Are you sure about that?
Seems to me that this is one case that really should be protected by
allow_url_fopen, as it allows specifying arbitrary data in the
filename.
While this is not quite such a big deal in HEAD, it is in PHP 5.2.
I think this needs further analysis and discussion before we roll PHP 5.2.
--Wez.
On 5/14/06, Marcus Boerger <[EMAIL PROTECTED]> wrote:
helly Sun May 14 19:13:17 2006 UTC
Modified files:
/php-src/main/streams memory.c
Log:
- No need to have this controlled by allow_url_fopen
http://cvs.php.net/viewcvs.cgi/php-src/main/streams/memory.c?r1=1.19&r2=1.20&diff_format=u
Index: php-src/main/streams/memory.c
diff -u php-src/main/streams/memory.c:1.19 php-src/main/streams/memory.c:1.20
--- php-src/main/streams/memory.c:1.19 Sun May 14 01:39:24 2006
+++ php-src/main/streams/memory.c Sun May 14 19:13:17 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: memory.c,v 1.19 2006/05/14 01:39:24 helly Exp $ */
+/* $Id: memory.c,v 1.20 2006/05/14 19:13:17 helly Exp $ */
#define _GNU_SOURCE
#include "php.h"
@@ -701,7 +701,7 @@
php_stream_wrapper php_stream_rfc2397_wrapper = {
&php_stream_rfc2397_wops,
NULL,
- 1, /* is_url */
+ 0, /* is_url */
};
/*
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
