There's a problem with PHP cgi binaries: <CaPS_> (was a CVS, so..) <CaPS_> which reminds me <CaPS_> remember my ranting about php.ini derick? <CaPS_> (it opens ./php.ini, config_file_path/php.ini, checks PHPRC environment) <CaPS_> in that order <CaPS_> I got some 'friends' who work at hosters <CaPS_> and they don't like that <CaPS_> cos, ./php.ini will enable users to override safe mode <CaPS_> made a lill patch for him so it wouldn't <CaPS_> but, isn't it an idea to add --restrictive-hosting or something that'll ''activate'' that patch ? <CaPS_> (limit php.ini to be in config-file-path) <OpenSrc> yes <OpenSrc> no switch <OpenSrc> just reverse it :) <CaPS_> que <CaPS_> ? <OpenSrc> change the order <OpenSrc> let the MAIN php.ini override values in PHPRC/php.ini <CaPS_> it doesn't sequentially parse them <CaPS_> but one <OpenSrc> oh <OpenSrc> then that need to be fixed :) <CaPS_> either ./php.ini, php.ini or PHPRC <OpenSrc> write it to php-dev
It allows users to set their own options in a ./php.ini, as in override user_dir, open_basedir and safe_mode. My default php.ini has error_reporting set to E_ALL: test.php: <?php echo $test; ?> php.ini-ex: error_reporting = E_ALL & ~E_NOTICE caps@anaina:~/php-4.1.0$ ./php -q test.php PHP Warning: undefined variable: test in /home/caps/php-4.1.0/test.php on line 3 caps@anaina:~/php-4.1.0$ mv php.ini-ex php.ini caps@anaina:~/php-4.1.0$ ./php -q test.php caps@anaina:~/php-4.1.0$ This was reported and discussed (on IRC) first on Nov 15 (http://bugs.php.net/bug.php?id=14071), granted.. filed incorrectly. I'd say this is quite serious when you're a hoster who only allows PHP in CGI mode. Wouter de Jong is the one who actually discovered this. -- Mathieu 'CaPS_' Kooiman <[EMAIL PROTECTED]> MAP Internet Services -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
