Gráfico de Commits

10 Commits

Autor SHA1 Mensagem Data
Paul Tarjan 1ca7c026d1 Revert double thing
Some tests are failing now that didn't fail in contbuild. Revert until I can look at it.
2013-06-15 23:32:07 -07:00
Paul Tarjan 794f87542a try strtod instead of zend version
why is there a zend version and a c version? we mix and match in `is_numeric_string`. I'm worried this is giving me a problem in the filtering of floats.
2013-06-15 23:32:06 -07:00
Jordan DeLong 2618ad0ef2 Delete all the non-variant Variant::same overloads
Step one.
2013-06-12 11:34:36 -07:00
Tim Starling 998951619f update copyright date
We did not intend to imply our copyrights last forever

Closes #759
2013-06-03 12:43:56 -07:00
Sara Golemon 6ec64e8bf9 make #includes consistent
I was learning from @jdelong and he said that you should use
double quotes for local includes and angle brackets for library
includes. I asked why our code was the way it was, and he said he wanted
to clean it up. I beat him to it :)

Conflicts:

	hphp/runtime/base/server/admin_request_handler.cpp
	hphp/runtime/vm/named_entity.h
2013-05-15 13:05:06 -07:00
bertrand 6a93844442 Add support for safe (un)serialization using (un)serialize()
The unserialization of random objects may be dangerous because the destructor of the object will be called when the unserialized objects are out of scope. However, the person who wrote the class may not be aware of the danger of unserialization. Therefore, we would like to require every users of the unserialize() to provide a whitelist of the class names that are authorized to be unserialized so that we can make sure the object is safe to be unserialized.

Add a parameter 'class_whitelist' to unserialize() function to determine whether to raise warnings for unsafe unserialization. If the class to be unserialized is not an instance of Serilizable or not in the whitelist, warnings will be raised. For the detailed reason why we need this, please see http://fburl.com/SafeSerializable for more information.

Add a parameter 'all_classes_enabled' to allow  those hphp functions that need to unserialize any class. For example, fb_call_user_func_async() will need to serialize and nserialize the given parameters.
2013-04-18 13:54:55 -07:00
andrewparoski 6e7b02933c Fix bugs with unserializing collections
The 'r' encoding for unserialization was broken for collections because the
code was calling Variant::unserialize() on a temporary Variant, which is a
no-no. unserialize() must be called directly on the value where it resides
in the collection.

Second, there was an inconsistency between serialize and unserialize with
how id numbers worked for the 'r' and 'R' encodings. This diff fixes
serialize and unserialize to count collection keys when assigning id
numbers. I also took the opportunity to tighten up enforcement to prevent
collections keys and values from being taken by reference when during
unserialization.
2013-04-01 13:48:59 -07:00
aalexandre 505c17f357 replaced null with uninit_null() 2013-03-18 16:05:53 -07:00
aalexandre 26178124a4 Eliminate int32, uint32, int16, uint16, int8, uint8.
This concludes the inttypes replacement.
These replacement have been mostly mechanical
with the use of cxx_replace.
2013-03-09 10:25:16 -08:00
Jordan Delong 363d1bb20f Code move src/ -> hphp/
This change is mostly for FB internal organizational reasons.
Building is not effected beyond the fact that the target now
lands in hphp/hhvm/hhvm rather than src/hhvm/hhvm.
2013-02-11 02:10:41 -08:00