--- parser3/src/classes/file.C	2013/07/21 15:16:44	1.228
+++ parser3/src/classes/file.C	2015/10/09 00:17:44	1.239
@@ -25,7 +25,7 @@
 #include "pa_vregex.h"
 #include "pa_version.h"
 
-volatile const char * IDENT_FILE_C="$Id: file.C,v 1.228 2013/07/21 15:16:44 moko Exp $";
+volatile const char * IDENT_FILE_C="$Id: file.C,v 1.239 2015/10/09 00:17:44 moko Exp $";
 
 // defines
 
@@ -214,7 +214,7 @@ static void copy_process_source(
 static void copy_open_target(int f, void *from_spec) {
 	String& file_spec=*static_cast<String *>(from_spec);
 	file_read_action_under_lock(file_spec, "copy", copy_process_source, &f);
-};
+}
 
 static void _copy(Request& r, MethodParams& params) {
 	Value& vfrom_file_name=params.as_no_junction(0, "from file name must not be code");
@@ -295,9 +295,9 @@ static void _load(Request& r, MethodPara
 		file_stat(lfile_name, size, atime, mtime, ctime);
 	
 		HashStringValue& ff=self.fields();
-		ff.put(adate_name, new VDate(atime));
-		ff.put(mdate_name, new VDate(mtime));
-		ff.put(cdate_name, new VDate(ctime));
+		ff.put(adate_name, new VDate((pa_time_t)atime));
+		ff.put(mdate_name, new VDate((pa_time_t)mtime));
+		ff.put(cdate_name, new VDate((pa_time_t)ctime));
 	}
 }
 
@@ -354,7 +354,7 @@ static void _create(Request& r, MethodPa
 	VFile& self=GET_SELF(r, VFile);
 
 	if(const String* content_str=vcontent.get_string()){
-		String::Body body=content_str->cstr_to_string_body_untaint(String::L_AS_IS); // explode content, honor tainting changes
+		String::Body body=content_str->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets); // explode content, honor tainting changes
 		if(asked_charset && is_text)
 			body=Charset::transcode(body, r.charsets.source(), *asked_charset);
 		self.set(true/*tainted*/, is_text, body.cstrm(), body.length(), file_name, vcontent_type, &r);
@@ -379,15 +379,15 @@ static void _stat(Request& r, MethodPara
 
 	self.set_binary(true/*tainted*/, 0/*no bytes*/, size, &lfile_name, 0, &r);
 	HashStringValue& ff=self.fields();
-	ff.put(adate_name, new VDate(atime));
-	ff.put(mdate_name, new VDate(mtime));
-	ff.put(cdate_name, new VDate(ctime));
+	ff.put(adate_name, new VDate((pa_time_t)atime));
+	ff.put(mdate_name, new VDate((pa_time_t)mtime));
+	ff.put(cdate_name, new VDate((pa_time_t)ctime));
 }
 
 static bool is_safe_env_key(const char* key) {
 	for(const char* validator=key; *validator; validator++) {
 		char c=*validator;
-		if(!(c>='A' && c<='Z' || c>='0' && c<='9' || c=='_' || c=='-'))
+		if(!( (c>='A' && c<='Z') || (c>='0' && c<='9') || (c=='_' || c=='-') ))
 			return false;
 	}
 #ifdef PA_SAFE_MODE
@@ -450,7 +450,7 @@ static void pass_cgi_header_attribute(
 
 static void append_to_argv(Request& r, ArrayString& argv, const String* str){
 	if(!str->is_empty())
-		argv+=new String(str->cstr_to_string_body_untaint(String::L_AS_IS, 0, &r.charsets), String::L_AS_IS);
+		argv+=new String(str->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets), String::L_AS_IS);
 }
 
 /// @todo fix `` in perl - they produced flipping consoles and no output to perl
@@ -469,24 +469,14 @@ static void _exec_cgi(Request& r, Method
 	const String& script_name=r.absolute(params.as_string(param_index++, FILE_NAME_MUST_NOT_BE_CODE));
 
 	HashStringString env;
-	#define ECSTR(name, value_cstr) \
-		if(value_cstr) \
-			env.put( \
-				String::Body(#name), \
-				String::Body(*value_cstr?value_cstr:0)); \
-	// passing SAPI::environment
-	if(const char *const *pairs=SAPI::environment(r.sapi_info)) {
-		while(const char* pair=*pairs++)
-			if(const char* eq_at=strchr(pair, '='))
-				if(eq_at[1]) // has value
-					env.put(
-						pa_strdup(pair, eq_at-pair),
-						pa_strdup(eq_at+1));
-	}
+	#define ECSTR(name, value_cstr) if(value_cstr) env.put(#name, value_cstr);
+	// passing environment
+	for(SAPI::Env::Iterator i(r.sapi_info); i; i.next() )
+		env.put(i.key(), i.value() );
 
 	// const
 	ECSTR(GATEWAY_INTERFACE, "CGI/1.1");
-	ECSTR("PARSER_VERSION", PARSER_VERSION);
+	ECSTR(PARSER_VERSION, PARSER_VERSION);
 	// from Request.info
 	ECSTR(DOCUMENT_ROOT, r.request_info.document_root);
 	ECSTR(PATH_TRANSLATED, r.request_info.path_translated);
@@ -521,7 +511,7 @@ static void _exec_cgi(Request& r, Method
 			if(info.vstdin) {
 				if(const String* sstdin=info.vstdin->get_string()) {
 					// untaint stdin
-					in = new String(sstdin->cstr_to_string_body_untaint(String::L_AS_IS), String::L_AS_IS);
+					in = new String(sstdin->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets), String::L_AS_IS);
 				} else
 					if(VFile* vfile=static_cast<VFile *>(info.vstdin->as("file")))
 						in->append_know_length((const char* )vfile->value_ptr(), vfile->value_size(), String::L_TAINTED);
@@ -699,24 +689,26 @@ static void _list(Request& r, MethodPara
 				}
 				if(Value* value=options->get("filter")) {
 					vfilter=value;
+					valid_options++;
 				}
 				if(valid_options!=options->count())
 					throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION);
 			} else {
 				vfilter=&voption;
 			}
-			if(vfilter)
+			if(vfilter) {
 				if(Value* value=vfilter->as(VREGEX_TYPE)) {
 					vregex=static_cast<VRegex*>(value);
 				} else if(vfilter->is_string()) {
 					if(!vfilter->get_string()->trim().is_empty()) {
 						vregex=new VRegex(r.charsets.source(), &vfilter->as_string(), 0/*options*/);
-				vregex->study();
-				vrcleaner.vregex=vregex;
-			}
+						vregex->study();
+						vrcleaner.vregex=vregex;
+					}
 				} else {
 					throw Exception(PARSER_RUNTIME, 0, "filter must be regex or string");
 				}
+			}
 		}
 	}
 
@@ -735,13 +727,12 @@ static void _list(Request& r, MethodPara
 		if(!vregex || vregex->exec(ffblk.ff_name, file_name_size, ovector, ovector_size)>=0) {
 			Table::element_type row(new ArrayString);
 			*row+=new String(pa_strdup(file_name_cstr, file_name_size), String::L_TAINTED);
-			*row+=new String(String::Body::Format(ffblk.is_dir() ? 1 : 0), String::L_CLEAN);
+			*row+=new String(String::Body::Format(ffblk.is_dir(stat) ? 1 : 0), String::L_CLEAN);
 			if(stat) {
-				ffblk.stat_file();
 				*row+=VDouble(ffblk.size()).get_string();
-				*row+=new String(String::Body::Format(ffblk.c_timestamp()), String::L_CLEAN);
-				*row+=new String(String::Body::Format(ffblk.m_timestamp()), String::L_CLEAN);
-				*row+=new String(String::Body::Format(ffblk.a_timestamp()), String::L_CLEAN);
+				*row+=new String(String::Body::Format((int)ffblk.c_timestamp()), String::L_CLEAN);
+				*row+=new String(String::Body::Format((int)ffblk.m_timestamp()), String::L_CLEAN);
+				*row+=new String(String::Body::Format((int)ffblk.a_timestamp()), String::L_CLEAN);
 			}
 			table+=row;
 		}
@@ -757,11 +748,13 @@ struct Lock_execute_body_info {
 	Value* body_code;
 };
 #endif
+
 static void lock_execute_body(int , void *ainfo) {
 	Lock_execute_body_info& info=*static_cast<Lock_execute_body_info *>(ainfo);
 	// execute body
 	info.r->write_assign_lang(info.r->process(*info.body_code));
-};
+}
+
 static void _lock(Request& r, MethodParams& params) {
 	const String& file_spec=r.absolute(params.as_string(0, FILE_NAME_MUST_BE_STRING));
 	Lock_execute_body_info info={
@@ -1031,10 +1024,8 @@ static void _sql(Request& r, MethodParam
 		handlers,
 		statement_string);
 
-	if(!handlers.value)
-		throw Exception(PARSER_RUNTIME,
-			0,
-			"produced no result");
+	if(!handlers.value.str)
+		throw Exception(PARSER_RUNTIME, 0, "produced no result");
 
 	VFile& self=GET_SELF(r, VFile);