Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
diff --git a/ext/filter/filter.c b/ext/filter/filter.c
index 56c93199f0..5d99d333f7 100644
--- a/ext/filter/filter.c
+++ b/ext/filter/filter.c
@@ -58,6 +58,7 @@ static const filter_list_entry filter_list[] = {
{ "url", FILTER_SANITIZE_URL, php_filter_url },
{ "number_int", FILTER_SANITIZE_NUMBER_INT, php_filter_number_int },
{ "number_float", FILTER_SANITIZE_NUMBER_FLOAT, php_filter_number_float },
+ { "add_slashes", FILTER_SANITIZE_ADD_SLASHES, php_filter_add_slashes },
{ "magic_quotes", FILTER_SANITIZE_MAGIC_QUOTES, php_filter_magic_quotes },
{ "callback", FILTER_CALLBACK, php_filter_callback },
@@ -253,6 +254,7 @@ PHP_MINIT_FUNCTION(filter)
REGISTER_LONG_CONSTANT("FILTER_SANITIZE_NUMBER_INT", FILTER_SANITIZE_NUMBER_INT, CONST_CS | CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("FILTER_SANITIZE_NUMBER_FLOAT", FILTER_SANITIZE_NUMBER_FLOAT, CONST_CS | CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("FILTER_SANITIZE_MAGIC_QUOTES", FILTER_SANITIZE_MAGIC_QUOTES, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("FILTER_SANITIZE_ADD_SLASHES", FILTER_SANITIZE_ADD_SLASHES, CONST_CS | CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("FILTER_CALLBACK", FILTER_CALLBACK, CONST_CS | CONST_PERSISTENT);
diff --git a/ext/filter/filter_private.h b/ext/filter/filter_private.h
index a56cecb432..c2485d8a40 100644
--- a/ext/filter/filter_private.h
+++ b/ext/filter/filter_private.h
@@ -85,7 +85,8 @@
#define FILTER_SANITIZE_NUMBER_FLOAT 0x0208
#define FILTER_SANITIZE_MAGIC_QUOTES 0x0209
#define FILTER_SANITIZE_FULL_SPECIAL_CHARS 0x020a
-#define FILTER_SANITIZE_LAST 0x020a
+#define FILTER_SANITIZE_ADD_SLASHES 0x020b
+#define FILTER_SANITIZE_LAST 0x020b
#define FILTER_SANITIZE_ALL 0x0200
diff --git a/ext/filter/php_filter.h b/ext/filter/php_filter.h
index 0620aa3807..e76d4acac3 100644
--- a/ext/filter/php_filter.h
+++ b/ext/filter/php_filter.h
@@ -91,6 +91,7 @@ void php_filter_email(PHP_INPUT_FILTER_PARAM_DECL);
void php_filter_url(PHP_INPUT_FILTER_PARAM_DECL);
void php_filter_number_int(PHP_INPUT_FILTER_PARAM_DECL);
void php_filter_number_float(PHP_INPUT_FILTER_PARAM_DECL);
+void php_filter_add_slashes(PHP_INPUT_FILTER_PARAM_DECL);
void php_filter_magic_quotes(PHP_INPUT_FILTER_PARAM_DECL);
void php_filter_callback(PHP_INPUT_FILTER_PARAM_DECL);
diff --git a/ext/filter/sanitizing_filters.c b/ext/filter/sanitizing_filters.c
index 8682e31994..ae21f1c010 100644
--- a/ext/filter/sanitizing_filters.c
+++ b/ext/filter/sanitizing_filters.c
@@ -368,12 +368,25 @@ void php_filter_number_float(PHP_INPUT_FILTER_PARAM_DECL)
}
/* }}} */
+/* {{{ php_filter_add_slashes */
+void php_filter_add_slashes(PHP_INPUT_FILTER_PARAM_DECL)
+{
+ zend_string *buf;
+
+ buf = php_addslashes(Z_STR_P(value));
+
+ zval_ptr_dtor(value);
+ ZVAL_STR(value, buf);
+}
+/* }}} */
+
/* {{{ php_filter_magic_quotes */
void php_filter_magic_quotes(PHP_INPUT_FILTER_PARAM_DECL)
{
zend_string *buf;
- /* just call php_addslashes quotes */
+ php_error_docref(NULL, E_DEPRECATED, "The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead");
+
buf = php_addslashes(Z_STR_P(value));
zval_ptr_dtor(value);
diff --git a/ext/filter/tests/008.phpt b/ext/filter/tests/008.phpt
index 54880e59cc..c7da676a4a 100644
--- a/ext/filter/tests/008.phpt
+++ b/ext/filter/tests/008.phpt
@@ -11,7 +11,7 @@ var_dump(filter_list(array()));
echo "Done\n";
?>
--EXPECTF--
-array(21) {
+array(22) {
[0]=>
string(3) "int"
[1]=>
@@ -51,8 +51,10 @@ array(21) {
[18]=>
string(12) "number_float"
[19]=>
- string(12) "magic_quotes"
+ string(11) "add_slashes"
[20]=>
+ string(12) "magic_quotes"
+ [21]=>
string(8) "callback"
}
diff --git a/ext/filter/tests/020.phpt b/ext/filter/tests/020.phpt
index c2ab6096d5..cdab93cf7a 100644
--- a/ext/filter/tests/020.phpt
+++ b/ext/filter/tests/020.phpt
@@ -12,9 +12,16 @@ var_dump(filter_var(-1, FILTER_SANITIZE_MAGIC_QUOTES));
echo "Done\n";
?>
---EXPECT--
+--EXPECTF--
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
string(36) "test\'asd\'asd\'\' asd\\\'\"asdfasdf"
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
string(2) "\'"
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
string(0) ""
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
string(2) "-1"
Done
diff --git a/ext/filter/tests/033.phpt b/ext/filter/tests/033.phpt
index 3819c6a01c..74afe46389 100644
--- a/ext/filter/tests/033.phpt
+++ b/ext/filter/tests/033.phpt
@@ -9,7 +9,7 @@ default_charset=UTF-8
<?php
include dirname(__FILE__) . '/033_run.inc';
?>
---EXPECT--
+--EXPECTF--
int 1 123
boolean 1
float 1 123
@@ -29,5 +29,26 @@ email PHP 1 foo@bar.com httpa.b.c 1.2.3.4 123 12
url PHP 1 foo@bar.com http://a.b.c 1.2.3.4 123 123abc<>() O'Henry aa:bb:cc:dd:ee:ff
number_int 1 1234 123 123
number_float 1 1234 123 123
+add_slashes PHP 1 foo@bar.com http://a.b.c 1.2.3.4 123 123abc<>() O\'Henry 하퍼 aa:bb:cc:dd:ee:ff
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
+
+Deprecated: filter_var(): The 'magic_quotes' (FILTER_SANITIZE_MAGIC_QUOTES) is deprecated, use 'add_slashes' (FILTER_SANITIZE_ADD_SLASHES) instead in %s on line %d
magic_quotes PHP 1 foo@bar.com http://a.b.c 1.2.3.4 123 123abc<>() O\'Henry 하퍼 aa:bb:cc:dd:ee:ff
callback PHP 1 FOO@BAR.COM HTTP://A.B.C 1.2.3.4 123 123ABC<>() O'HENRY 하퍼 AA:BB:CC:DD:EE:FF
diff --git a/ext/filter/tests/059.phpt b/ext/filter/tests/059.phpt
new file mode 100644
index 0000000000..f1d24353a0
--- /dev/null
+++ b/ext/filter/tests/059.phpt
@@ -0,0 +1,20 @@
+--TEST--
+filter_var() and FILTER_SANITIZE_ADD_SLASHES
+--SKIPIF--
+<?php if (!extension_loaded("filter")) die("skip"); ?>
+--FILE--
+<?php
+
+var_dump(filter_var("test'asd'asd'' asd\'\"asdfasdf", FILTER_SANITIZE_ADD_SLASHES));
+var_dump(filter_var("'", FILTER_SANITIZE_ADD_SLASHES));
+var_dump(filter_var("", FILTER_SANITIZE_ADD_SLASHES));
+var_dump(filter_var(-1, FILTER_SANITIZE_ADD_SLASHES));
+
+echo "Done\n";
+?>
+--EXPECT--
+string(36) "test\'asd\'asd\'\' asd\\\'\"asdfasdf"
+string(2) "\'"
+string(0) ""
+string(2) "-1"
+Done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment