/*
* Convert a zval to a string containing a base(2-36) representation of
* the number.
*/
PHPAPI zend_string * _php_math_zvaltobase(zval *arg, int base)
{
static char digits[] = "0123456789abcdefghijklmnopqrstuvwxyz";
if ((Z_TYPE_P(arg) != IS_LONG && Z_TYPE_P(arg) != IS_DOUBLE) || base < 2 || base > 36) {
return ZSTR_EMPTY_ALLOC();
}
if (Z_TYPE_P(arg) == IS_DOUBLE) {
double fvalue = floor(Z_DVAL_P(arg)); /* floor it just in case */
char *ptr, *end;
char buf[(sizeof(double) << 3) + 1];
/* Don't try to convert +/- infinity */
if (fvalue == HUGE_VAL || fvalue == -HUGE_VAL) {
php_error_docref(NULL, E_WARNING, "Number too large");
return ZSTR_EMPTY_ALLOC();
}
end = ptr = buf + sizeof(buf) - 1;
*ptr = '\0';
do {
*--ptr = digits[(int) fmod(fvalue, base)];
fvalue /= base;
} while (ptr > buf && fabs(fvalue) >= 1);
return zend_string_init(ptr, end - ptr, 0);
}
return _php_math_longtobase(arg, base);
}
static void *php_tidy_get_opt_val(PHPTidyDoc *ptdoc, TidyOption opt, TidyOptionType *type)
{
*type = tidyOptGetType(opt);
switch (*type) {
case TidyString: {
char *val = (char *) tidyOptGetValue(ptdoc->doc, tidyOptGetId(opt));
if (val) {
return (void *) zend_string_init(val, strlen(val), 0);
} else {
return (void *) ZSTR_EMPTY_ALLOC();
}
}
break;
case TidyInteger:
return (void *) (uintptr_t) tidyOptGetInt(ptdoc->doc, tidyOptGetId(opt));
break;
case TidyBoolean:
return (void *) tidyOptGetBool(ptdoc->doc, tidyOptGetId(opt));
break;
}
/* should not happen */
return NULL;
}
static inline int sock_recvfrom(php_netstream_data_t *sock, char *buf, size_t buflen, int flags,
zend_string **textaddr,
struct sockaddr **addr, socklen_t *addrlen
)
{
int ret;
int want_addr = textaddr || addr;
if (want_addr) {
php_sockaddr_storage sa;
socklen_t sl = sizeof(sa);
ret = recvfrom(sock->socket, buf, XP_SOCK_BUF_SIZE(buflen), flags, (struct sockaddr*)&sa, &sl);
ret = (ret == SOCK_CONN_ERR) ? -1 : ret;
if (sl) {
php_network_populate_name_from_sockaddr((struct sockaddr*)&sa, sl,
textaddr, addr, addrlen);
} else {
if (textaddr) {
*textaddr = ZSTR_EMPTY_ALLOC();
}
if (addr) {
*addr = NULL;
*addrlen = 0;
}
}
} else {
ret = recv(sock->socket, buf, XP_SOCK_BUF_SIZE(buflen), flags);
ret = (ret == SOCK_CONN_ERR) ? -1 : ret;
}
return ret;
}
static zend_string *php_tidy_file_to_mem(char *filename, zend_bool use_include_path)
{
php_stream *stream;
zend_string *data = NULL;
if (!(stream = php_stream_open_wrapper(filename, "rb", (use_include_path ? USE_PATH : 0), NULL))) {
return NULL;
}
if ((data = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0)) == NULL) {
data = ZSTR_EMPTY_ALLOC();
}
php_stream_close(stream);
return data;
}
ZEND_API zend_string *zend_vstrpprintf(size_t max_len, const char *format, va_list ap) /* {{{ */
{
smart_str buf = {0};
zend_printf_to_smart_str(&buf, format, ap);
if (!buf.s) {
return ZSTR_EMPTY_ALLOC();
}
if (max_len && ZSTR_LEN(buf.s) > max_len) {
ZSTR_LEN(buf.s) = max_len;
}
smart_str_0(&buf);
return buf.s;
}
zend_string * ion_buffer_read_all(ion_buffer * buffer) {
size_t incoming_length = evbuffer_get_length(bufferevent_get_input(buffer));
zend_string * data;
if(!incoming_length) {
return ZSTR_EMPTY_ALLOC();
}
data = zend_string_alloc(incoming_length, 0);
ZSTR_LEN(data) = bufferevent_read(buffer, ZSTR_VAL(data), incoming_length);
if (ZSTR_LEN(data) > 0) {
ZSTR_VAL(data)[ZSTR_LEN(data)] = '\0';
return data;
} else {
zend_string_free(data);
return NULL;
}
}
zend_string *ds_join_zval_buffer(
zval *buffer,
zend_long size,
char *glue,
size_t len
) {
smart_str str = {0};
if (size <= 0) {
return ZSTR_EMPTY_ALLOC();
}
if (size == 1) {
return zval_get_string(buffer);
}
// Glue is optional, will use empty string by default if NULL
if (glue && len) {
zval *pos = buffer;
zval *end = buffer + size - 1; // Exclude last value
// Append each part and the glue right up to the last value.
do {
smart_str_appendz(&str, pos);
smart_str_appendl(&str, glue, len);
} while (++pos != end);
// Append last value
smart_str_appendz(&str, pos);
} else {
zval *pos = buffer;
zval *end = buffer + size;
// Append each part including the last, without glue.
do {
smart_str_appendz(&str, pos);
} while (++pos != end);
}
smart_str_0(&str);
return str.s;
}
/*
* Convert a long to a string containing a base(2-36) representation of
* the number.
*/
PHPAPI zend_string * _php_math_longtobase(zval *arg, int base)
{
static char digits[] = "0123456789abcdefghijklmnopqrstuvwxyz";
char buf[(sizeof(zend_ulong) << 3) + 1];
char *ptr, *end;
zend_ulong value;
if (Z_TYPE_P(arg) != IS_LONG || base < 2 || base > 36) {
return ZSTR_EMPTY_ALLOC();
}
value = Z_LVAL_P(arg);
end = ptr = buf + sizeof(buf) - 1;
*ptr = '\0';
do {
*--ptr = digits[value % base];
value /= base;
} while (ptr > buf && value);
return zend_string_init(ptr, end - ptr, 0);
}
/* {{{ php_escape_shell_arg
*/
PHPAPI zend_string *php_escape_shell_arg(char *str)
{
size_t x, y = 0;
size_t l = strlen(str);
zend_string *cmd;
uint64_t estimate = (4 * (uint64_t)l) + 3;
/* max command line length - two single quotes - \0 byte length */
if (l > cmd_max_len - 2 - 1) {
php_error_docref(NULL, E_ERROR, "Argument exceeds the allowed length of %d bytes", cmd_max_len);
return ZSTR_EMPTY_ALLOC();
}
cmd = zend_string_safe_alloc(4, l, 2, 0); /* worst case */
#ifdef PHP_WIN32
ZSTR_VAL(cmd)[y++] = '"';
#else
ZSTR_VAL(cmd)[y++] = '\'';
#endif
for (x = 0; x < l; x++) {
int mb_len = php_mblen(str + x, (l - x));
/* skip non-valid multibyte characters */
if (mb_len < 0) {
continue;
} else if (mb_len > 1) {
memcpy(ZSTR_VAL(cmd) + y, str + x, mb_len);
y += mb_len;
x += mb_len - 1;
continue;
}
switch (str[x]) {
#ifdef PHP_WIN32
case '"':
case '%':
case '!':
ZSTR_VAL(cmd)[y++] = ' ';
break;
#else
case '\'':
ZSTR_VAL(cmd)[y++] = '\'';
ZSTR_VAL(cmd)[y++] = '\\';
ZSTR_VAL(cmd)[y++] = '\'';
#endif
/* fall-through */
default:
ZSTR_VAL(cmd)[y++] = str[x];
}
}
#ifdef PHP_WIN32
if (y > 0 && '\\' == ZSTR_VAL(cmd)[y - 1]) {
int k = 0, n = y - 1;
for (; n >= 0 && '\\' == ZSTR_VAL(cmd)[n]; n--, k++);
if (k % 2) {
ZSTR_VAL(cmd)[y++] = '\\';
}
}
ZSTR_VAL(cmd)[y++] = '"';
#else
ZSTR_VAL(cmd)[y++] = '\'';
#endif
ZSTR_VAL(cmd)[y] = '\0';
if (y > cmd_max_len + 1) {
php_error_docref(NULL, E_ERROR, "Escaped argument exceeds the allowed length of %d bytes", cmd_max_len);
zend_string_release(cmd);
return ZSTR_EMPTY_ALLOC();
}
if ((estimate - y) > 4096) {
/* realloc if the estimate was way overill
* Arbitrary cutoff point of 4096 */
cmd = zend_string_truncate(cmd, y, 0);
}
ZSTR_LEN(cmd) = y;
return cmd;
}
/* {{{ php_escape_shell_cmd
Escape all chars that could possibly be used to
break out of a shell command
This function emalloc's a string and returns the pointer.
Remember to efree it when done with it.
*NOT* safe for binary strings
*/
PHPAPI zend_string *php_escape_shell_cmd(char *str)
{
register size_t x, y;
size_t l = strlen(str);
uint64_t estimate = (2 * (uint64_t)l) + 1;
zend_string *cmd;
#ifndef PHP_WIN32
char *p = NULL;
#endif
/* max command line length - two single quotes - \0 byte length */
if (l > cmd_max_len - 2 - 1) {
php_error_docref(NULL, E_ERROR, "Command exceeds the allowed length of %d bytes", cmd_max_len);
return ZSTR_EMPTY_ALLOC();
}
cmd = zend_string_safe_alloc(2, l, 0, 0);
for (x = 0, y = 0; x < l; x++) {
int mb_len = php_mblen(str + x, (l - x));
/* skip non-valid multibyte characters */
if (mb_len < 0) {
continue;
} else if (mb_len > 1) {
memcpy(ZSTR_VAL(cmd) + y, str + x, mb_len);
y += mb_len;
x += mb_len - 1;
continue;
}
switch (str[x]) {
#ifndef PHP_WIN32
case '"':
case '\'':
if (!p && (p = memchr(str + x + 1, str[x], l - x - 1))) {
/* noop */
} else if (p && *p == str[x]) {
p = NULL;
} else {
ZSTR_VAL(cmd)[y++] = '\\';
}
ZSTR_VAL(cmd)[y++] = str[x];
break;
#else
/* % is Windows specific for environmental variables, ^%PATH% will
output PATH while ^%PATH^% will not. escapeshellcmd->val will escape all % and !.
*/
case '%':
case '!':
case '"':
case '\'':
#endif
case '#': /* This is character-set independent */
case '&':
case ';':
case '`':
case '|':
case '*':
case '?':
case '~':
case '<':
case '>':
case '^':
case '(':
case ')':
case '[':
case ']':
case '{':
case '}':
case '$':
case '\\':
case '\x0A': /* excluding these two */
case '\xFF':
#ifdef PHP_WIN32
ZSTR_VAL(cmd)[y++] = '^';
#else
ZSTR_VAL(cmd)[y++] = '\\';
#endif
/* fall-through */
default:
ZSTR_VAL(cmd)[y++] = str[x];
}
}
ZSTR_VAL(cmd)[y] = '\0';
if (y > cmd_max_len + 1) {
php_error_docref(NULL, E_ERROR, "Escaped command exceeds the allowed length of %d bytes", cmd_max_len);
zend_string_release(cmd);
return ZSTR_EMPTY_ALLOC();
}
if ((estimate - y) > 4096) {
/* realloc if the estimate was way overill
* Arbitrary cutoff point of 4096 */
cmd = zend_string_truncate(cmd, y, 0);
}
ZSTR_LEN(cmd) = y;
return cmd;
}
/*********************************************************************
// Name: SendText
// Input: 1) RPath: return path of the message
// Is used to fill the "Return-Path" and the
// "X-Sender" fields of the message.
// 2) Subject: Subject field of the message. If NULL is given
// the subject is set to "No Subject"
// 3) mailTo: Destination address
// 4) data: Null terminated string containing the data to be send.
// 5,6) headers of the message. Note that the second
// parameter, headers_lc, is actually a lowercased version of
// headers. The should match exactly (in terms of length),
// only differ in case
// Output: Error code or SUCCESS
// Description:
// Author/Date: jcar 20/9/96
// History:
//*******************************************************************/
static int SendText(char *RPath, char *Subject, char *mailTo, char *mailCc, char *mailBcc, char *data,
char *headers, char *headers_lc, char **error_message)
{
int res;
char *p;
char *tempMailTo, *token, *pos1, *pos2;
char *server_response = NULL;
char *stripped_header = NULL;
zend_string *data_cln;
/* check for NULL parameters */
if (data == NULL)
return (BAD_MSG_CONTENTS);
if (mailTo == NULL)
return (BAD_MSG_DESTINATION);
if (RPath == NULL)
return (BAD_MSG_RPATH);
/* simple checks for the mailto address */
/* have ampersand ? */
/* mfischer, 20020514: I commented this out because it really
seems bogus. Only a username for example may still be a
valid address at the destination system.
if (strchr(mailTo, '@') == NULL)
return (BAD_MSG_DESTINATION);
*/
snprintf(PW32G(mail_buffer), sizeof(PW32G(mail_buffer)), "HELO %s\r\n", PW32G(mail_local_host));
/* in the beginning of the dialog */
/* attempt reconnect if the first Post fail */
if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
int err = MailConnect();
if (0 != err) {
return (FAILED_TO_SEND);
}
if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
return (res);
}
}
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
return (res);
}
SMTP_SKIP_SPACE(RPath);
FormatEmailAddress(PW32G(mail_buffer), RPath, "MAIL FROM:<%s>\r\n");
if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
return (res);
}
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
return W32_SM_SENDMAIL_FROM_MALFORMED;
}
tempMailTo = estrdup(mailTo);
/* Send mail to all rcpt's */
token = strtok(tempMailTo, ",");
while (token != NULL)
{
SMTP_SKIP_SPACE(token);
FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
efree(tempMailTo);
return (res);
}
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
efree(tempMailTo);
return (res);
}
token = strtok(NULL, ",");
}
efree(tempMailTo);
if (mailCc && *mailCc) {
tempMailTo = estrdup(mailCc);
/* Send mail to all rcpt's */
token = strtok(tempMailTo, ",");
while (token != NULL)
{
SMTP_SKIP_SPACE(token);
FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
efree(tempMailTo);
return (res);
}
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
efree(tempMailTo);
return (res);
}
token = strtok(NULL, ",");
}
efree(tempMailTo);
}
/* Send mail to all Cc rcpt's */
else if (headers && (pos1 = strstr(headers_lc, "cc:")) && ((pos1 == headers_lc) || (*(pos1-1) == '\n'))) {
/* Real offset is memaddress from the original headers + difference of
* string found in the lowercase headrs + 3 characters to jump over
* the cc: */
pos1 = headers + (pos1 - headers_lc) + 3;
if (NULL == (pos2 = strstr(pos1, "\r\n"))) {
tempMailTo = estrndup(pos1, strlen(pos1));
} else {
tempMailTo = estrndup(pos1, pos2 - pos1);
}
token = strtok(tempMailTo, ",");
while (token != NULL)
{
SMTP_SKIP_SPACE(token);
FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
efree(tempMailTo);
return (res);
}
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
efree(tempMailTo);
return (res);
}
token = strtok(NULL, ",");
}
efree(tempMailTo);
}
/* Send mail to all Bcc rcpt's
This is basically a rip of the Cc code above.
Just don't forget to remove the Bcc: from the header afterwards. */
if (mailBcc && *mailBcc) {
tempMailTo = estrdup(mailBcc);
/* Send mail to all rcpt's */
token = strtok(tempMailTo, ",");
while (token != NULL)
{
SMTP_SKIP_SPACE(token);
FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
efree(tempMailTo);
return (res);
}
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
efree(tempMailTo);
return (res);
}
token = strtok(NULL, ",");
}
efree(tempMailTo);
}
else if (headers) {
if ((pos1 = strstr(headers_lc, "bcc:")) && (pos1 == headers_lc || *(pos1-1) == '\n')) {
/* Real offset is memaddress from the original headers + difference of
* string found in the lowercase headrs + 4 characters to jump over
* the bcc: */
pos1 = headers + (pos1 - headers_lc) + 4;
if (NULL == (pos2 = strstr(pos1, "\r\n"))) {
tempMailTo = estrndup(pos1, strlen(pos1));
/* Later, when we remove the Bcc: out of the
header we know it was the last thing. */
pos2 = pos1;
} else {
tempMailTo = estrndup(pos1, pos2 - pos1);
}
token = strtok(tempMailTo, ",");
while (token != NULL)
{
SMTP_SKIP_SPACE(token);
FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
efree(tempMailTo);
return (res);
}
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
efree(tempMailTo);
return (res);
}
token = strtok(NULL, ",");
}
efree(tempMailTo);
/* Now that we've identified that we've a Bcc list,
remove it from the current header. */
stripped_header = ecalloc(1, strlen(headers));
/* headers = point to string start of header
pos1 = pointer IN headers where the Bcc starts
'4' = Length of the characters 'bcc:'
Because we've added +4 above for parsing the Emails
we've to subtract them here. */
memcpy(stripped_header, headers, pos1 - headers - 4);
if (pos1 != pos2) {
/* if pos1 != pos2 , pos2 points to the rest of the headers.
Since pos1 != pos2 if "\r\n" was found, we know those characters
are there and so we jump over them (else we would generate a new header
which would look like "\r\n\r\n". */
memcpy(stripped_header + (pos1 - headers - 4), pos2 + 2, strlen(pos2) - 2);
}
}
}
/* Simplify the code that we create a copy of stripped_header no matter if
we actually strip something or not. So we've a single efree() later. */
if (headers && !stripped_header) {
stripped_header = estrndup(headers, strlen(headers));
}
if ((res = Post("DATA\r\n")) != SUCCESS) {
if (stripped_header) {
efree(stripped_header);
}
return (res);
}
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
if (stripped_header) {
efree(stripped_header);
}
return (res);
}
/* send message header */
if (Subject == NULL) {
res = PostHeader(RPath, "No Subject", mailTo, stripped_header);
} else {
res = PostHeader(RPath, Subject, mailTo, stripped_header);
}
if (stripped_header) {
efree(stripped_header);
}
if (res != SUCCESS) {
return (res);
}
/* Escape \n. sequences
* We use php_str_to_str() and not php_str_replace_in_subject(), since the latter
* uses ZVAL as it's parameters */
data_cln = php_str_to_str(data, strlen(data), PHP_WIN32_MAIL_DOT_PATTERN, sizeof(PHP_WIN32_MAIL_DOT_PATTERN) - 1,
PHP_WIN32_MAIL_DOT_REPLACE, sizeof(PHP_WIN32_MAIL_DOT_REPLACE) - 1);
if (!data_cln) {
data_cln = ZSTR_EMPTY_ALLOC();
}
/* send message contents in 1024 chunks */
{
char c, *e2, *e = ZSTR_VAL(data_cln) + ZSTR_LEN(data_cln);
p = ZSTR_VAL(data_cln);
while (e - p > 1024) {
e2 = p + 1024;
c = *e2;
*e2 = '\0';
if ((res = Post(p)) != SUCCESS) {
zend_string_free(data_cln);
return(res);
}
*e2 = c;
p = e2;
}
if ((res = Post(p)) != SUCCESS) {
zend_string_free(data_cln);
return(res);
}
}
zend_string_free(data_cln);
/*send termination dot */
if ((res = Post("\r\n.\r\n")) != SUCCESS)
return (res);
if ((res = Ack(&server_response)) != SUCCESS) {
SMTP_ERROR_RESPONSE(server_response);
return (res);
}
return (SUCCESS);
}
PDO_API int pdo_parse_params(pdo_stmt_t *stmt, char *inquery, size_t inquery_len,
char **outquery, size_t *outquery_len)
{
Scanner s;
char *ptr, *newbuffer;
int t;
int bindno = 0;
int ret = 0;
size_t newbuffer_len;
HashTable *params;
struct pdo_bound_param_data *param;
int query_type = PDO_PLACEHOLDER_NONE;
struct placeholder *placeholders = NULL, *placetail = NULL, *plc = NULL;
ptr = *outquery;
s.cur = inquery;
s.end = inquery + inquery_len + 1;
/* phase 1: look for args */
while((t = scan(&s)) != PDO_PARSER_EOI) {
if (t == PDO_PARSER_BIND || t == PDO_PARSER_BIND_POS) {
if (t == PDO_PARSER_BIND) {
int len = s.cur - s.tok;
if ((inquery < (s.cur - len)) && isalnum(*(s.cur - len - 1))) {
continue;
}
query_type |= PDO_PLACEHOLDER_NAMED;
} else {
query_type |= PDO_PLACEHOLDER_POSITIONAL;
}
plc = emalloc(sizeof(*plc));
memset(plc, 0, sizeof(*plc));
plc->next = NULL;
plc->pos = s.tok;
plc->len = s.cur - s.tok;
plc->bindno = bindno++;
if (placetail) {
placetail->next = plc;
} else {
placeholders = plc;
}
placetail = plc;
}
}
if (bindno == 0) {
/* nothing to do; good! */
return 0;
}
/* did the query make sense to me? */
if (query_type == (PDO_PLACEHOLDER_NAMED|PDO_PLACEHOLDER_POSITIONAL)) {
/* they mixed both types; punt */
pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "mixed named and positional parameters");
ret = -1;
goto clean_up;
}
if (stmt->supports_placeholders == query_type && !stmt->named_rewrite_template) {
/* query matches native syntax */
ret = 0;
goto clean_up;
}
if (stmt->named_rewrite_template) {
/* magic/hack.
* We we pretend that the query was positional even if
* it was named so that we fall into the
* named rewrite case below. Not too pretty,
* but it works. */
query_type = PDO_PLACEHOLDER_POSITIONAL;
}
params = stmt->bound_params;
/* Do we have placeholders but no bound params */
if (bindno && !params && stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) {
pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "no parameters were bound");
ret = -1;
goto clean_up;
}
if (params && bindno != zend_hash_num_elements(params) && stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) {
/* extra bit of validation for instances when same params are bound more than once */
if (query_type != PDO_PLACEHOLDER_POSITIONAL && bindno > zend_hash_num_elements(params)) {
int ok = 1;
for (plc = placeholders; plc; plc = plc->next) {
if ((param = zend_hash_str_find_ptr(params, plc->pos, plc->len)) == NULL) {
ok = 0;
break;
}
}
if (ok) {
goto safe;
}
}
pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "number of bound variables does not match number of tokens");
ret = -1;
goto clean_up;
}
safe:
/* what are we going to do ? */
if (stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) {
/* query generation */
newbuffer_len = inquery_len;
/* let's quote all the values */
for (plc = placeholders; plc; plc = plc->next) {
if (query_type == PDO_PLACEHOLDER_POSITIONAL) {
param = zend_hash_index_find_ptr(params, plc->bindno);
} else {
param = zend_hash_str_find_ptr(params, plc->pos, plc->len);
}
if (param == NULL) {
/* parameter was not defined */
ret = -1;
pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "parameter was not defined");
goto clean_up;
}
if (stmt->dbh->methods->quoter) {
zval *parameter;
if (Z_ISREF(param->parameter)) {
parameter = Z_REFVAL(param->parameter);
} else {
parameter = ¶m->parameter;
}
if (param->param_type == PDO_PARAM_LOB && Z_TYPE_P(parameter) == IS_RESOURCE) {
php_stream *stm;
php_stream_from_zval_no_verify(stm, parameter);
if (stm) {
zend_string *buf;
buf = php_stream_copy_to_mem(stm, PHP_STREAM_COPY_ALL, 0);
if (!buf) {
buf = ZSTR_EMPTY_ALLOC();
}
if (!stmt->dbh->methods->quoter(stmt->dbh, ZSTR_VAL(buf), ZSTR_LEN(buf), &plc->quoted, &plc->qlen,
param->param_type)) {
/* bork */
ret = -1;
strncpy(stmt->error_code, stmt->dbh->error_code, 6);
if (buf) {
zend_string_release(buf);
}
goto clean_up;
}
if (buf) {
zend_string_release(buf);
}
} else {
pdo_raise_impl_error(stmt->dbh, stmt, "HY105", "Expected a stream resource");
ret = -1;
goto clean_up;
}
plc->freeq = 1;
} else {
zval tmp_param;
ZVAL_DUP(&tmp_param, parameter);
switch (Z_TYPE(tmp_param)) {
case IS_NULL:
plc->quoted = "NULL";
plc->qlen = sizeof("NULL")-1;
plc->freeq = 0;
break;
case IS_FALSE:
case IS_TRUE:
convert_to_long(&tmp_param);
/* fall through */
case IS_LONG:
case IS_DOUBLE:
convert_to_string(&tmp_param);
plc->qlen = Z_STRLEN(tmp_param);
plc->quoted = estrdup(Z_STRVAL(tmp_param));
plc->freeq = 1;
break;
default:
convert_to_string(&tmp_param);
if (!stmt->dbh->methods->quoter(stmt->dbh, Z_STRVAL(tmp_param),
Z_STRLEN(tmp_param), &plc->quoted, &plc->qlen,
param->param_type)) {
/* bork */
ret = -1;
strncpy(stmt->error_code, stmt->dbh->error_code, 6);
goto clean_up;
}
plc->freeq = 1;
}
zval_dtor(&tmp_param);
}
} else {
zval *parameter;
if (Z_ISREF(param->parameter)) {
parameter = Z_REFVAL(param->parameter);
} else {
parameter = ¶m->parameter;
}
plc->quoted = Z_STRVAL_P(parameter);
plc->qlen = Z_STRLEN_P(parameter);
}
newbuffer_len += plc->qlen;
}
rewrite:
/* allocate output buffer */
newbuffer = emalloc(newbuffer_len + 1);
*outquery = newbuffer;
/* and build the query */
plc = placeholders;
ptr = inquery;
do {
t = plc->pos - ptr;
if (t) {
memcpy(newbuffer, ptr, t);
newbuffer += t;
}
memcpy(newbuffer, plc->quoted, plc->qlen);
newbuffer += plc->qlen;
ptr = plc->pos + plc->len;
plc = plc->next;
} while (plc);
t = (inquery + inquery_len) - ptr;
if (t) {
memcpy(newbuffer, ptr, t);
newbuffer += t;
}
*newbuffer = '\0';
*outquery_len = newbuffer - *outquery;
ret = 1;
goto clean_up;
} else if (query_type == PDO_PLACEHOLDER_POSITIONAL) {
/* rewrite ? to :pdoX */
char *name, *idxbuf;
const char *tmpl = stmt->named_rewrite_template ? stmt->named_rewrite_template : ":pdo%d";
int bind_no = 1;
newbuffer_len = inquery_len;
if (stmt->bound_param_map == NULL) {
ALLOC_HASHTABLE(stmt->bound_param_map);
zend_hash_init(stmt->bound_param_map, 13, NULL, free_param_name, 0);
}
for (plc = placeholders; plc; plc = plc->next) {
int skip_map = 0;
char *p;
name = estrndup(plc->pos, plc->len);
/* check if bound parameter is already available */
if (!strcmp(name, "?") || (p = zend_hash_str_find_ptr(stmt->bound_param_map, name, plc->len)) == NULL) {
spprintf(&idxbuf, 0, tmpl, bind_no++);
} else {
idxbuf = estrdup(p);
skip_map = 1;
}
plc->quoted = idxbuf;
plc->qlen = strlen(plc->quoted);
plc->freeq = 1;
newbuffer_len += plc->qlen;
if (!skip_map && stmt->named_rewrite_template) {
/* create a mapping */
zend_hash_str_update_mem(stmt->bound_param_map, name, plc->len, idxbuf, plc->qlen + 1);
}
/* map number to name */
zend_hash_index_update_mem(stmt->bound_param_map, plc->bindno, idxbuf, plc->qlen + 1);
efree(name);
}
goto rewrite;
} else {
/* rewrite :name to ? */
newbuffer_len = inquery_len;
if (stmt->bound_param_map == NULL) {
ALLOC_HASHTABLE(stmt->bound_param_map);
zend_hash_init(stmt->bound_param_map, 13, NULL, free_param_name, 0);
}
for (plc = placeholders; plc; plc = plc->next) {
char *name;
name = estrndup(plc->pos, plc->len);
zend_hash_index_update_mem(stmt->bound_param_map, plc->bindno, name, plc->len + 1);
efree(name);
plc->quoted = "?";
plc->qlen = 1;
}
goto rewrite;
}
clean_up:
while (placeholders) {
plc = placeholders;
placeholders = plc->next;
if (plc->freeq) {
efree(plc->quoted);
}
efree(plc);
}
return ret;
}
static int pdo_sqlite_stmt_param_hook(pdo_stmt_t *stmt, struct pdo_bound_param_data *param,
enum pdo_param_event event_type)
{
pdo_sqlite_stmt *S = (pdo_sqlite_stmt*)stmt->driver_data;
zval *parameter;
switch (event_type) {
case PDO_PARAM_EVT_EXEC_PRE:
if (stmt->executed && !S->done) {
sqlite3_reset(S->stmt);
S->done = 1;
}
if (param->is_param) {
if (param->paramno == -1) {
param->paramno = sqlite3_bind_parameter_index(S->stmt, ZSTR_VAL(param->name)) - 1;
}
switch (PDO_PARAM_TYPE(param->param_type)) {
case PDO_PARAM_STMT:
return 0;
case PDO_PARAM_NULL:
if (sqlite3_bind_null(S->stmt, param->paramno + 1) == SQLITE_OK) {
return 1;
}
pdo_sqlite_error_stmt(stmt);
return 0;
case PDO_PARAM_INT:
case PDO_PARAM_BOOL:
if (Z_ISREF(param->parameter)) {
parameter = Z_REFVAL(param->parameter);
} else {
parameter = ¶m->parameter;
}
if (Z_TYPE_P(parameter) == IS_NULL) {
if (sqlite3_bind_null(S->stmt, param->paramno + 1) == SQLITE_OK) {
return 1;
}
} else {
convert_to_long(parameter);
#if ZEND_LONG_MAX > 2147483647
if (SQLITE_OK == sqlite3_bind_int64(S->stmt, param->paramno + 1, Z_LVAL_P(parameter))) {
return 1;
}
#else
if (SQLITE_OK == sqlite3_bind_int(S->stmt, param->paramno + 1, Z_LVAL_P(parameter))) {
return 1;
}
#endif
}
pdo_sqlite_error_stmt(stmt);
return 0;
case PDO_PARAM_LOB:
if (Z_ISREF(param->parameter)) {
parameter = Z_REFVAL(param->parameter);
} else {
parameter = ¶m->parameter;
}
if (Z_TYPE_P(parameter) == IS_RESOURCE) {
php_stream *stm = NULL;
php_stream_from_zval_no_verify(stm, parameter);
if (stm) {
zend_string *mem = php_stream_copy_to_mem(stm, PHP_STREAM_COPY_ALL, 0);
zval_ptr_dtor(parameter);
ZVAL_STR(parameter, mem ? mem : ZSTR_EMPTY_ALLOC());
} else {
pdo_raise_impl_error(stmt->dbh, stmt, "HY105", "Expected a stream resource");
return 0;
}
} else if (Z_TYPE_P(parameter) == IS_NULL) {
if (sqlite3_bind_null(S->stmt, param->paramno + 1) == SQLITE_OK) {
return 1;
}
pdo_sqlite_error_stmt(stmt);
return 0;
} else {
convert_to_string(parameter);
}
if (SQLITE_OK == sqlite3_bind_blob(S->stmt, param->paramno + 1,
Z_STRVAL_P(parameter),
Z_STRLEN_P(parameter),
SQLITE_STATIC)) {
return 1;
}
return 0;
case PDO_PARAM_STR:
default:
if (Z_ISREF(param->parameter)) {
parameter = Z_REFVAL(param->parameter);
} else {
parameter = ¶m->parameter;
}
if (Z_TYPE_P(parameter) == IS_NULL) {
if (sqlite3_bind_null(S->stmt, param->paramno + 1) == SQLITE_OK) {
return 1;
}
} else {
convert_to_string(parameter);
if (SQLITE_OK == sqlite3_bind_text(S->stmt, param->paramno + 1,
Z_STRVAL_P(parameter),
Z_STRLEN_P(parameter),
SQLITE_STATIC)) {
return 1;
}
}
pdo_sqlite_error_stmt(stmt);
return 0;
}
}
break;
default:
;
}
return 1;
}
/* {{{ _php_mb_regex_ereg_replace_exec */
static void _php_mb_regex_ereg_replace_exec(INTERNAL_FUNCTION_PARAMETERS, OnigOptionType options, int is_callable)
{
zval *arg_pattern_zval;
char *arg_pattern;
size_t arg_pattern_len;
char *replace;
size_t replace_len;
zend_fcall_info arg_replace_fci;
zend_fcall_info_cache arg_replace_fci_cache;
char *string;
size_t string_len;
char *p;
php_mb_regex_t *re;
OnigSyntaxType *syntax;
OnigRegion *regs = NULL;
smart_str out_buf = {0};
smart_str eval_buf = {0};
smart_str *pbuf;
size_t i;
int err, eval, n;
OnigUChar *pos;
OnigUChar *string_lim;
char *description = NULL;
char pat_buf[6];
const mbfl_encoding *enc;
{
const char *current_enc_name;
current_enc_name = _php_mb_regex_mbctype2name(MBREX(current_mbctype));
if (current_enc_name == NULL ||
(enc = mbfl_name2encoding(current_enc_name)) == NULL) {
php_error_docref(NULL, E_WARNING, "Unknown error");
RETURN_FALSE;
}
}
eval = 0;
{
char *option_str = NULL;
size_t option_str_len = 0;
if (!is_callable) {
if (zend_parse_parameters(ZEND_NUM_ARGS(), "zss|s",
&arg_pattern_zval,
&replace, &replace_len,
&string, &string_len,
&option_str, &option_str_len) == FAILURE) {
RETURN_FALSE;
}
} else {
if (zend_parse_parameters(ZEND_NUM_ARGS(), "zfs|s",
&arg_pattern_zval,
&arg_replace_fci, &arg_replace_fci_cache,
&string, &string_len,
&option_str, &option_str_len) == FAILURE) {
RETURN_FALSE;
}
}
if (!php_mb_check_encoding(
string,
string_len,
_php_mb_regex_mbctype2name(MBREX(current_mbctype))
)) {
RETURN_NULL();
}
if (option_str != NULL) {
_php_mb_regex_init_options(option_str, option_str_len, &options, &syntax, &eval);
} else {
options |= MBREX(regex_default_options);
syntax = MBREX(regex_default_syntax);
}
}
if (eval && !is_callable) {
php_error_docref(NULL, E_DEPRECATED, "The 'e' option is deprecated, use mb_ereg_replace_callback instead");
}
if (Z_TYPE_P(arg_pattern_zval) == IS_STRING) {
arg_pattern = Z_STRVAL_P(arg_pattern_zval);
arg_pattern_len = Z_STRLEN_P(arg_pattern_zval);
} else {
/* FIXME: this code is not multibyte aware! */
convert_to_long_ex(arg_pattern_zval);
pat_buf[0] = (char)Z_LVAL_P(arg_pattern_zval);
pat_buf[1] = '\0';
pat_buf[2] = '\0';
pat_buf[3] = '\0';
pat_buf[4] = '\0';
pat_buf[5] = '\0';
arg_pattern = pat_buf;
arg_pattern_len = 1;
}
/* create regex pattern buffer */
re = php_mbregex_compile_pattern(arg_pattern, arg_pattern_len, options, MBREX(current_mbctype), syntax);
if (re == NULL) {
RETURN_FALSE;
}
if (eval || is_callable) {
pbuf = &eval_buf;
description = zend_make_compiled_string_description("mbregex replace");
} else {
pbuf = &out_buf;
description = NULL;
}
if (is_callable) {
if (eval) {
php_error_docref(NULL, E_WARNING, "Option 'e' cannot be used with replacement callback");
RETURN_FALSE;
}
}
/* do the actual work */
err = 0;
pos = (OnigUChar *)string;
string_lim = (OnigUChar*)(string + string_len);
regs = onig_region_new();
while (err >= 0) {
err = onig_search(re, (OnigUChar *)string, (OnigUChar *)string_lim, pos, (OnigUChar *)string_lim, regs, 0);
if (err <= -2) {
OnigUChar err_str[ONIG_MAX_ERROR_MESSAGE_LEN];
onig_error_code_to_str(err_str, err);
php_error_docref(NULL, E_WARNING, "mbregex search failure in php_mbereg_replace_exec(): %s", err_str);
break;
}
if (err >= 0) {
#if moriyoshi_0
if (regs->beg[0] == regs->end[0]) {
php_error_docref(NULL, E_WARNING, "Empty regular expression");
break;
}
#endif
/* copy the part of the string before the match */
smart_str_appendl(&out_buf, (char *)pos, (size_t)((OnigUChar *)(string + regs->beg[0]) - pos));
if (!is_callable) {
/* copy replacement and backrefs */
i = 0;
p = replace;
while (i < replace_len) {
int fwd = (int) php_mb_mbchar_bytes_ex(p, enc);
n = -1;
if ((replace_len - i) >= 2 && fwd == 1 &&
p[0] == '\\' && p[1] >= '0' && p[1] <= '9') {
n = p[1] - '0';
}
if (n >= 0 && n < regs->num_regs) {
if (regs->beg[n] >= 0 && regs->beg[n] < regs->end[n] && (size_t)regs->end[n] <= string_len) {
smart_str_appendl(pbuf, string + regs->beg[n], regs->end[n] - regs->beg[n]);
}
p += 2;
i += 2;
} else {
smart_str_appendl(pbuf, p, fwd);
p += fwd;
i += fwd;
}
}
}
if (eval) {
zval v;
zend_string *eval_str;
/* null terminate buffer */
smart_str_0(&eval_buf);
if (eval_buf.s) {
eval_str = eval_buf.s;
} else {
eval_str = ZSTR_EMPTY_ALLOC();
}
/* do eval */
if (zend_eval_stringl(ZSTR_VAL(eval_str), ZSTR_LEN(eval_str), &v, description) == FAILURE) {
efree(description);
zend_throw_error(NULL, "Failed evaluating code: %s%s", PHP_EOL, ZSTR_VAL(eval_str));
onig_region_free(regs, 0);
smart_str_free(&out_buf);
smart_str_free(&eval_buf);
RETURN_FALSE;
}
/* result of eval */
convert_to_string(&v);
smart_str_appendl(&out_buf, Z_STRVAL(v), Z_STRLEN(v));
/* Clean up */
smart_str_free(&eval_buf);
zval_dtor(&v);
} else if (is_callable) {
zval args[1];
zval subpats, retval;
int i;
array_init(&subpats);
for (i = 0; i < regs->num_regs; i++) {
add_next_index_stringl(&subpats, string + regs->beg[i], regs->end[i] - regs->beg[i]);
}
ZVAL_COPY_VALUE(&args[0], &subpats);
/* null terminate buffer */
smart_str_0(&eval_buf);
arg_replace_fci.param_count = 1;
arg_replace_fci.params = args;
arg_replace_fci.retval = &retval;
if (zend_call_function(&arg_replace_fci, &arg_replace_fci_cache) == SUCCESS &&
!Z_ISUNDEF(retval)) {
convert_to_string_ex(&retval);
smart_str_appendl(&out_buf, Z_STRVAL(retval), Z_STRLEN(retval));
smart_str_free(&eval_buf);
zval_ptr_dtor(&retval);
} else {
if (!EG(exception)) {
php_error_docref(NULL, E_WARNING, "Unable to call custom replacement function");
}
}
zval_ptr_dtor(&subpats);
}
n = regs->end[0];
if ((pos - (OnigUChar *)string) < n) {
pos = (OnigUChar *)string + n;
} else {
if (pos < string_lim) {
smart_str_appendl(&out_buf, (char *)pos, 1);
}
pos++;
}
} else { /* nomatch */
/* stick that last bit of string on our output */
if (string_lim - pos > 0) {
smart_str_appendl(&out_buf, (char *)pos, string_lim - pos);
}
}
onig_region_free(regs, 0);
}
if (description) {
efree(description);
}
if (regs != NULL) {
onig_region_free(regs, 1);
}
smart_str_free(&eval_buf);
if (err <= -2) {
smart_str_free(&out_buf);
RETVAL_FALSE;
} else if (out_buf.s) {
smart_str_0(&out_buf);
RETVAL_STR(out_buf.s);
} else {
RETVAL_EMPTY_STRING();
}
}
