|
From: Richard A. <ric...@us...> - 2006-04-06 03:45:34
|
Update of /cvsroot/phplib/php-lib-stable/php In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4530 Modified Files: oohforms.inc tpl_form.inc Log Message: Fix register_globals bugs and other assorted problems. Thanks to Moritz Borgmann Index: oohforms.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/oohforms.inc,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** oohforms.inc 19 Feb 2005 15:22:16 -0000 1.6 --- oohforms.inc 6 Apr 2006 03:45:25 -0000 1.7 *************** *** 17,23 **** function marshal_dispatch($m, $func) { ! global $HTTP_POST_VARS; $vname = $this->name; ! return $this->$func($HTTP_POST_VARS["$vname"]); } --- 17,33 ---- function marshal_dispatch($m, $func) { ! global $HTTP_POST_VARS, $HTTP_POST_FILES; $vname = $this->name; ! ! if (isset($GLOBALS[$vname])) { ! $val = $GLOBALS[$vname]; ! } elseif (isset($HTTP_POST_VARS[$vname])) { ! $val = $HTTP_POST_VARS[$vname]; ! } elseif (isset($HTTP_POST_FILES[$vname])) { ! $val = $HTTP_POST_FILES[$vname]; ! } else { ! $val = ''; ! } ! return $this->$func($val); } Index: tpl_form.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/tpl_form.inc,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** tpl_form.inc 28 Feb 2005 15:24:34 -0000 1.4 --- tpl_form.inc 6 Apr 2006 03:45:26 -0000 1.5 *************** *** 70,73 **** --- 70,74 ---- # some time later. function get_default_values() { + global $HTTP_POST_VARS, $HTTP_POST_FILES; if (! is_object($this->form_data)) { $this->setup(); *************** *** 77,82 **** $el = $elrec["ob"]; $vn = $el->name; ! global $$vn; ! $fv[$el->name] = $$vn; } return $fv; --- 78,93 ---- $el = $elrec["ob"]; $vn = $el->name; ! ! if (isset($HTTP_POST_VARS[$vn])) { ! $vn_val = $HTTP_POST_VARS[$vn]; ! } elseif (isset($HTTP_POST_FILES[$vn])) { ! $vn_val = $HTTP_POST_FILES[$vn]; ! } elseif (isset($GLOBALS[$vn])) { ! $vn_val = $GLOBALS[$vn]; ! } else { ! $vn_val = ''; ! } ! ! $fv[$el->name] = $vn_val; } return $fv; *************** *** 91,97 **** return false; } while (list($var, $value) = each($fv)) { ! global $$var; ! $$var = $value; } $this->has_defaults = 1; --- 102,108 ---- return false; } + $fv["form_name"] = $this->classname; while (list($var, $value) = each($fv)) { ! $GLOBALS[$var] = $value; } $this->has_defaults = 1; *************** *** 103,107 **** # error and sets $this->error accordingly. function validate() { ! global $form_name; if (! is_object($this->form_data)) { $this->setup(); --- 114,125 ---- # error and sets $this->error accordingly. function validate() { ! global $HTTP_POST_VARS; ! ! if (isset($HTTP_POST_VARS['form_name'])) { ! $form_name = $HTTP_POST_VARS['form_name']; ! } else { ! $form_name = ''; ! } ! if (! is_object($this->form_data)) { $this->setup(); *************** *** 133,144 **** # class and with ".ihtml" extension. function display() { ! global $sess; ! global $form_name; // I guess some people use $PHP_SELF in their include files ! // otherwise these should be removed completely - layne_weathers ! global $HTTP_SERVER_VARS; $PHP_SELF = $HTTP_SERVER_VARS["PHP_SELF"]; if (! is_object($this->form_data)) { $this->setup(); --- 151,166 ---- # class and with ".ihtml" extension. function display() { ! global $sess, $HTTP_POST_VARS, $HTTP_SERVER_VARS; // I guess some people use $PHP_SELF in their include files ! // otherwise this should be removed completely - layne_weathers $PHP_SELF = $HTTP_SERVER_VARS["PHP_SELF"]; + if (isset($HTTP_POST_VARS['form_name'])) { + $form_name = $HTTP_POST_VARS['form_name']; + } else { + $form_name = ''; + } + if (! is_object($this->form_data)) { $this->setup(); |
