> At the time CLI was introduced I argued to remove . from php.ini
> search path, but that was not accepted because some people
> apparently use this feature for having different configurations for
> different virtual hosts.
>
> Therefore . was removed only from CLI's php.ini search path.
This feature looks somewhat evil since it enables users to bypass the safe
mode restrictions enforced by the administrator, or am I missing
something?
Anyway, the following patch should make sense for #20887?
Moriyoshi
Index: main/php_ini.c
===================================================================
RCS file: /repository/php4/main/php_ini.c,v
retrieving revision 1.106
diff -u -r1.106 php_ini.c
--- main/php_ini.c 12 Nov 2002 20:56:47 -0000 1.106
+++ main/php_ini.c 12 Dec 2002 11:22:17 -0000
@@ -272,7 +272,8 @@
/* Add cwd */
#ifdef INI_CHECK_CWD
- if (strcmp(sapi_module.name, "cli")!=0) {
+ if (strcmp(sapi_module.name, "cgi")==0
+ || strcmp(sapi_module.name, "cgi-fcgi")==0) {
if (*php_ini_search_path) {
strcat(php_ini_search_path, paths_separator);
}
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
