From 2198c14babfd09778efccbb23a6c66c6d7a5e1f1 Mon Sep 17 00:00:00 2001
From: Xinchen Hui <laruence@php.net>
Date: Fri, 9 Mar 2012 06:35:54 +0000
Subject: [PATCH] prepare for releasing doc

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@324043 c90b9560-bf6c-de11-be94-00142212c4b1
---
 reference/taint/book.xml   |   1 +
 reference/taint/detail.xml | 339 ++++++++++++++++++++++++++++++-------
 reference/taint/setup.xml  |   5 +-
 3 files changed, 282 insertions(+), 63 deletions(-)

diff --git a/reference/taint/book.xml b/reference/taint/book.xml
index 372c9fc104..aae333b575 100644
--- a/reference/taint/book.xml
+++ b/reference/taint/book.xml
@@ -55,6 +55,7 @@ Warning: mysql_query() [function.mysql-query]: SQL statement contains data that
  </preface>
 
  &reference.taint.setup;
+ &reference.taint.detail;
  &reference.taint.reference;
 
 </book>
diff --git a/reference/taint/detail.xml b/reference/taint/detail.xml
index 2b675041f3..6ceeab327a 100644
--- a/reference/taint/detail.xml
+++ b/reference/taint/detail.xml
@@ -1,69 +1,288 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!-- $Revision$ -->
 
-<section xml:id="taint.detail" xmlns="http://docbook.org/ns/docbook">
- <title>Details</title>
- <para>
-  <table>
-   <title>Taint </title>
-   <tgroup cols="4">
-    <thead>
-     <row>
-      <entry>Function/Statement</entry>
-      <entry>&Default;</entry>
-      <entry>&Changeable;</entry>
-      <entry>&Changelog;</entry>
-     </row>
-    </thead>
-    <tbody>
-     <row>
-      <entry>taint.enable</entry>
-      <entry>1</entry>
-      <entry>its PHP_INI_SYS value</entry>
-      <entry><!-- leave empty, this will be filled by an automatic script --></entry>
-     </row>
-     <row>
-      <entry>taint.error_level</entry>
-      <entry>E_WARNING</entry>
-      <entry>its PHP_INI_SYS value</entry>
-      <entry><!-- leave empty, this will be filled by an automatic script --></entry>
-     </row>
-    </tbody>
-   </tgroup>
-  </table>
- </para>
+<chapter xml:id="taint.detail" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <title>More Details</title>
 
- &ini.descriptions.title;
+ <section xml:id="taint.detail.basic">
+  <title>Functions and Statements which will spread the tainted mark of a
+   taited string</title>
+  <para>
+   <table>
+    <title></title>
+    <tgroup cols="2">
+      <colspec colname="name"/>
+      <colspec colname="version"/>
+     <thead>
+      <row>
+       <entry>Function/Statement</entry>
+       <entry>Since</entry>
+      </row>
+     </thead>
+     <tbody>
+      <row>
+       <entry>= (assign)</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>. (concat)</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>"{$var}" (variable substitution)</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>.= (assign concat)</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>strval</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>explode</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>implode</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>sprintf</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>vsprintf</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>trim</entry>
+       <entry>0.4.0</entry>
+      </row>
+      <row>
+       <entry>rtrim</entry>
+       <entry>0.4.0</entry>
+      </row>
+      <row>
+       <entry>ltrim</entry>
+       <entry>0.4.0</entry>
+      </row>
+     </tbody>
+    </tgroup>
+   </table>
+  </para>
+ </section>
 
- <para>
-  <variablelist>
-   <varlistentry xml:id="ini.taint.enable">
-     <term>
-      <parameter>taint.enable</parameter>
-      <type>integer</type>
-     </term>
-     <listitem>
-      <para>
-       Whether enable the taint.
-      </para>
-     </listitem>
-    </varlistentry>
-    <varlistentry xml:id="ini.taint.error-level">
-     <term>
-      <parameter>taint.error_level</parameter>
-      <type>integer</type>
-     </term>
-     <listitem>
-      <para>
-       the error type which taint will report as when taint find a tainted
-       string.
-      </para>
-     </listitem>
-    </varlistentry>
+ <section xml:id="taint.detail.taint">
+  <title>Functions and statements which will check taint string</title>
+  <para>
+   <table>
+    <title></title>
+    <tgroup cols="2">
+      <colspec colname="name"/>
+      <colspec colname="version"/>
+     <thead>
+      <row>
+       <entry>Function/Statement</entry>
+       <entry>Since</entry>
+      </row>
+     </thead>
+     <tbody>
+      <row>
+       <entry namest="name" nameend="version">Basic statments</entry>
+      </row>
+      <row>
+       <entry>eval</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>include/include_once</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>require/require_once</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <!--end basic -->
 
-  </variablelist>
- </para>
-</section>
+      <row>
+       <entry namest="name" nameend="version">Outputing Functions</entry>
+      </row>
+      <row>
+       <entry>echo</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>print</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>printf</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>file_put_contents</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <!-- end outputing -->
+      <row>
+       <entry namest="name" nameend="version">File System Functions</entry>
+      </row>
+      <row>
+       <entry>fopen</entry>
+       <entry>0.2.0</entry>
+      </row>
+      <row>
+       <entry>opendir</entry>
+       <entry>0.2.0</entry>
+      </row>
+      <row>
+       <entry>basename</entry>
+       <entry>0.2.0</entry>
+      </row>
+      <row>
+       <entry>dirname</entry>
+       <entry>0.2.0</entry>
+      </row>
+      <row>
+       <entry>file</entry>
+       <entry>0.2.0</entry>
+      </row>
+      <row>
+       <entry>pathinfo</entry>
+       <entry>0.2.0</entry>
+      </row>
+      <!-- end file system -->
+      <row>
+       <entry namest="name" nameend="version">Database relevant Functions</entry>
+      </row>
+      <row>
+       <entry>mysql_query</entry>
+       <entry>0.2.0</entry>
+      </row>
+      <row>
+       <entry>mysqli_query/MySQLi::query</entry>
+       <entry>0.2.0</entry>
+      </row>
+      <row>
+       <entry>sqlite_query/SqliteDataBase::query</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>sqlite_single_query/SqliteDataBase::singleQuery</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>oci_parse</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>PDO::query</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>PDO::prepare</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <!-- end database -->
+      <row>
+       <entry namest="name" nameend="version">Command Line relevant Functions</entry>
+      </row>
+      <row>
+       <entry>system</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>exec</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>proc_open</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>passthru</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>shell_exec</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <!-- end command line -->
+
+     </tbody>
+    </tgroup>
+   </table>
+  </para>
+ </section>
+
+ <section xml:id="taint.detail.untaint">
+  <title>Functions which untaint the tainted string</title>
+  <para>
+   <table>
+    <title></title>
+    <tgroup cols="2">
+      <colspec colname="name"/>
+      <colspec colname="version"/>
+     <thead>
+      <row>
+       <entry>Function</entry>
+       <entry>Since</entry>
+      </row>
+     </thead>
+     <tbody>
+      <row>
+       <entry>addslashes</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>addcslashes</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>htmlspecialchars</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>htmlentities</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>escapeshellcmd</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>mysql_escape_string</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>mysql_real_escape_string</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>mysqli_escape_string/MySQLi::escape_string</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>mysqli_real_escape_string/MySQLi::real_escape_string</entry>
+       <entry>0.1.0</entry>
+      </row>
+      <row>
+       <entry>sqlite_escape_string/SqliteDataBase::escapeString</entry>
+       <entry>0.3.0</entry>
+      </row>
+      <row>
+       <entry>PDO::quote</entry>
+       <entry>0.3.0</entry>
+      </row>
+     </tbody>
+    </tgroup>
+   </table>
+  </para>
+
+ </section>
+</chapter>
 
 <!-- Keep this comment at the end of the file
 Local variables:
diff --git a/reference/taint/setup.xml b/reference/taint/setup.xml
index e8884eb369..19aa52dddc 100644
--- a/reference/taint/setup.xml
+++ b/reference/taint/setup.xml
@@ -26,10 +26,9 @@
   </para>
  </section>
 
- <section xml:id="taint.configuration">
-  &reftitle.runtime;
+ <!-- {{{ Configuration -->
   &reference.taint.ini;
- </section>
+ <!-- }}} -->
 
  <section xml:id="taint.resources">
   &reftitle.resources;