a05df1b,
- 0x2d02ef8d
- );
function zip_crc32 ($str, $crc = 0)
{
! global $zip_crc_table;
! $crc = ~$crc;
! for ($i = 0; $i < strlen($str); $i++)
! $crc = ( $zip_crc_table[($crc ^ ord($str[$i])) & 0xff]
! ^ (($crc >> 8) & 0xffffff) );
! return ~$crc;
}
--- 74,147 ----
* CRC32 computation. Hacked from Info-zip's zip-2.3 source code.
*/
function zip_crc32 ($str, $crc = 0)
{
! static $zip_crc_table;
!
! if (empty($zip_crc_table)) {
! /* NOTE: The range of PHP ints seems to be -0x80000000 to 0x7fffffff.
! * So, had to munge these constants.
! */
! $zip_crc_table
! = array (0x00000000, 0x77073096, -0x11f19ed4, -0x66f6ae46, 0x076dc419,
! 0x706af48f, -0x169c5acb, -0x619b6a5d, 0x0edb8832, 0x79dcb8a4,
! -0x1f2a16e2, -0x682d2678, 0x09b64c2b, 0x7eb17cbd, -0x1847d2f9,
! -0x6f40e26f, 0x1db71064, 0x6ab020f2, -0x0c468eb8, -0x7b41be22,
! 0x1adad47d, 0x6ddde4eb, -0x0b2b4aaf, -0x7c2c7a39, 0x136c9856,
! 0x646ba8c0, -0x029d0686, -0x759a3614, 0x14015c4f, 0x63066cd9,
! -0x05f0c29d, -0x72f7f20b, 0x3b6e20c8, 0x4c69105e, -0x2a9fbe1c,
! -0x5d988e8e, 0x3c03e4d1, 0x4b04d447, -0x2df27a03, -0x5af54a95,
! 0x35b5a8fa, 0x42b2986c, -0x2444362a, -0x534306c0, 0x32d86ce3,
! 0x45df5c75, -0x2329f231, -0x542ec2a7, 0x26d930ac, 0x51de003a,
! -0x3728ae80, -0x402f9eea, 0x21b4f4b5, 0x56b3c423, -0x30456a67,
! -0x47425af1, 0x2802b89e, 0x5f058808, -0x39f3264e, -0x4ef416dc,
! 0x2f6f7c87, 0x58684c11, -0x3e9ee255, -0x4999d2c3, 0x76dc4190,
! 0x01db7106, -0x672ddf44, -0x102aefd6, 0x71b18589, 0x06b6b51f,
! -0x60401b5b, -0x17472bcd, 0x7807c9a2, 0x0f00f934, -0x69f65772,
! -0x1ef167e8, 0x7f6a0dbb, 0x086d3d2d, -0x6e9b9369, -0x199ca3ff,
! 0x6b6b51f4, 0x1c6c6162, -0x7a9acf28, -0x0d9dffb2, 0x6c0695ed,
! 0x1b01a57b, -0x7df70b3f, -0x0af03ba9, 0x65b0d9c6, 0x12b7e950,
! -0x74414716, -0x03467784, 0x62dd1ddf, 0x15da2d49, -0x732c830d,
! -0x042bb39b, 0x4db26158, 0x3ab551ce, -0x5c43ff8c, -0x2b44cf1e,
! 0x4adfa541, 0x3dd895d7, -0x5b2e3b93, -0x2c290b05, 0x4369e96a,
! 0x346ed9fc, -0x529877ba, -0x259f4730, 0x44042d73, 0x33031de5,
! -0x55f5b3a1, -0x22f28337, 0x5005713c, 0x270241aa, -0x41f4eff0,
! -0x36f3df7a, 0x5768b525, 0x206f85b3, -0x46992bf7, -0x319e1b61,
! 0x5edef90e, 0x29d9c998, -0x4f2f67de, -0x3828574c, 0x59b33d17,
! 0x2eb40d81, -0x4842a3c5, -0x3f459353, -0x12477ce0, -0x65404c4a,
! 0x03b6e20c, 0x74b1d29a, -0x152ab8c7, -0x622d8851, 0x04db2615,
! 0x73dc1683, -0x1c9cf4ee, -0x6b9bc47c, 0x0d6d6a3e, 0x7a6a5aa8,
! -0x1bf130f5, -0x6cf60063, 0x0a00ae27, 0x7d079eb1, -0x0ff06cbc,
! -0x78f75c2e, 0x1e01f268, 0x6906c2fe, -0x089da8a3, -0x7f9a9835,
! 0x196c3671, 0x6e6b06e7, -0x012be48a, -0x762cd420, 0x10da7a5a,
! 0x67dd4acc, -0x06462091, -0x71411007, 0x17b7be43, 0x60b08ed5,
! -0x29295c18, -0x5e2e6c82, 0x38d8c2c4, 0x4fdff252, -0x2e44980f,
! -0x5943a899, 0x3fb506dd, 0x48b2364b, -0x27f2d426, -0x50f5e4b4,
! 0x36034af6, 0x41047a60, -0x209f103d, -0x579820ab, 0x316e8eef,
! 0x4669be79, -0x349e4c74, -0x43997ce6, 0x256fd2a0, 0x5268e236,
! -0x33f3886b, -0x44f4b8fd, 0x220216b9, 0x5505262f, -0x3a45c442,
! -0x4d42f4d8, 0x2bb45a92, 0x5cb36a04, -0x3d280059, -0x4a2f30cf,
! 0x2cd99e8b, 0x5bdeae1d, -0x649b3d50, -0x139c0dda, 0x756aa39c,
! 0x026d930a, -0x63f6f957, -0x14f1c9c1, 0x72076785, 0x05005713,
! -0x6a40b57e, -0x1d4785ec, 0x7bb12bae, 0x0cb61b38, -0x6d2d7165,
! -0x1a2a41f3, 0x7cdcefb7, 0x0bdbdf21, -0x792c2d2c, -0x0e2b1dbe,
! 0x68ddb3f8, 0x1fda836e, -0x7e41e933, -0x0946d9a5, 0x6fb077e1,
! 0x18b74777, -0x77f7a51a, -0x00f09590, 0x66063bca, 0x11010b5c,
! -0x709a6101, -0x079d5197, 0x616bffd3, 0x166ccf45, -0x5ff51d88,
! -0x28f22d12, 0x4e048354, 0x3903b3c2, -0x5898d99f, -0x2f9fe909,
! 0x4969474d, 0x3e6e77db, -0x512e95b6, -0x2629a524, 0x40df0b66,
! 0x37d83bf0, -0x564351ad, -0x2144613b, 0x47b2cf7f, 0x30b5ffe9,
! -0x42420de4, -0x35453d76, 0x53b39330, 0x24b4a3a6, -0x452fc9fb,
! -0x3228f96d, 0x54de5729, 0x23d967bf, -0x4c9985d2, -0x3b9eb548,
! 0x5d681b02, 0x2a6f2b94, -0x4bf441c9, -0x3cf3715f, 0x5a05df1b,
! 0x2d02ef8d);
! }
!
! $crc = ~$crc;
! for ($i = 0; $i < strlen($str); $i++) {
! $crc = ( $zip_crc_table[($crc ^ ord($str[$i])) & 0xff]
! ^ (($crc >> 8) & 0xffffff) );
! }
! return ~$crc;
}