PageRenderTime 55ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 0ms

/main/php_variables.c

https://github.com/php/php-src
C | 913 lines | 731 code | 121 blank | 61 comment | 237 complexity | 8158908aafc59d22ca6a162ac3afb897 MD5 | raw file
Possible License(s): BSD-2-Clause, BSD-3-Clause, MPL-2.0-no-copyleft-exception, LGPL-2.1 
    

  1. /*
    2. 

  2.    +----------------------------------------------------------------------+
    3. 

  3.    | Copyright (c) The PHP Group                                          |
    4. 

  4.    +----------------------------------------------------------------------+
    5. 

  5.    | This source file is subject to version 3.01 of the PHP license,      |
    6. 

  6.    | that is bundled with this package in the file LICENSE, and is        |
    7. 

  7.    | available through the world-wide-web at the following url:           |
    8. 

  8.    | https://www.php.net/license/3_01.txt                                 |
    9. 

  9.    | If you did not receive a copy of the PHP license and are unable to   |
    10. 

  10.    | obtain it through the world-wide-web, please send a note to          |
    11. 

  11.    | license@php.net so we can mail you a copy immediately.               |
    12. 

  12.    +----------------------------------------------------------------------+
    13. 

  13.    | Authors: Rasmus Lerdorf <rasmus@lerdorf.on.ca>                       |
    14. 

  14.    |          Zeev Suraski <zeev@php.net>                                 |
    15. 

  15.    +----------------------------------------------------------------------+
    16. 

  16.  */
    17. 

  17. 

  18. #include <stdio.h>
    19. 

  19. #include "php.h"
    20. 

  20. #include "ext/standard/php_standard.h"
    21. 

  21. #include "ext/standard/credits.h"
    22. 

  22. #include "zend_smart_str.h"
    23. 

  23. #include "php_variables.h"
    24. 

  24. #include "php_globals.h"
    25. 

  25. #include "php_content_types.h"
    26. 

  26. #include "SAPI.h"
    27. 

  27. #include "zend_globals.h"
    28. 

  28. 

  29. /* for systems that need to override reading of environment variables */
    30. 

  30. void _php_import_environment_variables(zval *array_ptr);
    31. 

  31. PHPAPI void (*php_import_environment_variables)(zval *array_ptr) = _php_import_environment_variables;
    32. 

  32. 

  33. PHPAPI void php_register_variable(const char *var, const char *strval, zval *track_vars_array)
    34. 

  34. {
    35. 

  35. 	php_register_variable_safe(var, strval, strlen(strval), track_vars_array);
    36. 

  36. }
    37. 

  37. 

  38. /* binary-safe version */
    39. 

  39. PHPAPI void php_register_variable_safe(const char *var, const char *strval, size_t str_len, zval *track_vars_array)
    40. 

  40. {
    41. 

  41. 	zval new_entry;
    42. 

  42. 	assert(strval != NULL);
    43. 

  43. 

  44. 	ZVAL_STRINGL_FAST(&new_entry, strval, str_len);
    45. 

  45. 

  46. 	php_register_variable_ex(var, &new_entry, track_vars_array);
    47. 

  47. }
    48. 

  48. 

  49. static zend_always_inline void php_register_variable_quick(const char *name, size_t name_len, zval *val, HashTable *ht)
    50. 

  50. {
    51. 

  51. 	zend_string *key = zend_string_init_interned(name, name_len, 0);
    52. 

  52. 

  53. 	zend_hash_update_ind(ht, key, val);
    54. 

  54. 	zend_string_release_ex(key, 0);
    55. 

  55. }
    56. 

  56. 

  57. PHPAPI void php_register_variable_ex(const char *var_name, zval *val, zval *track_vars_array)
    58. 

  58. {
    59. 

  59. 	char *p = NULL;
    60. 

  60. 	char *ip = NULL;		/* index pointer */
    61. 

  61. 	char *index;
    62. 

  62. 	char *var, *var_orig;
    63. 

  63. 	size_t var_len, index_len;
    64. 

  64. 	zval gpc_element, *gpc_element_p;
    65. 

  65. 	bool is_array = 0;
    66. 

  66. 	HashTable *symtable1 = NULL;
    67. 

  67. 	ALLOCA_FLAG(use_heap)
    68. 

  68. 

  69. 	assert(var_name != NULL);
    70. 

  70. 

  71. 	if (track_vars_array && Z_TYPE_P(track_vars_array) == IS_ARRAY) {
    72. 

  72. 		symtable1 = Z_ARRVAL_P(track_vars_array);
    73. 

  73. 	}
    74. 

  74. 

  75. 	if (!symtable1) {
    76. 

  76. 		/* Nothing to do */
    77. 

  77. 		zval_ptr_dtor_nogc(val);
    78. 

  78. 		return;
    79. 

  79. 	}
    80. 

  80. 

  81. 

  82. 	/* ignore leading spaces in the variable name */
    83. 

  83. 	while (*var_name==' ') {
    84. 

  84. 		var_name++;
    85. 

  85. 	}
    86. 

  86. 

  87. 	/*
    88. 

  88. 	 * Prepare variable name
    89. 

  89. 	 */
    90. 

  90. 	var_len = strlen(var_name);
    91. 

  91. 	var = var_orig = do_alloca(var_len + 1, use_heap);
    92. 

  92. 	memcpy(var_orig, var_name, var_len + 1);
    93. 

  93. 

  94. 	/* ensure that we don't have spaces or dots in the variable name (not binary safe) */
    95. 

  95. 	for (p = var; *p; p++) {
    96. 

  96. 		if (*p == ' ' || *p == '.') {
    97. 

  97. 			*p='_';
    98. 

  98. 		} else if (*p == '[') {
    99. 

  99. 			is_array = 1;
    100. 

  100. 			ip = p;
    101. 

  101. 			*p = 0;
    102. 

  102. 			break;
    103. 

  103. 		}
    104. 

  104. 	}
    105. 

  105. 	var_len = p - var;
    106. 

  106. 

  107. 	if (var_len==0) { /* empty variable name, or variable name with a space in it */
    108. 

  108. 		zval_ptr_dtor_nogc(val);
    109. 

  109. 		free_alloca(var_orig, use_heap);
    110. 

  110. 		return;
    111. 

  111. 	}
    112. 

  112. 

  113. 	if (var_len == sizeof("this")-1 && EG(current_execute_data)) {
    114. 

  114. 		zend_execute_data *ex = EG(current_execute_data);
    115. 

  115. 

  116. 		while (ex) {
    117. 

  117. 			if (ex->func && ZEND_USER_CODE(ex->func->common.type)) {
    118. 

  118. 				if ((ZEND_CALL_INFO(ex) & ZEND_CALL_HAS_SYMBOL_TABLE)
    119. 

  119. 						&& ex->symbol_table == symtable1) {
    120. 

  120. 					if (memcmp(var, "this", sizeof("this")-1) == 0) {
    121. 

  121. 						zend_throw_error(NULL, "Cannot re-assign $this");
    122. 

  122. 						zval_ptr_dtor_nogc(val);
    123. 

  123. 						free_alloca(var_orig, use_heap);
    124. 

  124. 						return;
    125. 

  125. 					}
    126. 

  126. 				}
    127. 

  127. 				break;
    128. 

  128. 			}
    129. 

  129. 			ex = ex->prev_execute_data;
    130. 

  130. 		}
    131. 

  131. 	}
    132. 

  132. 

  133. 	/* GLOBALS hijack attempt, reject parameter */
    134. 

  134. 	if (symtable1 == &EG(symbol_table) &&
    135. 

  135. 		var_len == sizeof("GLOBALS")-1 &&
    136. 

  136. 		!memcmp(var, "GLOBALS", sizeof("GLOBALS")-1)) {
    137. 

  137. 		zval_ptr_dtor_nogc(val);
    138. 

  138. 		free_alloca(var_orig, use_heap);
    139. 

  139. 		return;
    140. 

  140. 	}
    141. 

  141. 

  142. 	index = var;
    143. 

  143. 	index_len = var_len;
    144. 

  144. 

  145. 	if (is_array) {
    146. 

  146. 		int nest_level = 0;
    147. 

  147. 		while (1) {
    148. 

  148. 			char *index_s;
    149. 

  149. 			size_t new_idx_len = 0;
    150. 

  150. 

  151. 			if(++nest_level > PG(max_input_nesting_level)) {
    152. 

  152. 				HashTable *ht;
    153. 

  153. 				/* too many levels of nesting */
    154. 

  154. 

  155. 				if (track_vars_array) {
    156. 

  156. 					ht = Z_ARRVAL_P(track_vars_array);
    157. 

  157. 					zend_symtable_str_del(ht, var, var_len);
    158. 

  158. 				}
    159. 

  159. 

  160. 				zval_ptr_dtor_nogc(val);
    161. 

  161. 

  162. 				/* do not output the error message to the screen,
    163. 

  163. 				 this helps us to to avoid "information disclosure" */
    164. 

  164. 				if (!PG(display_errors)) {
    165. 

  165. 					php_error_docref(NULL, E_WARNING, "Input variable nesting level exceeded " ZEND_LONG_FMT ". To increase the limit change max_input_nesting_level in php.ini.", PG(max_input_nesting_level));
    166. 

  166. 				}
    167. 

  167. 				free_alloca(var_orig, use_heap);
    168. 

  168. 				return;
    169. 

  169. 			}
    170. 

  170. 

  171. 			ip++;
    172. 

  172. 			index_s = ip;
    173. 

  173. 			if (isspace(*ip)) {
    174. 

  174. 				ip++;
    175. 

  175. 			}
    176. 

  176. 			if (*ip==']') {
    177. 

  177. 				index_s = NULL;
    178. 

  178. 			} else {
    179. 

  179. 				ip = strchr(ip, ']');
    180. 

  180. 				if (!ip) {
    181. 

  181. 					/* not an index; un-terminate the var name */
    182. 

  182. 					*(index_s - 1) = '_';
    183. 

  183. 					/* PHP variables cannot contain ' ', '.', '[' in their names, so we replace the characters with a '_' */
    184. 

  184. 					for (p = index_s; *p; p++) {
    185. 

  185. 						if (*p == ' ' || *p == '.' || *p == '[') {
    186. 

  186. 							*p = '_';
    187. 

  187. 						}
    188. 

  188. 					}
    189. 

  189. 

  190. 					index_len = 0;
    191. 

  191. 					if (index) {
    192. 

  192. 						index_len = strlen(index);
    193. 

  193. 					}
    194. 

  194. 					goto plain_var;
    195. 

  195. 					return;
    196. 

  196. 				}
    197. 

  197. 				*ip = 0;
    198. 

  198. 				new_idx_len = strlen(index_s);
    199. 

  199. 			}
    200. 

  200. 

  201. 			if (!index) {
    202. 

  202. 				array_init(&gpc_element);
    203. 

  203. 				if ((gpc_element_p = zend_hash_next_index_insert(symtable1, &gpc_element)) == NULL) {
    204. 

  204. 					zend_array_destroy(Z_ARR(gpc_element));
    205. 

  205. 					zval_ptr_dtor_nogc(val);
    206. 

  206. 					free_alloca(var_orig, use_heap);
    207. 

  207. 					return;
    208. 

  208. 				}
    209. 

  209. 			} else {
    210. 

  210. 				gpc_element_p = zend_symtable_str_find(symtable1, index, index_len);
    211. 

  211. 				if (!gpc_element_p) {
    212. 

  212. 					zval tmp;
    213. 

  213. 					array_init(&tmp);
    214. 

  214. 					gpc_element_p = zend_symtable_str_update_ind(symtable1, index, index_len, &tmp);
    215. 

  215. 				} else {
    216. 

  216. 					if (Z_TYPE_P(gpc_element_p) == IS_INDIRECT) {
    217. 

  217. 						gpc_element_p = Z_INDIRECT_P(gpc_element_p);
    218. 

  218. 					}
    219. 

  219. 					if (Z_TYPE_P(gpc_element_p) != IS_ARRAY) {
    220. 

  220. 						zval_ptr_dtor_nogc(gpc_element_p);
    221. 

  221. 						array_init(gpc_element_p);
    222. 

  222. 					} else {
    223. 

  223. 						SEPARATE_ARRAY(gpc_element_p);
    224. 

  224. 					}
    225. 

  225. 				}
    226. 

  226. 			}
    227. 

  227. 			symtable1 = Z_ARRVAL_P(gpc_element_p);
    228. 

  228. 			/* ip pointed to the '[' character, now obtain the key */
    229. 

  229. 			index = index_s;
    230. 

  230. 			index_len = new_idx_len;
    231. 

  231. 

  232. 			ip++;
    233. 

  233. 			if (*ip == '[') {
    234. 

  234. 				is_array = 1;
    235. 

  235. 				*ip = 0;
    236. 

  236. 			} else {
    237. 

  237. 				goto plain_var;
    238. 

  238. 			}
    239. 

  239. 		}
    240. 

  240. 	} else {
    241. 

  241. plain_var:
    242. 

  242. 		if (!index) {
    243. 

  243. 			if (zend_hash_next_index_insert(symtable1, val) == NULL) {
    244. 

  244. 				zval_ptr_dtor_nogc(val);
    245. 

  245. 			}
    246. 

  246. 		} else {
    247. 

  247. 			zend_ulong idx;
    248. 

  248. 

  249. 			/*
    250. 

  250. 			 * According to rfc2965, more specific paths are listed above the less specific ones.
    251. 

  251. 			 * If we encounter a duplicate cookie name, we should skip it, since it is not possible
    252. 

  252. 			 * to have the same (plain text) cookie name for the same path and we should not overwrite
    253. 

  253. 			 * more specific cookies with the less specific ones.
    254. 

  254. 			 */
    255. 

  255. 			if (Z_TYPE(PG(http_globals)[TRACK_VARS_COOKIE]) != IS_UNDEF &&
    256. 

  256. 				symtable1 == Z_ARRVAL(PG(http_globals)[TRACK_VARS_COOKIE]) &&
    257. 

  257. 				zend_symtable_str_exists(symtable1, index, index_len)) {
    258. 

  258. 				zval_ptr_dtor_nogc(val);
    259. 

  259. 			} else if (ZEND_HANDLE_NUMERIC_STR(index, index_len, idx)) {
    260. 

  260. 				zend_hash_index_update(symtable1, idx, val);
    261. 

  261. 			} else {
    262. 

  262. 				php_register_variable_quick(index, index_len, val, symtable1);
    263. 

  263. 			}
    264. 

  264. 		}
    265. 

  265. 	}
    266. 

  266. 	free_alloca(var_orig, use_heap);
    267. 

  267. }
    268. 

  268. 

  269. typedef struct post_var_data {
    270. 

  270. 	smart_str str;
    271. 

  271. 	char *ptr;
    272. 

  272. 	char *end;
    273. 

  273. 	uint64_t cnt;
    274. 

  274. 

  275. 	/* Bytes in ptr that have already been scanned for '&' */
    276. 

  276. 	size_t already_scanned;
    277. 

  277. } post_var_data_t;
    278. 

  278. 

  279. static bool add_post_var(zval *arr, post_var_data_t *var, bool eof)
    280. 

  280. {
    281. 

  281. 	char *start, *ksep, *vsep, *val;
    282. 

  282. 	size_t klen, vlen;
    283. 

  283. 	size_t new_vlen;
    284. 

  284. 

  285. 	if (var->ptr >= var->end) {
    286. 

  286. 		return 0;
    287. 

  287. 	}
    288. 

  288. 

  289. 	start = var->ptr + var->already_scanned;
    290. 

  290. 	vsep = memchr(start, '&', var->end - start);
    291. 

  291. 	if (!vsep) {
    292. 

  292. 		if (!eof) {
    293. 

  293. 			var->already_scanned = var->end - var->ptr;
    294. 

  294. 			return 0;
    295. 

  295. 		} else {
    296. 

  296. 			vsep = var->end;
    297. 

  297. 		}
    298. 

  298. 	}
    299. 

  299. 

  300. 	ksep = memchr(var->ptr, '=', vsep - var->ptr);
    301. 

  301. 	if (ksep) {
    302. 

  302. 		*ksep = '\0';
    303. 

  303. 		/* "foo=bar&" or "foo=&" */
    304. 

  304. 		klen = ksep - var->ptr;
    305. 

  305. 		vlen = vsep - ++ksep;
    306. 

  306. 	} else {
    307. 

  307. 		ksep = "";
    308. 

  308. 		/* "foo&" */
    309. 

  309. 		klen = vsep - var->ptr;
    310. 

  310. 		vlen = 0;
    311. 

  311. 	}
    312. 

  312. 

  313. 	php_url_decode(var->ptr, klen);
    314. 

  314. 

  315. 	val = estrndup(ksep, vlen);
    316. 

  316. 	if (vlen) {
    317. 

  317. 		vlen = php_url_decode(val, vlen);
    318. 

  318. 	}
    319. 

  319. 

  320. 	if (sapi_module.input_filter(PARSE_POST, var->ptr, &val, vlen, &new_vlen)) {
    321. 

  321. 		php_register_variable_safe(var->ptr, val, new_vlen, arr);
    322. 

  322. 	}
    323. 

  323. 	efree(val);
    324. 

  324. 

  325. 	var->ptr = vsep + (vsep != var->end);
    326. 

  326. 	var->already_scanned = 0;
    327. 

  327. 	return 1;
    328. 

  328. }
    329. 

  329. 

  330. static inline int add_post_vars(zval *arr, post_var_data_t *vars, bool eof)
    331. 

  331. {
    332. 

  332. 	uint64_t max_vars = PG(max_input_vars);
    333. 

  333. 

  334. 	vars->ptr = ZSTR_VAL(vars->str.s);
    335. 

  335. 	vars->end = ZSTR_VAL(vars->str.s) + ZSTR_LEN(vars->str.s);
    336. 

  336. 	while (add_post_var(arr, vars, eof)) {
    337. 

  337. 		if (++vars->cnt > max_vars) {
    338. 

  338. 			php_error_docref(NULL, E_WARNING,
    339. 

  339. 					"Input variables exceeded %" PRIu64 ". "
    340. 

  340. 					"To increase the limit change max_input_vars in php.ini.",
    341. 

  341. 					max_vars);
    342. 

  342. 			return FAILURE;
    343. 

  343. 		}
    344. 

  344. 	}
    345. 

  345. 

  346. 	if (!eof && ZSTR_VAL(vars->str.s) != vars->ptr) {
    347. 

  347. 		memmove(ZSTR_VAL(vars->str.s), vars->ptr, ZSTR_LEN(vars->str.s) = vars->end - vars->ptr);
    348. 

  348. 	}
    349. 

  349. 	return SUCCESS;
    350. 

  350. }
    351. 

  351. 

  352. #ifdef PHP_WIN32
    353. 

  353. #define SAPI_POST_HANDLER_BUFSIZ 16384
    354. 

  354. #else
    355. 

  355. # define SAPI_POST_HANDLER_BUFSIZ BUFSIZ
    356. 

  356. #endif
    357. 

  357. SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
    358. 

  358. {
    359. 

  359. 	zval *arr = (zval *) arg;
    360. 

  360. 	php_stream *s = SG(request_info).request_body;
    361. 

  361. 	post_var_data_t post_data;
    362. 

  362. 

  363. 	if (s && SUCCESS == php_stream_rewind(s)) {
    364. 

  364. 		memset(&post_data, 0, sizeof(post_data));
    365. 

  365. 

  366. 		while (!php_stream_eof(s)) {
    367. 

  367. 			char buf[SAPI_POST_HANDLER_BUFSIZ] = {0};
    368. 

  368. 			ssize_t len = php_stream_read(s, buf, SAPI_POST_HANDLER_BUFSIZ);
    369. 

  369. 

  370. 			if (len > 0) {
    371. 

  371. 				smart_str_appendl(&post_data.str, buf, len);
    372. 

  372. 

  373. 				if (SUCCESS != add_post_vars(arr, &post_data, 0)) {
    374. 

  374. 					smart_str_free(&post_data.str);
    375. 

  375. 					return;
    376. 

  376. 				}
    377. 

  377. 			}
    378. 

  378. 

  379. 			if (len != SAPI_POST_HANDLER_BUFSIZ){
    380. 

  380. 				break;
    381. 

  381. 			}
    382. 

  382. 		}
    383. 

  383. 

  384. 		if (post_data.str.s) {
    385. 

  385. 			add_post_vars(arr, &post_data, 1);
    386. 

  386. 			smart_str_free(&post_data.str);
    387. 

  387. 		}
    388. 

  388. 	}
    389. 

  389. }
    390. 

  390. #undef SAPI_POST_HANDLER_BUFSIZ
    391. 

  391. 

  392. SAPI_API SAPI_INPUT_FILTER_FUNC(php_default_input_filter)
    393. 

  393. {
    394. 

  394. 	/* TODO: check .ini setting here and apply user-defined input filter */
    395. 

  395. 	if(new_val_len) *new_val_len = val_len;
    396. 

  396. 	return 1;
    397. 

  397. }
    398. 

  398. 

  399. SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
    400. 

  400. {
    401. 

  401. 	char *res = NULL, *var, *val, *separator = NULL;
    402. 

  402. 	const char *c_var;
    403. 

  403. 	zval array;
    404. 

  404. 	int free_buffer = 0;
    405. 

  405. 	char *strtok_buf = NULL;
    406. 

  406. 	zend_long count = 0;
    407. 

  407. 

  408. 	ZVAL_UNDEF(&array);
    409. 

  409. 	switch (arg) {
    410. 

  410. 		case PARSE_POST:
    411. 

  411. 		case PARSE_GET:
    412. 

  412. 		case PARSE_COOKIE:
    413. 

  413. 			array_init(&array);
    414. 

  414. 			switch (arg) {
    415. 

  415. 				case PARSE_POST:
    416. 

  416. 					zval_ptr_dtor_nogc(&PG(http_globals)[TRACK_VARS_POST]);
    417. 

  417. 					ZVAL_COPY_VALUE(&PG(http_globals)[TRACK_VARS_POST], &array);
    418. 

  418. 					break;
    419. 

  419. 				case PARSE_GET:
    420. 

  420. 					zval_ptr_dtor_nogc(&PG(http_globals)[TRACK_VARS_GET]);
    421. 

  421. 					ZVAL_COPY_VALUE(&PG(http_globals)[TRACK_VARS_GET], &array);
    422. 

  422. 					break;
    423. 

  423. 				case PARSE_COOKIE:
    424. 

  424. 					zval_ptr_dtor_nogc(&PG(http_globals)[TRACK_VARS_COOKIE]);
    425. 

  425. 					ZVAL_COPY_VALUE(&PG(http_globals)[TRACK_VARS_COOKIE], &array);
    426. 

  426. 					break;
    427. 

  427. 			}
    428. 

  428. 			break;
    429. 

  429. 		default:
    430. 

  430. 			ZVAL_COPY_VALUE(&array, destArray);
    431. 

  431. 			break;
    432. 

  432. 	}
    433. 

  433. 

  434. 	if (arg == PARSE_POST) {
    435. 

  435. 		sapi_handle_post(&array);
    436. 

  436. 		return;
    437. 

  437. 	}
    438. 

  438. 

  439. 	if (arg == PARSE_GET) {		/* GET data */
    440. 

  440. 		c_var = SG(request_info).query_string;
    441. 

  441. 		if (c_var && *c_var) {
    442. 

  442. 			res = (char *) estrdup(c_var);
    443. 

  443. 			free_buffer = 1;
    444. 

  444. 		} else {
    445. 

  445. 			free_buffer = 0;
    446. 

  446. 		}
    447. 

  447. 	} else if (arg == PARSE_COOKIE) {		/* Cookie data */
    448. 

  448. 		c_var = SG(request_info).cookie_data;
    449. 

  449. 		if (c_var && *c_var) {
    450. 

  450. 			res = (char *) estrdup(c_var);
    451. 

  451. 			free_buffer = 1;
    452. 

  452. 		} else {
    453. 

  453. 			free_buffer = 0;
    454. 

  454. 		}
    455. 

  455. 	} else if (arg == PARSE_STRING) {		/* String data */
    456. 

  456. 		res = str;
    457. 

  457. 		free_buffer = 1;
    458. 

  458. 	}
    459. 

  459. 

  460. 	if (!res) {
    461. 

  461. 		return;
    462. 

  462. 	}
    463. 

  463. 

  464. 	switch (arg) {
    465. 

  465. 		case PARSE_GET:
    466. 

  466. 		case PARSE_STRING:
    467. 

  467. 			separator = PG(arg_separator).input;
    468. 

  468. 			break;
    469. 

  469. 		case PARSE_COOKIE:
    470. 

  470. 			separator = ";\0";
    471. 

  471. 			break;
    472. 

  472. 	}
    473. 

  473. 

  474. 	var = php_strtok_r(res, separator, &strtok_buf);
    475. 

  475. 

  476. 	while (var) {
    477. 

  477. 		size_t val_len;
    478. 

  478. 		size_t new_val_len;
    479. 

  479. 

  480. 		val = strchr(var, '=');
    481. 

  481. 

  482. 		if (arg == PARSE_COOKIE) {
    483. 

  483. 			/* Remove leading spaces from cookie names, needed for multi-cookie header where ; can be followed by a space */
    484. 

  484. 			while (isspace(*var)) {
    485. 

  485. 				var++;
    486. 

  486. 			}
    487. 

  487. 			if (var == val || *var == '\0') {
    488. 

  488. 				goto next_cookie;
    489. 

  489. 			}
    490. 

  490. 		}
    491. 

  491. 

  492. 		if (++count > PG(max_input_vars)) {
    493. 

  493. 			php_error_docref(NULL, E_WARNING, "Input variables exceeded " ZEND_LONG_FMT ". To increase the limit change max_input_vars in php.ini.", PG(max_input_vars));
    494. 

  494. 			break;
    495. 

  495. 		}
    496. 

  496. 

  497. 		if (val) { /* have a value */
    498. 

  498. 

  499. 			*val++ = '\0';
    500. 

  500. 

  501. 			if (arg == PARSE_COOKIE) {
    502. 

  502. 				val_len = php_raw_url_decode(val, strlen(val));
    503. 

  503. 			} else {
    504. 

  504. 				val_len = php_url_decode(val, strlen(val));
    505. 

  505. 			}
    506. 

  506. 		} else {
    507. 

  507. 			val     = "";
    508. 

  508. 			val_len =  0;
    509. 

  509. 		}
    510. 

  510. 

  511. 		val = estrndup(val, val_len);
    512. 

  512. 		if (arg != PARSE_COOKIE) {
    513. 

  513. 			php_url_decode(var, strlen(var));
    514. 

  514. 		}
    515. 

  515. 		if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) {
    516. 

  516. 			php_register_variable_safe(var, val, new_val_len, &array);
    517. 

  517. 		}
    518. 

  518. 		efree(val);
    519. 

  519. next_cookie:
    520. 

  520. 		var = php_strtok_r(NULL, separator, &strtok_buf);
    521. 

  521. 	}
    522. 

  522. 

  523. 	if (free_buffer) {
    524. 

  524. 		efree(res);
    525. 

  525. 	}
    526. 

  526. }
    527. 

  527. 

  528. static zend_always_inline int valid_environment_name(const char *name, const char *end)
    529. 

  529. {
    530. 

  530. 	const char *s;
    531. 

  531. 

  532. 	for (s = name; s < end; s++) {
    533. 

  533. 		if (*s == ' ' || *s == '.' || *s == '[') {
    534. 

  534. 			return 0;
    535. 

  535. 		}
    536. 

  536. 	}
    537. 

  537. 	return 1;
    538. 

  538. }
    539. 

  539. 

  540. static zend_always_inline void import_environment_variable(HashTable *ht, char *env)
    541. 

  541. {
    542. 

  542. 	char *p;
    543. 

  543. 	size_t name_len, len;
    544. 

  544. 	zval val;
    545. 

  545. 	zend_ulong idx;
    546. 

  546. 

  547. 	p = strchr(env, '=');
    548. 

  548. 	if (!p
    549. 

  549. 		|| p == env
    550. 

  550. 		|| !valid_environment_name(env, p)) {
    551. 

  551. 		/* malformed entry? */
    552. 

  552. 		return;
    553. 

  553. 	}
    554. 

  554. 	name_len = p - env;
    555. 

  555. 	p++;
    556. 

  556. 	len = strlen(p);
    557. 

  557. 	ZVAL_STRINGL_FAST(&val, p, len);
    558. 

  558. 	if (ZEND_HANDLE_NUMERIC_STR(env, name_len, idx)) {
    559. 

  559. 		zend_hash_index_update(ht, idx, &val);
    560. 

  560. 	} else {
    561. 

  561. 		php_register_variable_quick(env, name_len, &val, ht);
    562. 

  562. 	}
    563. 

  563. }
    564. 

  564. 

  565. void _php_import_environment_variables(zval *array_ptr)
    566. 

  566. {
    567. 

  567. 	tsrm_env_lock();
    568. 

  568. 

  569. #ifndef PHP_WIN32
    570. 

  570. 	for (char **env = environ; env != NULL && *env != NULL; env++) {
    571. 

  571. 		import_environment_variable(Z_ARRVAL_P(array_ptr), *env);
    572. 

  572. 	}
    573. 

  573. #else
    574. 

  574. 	char *environment = GetEnvironmentStringsA();
    575. 

  575. 	for (char *env = environment; env != NULL && *env; env += strlen(env) + 1) {
    576. 

  576. 		import_environment_variable(Z_ARRVAL_P(array_ptr), env);
    577. 

  577. 	}
    578. 

  578. 	FreeEnvironmentStringsA(environment);
    579. 

  579. #endif
    580. 

  580. 

  581. 	tsrm_env_unlock();
    582. 

  582. }
    583. 

  583. 

  584. bool php_std_auto_global_callback(char *name, uint32_t name_len)
    585. 

  585. {
    586. 

  586. 	zend_printf("%s\n", name);
    587. 

  587. 	return 0; /* don't rearm */
    588. 

  588. }
    589. 

  589. 

  590. /* {{{ php_build_argv */
    591. 

  591. PHPAPI void php_build_argv(const char *s, zval *track_vars_array)
    592. 

  592. {
    593. 

  593. 	zval arr, argc, tmp;
    594. 

  594. 	int count = 0;
    595. 

  595. 

  596. 	if (!(SG(request_info).argc || track_vars_array)) {
    597. 

  597. 		return;
    598. 

  598. 	}
    599. 

  599. 

  600. 	array_init(&arr);
    601. 

  601. 

  602. 	/* Prepare argv */
    603. 

  603. 	if (SG(request_info).argc) { /* are we in cli sapi? */
    604. 

  604. 		int i;
    605. 

  605. 		for (i = 0; i < SG(request_info).argc; i++) {
    606. 

  606. 			ZVAL_STRING(&tmp, SG(request_info).argv[i]);
    607. 

  607. 			if (zend_hash_next_index_insert(Z_ARRVAL(arr), &tmp) == NULL) {
    608. 

  608. 				zend_string_efree(Z_STR(tmp));
    609. 

  609. 			}
    610. 

  610. 		}
    611. 

  611. 	} else 	if (s && *s) {
    612. 

  612. 		while (1) {
    613. 

  613. 			const char *space = strchr(s, '+');
    614. 

  614. 			/* auto-type */
    615. 

  615. 			ZVAL_STRINGL(&tmp, s, space ? space - s : strlen(s));
    616. 

  616. 			count++;
    617. 

  617. 			if (zend_hash_next_index_insert(Z_ARRVAL(arr), &tmp) == NULL) {
    618. 

  618. 				zend_string_efree(Z_STR(tmp));
    619. 

  619. 			}
    620. 

  620. 			if (!space) {
    621. 

  621. 				break;
    622. 

  622. 			}
    623. 

  623. 			s = space + 1;
    624. 

  624. 		}
    625. 

  625. 	}
    626. 

  626. 

  627. 	/* prepare argc */
    628. 

  628. 	if (SG(request_info).argc) {
    629. 

  629. 		ZVAL_LONG(&argc, SG(request_info).argc);
    630. 

  630. 	} else {
    631. 

  631. 		ZVAL_LONG(&argc, count);
    632. 

  632. 	}
    633. 

  633. 

  634. 	if (SG(request_info).argc) {
    635. 

  635. 		Z_ADDREF(arr);
    636. 

  636. 		zend_hash_update(&EG(symbol_table), ZSTR_KNOWN(ZEND_STR_ARGV), &arr);
    637. 

  637. 		zend_hash_update(&EG(symbol_table), ZSTR_KNOWN(ZEND_STR_ARGC), &argc);
    638. 

  638. 	}
    639. 

  639. 	if (track_vars_array && Z_TYPE_P(track_vars_array) == IS_ARRAY) {
    640. 

  640. 		Z_ADDREF(arr);
    641. 

  641. 		zend_hash_update(Z_ARRVAL_P(track_vars_array), ZSTR_KNOWN(ZEND_STR_ARGV), &arr);
    642. 

  642. 		zend_hash_update(Z_ARRVAL_P(track_vars_array), ZSTR_KNOWN(ZEND_STR_ARGC), &argc);
    643. 

  643. 	}
    644. 

  644. 	zval_ptr_dtor_nogc(&arr);
    645. 

  645. }
    646. 

  646. /* }}} */
    647. 

  647. 

  648. /* {{{ php_register_server_variables */
    649. 

  649. static inline void php_register_server_variables(void)
    650. 

  650. {
    651. 

  651. 	zval tmp;
    652. 

  652. 	zval *arr = &PG(http_globals)[TRACK_VARS_SERVER];
    653. 

  653. 	HashTable *ht;
    654. 

  654. 

  655. 	zval_ptr_dtor_nogc(arr);
    656. 

  656. 	array_init(arr);
    657. 

  657. 

  658. 	/* Server variables */
    659. 

  659. 	if (sapi_module.register_server_variables) {
    660. 

  660. 		sapi_module.register_server_variables(arr);
    661. 

  661. 	}
    662. 

  662. 	ht = Z_ARRVAL_P(arr);
    663. 

  663. 

  664. 	/* PHP Authentication support */
    665. 

  665. 	if (SG(request_info).auth_user) {
    666. 

  666. 		ZVAL_STRING(&tmp, SG(request_info).auth_user);
    667. 

  667. 		php_register_variable_quick("PHP_AUTH_USER", sizeof("PHP_AUTH_USER")-1, &tmp, ht);
    668. 

  668. 	}
    669. 

  669. 	if (SG(request_info).auth_password) {
    670. 

  670. 		ZVAL_STRING(&tmp, SG(request_info).auth_password);
    671. 

  671. 		php_register_variable_quick("PHP_AUTH_PW", sizeof("PHP_AUTH_PW")-1, &tmp, ht);
    672. 

  672. 	}
    673. 

  673. 	if (SG(request_info).auth_digest) {
    674. 

  674. 		ZVAL_STRING(&tmp, SG(request_info).auth_digest);
    675. 

  675. 		php_register_variable_quick("PHP_AUTH_DIGEST", sizeof("PHP_AUTH_DIGEST")-1, &tmp, ht);
    676. 

  676. 	}
    677. 

  677. 

  678. 	/* store request init time */
    679. 

  679. 	ZVAL_DOUBLE(&tmp, sapi_get_request_time());
    680. 

  680. 	php_register_variable_quick("REQUEST_TIME_FLOAT", sizeof("REQUEST_TIME_FLOAT")-1, &tmp, ht);
    681. 

  681. 	ZVAL_LONG(&tmp, zend_dval_to_lval(Z_DVAL(tmp)));
    682. 

  682. 	php_register_variable_quick("REQUEST_TIME", sizeof("REQUEST_TIME")-1, &tmp, ht);
    683. 

  683. }
    684. 

  684. /* }}} */
    685. 

  685. 

  686. /* {{{ php_autoglobal_merge */
    687. 

  687. static void php_autoglobal_merge(HashTable *dest, HashTable *src)
    688. 

  688. {
    689. 

  689. 	zval *src_entry, *dest_entry;
    690. 

  690. 	zend_string *string_key;
    691. 

  691. 	zend_ulong num_key;
    692. 

  692. 	int globals_check = (dest == (&EG(symbol_table)));
    693. 

  693. 

  694. 	ZEND_HASH_FOREACH_KEY_VAL(src, num_key, string_key, src_entry) {
    695. 

  695. 		if (Z_TYPE_P(src_entry) != IS_ARRAY
    696. 

  696. 			|| (string_key && (dest_entry = zend_hash_find(dest, string_key)) == NULL)
    697. 

  697. 			|| (string_key == NULL && (dest_entry = zend_hash_index_find(dest, num_key)) == NULL)
    698. 

  698. 			|| Z_TYPE_P(dest_entry) != IS_ARRAY) {
    699. 

  699. 			Z_TRY_ADDREF_P(src_entry);
    700. 

  700. 			if (string_key) {
    701. 

  701. 				if (!globals_check || ZSTR_LEN(string_key) != sizeof("GLOBALS") - 1
    702. 

  702. 						|| memcmp(ZSTR_VAL(string_key), "GLOBALS", sizeof("GLOBALS") - 1)) {
    703. 

  703. 					zend_hash_update(dest, string_key, src_entry);
    704. 

  704. 				} else {
    705. 

  705. 					Z_TRY_DELREF_P(src_entry);
    706. 

  706. 				}
    707. 

  707. 			} else {
    708. 

  708. 				zend_hash_index_update(dest, num_key, src_entry);
    709. 

  709. 			}
    710. 

  710. 		} else {
    711. 

  711. 			SEPARATE_ARRAY(dest_entry);
    712. 

  712. 			php_autoglobal_merge(Z_ARRVAL_P(dest_entry), Z_ARRVAL_P(src_entry));
    713. 

  713. 		}
    714. 

  714. 	} ZEND_HASH_FOREACH_END();
    715. 

  715. }
    716. 

  716. /* }}} */
    717. 

  717. 

  718. /* {{{ php_hash_environment */
    719. 

  719. PHPAPI int php_hash_environment(void)
    720. 

  720. {
    721. 

  721. 	memset(PG(http_globals), 0, sizeof(PG(http_globals)));
    722. 

  722. 	zend_activate_auto_globals();
    723. 

  723. 	if (PG(register_argc_argv)) {
    724. 

  724. 		php_build_argv(SG(request_info).query_string, &PG(http_globals)[TRACK_VARS_SERVER]);
    725. 

  725. 	}
    726. 

  726. 	return SUCCESS;
    727. 

  727. }
    728. 

  728. /* }}} */
    729. 

  729. 

  730. static bool php_auto_globals_create_get(zend_string *name)
    731. 

  731. {
    732. 

  732. 	if (PG(variables_order) && (strchr(PG(variables_order),'G') || strchr(PG(variables_order),'g'))) {
    733. 

  733. 		sapi_module.treat_data(PARSE_GET, NULL, NULL);
    734. 

  734. 	} else {
    735. 

  735. 		zval_ptr_dtor_nogc(&PG(http_globals)[TRACK_VARS_GET]);
    736. 

  736. 		array_init(&PG(http_globals)[TRACK_VARS_GET]);
    737. 

  737. 	}
    738. 

  738. 

  739. 	zend_hash_update(&EG(symbol_table), name, &PG(http_globals)[TRACK_VARS_GET]);
    740. 

  740. 	Z_ADDREF(PG(http_globals)[TRACK_VARS_GET]);
    741. 

  741. 

  742. 	return 0; /* don't rearm */
    743. 

  743. }
    744. 

  744. 

  745. static bool php_auto_globals_create_post(zend_string *name)
    746. 

  746. {
    747. 

  747. 	if (PG(variables_order) &&
    748. 

  748. 			(strchr(PG(variables_order),'P') || strchr(PG(variables_order),'p')) &&
    749. 

  749. 		!SG(headers_sent) &&
    750. 

  750. 		SG(request_info).request_method &&
    751. 

  751. 		!strcasecmp(SG(request_info).request_method, "POST")) {
    752. 

  752. 		sapi_module.treat_data(PARSE_POST, NULL, NULL);
    753. 

  753. 	} else {
    754. 

  754. 		zval_ptr_dtor_nogc(&PG(http_globals)[TRACK_VARS_POST]);
    755. 

  755. 		array_init(&PG(http_globals)[TRACK_VARS_POST]);
    756. 

  756. 	}
    757. 

  757. 

  758. 	zend_hash_update(&EG(symbol_table), name, &PG(http_globals)[TRACK_VARS_POST]);
    759. 

  759. 	Z_ADDREF(PG(http_globals)[TRACK_VARS_POST]);
    760. 

  760. 

  761. 	return 0; /* don't rearm */
    762. 

  762. }
    763. 

  763. 

  764. static bool php_auto_globals_create_cookie(zend_string *name)
    765. 

  765. {
    766. 

  766. 	if (PG(variables_order) && (strchr(PG(variables_order),'C') || strchr(PG(variables_order),'c'))) {
    767. 

  767. 		sapi_module.treat_data(PARSE_COOKIE, NULL, NULL);
    768. 

  768. 	} else {
    769. 

  769. 		zval_ptr_dtor_nogc(&PG(http_globals)[TRACK_VARS_COOKIE]);
    770. 

  770. 		array_init(&PG(http_globals)[TRACK_VARS_COOKIE]);
    771. 

  771. 	}
    772. 

  772. 

  773. 	zend_hash_update(&EG(symbol_table), name, &PG(http_globals)[TRACK_VARS_COOKIE]);
    774. 

  774. 	Z_ADDREF(PG(http_globals)[TRACK_VARS_COOKIE]);
    775. 

  775. 

  776. 	return 0; /* don't rearm */
    777. 

  777. }
    778. 

  778. 

  779. static bool php_auto_globals_create_files(zend_string *name)
    780. 

  780. {
    781. 

  781. 	if (Z_TYPE(PG(http_globals)[TRACK_VARS_FILES]) == IS_UNDEF) {
    782. 

  782. 		array_init(&PG(http_globals)[TRACK_VARS_FILES]);
    783. 

  783. 	}
    784. 

  784. 

  785. 	zend_hash_update(&EG(symbol_table), name, &PG(http_globals)[TRACK_VARS_FILES]);
    786. 

  786. 	Z_ADDREF(PG(http_globals)[TRACK_VARS_FILES]);
    787. 

  787. 

  788. 	return 0; /* don't rearm */
    789. 

  789. }
    790. 

  790. 

  791. /* Ugly hack to fix HTTP_PROXY issue, see bug #72573 */
    792. 

  792. static void check_http_proxy(HashTable *var_table)
    793. 

  793. {
    794. 

  794. 	if (zend_hash_str_exists(var_table, "HTTP_PROXY", sizeof("HTTP_PROXY")-1)) {
    795. 

  795. 		char *local_proxy = getenv("HTTP_PROXY");
    796. 

  796. 

  797. 		if (!local_proxy) {
    798. 

  798. 			zend_hash_str_del(var_table, "HTTP_PROXY", sizeof("HTTP_PROXY")-1);
    799. 

  799. 		} else {
    800. 

  800. 			zval local_zval;
    801. 

  801. 			ZVAL_STRING(&local_zval, local_proxy);
    802. 

  802. 			zend_hash_str_update(var_table, "HTTP_PROXY", sizeof("HTTP_PROXY")-1, &local_zval);
    803. 

  803. 		}
    804. 

  804. 	}
    805. 

  805. }
    806. 

  806. 

  807. static bool php_auto_globals_create_server(zend_string *name)
    808. 

  808. {
    809. 

  809. 	if (PG(variables_order) && (strchr(PG(variables_order),'S') || strchr(PG(variables_order),'s'))) {
    810. 

  810. 		php_register_server_variables();
    811. 

  811. 

  812. 		if (PG(register_argc_argv)) {
    813. 

  813. 			if (SG(request_info).argc) {
    814. 

  814. 				zval *argc, *argv;
    815. 

  815. 

  816. 				if ((argc = zend_hash_find_ex_ind(&EG(symbol_table), ZSTR_KNOWN(ZEND_STR_ARGC), 1)) != NULL &&
    817. 

  817. 					(argv = zend_hash_find_ex_ind(&EG(symbol_table), ZSTR_KNOWN(ZEND_STR_ARGV), 1)) != NULL) {
    818. 

  818. 					Z_ADDREF_P(argv);
    819. 

  819. 					zend_hash_update(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]), ZSTR_KNOWN(ZEND_STR_ARGV), argv);
    820. 

  820. 					zend_hash_update(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]), ZSTR_KNOWN(ZEND_STR_ARGC), argc);
    821. 

  821. 				}
    822. 

  822. 			} else {
    823. 

  823. 				php_build_argv(SG(request_info).query_string, &PG(http_globals)[TRACK_VARS_SERVER]);
    824. 

  824. 			}
    825. 

  825. 		}
    826. 

  826. 

  827. 	} else {
    828. 

  828. 		zval_ptr_dtor_nogc(&PG(http_globals)[TRACK_VARS_SERVER]);
    829. 

  829. 		array_init(&PG(http_globals)[TRACK_VARS_SERVER]);
    830. 

  830. 	}
    831. 

  831. 

  832. 	check_http_proxy(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]));
    833. 

  833. 	zend_hash_update(&EG(symbol_table), name, &PG(http_globals)[TRACK_VARS_SERVER]);
    834. 

  834. 	Z_ADDREF(PG(http_globals)[TRACK_VARS_SERVER]);
    835. 

  835. 

  836. 	/* TODO: TRACK_VARS_SERVER is modified in a number of places (e.g. phar) past this point,
    837. 

  837. 	 * where rc>1 due to the $_SERVER global. Ideally this shouldn't happen, but for now we
    838. 

  838. 	 * ignore this issue, as it would probably require larger changes. */
    839. 

  839. 	HT_ALLOW_COW_VIOLATION(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]));
    840. 

  840. 

  841. 	return 0; /* don't rearm */
    842. 

  842. }
    843. 

  843. 

  844. static bool php_auto_globals_create_env(zend_string *name)
    845. 

  845. {
    846. 

  846. 	zval_ptr_dtor_nogc(&PG(http_globals)[TRACK_VARS_ENV]);
    847. 

  847. 	array_init(&PG(http_globals)[TRACK_VARS_ENV]);
    848. 

  848. 

  849. 	if (PG(variables_order) && (strchr(PG(variables_order),'E') || strchr(PG(variables_order),'e'))) {
    850. 

  850. 		php_import_environment_variables(&PG(http_globals)[TRACK_VARS_ENV]);
    851. 

  851. 	}
    852. 

  852. 

  853. 	check_http_proxy(Z_ARRVAL(PG(http_globals)[TRACK_VARS_ENV]));
    854. 

  854. 	zend_hash_update(&EG(symbol_table), name, &PG(http_globals)[TRACK_VARS_ENV]);
    855. 

  855. 	Z_ADDREF(PG(http_globals)[TRACK_VARS_ENV]);
    856. 

  856. 

  857. 	return 0; /* don't rearm */
    858. 

  858. }
    859. 

  859. 

  860. static bool php_auto_globals_create_request(zend_string *name)
    861. 

  861. {
    862. 

  862. 	zval form_variables;
    863. 

  863. 	unsigned char _gpc_flags[3] = {0, 0, 0};
    864. 

  864. 	char *p;
    865. 

  865. 

  866. 	array_init(&form_variables);
    867. 

  867. 

  868. 	if (PG(request_order) != NULL) {
    869. 

  869. 		p = PG(request_order);
    870. 

  870. 	} else {
    871. 

  871. 		p = PG(variables_order);
    872. 

  872. 	}
    873. 

  873. 

  874. 	for (; p && *p; p++) {
    875. 

  875. 		switch (*p) {
    876. 

  876. 			case 'g':
    877. 

  877. 			case 'G':
    878. 

  878. 				if (!_gpc_flags[0]) {
    879. 

  879. 					php_autoglobal_merge(Z_ARRVAL(form_variables), Z_ARRVAL(PG(http_globals)[TRACK_VARS_GET]));
    880. 

  880. 					_gpc_flags[0] = 1;
    881. 

  881. 				}
    882. 

  882. 				break;
    883. 

  883. 			case 'p':
    884. 

  884. 			case 'P':
    885. 

  885. 				if (!_gpc_flags[1]) {
    886. 

  886. 					php_autoglobal_merge(Z_ARRVAL(form_variables), Z_ARRVAL(PG(http_globals)[TRACK_VARS_POST]));
    887. 

  887. 					_gpc_flags[1] = 1;
    888. 

  888. 				}
    889. 

  889. 				break;
    890. 

  890. 			case 'c':
    891. 

  891. 			case 'C':
    892. 

  892. 				if (!_gpc_flags[2]) {
    893. 

  893. 					php_autoglobal_merge(Z_ARRVAL(form_variables), Z_ARRVAL(PG(http_globals)[TRACK_VARS_COOKIE]));
    894. 

  894. 					_gpc_flags[2] = 1;
    895. 

  895. 				}
    896. 

  896. 				break;
    897. 

  897. 		}
    898. 

  898. 	}
    899. 

  899. 

  900. 	zend_hash_update(&EG(symbol_table), name, &form_variables);
    901. 

  901. 	return 0;
    902. 

  902. }
    903. 

  903. 

  904. void php_startup_auto_globals(void)
    905. 

  905. {
    906. 

  906. 	zend_register_auto_global(zend_string_init_interned("_GET", sizeof("_GET")-1, 1), 0, php_auto_globals_create_get);
    907. 

  907. 	zend_register_auto_global(zend_string_init_interned("_POST", sizeof("_POST")-1, 1), 0, php_auto_globals_create_post);
    908. 

  908. 	zend_register_auto_global(zend_string_init_interned("_COOKIE", sizeof("_COOKIE")-1, 1), 0, php_auto_globals_create_cookie);
    909. 

  909. 	zend_register_auto_global(ZSTR_KNOWN(ZEND_STR_AUTOGLOBAL_SERVER), PG(auto_globals_jit), php_auto_globals_create_server);
    910. 

  910. 	zend_register_auto_global(ZSTR_KNOWN(ZEND_STR_AUTOGLOBAL_ENV), PG(auto_globals_jit), php_auto_globals_create_env);
    911. 

  911. 	zend_register_auto_global(ZSTR_KNOWN(ZEND_STR_AUTOGLOBAL_REQUEST), PG(auto_globals_jit), php_auto_globals_create_request);
    912. 

  912. 	zend_register_auto_global(zend_string_init_interned("_FILES", sizeof("_FILES")-1, 1), 0, php_auto_globals_create_files);
    913. 

  913. }
    914. 

  914.