bjori Sat Sep 9 21:56:59 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src php.ini-recommended php.ini-dist
Log:
- Remove register_globals from the "different" section
- Add allow_url_include = Off
- compatability -> compatibility and other typos
http://cvs.php.net/viewvc.cgi/php-src/php.ini-recommended?r1=1.179.2.11.2.7&r2=1.179.2.11.2.8&diff_format=u
Index: php-src/php.ini-recommended
diff -u php-src/php.ini-recommended:1.179.2.11.2.7
php-src/php.ini-recommended:1.179.2.11.2.8
--- php-src/php.ini-recommended:1.179.2.11.2.7 Sat Sep 9 21:43:11 2006
+++ php-src/php.ini-recommended Sat Sep 9 21:56:58 2006
@@ -67,18 +67,6 @@
; PHP. Please make sure you read what's different, and modify your scripts
; accordingly, if you decide to use this file instead.
;
-; - register_globals = Off [Security, Performance]
-; Global variables are no longer registered for input data (POST, GET,
cookies,
-; environment and other server variables). Instead of using $foo, you
must use
-; you can use $_REQUEST["foo"] (includes any variable that arrives through
the
-; request, namely, POST, GET and cookie variables), or use one of the
specific
-; $_GET["foo"], $_POST["foo"], $_COOKIE["foo"] or $_FILES["foo"], depending
-; on where the input originates. Also, you can look at the
-; import_request_variables() function.
-; Note that register_globals is going to be depracated (i.e., turned off by
-; default) in the next version of PHP, because it often leads to security
bugs.
-; Read http://php.net/manual/en/security.registerglobals.php for further
-; information.
; - register_long_arrays = Off [Performance]
; Disables registration of the older (and deprecated) long predefined array
; variables ($HTTP_*_VARS). Instead, use the superglobals that were
@@ -112,7 +100,7 @@
; The environment variables are not hashed into the $_ENV. To access
; environment variables, you can use getenv() instead.
; - error_reporting = E_ALL [Code Cleanliness, Security(?)]
-; By default, PHP surpresses errors of type E_NOTICE. These error messages
+; By default, PHP suppresses errors of type E_NOTICE. These error messages
; are emitted for non-critical errors, but that could be a symptom of a
bigger
; problem. Most notably, this will cause error messages about the use
; of uninitialized variables to be displayed.
@@ -387,7 +375,7 @@
; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
-; sourcelines.
+; source lines.
ignore_repeated_source = Off
; If this parameter is set to Off, then memory leaks will not be shown (on
@@ -590,6 +578,9 @@
; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
allow_url_fopen = On
+; Whether to allow include/require to open URLs (like http:// or ftp://) as
files.
+allow_url_include = Off
+
; Define the anonymous ftp password (your email address)
;from="[EMAIL PROTECTED]"
@@ -850,10 +841,10 @@
; Minimum message severity to display.
sybase.min_message_severity = 10
-; Compatability mode with old versions of PHP 3.0.
+; Compatibility mode with old versions of PHP 3.0.
; If on, this will cause PHP to automatically assign types to results according
; to their Sybase type, instead of treating them all as strings. This
-; compatability mode will probably not stay around forever, so try applying
+; compatibility mode will probably not stay around forever, so try applying
; whatever necessary changes to your code, and turn it off.
sybase.compatability_mode = Off
@@ -1076,7 +1067,7 @@
; Minimum message severity to display.
mssql.min_message_severity = 10
-; Compatability mode with old versions of PHP 3.0.
+; Compatibility mode with old versions of PHP 3.0.
mssql.compatability_mode = Off
; Connect timeout
@@ -1160,7 +1151,7 @@
;com.autoregister_typelib = true
; register constants casesensitive
;com.autoregister_casesensitive = false
-; show warnings on duplicate constat registrations
+; show warnings on duplicate constant registrations
;com.autoregister_verbose = true
[mbstring]
http://cvs.php.net/viewvc.cgi/php-src/php.ini-dist?r1=1.231.2.10.2.8&r2=1.231.2.10.2.9&diff_format=u
Index: php-src/php.ini-dist
diff -u php-src/php.ini-dist:1.231.2.10.2.8 php-src/php.ini-dist:1.231.2.10.2.9
--- php-src/php.ini-dist:1.231.2.10.2.8 Sat Sep 9 21:43:11 2006
+++ php-src/php.ini-dist Sat Sep 9 21:56:58 2006
@@ -272,7 +272,7 @@
; intentional (e.g., using an uninitialized variable and
; relying on the fact it's automatically initialized to an
; empty string)
-; E_STRICT - run-time notices, enable to have PHP suggest
changes
+; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best interoperability
; and forward compatibility of your code
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
@@ -329,7 +329,7 @@
; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
-; sourcelines.
+; source lines.
ignore_repeated_source = Off
; If this parameter is set to Off, then memory leaks will not be shown (on
@@ -795,7 +795,7 @@
; Minimum message severity to display.
sybase.min_message_severity = 10
-; Compatability mode with old versions of PHP 3.0.
+; Compatibility mode with old versions of PHP 3.0.
; If on, this will cause PHP to automatically assign types to results according
; to their Sybase type, instead of treating them all as strings. This
; compatibility mode will probably not stay around forever, so try applying
@@ -1021,7 +1021,7 @@
; Minimum message severity to display.
mssql.min_message_severity = 10
-; Compatability mode with old versions of PHP 3.0.
+; Compatibility mode with old versions of PHP 3.0.
mssql.compatability_mode = Off
; Connect timeout
@@ -1105,7 +1105,7 @@
;com.autoregister_typelib = true
; register constants casesensitive
;com.autoregister_casesensitive = false
-; show warnings on duplicate constat registrations
+; show warnings on duplicate constant registrations
;com.autoregister_verbose = true
[mbstring]
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
