On 11.07.11 13:29, Hannes Magnusson wrote:
> On Mon, Jul 11, 2011 at 13:16, Christian Stocker <[email protected]> wrote:
>> chregu Mon, 11 Jul 2011 11:16:22 +0000
>>
>> Revision: http://svn.php.net/viewvc?view=revision&revision=313131
>>
>> Log:
>> Added XsltProcessor::setSecurityPrefs($options) and getSecurityPrefs()
>> to define forbidden operations within XSLT stylesheets, default is not to
>> enable any write operations from XSLT anymore. Bug #54446
>>
>
>
> Any reason not to merge it to 5.4?
Sure, didn't realise that it was already branched.
>
> + if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET,
> ZEND_NUM_ARGS() TSRMLS_CC, "l", &securityPrefs) == SUCCESS) {
> [..]
> + } else {
> + WRONG_PARAM_COUNT;
> + }
>
> Thats a freaky way of doing if (zend_parse_parameter(...) == FAILURE)
> { return; } ...
> and won't produce as good errormsg.
copy&paste ;) I'll fix it.
> + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Can't set
> libxslt
> security properties");
>
> Can be printed out up to 5 times in a row.. shouldn't it say which
> property it was trying to set? And if one of these calls fail, won't
> they all fail?
yes, not sure how it can fail at all, but again, I'll try to come up
with a better solution.
Thanks for the feedback, much appreciated
chregu
>
>
> -Hannes
--
Liip AG // Feldstrasse 133 // CH-8004 Zurich
Tel +41 43 500 39 81 // Mobile +41 76 561 88 60
www.liip.ch // blog.liip.ch // GnuPG 0x0748D5FE
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
