--Boundary-00=_/iEY/CFpwu9kJDq
Content-Type: text/plain;
cht="iso-8859-2"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


Hello there!

I made a patch (attached) for supporting disabling functions per virtual
directory. I think it is working - haven't found a bug so far.

Patch is against php 4.3.3 and touches only two files, main/main.c and
sapi/apache/mod_php4.c.

What do you think about it? Any chance of getting included in official
distribution?

Best regards,
Tvrtko A. Ursulin

--Boundary-00=_/iEY/CFpwu9kJDq
Content-Type: text/x-diff;
cht="iso-8859-2";
name="php-4.3.3-disable-functions-perdir.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="php-4.3.3-disable-functions-perdir.patch"

diff -Naur php-4.3.3-orig/main/main.c php-4.3.3/main/main.c
--- php-4.3.3-orig/main/main.c 2003-08-22 22:02:11.000000000 +0200
+++ php-4.3.3/main/main.c 2003-09-10 11:25:09.000000000 +0200
-1,4 +1,4
-/*
+/*
+----------------------------------------------------------------------+
| PHP Version 4 |
+----------------------------------------------------------------------+
-359,7 +359,7
PHP_INI_ENTRY("precision", "14", PHP_INI_ALL, OnSetPrecision)
PHP_INI_ENTRY("sendmail_from", NULL, PHP_INI_ALL, NULL)
PHP_INI_ENTRY("sendmail_path", DEFAULT_SENDMAIL_PATH, PHP_INI_SYSTEM, NULL)
- PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM, NULL)
+ PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
PHP_INI_ENTRY("disable_classes", "", PHP_INI_SYSTEM, NULL)

STD_PHP_INI_BOOLEAN("allow_url_fopen", "1", PHP_INI_ALL, OnUpdateBool, allow_url_fopen, php_core_globals, core_globals)
diff -Naur php-4.3.3-orig/sapi/apache/mod_php4.c php-4.3.3/sapi/apache/mod_php4.c
--- php-4.3.3-orig/sapi/apache/mod_php4.c 2003-06-03 07:41:49.000000000 +0200
+++ php-4.3.3/sapi/apache/mod_php4.c 2003-09-10 11:25:29.000000000 +0200
-528,12 +528,121
}
/* }}} */

+#define MAX_DISABLED_FUNC_PER_DIR 128
+
+struct my_function_save
+{
+ char name[128];
+ int len;
+ void *handler;
+};
+
+static int functions_saved = 0;
+static struct my_function_save function_save[MAX_DISABLED_FUNC_PER_DIR];
+
+/* {{{ my_zend_disable_function
+ */
+static int my_zend_disable_function(char *name, int name_len TSRMLS_CC)
+{
+ if ( functions_saved == MAX_DISABLED_FUNC_PER_DIR ) {
+ return 0;
+ }
+
+ zend_function *func;
+
+ if (zend_hash_find(CG(function_table), name, name_len+1, (void **) &func) == FAILURE) {
+ return 0;
+ }
+
+ if ( func->internal_function.handler == ZEND_FN(display_disabled_function) ) {
+ return 0;
+ }
+
+ strncpy(function_save[functions_saved].name,name,sizeof(function_save[0].name));
+ function_save[functions_saved].len = name_len;
+ function_save[functions_saved].handler = func->internal_function.handler;
+
+ func->internal_function.handler = ZEND_FN(display_disabled_function);
+
+ functions_saved++;
+
+ return 1;
+}
+/* }}} */
+
+/* {{{ my_php_restore_functions
+ */
+static int my_php_restore_functions(void)
+{
+ if ( functions_saved == 0 )
+ return 0;
+
+ zend_function *func;
+ int i;
+ int cnt = 0;
+
+ for ( i = 0; i < functions_saved; i++ ) {
+ if (zend_hash_find(CG(function_table), function_save[i].name, function_save[i].len+1, (void **) &func) == SUCCESS) {
+ func->internal_function.handler = function_save[i].handler;
+ cnt++;
+ }
+ }
+
+ functions_saved = 0;
+
+ return cnt;
+}
+/* }}} */
+
+/* {{{ my_php_disable_functions
+ */
+static int my_php_disable_functions(char *e TSRMLS_DC)
+{
+ char *s = NULL;
+ char p;
+ int cnt = 0;
+
+ if (!*e) {
+ return;
+ }
+
+ while (*e) {
+ switch (*e) {
+ case ' ':
+ case ',':
+ if (s) {
+ p = *e;
+ *e = '\0';
+ cnt += my_zend_disable_function(s, e-s TSRMLS_CC);
+ *e = p;
+ s = NULL;
+ }
+ break;
+ default:
+ if (!s) {
+ s = e;
+ }
+ break;
+ }
+ e++;
+ }
+ if (s) {
+ cnt += my_zend_disable_function(s, e-s TSRMLS_CC);
+ }
+
+ return cnt;
+}
+/* }}} */
+
+
/* {{{ send_php
*/
static int send_php(request_rec *r, int display_source_mode, char *filename)
{
int retval;
HashTable *per_dir_conf;
+ int disabled = 0;
+ int ret = OK;
TSRMLS_FETCH();

if (AP(in_request)) {
-561,9 +670,14

per_dir_conf = (HashTable *) get_module_config(r->per_dir_config, &php4_module);
if (per_dir_conf) {
+ php_per_dir_entry *entry;
+ if ( zend_hash_find((HashTable *) per_dir_conf, "disable_functions",17,(void **) &entry) == SUCCESS )
+ {
+ disabled = my_php_disable_functions(entry->value);
+ }
zend_hash_apply((HashTable *) per_dir_conf, (apply_func_t) php_apache_alter_ini_entries TSRMLS_CC);
}
-
+
/* If PHP pr engine has been turned off with an "engine off"
* directive, then decline to handle this request
*/
-573,7 +687,8
zend_try {
zend_ini_deactivate(TSRMLS_C);
} zend_end_try();
- return DECLINED;
+ ret = DECLINED;
+ goto out;
}
if (filename == NULL) {
filename = r->filename;
-585,7 +700,8
zend_try {
zend_ini_deactivate(TSRMLS_C);
} zend_end_try();
- return retval;
+ ret = retval;
+ goto out;
}
#endif

-595,7 +711,8
zend_try {
zend_ini_deactivate(TSRMLS_C);
} zend_end_try();
- return retval;
+ ret = retval;
+ goto out;
}
#else
update_mtime (r, r->finfo.st_mtime);
-611,7 +728,7
hard_timeout("send", r);

SG(server_context) = r;
-
+
php_save_umask();
add_common_vars(r);
add_cgi_vars(r);
-624,7 +741,14
kill_timeout(r);
} zend_end_try();

- return OK;
+out:
+ if ( disabled > 0 ) {
+ if ( disabled != my_php_restore_functions() ) {
+ ret = DECLINED;
+ }
+ }
+
+ return ret;
}
/* }}} */



--Boundary-00=_/iEY/CFpwu9kJDq
Content-Type: text/plain; cht=us-ascii

--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: [url]http://www.php.net/unsub.php[/url]
--Boundary-00=_/iEY/CFpwu9kJDq--