> Applicable snippet: > Do not try to use named time zones (like "America/Chicago") with dates > very far in the future (thousands of years). The current > implementation ofDateTime::TimeZone will use a huge amount of memory > calculating all the DST changes from now until the future date. Use > UTC or the floating time zone and you will be safe.
I knew this prior to you posting the snippet, but I think to be prudent there is merit in explicitly highlighting the need to validate user input. I'm not going lie -- I never thought of this as a sizable vector for a DOS attack before the Schwern brought it up. -- Evan Carroll System Lord of the Internets http://www.evancarroll.com
