diff options
author | Ermal <eri@pfsense.org> | 2013-12-20 22:08:34 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-12-20 22:08:34 +0000 |
commit | aa205c3b69bf76b1565fd42dba83c7637212f793 (patch) | |
tree | f04ba2d5e093bd36f0e128690e72ae538b8104de | |
parent | cc2630208cc31ac3a19c185036a4b589d125e99a (diff) | |
download | pfsense-aa205c3b69bf76b1565fd42dba83c7637212f793.zip pfsense-aa205c3b69bf76b1565fd42dba83c7637212f793.tar.gz |
Rmoeve register_long_arrays from php.ini and from php code the use of HTTP_*_VARS as its deprecated and luckily low use in pfSense to win memory and compativility
-rw-r--r-- | etc/inc/auth.inc | 4 | ||||
-rw-r--r-- | etc/inc/authgui.inc | 2 | ||||
-rw-r--r-- | etc/inc/xmlrpc_server.inc | 24 | ||||
-rwxr-xr-x | etc/rc.php_ini_setup | 1 | ||||
-rwxr-xr-x | usr/local/www/exec.php | 2 | ||||
-rwxr-xr-x | usr/local/www/guiconfig.inc | 1 | ||||
-rw-r--r-- | usr/local/www/headjs.php | 2 | ||||
-rw-r--r-- | usr/local/www/system_usermanager_passwordmg.php | 13 |
8 files changed, 30 insertions, 19 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 521656b..c686ff4 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -1344,7 +1344,7 @@ function authenticate_user($username, $password, $authcfg = NULL, &$attributes = } function session_auth() { - global $HTTP_SERVER_VARS, $config, $_SESSION, $page; + global $config, $_SESSION, $page; // Handle HTTPS httponly and secure flags if($config['system']['webgui']['protocol'] == "https") { @@ -1372,7 +1372,6 @@ function session_auth() { if(! isset($config['system']['webgui']['quietlogin'])) { log_auth(sprintf(gettext("Successful login for user '%1\$s' from: %2\$s"), $_POST['usernamefld'], $_SERVER['REMOTE_ADDR'])); } - $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; if (isset($_POST['postafterlogin'])) return true; else { @@ -1464,7 +1463,6 @@ function session_auth() { if ($_GET['enable_ajax']) unset($_SESSION['NO_AJAX']); - $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; return true; } diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index 35d51c7..fe9d2ca 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -51,7 +51,7 @@ if (!session_auth()) { * We give them access only to the appropriate pages based on * the user or group privileges. */ -$allowedpages = getAllowedPages($HTTP_SERVER_VARS['AUTH_USER']); +$allowedpages = getAllowedPages($_SESSION['Username']); /* * redirect to first allowed page if requesting a wrong url diff --git a/etc/inc/xmlrpc_server.inc b/etc/inc/xmlrpc_server.inc index 10b8beb..f4d8a46 100644 --- a/etc/inc/xmlrpc_server.inc +++ b/etc/inc/xmlrpc_server.inc @@ -304,6 +304,12 @@ class XML_RPC_Server /** + * The HTTP request data + * @null + */ + var $client_data = ''; + + /** * Constructor for the XML_RPC_Server class * * @param array $dispMap the dispatch map. An associative array @@ -328,7 +334,6 @@ class XML_RPC_Server */ function XML_RPC_Server($dispMap, $serviceNow = 1, $debug = 0) { - global $HTTP_RAW_POST_DATA; if ($debug) { $this->debug = 1; @@ -351,11 +356,11 @@ class XML_RPC_Server */ function serializeDebug() { - global $XML_RPC_Server_debuginfo, $HTTP_RAW_POST_DATA; + global $XML_RPC_Server_debuginfo; if ($this->debug) { XML_RPC_Server_debugmsg('vvv POST DATA RECEIVED BY SERVER vvv' . "\n" - . $HTTP_RAW_POST_DATA + . $this->server_payload . $this->client_data . "\n" . '^^^ END POST DATA ^^^'); } @@ -446,7 +451,9 @@ class XML_RPC_Server */ function createServerPayload() { - $r = $this->parseRequest(); + $this->client_data = file_get_contents("php://input"); + + $r = $this->parseRequest($this->client_data); $this->server_payload = '<?xml version="1.0" encoding="' . $this->encoding . '"?>' . "\n" . $this->serializeDebug() @@ -537,12 +544,13 @@ class XML_RPC_Server */ function parseRequest($data = '') { - global $XML_RPC_xh, $HTTP_RAW_POST_DATA, + global $XML_RPC_xh, $XML_RPC_err, $XML_RPC_str, $XML_RPC_errxml, $XML_RPC_defencoding, $XML_RPC_Server_dmap; if ($data == '') { - $data = $HTTP_RAW_POST_DATA; + $data = file_get_contents("php://input"); + $this->client_data = $data; } $this->encoding = XML_RPC_Message::getEncoding($data); @@ -653,10 +661,8 @@ class XML_RPC_Server */ function echoInput() { - global $HTTP_RAW_POST_DATA; - $r = new XML_RPC_Response(0); - $r->xv = new XML_RPC_Value("'Aha said I: '" . $HTTP_RAW_POST_DATA, 'string'); + $r->xv = new XML_RPC_Value("'Aha said I: '" . $this->client_data, 'string'); print $r->serialize(); } } diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup index 6cbc517..7da05b4 100755 --- a/etc/rc.php_ini_setup +++ b/etc/rc.php_ini_setup @@ -178,6 +178,7 @@ magic_quotes_gpc = Off max_execution_time = 900 max_input_time = 1800 register_argc_argv = On +register_long_arrays = Off file_uploads = On upload_tmp_dir = ${UPLOADTMPDIR} upload_max_filesize = 200M diff --git a/usr/local/www/exec.php b/usr/local/www/exec.php index eda1321..2b84d74 100755 --- a/usr/local/www/exec.php +++ b/usr/local/www/exec.php @@ -83,7 +83,7 @@ function puts( $arg ) { echo "$arg\n"; } // "Constants". $Version = ''; -$ScriptName = $HTTP_SERVER_VARS['SCRIPT_NAME']; +$ScriptName = $REQUEST['SCRIPT_NAME']; // Get year. diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 3579767..d5a9cf7 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -911,7 +911,6 @@ function echo_array($array,$return_me=false){ * null ******/ function display_top_tabs(& $tab_array, $no_drop_down = false) { - global $HTTP_SERVER_VARS; global $config; global $g; global $tab_array_indent; diff --git a/usr/local/www/headjs.php b/usr/local/www/headjs.php index bfea6e9..0ee1cb4 100644 --- a/usr/local/www/headjs.php +++ b/usr/local/www/headjs.php @@ -37,7 +37,7 @@ require_once("guiconfig.inc"); function getHeadJS() { - global $_SERVER, $HTTP_SERVER_VARS, $g, $use_loader_tab_gif; + global $g, $use_loader_tab_gif; if(!$use_loader_tab_gif) $loader_gif = "/themes/{$g['theme']}/images/misc/loader.gif"; diff --git a/usr/local/www/system_usermanager_passwordmg.php b/usr/local/www/system_usermanager_passwordmg.php index 10ff645..a35a8a47 100644 --- a/usr/local/www/system_usermanager_passwordmg.php +++ b/usr/local/www/system_usermanager_passwordmg.php @@ -54,9 +54,12 @@ if (isset($_POST['save'])) { $input_errors[] = gettext("The passwords do not match."); if (!$input_errors) { + if (!session_id()) + session_start(); // all values are okay --> saving changes - $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1'])); - local_user_set($config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]); + $config['system']['user'][$userindex[$_SESSION['Username']]]['password'] = crypt(trim($_POST['passwordfld1'])); + local_user_set($config['system']['user'][$userindex[$_SESSION['Username']]]); + session_commit(); write_config(); @@ -101,7 +104,11 @@ if ($islocal == false) { <form action="system_usermanager_passwordmg.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area"> <tr> - <td colspan="2" valign="top" class="listtopic"><?=$HTTP_SERVER_VARS['AUTH_USER']?>'s <?=gettext("Password"); ?></td> +<?php if (!session_id()) + session_start(); +?> + <td colspan="2" valign="top" class="listtopic"><?=$_SESSION['Username']?>'s <?=gettext("Password"); ?></td> +<?php session_commit(); ?> </tr> <tr> <td width="22%" valign="top" class="vncell" rowspan="2"><?=gettext("Password"); ?></td> |