Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:3449 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 51777 invoked from network); 16 Jul 2003 18:40:58 -0000 Received: from unknown (HELO dimsmail.digitalims.net) (12.144.148.54) by pb1.pair.com with SMTP; 16 Jul 2003 18:40:57 -0000 Received: (qmail 25213 invoked by uid 778); 16 Jul 2003 18:40:57 -0000 Received: from unknown (HELO corp.digitalims.com) (65.221.143.39) by mail.digitalims.net with SMTP; 16 Jul 2003 18:40:57 -0000 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01C34BC9.CB681D60" Date: Wed, 16 Jul 2003 13:40:56 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 Message-ID: X-MS-Has-Attach: yes X-MS-TNEF-Correlator: Thread-Topic: File Upload Status diffs Thread-Index: AcMfIItJkBSPOmSuSvOdbPN3ToWU6AspMFCg To: "Rasmus Lerdorf" Cc: Subject: File Upload Status diffs From: DEnderson@DigitalIMS.com ("David Enderson") ------_=_NextPart_001_01C34BC9.CB681D60 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Here are the diffs Rasmus asked for on the three internal files that the internals group would be concerned about (main/php.h, main/main.c, main/rfc1867.c). These diffs were done on 4.3.2 code. If you all feel this is worthy of inclusion, I can construct a CVS diff as directed by README.SUBMITTING_PATCH as well as submit the five associated functions as a PEAR module to the PEAR group. There seems to be quite a bit of demand for this functionality. When I first researched this functionality, there were numerous discussions in PHP forums with many people wanting a file upload status bar. I have also received several emails from people who saw my post and are dying to a source patch, but I couldn't give them one because I didn't have it working with 4.3.2 yet. So it seems to me that there is quite a bit of demand to add this feature. Here are some questions I have: 1. Will you want to use #ifdef with this additional code? 2. Is there a security risk since I am taking the value of the uploaded hidden ID and appending it as part of a filename? If so, what do you recommend I do to fix that problem? 3. Are there any other changes you would like me to make? I can give a working URL that demonstrates this process to those who email me and ask. I just don't want to broadcast it to the public list. :-) --David On Tue, 20 May 2003, Rasmus Lerdorf wrote: >=20 > We're not interested in the Javascript or HTML parts of this=20 > stuff, but if=20 > you could post a diff of the changes you made to the core=20 > file upload code=20 > to implement the status functions we can take a look. The=20 > Javascript and=20 > HTML that makes use of these hooks fit better as a PEAR module. >=20 > -Rasmus >=20 -----=3D+=3D----- David Enderson Programmer Digital IMS 402.437.0137 denderson@digitalims.com ------_=_NextPart_001_01C34BC9.CB681D60 Content-Type: text/plain; name="upload_status_diff.txt" Content-Transfer-Encoding: base64 Content-Description: upload_status_diff.txt Content-Disposition: attachment; filename="upload_status_diff.txt" LS0tIHBocC00LjMuMi9tYWluL3BocC5oCVNhdCBBcHIgMTkgMTM6MzU6NTEgMjAwMw0KKysrIHBo cC00LjMuMi1zdGF0dXMvbWFpbi9waHAuaAlXZWQgSnVsIDE2IDEyOjM3OjQzIDIwMDMNCkBAIC00 MTEsNiArNDExLDE2IEBADQogI2VuZGlmDQogI2VuZGlmIC8qICFYdE9mZnNldE9mICovDQogDQor LyogZmlsZSB1cGxvYWQgc3RhdHVzIGdsb2JhbCBzdHJ1Y3R1cmUgZGVmaW5pdGlvbiAqLw0KK3R5 cGVkZWYgc3RydWN0IF9mdXNfZ2xvYmFsc19zdHJ1Y3Qgew0KKwljaGFyICp0ZW1wX2ZpbGVfZGly Ow0KKwljaGFyICp0ZW1wX2ZpbGVfcHJlZml4Ow0KKwljaGFyICpoaWRkZW5fdmFyaWFibGVfbmFt ZTsNCit9IGZ1c19nbG9iYWxzX3N0cnVjdDsNCitmdXNfZ2xvYmFsc19zdHJ1Y3QgZnVzX2dsb2Jh bHM7DQorLyogRlVTRyBzdGFuZHMgZm9yOiBGaWxlIFVwbG9hZCBTdGF0dXMgR2xvYmFscy4gKi8N CisjZGVmaW5lIEZVU0codikgKGZ1c19nbG9iYWxzLnYpDQorDQogI2VuZGlmDQogDQogLyoNCi0t LSBwaHAtNC4zLjIvbWFpbi9tYWluLmMJV2VkIE1heSAyMSAxNzo1NDozOCAyMDAzDQorKysgcGhw LTQuMy4yLXN0YXR1cy9tYWluL21haW4uYwlXZWQgSnVsIDE2IDEyOjI2OjA3IDIwMDMNCkBAIC0z NjgsNiArMzY4LDExIEBADQogCVNURF9QSFBfSU5JX0JPT0xFQU4oImFsbG93X3VybF9mb3BlbiIs CQkiMSIsCQlQSFBfSU5JX0FMTCwJCU9uVXBkYXRlQm9vbCwJCQlhbGxvd191cmxfZm9wZW4sCQkJ cGhwX2NvcmVfZ2xvYmFscywJY29yZV9nbG9iYWxzKQ0KIAlTVERfUEhQX0lOSV9CT09MRUFOKCJh bHdheXNfcG9wdWxhdGVfcmF3X3Bvc3RfZGF0YSIsCQkiMCIsCQlQSFBfSU5JX1NZU1RFTXxQSFBf SU5JX1BFUkRJUiwJCU9uVXBkYXRlQm9vbCwJCQlhbHdheXNfcG9wdWxhdGVfcmF3X3Bvc3RfZGF0 YSwJCQlwaHBfY29yZV9nbG9iYWxzLAljb3JlX2dsb2JhbHMpDQogDQorCS8qIGZpbGUgdXBsb2Fk IHN0YXR1cyBzZXR0aW5ncyAqLw0KKyAgICBTVERfUEhQX0lOSV9FTlRSWSgiZmlsZV91cGxvYWRf c3RhdHVzLnRlbXBfZmlsZV9kaXIiLCAiL3RtcCIsIFBIUF9JTklfQUxMLCBPblVwZGF0ZVN0cmlu ZywgdGVtcF9maWxlX2RpciwgZnVzX2dsb2JhbHNfc3RydWN0LCBmdXNfZ2xvYmFscykNCisgICAg U1REX1BIUF9JTklfRU5UUlkoImZpbGVfdXBsb2FkX3N0YXR1cy50ZW1wX2ZpbGVfcHJlZml4Iiwg ImZpbGVfdXBsb2FkX3N0YXR1c18iLCBQSFBfSU5JX0FMTCwgT25VcGRhdGVTdHJpbmcsIHRlbXBf ZmlsZV9wcmVmaXgsIGZ1c19nbG9iYWxzX3N0cnVjdCwgZnVzX2dsb2JhbHMpDQorICAgIFNURF9Q SFBfSU5JX0VOVFJZKCJmaWxlX3VwbG9hZF9zdGF0dXMuaGlkZGVuX3ZhcmlhYmxlX25hbWUiLCAi ZmlsZV91cGxvYWRfc3RhdHVzX3VuaXF1ZWlkIiwgUEhQX0lOSV9BTEwsIE9uVXBkYXRlU3RyaW5n LCBoaWRkZW5fdmFyaWFibGVfbmFtZSwgZnVzX2dsb2JhbHNfc3RydWN0LCBmdXNfZ2xvYmFscykN CisNCiBQSFBfSU5JX0VORCgpDQogLyogfX19ICovDQogDQotLS0gcGhwLTQuMy4yL21haW4vcmZj MTg2Ny5jCUZyaSBNYXkgMjMgMTY6Mzc6MTYgMjAwMw0KKysrIHBocC00LjMuMi1zdGF0dXMvbWFp bi9yZmMxODY3LmMJV2VkIEp1bCAxNiAxMTo0NDozMSAyMDAzDQpAQCAtNjkzLDYgKzY5MywxMCBA QA0KIAl6dmFsICphcnJheV9wdHIgPSAoenZhbCAqKSBhcmc7DQogCUZJTEUgKmZwOw0KIAl6ZW5k X2xsaXN0IGhlYWRlcjsNCisJLyogZmlsZSB1cGxvYWQgc3RhdHVzIHZhcmlhYmxlcyAqLw0KKwl6 ZW5kX2Jvb2wgZmlsZV91cGxvYWRfc3RhdHVzID0gMDsNCisJY2hhciAqZmlsZV91cGxvYWRfc3Rh dHVzX2ZpbGVuYW1lID0gTlVMTDsNCisJRklMRSAqZmlsZV91cGxvYWRfc3RhdHVzX2ZwOw0KIA0K IAlpZiAoU0cocmVxdWVzdF9pbmZvKS5jb250ZW50X2xlbmd0aCA+IFNHKHBvc3RfbWF4X3NpemUp KSB7DQogCQlzYXBpX21vZHVsZS5zYXBpX2Vycm9yKEVfV0FSTklORywgIlBPU1QgQ29udGVudC1M ZW5ndGggb2YgJWQgYnl0ZXMgZXhjZWVkcyB0aGUgbGltaXQgb2YgJWQgYnl0ZXMiLCBTRyhyZXF1 ZXN0X2luZm8pLmNvbnRlbnRfbGVuZ3RoLCBTRyhwb3N0X21heF9zaXplKSk7DQpAQCAtNzk0LDcg Kzc5OCw2IEBADQogDQogCQkJLyogTm9ybWFsIGZvcm0gdmFyaWFibGUsIHNhZmUgdG8gcmVhZCBh bGwgZGF0YSBpbnRvIG1lbW9yeSAqLw0KIAkJCWlmICghZmlsZW5hbWUgJiYgcGFyYW0pIHsNCi0N CiAJCQkJY2hhciAqdmFsdWUgPSBtdWx0aXBhcnRfYnVmZmVyX3JlYWRfYm9keShtYnVmZiBUU1JN TFNfQ0MpOw0KIA0KIAkJCQlpZiAoIXZhbHVlKSB7DQpAQCAtODA1LDYgKzgwOCwxMyBAQA0KIAkJ CQlpZiAoIXN0cmNhc2VjbXAocGFyYW0sICJNQVhfRklMRV9TSVpFIikpIHsNCiAJCQkJCW1heF9m aWxlX3NpemUgPSBhdG9sKHZhbHVlKTsNCiAJCQkJfQ0KKwkJCQkNCisJCQkJLyogQ2hlY2sgZm9y IHVwbG9hZCBzdGF0dXMgaGlkZGVuIHZhcmlhYmxlICovDQorCQkJCWlmIChzdHJjYXNlY21wKHBh cmFtLCBGVVNHKGhpZGRlbl92YXJpYWJsZV9uYW1lKSkgPT0gMCkgew0KKwkJCQkJZmlsZV91cGxv YWRfc3RhdHVzID0gMTsNCisJCQkJCWZpbGVfdXBsb2FkX3N0YXR1c19maWxlbmFtZSA9IGVtYWxs b2Moc3RybGVuKEZVU0codGVtcF9maWxlX2RpcikpICsgc3RybGVuKEZVU0codGVtcF9maWxlX3By ZWZpeCkpICsgc3RybGVuKHZhbHVlKSArIDIpOw0KKwkJCQkJc3ByaW50ZihmaWxlX3VwbG9hZF9z dGF0dXNfZmlsZW5hbWUsICIlcy8lcyVzIiwgRlVTRyh0ZW1wX2ZpbGVfZGlyKSwgRlVTRyh0ZW1w X2ZpbGVfcHJlZml4KSwgdmFsdWUpOw0KKwkJCQl9DQogDQogCQkJCWVmcmVlKHBhcmFtKTsNCiAJ CQkJZWZyZWUodmFsdWUpOw0KQEAgLTg3Myw4ICs4ODMsMjIgQEANCiAJCQkJCQl0b3RhbF9ieXRl cyArPSB3bGVuOw0KIAkJCQkJfQ0KIAkJCQl9IA0KKw0KKwkJCQkvKiBXcml0ZSBmaWxlIHVwbG9h ZCBzdGF0dXMgdG8gZmlsZSAqLw0KKwkJCQlpZiAoZmlsZV91cGxvYWRfc3RhdHVzKSB7DQorCQkJ CQlmaWxlX3VwbG9hZF9zdGF0dXNfZnAgPSBmb3BlbihmaWxlX3VwbG9hZF9zdGF0dXNfZmlsZW5h bWUsICJ3Iik7DQorCQkJCQlmcHJpbnRmKGZpbGVfdXBsb2FkX3N0YXR1c19mcCwgIiVsaSAlbGki LCBTRyhyZWFkX3Bvc3RfYnl0ZXMpLCBTRyhyZXF1ZXN0X2luZm8pLmNvbnRlbnRfbGVuZ3RoKTsN CisJCQkJCWZjbG9zZShmaWxlX3VwbG9hZF9zdGF0dXNfZnApOw0KKwkJCQl9DQogCQkJfSANCiAJ CQlmY2xvc2UoZnApOw0KKw0KKwkJCS8qIFdyaXRlIGZpbGUgdXBsb2FkICJjb21wbGV0ZSIgc3Rh dHVzIHRvIGZpbGUgKi8NCisJCQlpZiAoZmlsZV91cGxvYWRfc3RhdHVzKSB7DQorCQkJCWZpbGVf dXBsb2FkX3N0YXR1c19mcCA9IGZvcGVuKGZpbGVfdXBsb2FkX3N0YXR1c19maWxlbmFtZSwgInci KTsNCisJCQkJZnByaW50ZihmaWxlX3VwbG9hZF9zdGF0dXNfZnAsICItMiAtMiIpOw0KKwkJCQlm Y2xvc2UoZmlsZV91cGxvYWRfc3RhdHVzX2ZwKTsNCisJCQl9DQogDQogI2lmZGVmIERFQlVHX0ZJ TEVfVVBMT0FEDQogCQkJaWYoc3RybGVuKGZpbGVuYW1lKSA+IDAgJiYgdG90YWxfYnl0ZXMgPT0g MCkgew0K ------_=_NextPart_001_01C34BC9.CB681D60--