On Wed, 2012-11-21 at 00:45 -0800, Stas Malyshev wrote: > Hi! > > > Actually, I'm going to retract my statement, and here's why: > > http://svn.wp-plugins.org/praized-community/trunk/includes/php/praized-php/PraizedCipher.php > > I think breaking this code is an advantage :) That's definitely not how > php_logo_guid should be used and using it as a secure salt makes no > sense at all. To add insult to injury, it's wrapped in an if()! Please > make me unsee it.
Agree. We never guaranteed this to be any stable value. And even using it to display the logo is error-prone: Whether the logo can be shown depends on expose_php in php.ini. johannes -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php