php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #782 Integrate the include patch to support HTTP PUT method file uploads
Submitted: 1998-09-24 22:48 UTC Modified: 1999-03-07 10:44 UTC
From: mlemos at acm dot org Assigned:
Status: Closed Package: Feature/Change Request
PHP Version: 3.0.4 OS:
Private report: No CVE-ID: None
View Developer Edit
 [1998-09-24 22:48 UTC] mlemos at acm dot org 
Here follows the patch to make PHP handle file uploads done usning HTTP PUT
method.

Basically it does the following:

* Checks content length against PHP maximum upload size option.
* Creates a file in the directory defined in PHP upload directory option.
* Reads the file data and writes it to the temporary file.
* Sets the global variable PHP_UPLOADED_FILE_NAME to the uploaded temporary file.
* Schedules the file to be deleted on PHP exit.

Manuel Lemos
mlemos@acm.org


*** main.c.3.0.4	Mon Sep 21 16:41:47 1998
--- main.c	Fri Sep 25 01:47:05 1998
***************
*** 1238,1245 ****
  		switch(*p++) {
  			case 'p':
  			case 'P':
! 				if (!_gpc_flags[0] && php3_headers_unsent() && GLOBAL(request_info).request_method && !strcasecmp(GLOBAL(request_info).request_method, "post")) {
! 					php3_treat_data(PARSE_POST, NULL);	/* POST Data */
  					_gpc_flags[0]=1;
  				}
  				break;
--- 1238,1251 ----
  		switch(*p++) {
  			case 'p':
  			case 'P':
! 				if (!_gpc_flags[0] && php3_headers_unsent() && GLOBAL(request_info).request_method) {
! 					if(!strcasecmp(GLOBAL(request_info).request_method, "post")) {
! 						php3_treat_data(PARSE_POST, NULL);	/* POST Data */
! 					} else {
! 						if(!strcasecmp(GLOBAL(request_info).request_method, "put")) {
! 							php3_treat_data(PARSE_PUT, NULL);	/* PUT Data */
! 						}
! 					}
  					_gpc_flags[0]=1;
  				}
  				break;
*** functions/head.c.3.0.4	Tue Aug 18 12:49:29 1998
--- functions/head.c	Fri Sep 25 01:45:12 1998
***************
*** 252,259 ****
  		return 1;
  	}
  	if ((GLOBAL(php3_PrintHeader) && !GLOBAL(php3_HeaderPrinted)) || (GLOBAL(php3_PrintHeader) && GLOBAL(php3_HeaderPrinted) == 2)) {
! 		if (!(GLOBAL(initialized) & INIT_ENVIRONMENT) && GLOBAL(request_info).request_method && !strcasecmp(GLOBAL(request_info).request_method, "post")) {
! 			php3_treat_data(PARSE_POST, NULL);	/* POST Data */
  		}
  		cookie = php3_PopCookieList();
  		while (cookie) {
--- 252,264 ----
  		return 1;
  	}
  	if ((GLOBAL(php3_PrintHeader) && !GLOBAL(php3_HeaderPrinted)) || (GLOBAL(php3_PrintHeader) && GLOBAL(php3_HeaderPrinted) == 2)) {
! 		if (!(GLOBAL(initialized) & INIT_ENVIRONMENT) && GLOBAL(request_info).request_method) {
! 			if(!strcasecmp(GLOBAL(request_info).request_method, "post"))
! 				php3_treat_data(PARSE_POST, NULL);	/* POST Data */
! 			else {
! 				if(!strcasecmp(GLOBAL(request_info).request_method, "put"))
! 					php3_treat_data(PARSE_PUT, NULL);	/* PUT Data */
! 			}
  		}
  		cookie = php3_PopCookieList();
  		while (cookie) {
***************
*** 332,339 ****
  	}
  #else
  	if (GLOBAL(php3_PrintHeader) && !GLOBAL(php3_HeaderPrinted)) {
! 		if (!(GLOBAL(initialized) & INIT_ENVIRONMENT) && GLOBAL(request_info).request_method && !strcasecmp(GLOBAL(request_info).request_method, "post")) {
! 			php3_treat_data(PARSE_POST, NULL);	/* POST Data */
  		}
  		if (!GLOBAL(cont_type)) {
  #if USE_SAPI
--- 337,349 ----
  	}
  #else
  	if (GLOBAL(php3_PrintHeader) && !GLOBAL(php3_HeaderPrinted)) {
! 		if (!(GLOBAL(initialized) & INIT_ENVIRONMENT) && GLOBAL(request_info).request_method) {
! 			if(!strcasecmp(GLOBAL(request_info).request_method, "post")
! 				php3_treat_data(PARSE_POST, NULL);	/* POST Data */
! 			else {
! 				if(!strcasecmp(GLOBAL(request_info).request_method, "put"))
! 					php3_treat_data(PARSE_PUT, NULL);	/* PUT Data */
! 			}
  		}
  		if (!GLOBAL(cont_type)) {
  #if USE_SAPI
*** functions/post.c.3.0.4	Fri Sep 18 12:56:18 1998
--- functions/post.c	Fri Sep 25 02:53:38 1998
***************
*** 41,49 ****
--- 41,135 ----
  
  #ifndef THREAD_SAFE
  int php3_track_vars;
+ int le_uploads;
+ extern HashTable list;
  #endif
  
  /*
+  * php3_getput()
+  *
+  * This copies the uploaded file to a temporary file.
+  */
+ static void php3_getput()
+ {
+ #if MODULE_MAGIC_NUMBER > 19961007
+ 	char upload_buffer[BUFSIZ];
+ #else
+ 	int bytes;
+ #endif
+ 	char *fn;
+ 	FILE *fp;
+ 	int length, cnt;
+ 	long bytes;
+ 
+ 	length = GLOBAL(request_info).content_length;
+ 	if (length > php3_ini.upload_max_filesize) {
+ 		php3_error(E_WARNING, "Max file size of %ld bytes exceeded - temporary file not saved", php3_ini.upload_max_filesize);
+ 		SET_VAR_STRING("PHP_UPLOADED_FILE_NAME", estrdup("none"));
+ 		return;
+ 	}
+ 	fn = tempnam(php3_ini.upload_tmp_dir, "php");
+ 	fp = fopen(fn, "w");
+ 	if (!fp) {
+ 		php3_error(E_WARNING, "File Upload Error - Unable to open temporary file [%s]", fn);
+ 		return;
+ 	}
+ 	cnt = length;
+ #if FHTTPD
+ 	bytes = fwrite(req->databuffer, 1, length, fp);
+ #else
+ #if MODULE_MAGIC_NUMBER > 19961007
+ 	if (should_client_block(GLOBAL(php3_rqst))) {
+ 		void (*handler) (int);
+ 		int dbsize, len_read, dbpos = 0;
+ 
+ 		hard_timeout("copy script args", GLOBAL(php3_rqst));	/* start timeout timer */
+ 		handler = signal(SIGPIPE, SIG_IGN);		/* Ignore sigpipes for now */
+ 		while ((len_read = get_client_block(GLOBAL(php3_rqst), upload_buffer, BUFSIZ)) > 0) {
+ 			if ((dbpos + len_read) > length)
+ 				dbsize = length - dbpos;
+ 			else
+ 				dbsize = len_read;
+ 			reset_timeout(GLOBAL(php3_rqst));	/* Make sure we don't timeout */
+ 			if((bytes=fwrite(upload_buffer, 1, dbsize, fp))<dbsize)
+ 			{
+ 				bytes+=dbpos;
+ 				break;
+ 			}
+ 			dbpos += dbsize;
+ 			bytes=dbpos;
+ 		}
+ 		signal(SIGPIPE, handler);	/* restore normal sigpipe handling */
+ 		kill_timeout(GLOBAL(php3_rqst));	/* stop timeout timer */
+ 	}
+ #else
+ 	cnt = 0;
+ 	do {
+ #if APACHE
+ 		char upload_buffer[BUFSIZ];
+ 
+ 		bytes = read_client_block(php3_rqst, buf + cnt, min(length - cnt,BUFSIZ));
+ #endif
+ #if CGI_BINARY
+ 		bytes = fread(buf + cnt, 1, min(length - cnt,BUFSIZ), stdin);
+ #endif
+ #if USE_SAPI
+ 		bytes = GLOBAL(sapi_rqst)->readclient(GLOBAL(sapi_rqst)->scid,buf + cnt, 1, min(length - cnt,BUFSIZ));
+ #endif
+ 		cnt += bytes;
+ 	} while (bytes && cnt < length);
+ #endif
+ #endif
+ 	fclose(fp);
+ 	if (bytes < length) {
+ 		php3_error(E_WARNING, "Only %d bytes were written, expected to write %ld", bytes, length);
+ 	}
+ 	SET_VAR_STRING("PHP_UPLOADED_FILE_NAME", estrdup(fn));
+ 	php3_list_do_insert(&GLOBAL(list),fn,GLOBAL(le_uploads));  /* Tell PHP about the file so the destructor can unlink it later */
+ }
+ 
+ 
+ /*
   * php3_getpost()
   *
   * This reads the post form data into a string.
***************
*** 325,330 ****
--- 411,419 ----
  		}
  	} else if (arg == PARSE_STRING) {		/* String data */
  		res = str;
+ 	} else if (arg == PARSE_PUT) {		/* Put data */
+ 		php3_getput();
+ 		return;
  	}
  	if (!res) {
  		return;
*** functions/post.h.3.0.4	Fri May 15 10:57:36 1998
--- functions/post.h	Fri Sep 25 01:42:26 1998
***************
*** 35,40 ****
--- 35,41 ----
  #define PARSE_GET 1
  #define PARSE_COOKIE 2
  #define PARSE_STRING 3
+ #define PARSE_PUT 4
  
  extern void php3_treat_data(int arg, char *str);
  extern void php3_TreatHeaders(void);

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [1999-03-07 10:44 UTC] rasmus 
Evaluating
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Jul 13 06:01:32 2025 UTC