#28466 [NEW]: mb_convert_variables() clutters variables beyond the references, again.
From: s dot masugata at digicom dot dnp dot co dot jp
Operating system: FreeBSD/Linux/Solaris(sparc)
PHP version: 4.3.6
PHP Bug Type: mbstring related
Bug description: mb_convert_variables() clutters variables beyond the references,
again.
Description:
See:http://bugs.php.net/bug.php?id=26639
Although the usual array is satisfactory,
if array becomes a nest, it is still useless.
Reproduce code:
---
Expected result:
array(1) {
[0]=>
string(3) "no changed multi-byte string's"
}
array(1) {
[0]=>
string(3) "changed multi-byte string's"
}
array(1) {
[0]=>
string(3) "no changed multi-byte string's"
[1]=>
array(1) {
[0]=>
string(4) "no changed multi-byte string's"
}
}
array(1) {
[0]=>
string(3) "changed multi-byte string's"
[1]=>
array(1) {
[0]=>
string(4) "changed multi-byte string's"
}
}
Actual result:
--
array(1) {
[0]=>
string(3) "no changed multi-byte string's"
}
array(1) {
[0]=>
string(3) "changed multi-byte string's"
}
array(1) {
[0]=>
string(3) "no changed multi-byte string's"
[1]=>
array(1) {
[0]=>
string(4) "changed multi-byte string's"
}
}
array(1) {
[0]=>
string(3) "changed multi-byte string's"
[1]=>
array(1) {
[0]=>
string(4) "changed multi-byte string's"
}
}
--
Edit bug report at http://bugs.php.net/?id=28466&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28466&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28466&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=28466&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=28466&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=28466&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=28466&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=28466&r=oldversion
Not developer issue:http://bugs.php.net/fix.php?id=28466&r=support
Expected behavior: http://bugs.php.net/fix.php?id=28466&r=notwrong
Not enough info:http://bugs.php.net/fix.php?id=28466&r=notenoughinfo
Submitted twice:http://bugs.php.net/fix.php?id=28466&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=28466&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28466&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=28466&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=28466&r=isapi
Install GNU Sed:http://bugs.php.net/fix.php?id=28466&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=28466&r=float
#28465 [Opn->Bgs]: Session variables not being kept with include_once()
ID: 28465 Updated by: [EMAIL PROTECTED] Reported By: dave at faf dot co dot nz -Status: Open +Status: Bogus Bug Type: Session related Operating System: linux PHP Version: 4.3.4 New Comment: Sorry, but your problem does not imply a bug in PHP itself. For a list of more appropriate places to ask for help using PHP, please visit http://www.php.net/support.php as this bug system is not the appropriate forum for asking support questions. Thank you for your interest in PHP. Previous Comments: [2004-05-21 03:49:53] dave at faf dot co dot nz Okay. I've figured it out. nasty linux issues. ( sorry. hate linux for all the wrong reasons ) Please leave this here for others to find, i wouldn't have had the trouble otherwise. The require_once/include_once functions, when running in linux, must be complete paths, not http's. my path to the included file worked properly again when i used : "/home/faf/faf.co.nz/profilerpe/" infront of the page name. Apparently the page is run when you use an url, instead of being included. Dave. [2004-05-21 03:43:50] dave at faf dot co dot nz Description: When i use an include/require to load a success page ( in this case, the list the "add" was called from ) the session variables are not present. I have session_start() on each page, and if i call the pages directly ( from a menu ) the sessions remain. This happends every time i do this. I dont know if its a bug, but i have to control over the webserver as its a web hosting plan. Reproduce code: --- http://bugs.php.net/?id=28465&edit=1
#28442 [Opn]: Changing a static variables in a class changes it across sub/super classes.
ID: 28442
User updated by: kell_pt at users dot sf dot net
Reported By: kell_pt at users dot sf dot net
Status: Open
Bug Type: Zend Engine 2 problem
Operating System: any
PHP Version: 5CVS-2004-05-19 (dev)
New Comment:
I would also like to call your attention to Bug #26930 which was
dismissed as "Bogus", where in fact it's a very valid problem.
Seems like the behaviour for static data/methods doesn't follow the OO
paradigm very close. I hope you guys don't dismiss these problems and
provide a sound implementation. :)
Cheers.
Previous Comments:
[2004-05-19 09:27:20] kell_pt at users dot sf dot net
Description:
It isn't possible to override static variable values in classes, seeing
as the same variable is shared across the whole hierarchy of classes.
Each child class should be able to have their own value for a static
variable.
A good example is trying to have a counter of the number of instances
per class.
ClassB::$count will always be the same as ClassA::$count.
It is possible that you don't consider this a bug, but it is quite
against the OOP paradigm, and worth a note. Basically, when loading a
subclass, the default values for the variables should be loaded, and a
new variable (memory space) created, instead of keeping a reference to
the superclass' static variable.
This is somehow related to Bug #16245 (which regards static variables
declared within functions). But where the behaviour in such a situation
is a bit unspecified, in this case it's quite against OO programming.
Reproduce code:
---
class ClassA
{
static $count;
static $somevar;
static __construct()
{
self::$count++; // this won't work as expected
}
}
class ClassB extends ClassA
{
}
// another simpler example
ClassA::$somevar = 'A';
ClassB::$somevar = 'B';
// ClassA::$somevar is now 'B' instead of 'A';
ClassA::$somevar = 'A';
// ClassB::$somevar is now 'A' instead of 'B';
--
Edit this bug report at http://bugs.php.net/?id=28442&edit=1
#26930 [Com]: Inheritance of static functions
ID: 26930
Comment by: kell_pt at users dot sf dot net
Reported By: reckert at informationsgesellschaft dot com
Status: Bogus
Bug Type: Zend Engine 2 problem
Operating System: Windows XP
PHP Version: 5CVS-2004-01-16 (dev)
New Comment:
I beg to differ. If you call b::callInit() and b:: has init()
redefined, it SHOULD call the b::init when refering to self, regardless
of where that "self" is included.
Basically, "self" must take in consideration the caller. This is not
the only hint that the class mechanism is flawed in what concerns to
static methods / properties. Static data and methods should follow the
same concepts from class instances - it's how OOP works - change that
and you can't really claim it's OOP. :)
Previous Comments:
[2004-01-16 05:08:56] [EMAIL PROTECTED]
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php
inside callInit self === a
[2004-01-16 04:58:48] reckert at informationsgesellschaft dot com
Description:
In a static function X a call to another static function in the same
class uses the version of the function in the class where X is
implemented, not the one for which X was called for.
Reproduce code:
---
class a {
static function init() {
echo 'a::init()';
}
static function callInit() {
self::init();
// do something important
}
}
class b extends a {
static function init() {
echo 'b::init()';
}
}
b::callInit();
Expected result:
b::init()
Actual result:
--
a::init()
Shouldn't inheritance work the same way as for normal methods?
Thanks for comments,
Ralph
--
Edit this bug report at http://bugs.php.net/?id=26930&edit=1
#28465 [Opn]: Session variables not being kept with include_once()
ID: 28465 User updated by: dave at faf dot co dot nz Reported By: dave at faf dot co dot nz Status: Open Bug Type: Session related Operating System: linux PHP Version: 4.3.4 New Comment: Okay. I've figured it out. nasty linux issues. ( sorry. hate linux for all the wrong reasons ) Please leave this here for others to find, i wouldn't have had the trouble otherwise. The require_once/include_once functions, when running in linux, must be complete paths, not http's. my path to the included file worked properly again when i used : "/home/faf/faf.co.nz/profilerpe/" infront of the page name. Apparently the page is run when you use an url, instead of being included. Dave. Previous Comments: [2004-05-21 03:43:50] dave at faf dot co dot nz Description: When i use an include/require to load a success page ( in this case, the list the "add" was called from ) the session variables are not present. I have session_start() on each page, and if i call the pages directly ( from a menu ) the sessions remain. This happends every time i do this. I dont know if its a bug, but i have to control over the webserver as its a web hosting plan. Reproduce code: --- http://bugs.php.net/?id=28465&edit=1
#28465 [NEW]: Session variables not being kept with include_once()
From: dave at faf dot co dot nz Operating system: linux PHP version: 4.3.4 PHP Bug Type: Session related Bug description: Session variables not being kept with include_once() Description: When i use an include/require to load a success page ( in this case, the list the "add" was called from ) the session variables are not present. I have session_start() on each page, and if i call the pages directly ( from a menu ) the sessions remain. This happends every time i do this. I dont know if its a bug, but i have to control over the webserver as its a web hosting plan. Reproduce code: --- http://bugs.php.net/?id=28465&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28465&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28465&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28465&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28465&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28465&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28465&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28465&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28465&r=support Expected behavior: http://bugs.php.net/fix.php?id=28465&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28465&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28465&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28465&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28465&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28465&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28465&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28465&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28465&r=float
#28378 [NoF->Opn]: Apache.exe Application error cause by php
ID: 28378
User updated by: Kattana_ at hotmail dot com
Reported By: Kattana_ at hotmail dot com
-Status: No Feedback
+Status: Open
Bug Type: Apache2 related
Operating System: Windows XP Pro SP1
PHP Version: 5.0.0RC2
New Comment:
It means the directive zend.ze1_compatibility_mode = On.
Previous Comments:
[2004-05-21 01:00:03] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
[2004-05-13 09:14:06] [EMAIL PROTECTED]
What does "PHP 4 compatibility is enabled" mean?
[2004-05-12 22:12:55] Kattana_ at hotmail dot com
Description:
I am running php5rc2 and apache 2.0.49 on winXP sp1. php4 compatability
is enabled.
When running the following piece of code i got Application error from
apache.exe. the error text is "The instruction at "0x0068d6ff"
referenced memory at 0x. The memory could not be "read"."
The line causeing the error is:
$this->documentElement->appendChild($element);
Reproduce code:
---
class Authors extends DomDocument {
function __construct() {
//has to be called!
parent::__construct();
}
function addAuthor($name,$password,$group) {
$item = $this->createElement('author');
$attr = $item->setAttribute('name',$name);
$attr = $item->setAttribute('password',md5($password));
if($group=='none'){
$this->documentElement->appendChild($item);
}else{
foreach($this->documentElement->childNodes as $element){
if($element->nodeName == 'group' &&
$element->getAttribute('name') == $group){
$element->appendChild($item);
$this->documentElement->appendChild($element);
}
}
}
}
}
Expected result:
Unknown
The line:
$element->appendChild($item);
wasnt appending the child so i was testing some quick hacks to see what
would work.
Actual result:
--
PHP crash and no output.
--
Edit this bug report at http://bugs.php.net/?id=28378&edit=1
#28464 [NEW]: catch() does not catch exceptions by interfaces
From: d at koteroff dot ru Operating system: * PHP version: 5CVS-2004-05-21 (dev) PHP Bug Type: Zend Engine 2 problem Bug description: catch() does not catch exceptions by interfaces Description: Seems PHP does not support exception catching by parent interface (not by parent classes). Why? This is a very powerful method to classify exceptions in programs. Documentation says that while comparing type in catch block 'instanceof' operator is used, but following test shows that it is wrong. I found corresponding code in the source, zend_execute.c:2866, and it searches for parent classes only. Why not use instanceof_function? Do you have any perspectives about this problem? Can I wrote in my book that PHP will support "interface catching" in the future? Reproduce code: --- Expected result: prints exception data Actual result: -- Fatal error: Uncaught exception -- Edit bug report at http://bugs.php.net/?id=28464&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28464&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28464&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28464&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28464&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28464&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28464&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28464&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28464&r=support Expected behavior: http://bugs.php.net/fix.php?id=28464&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28464&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28464&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28464&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28464&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28464&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28464&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28464&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28464&r=float
#28461 [Opn->Fbk]: segmentation fault when using backreferences on a long string
ID: 28461
Updated by: [EMAIL PROTECTED]
Reported By: xanthor at xanthor dot tk
-Status: Open
+Status: Feedback
Bug Type: PCRE related
Operating System: Linux, WindowsXP©
PHP Version: 4.3.6
New Comment:
Please try using this CVS snapshot:
http://snaps.php.net/php4-STABLE-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
Previous Comments:
[2004-05-20 22:15:47] xanthor at xanthor dot tk
Description:
This line crash PHP with a segmentation fault.
It use a 3-chars-long back reference, on a 2236+3 chars-long string
If the back references is only 2 chars long, it's ok.
If the long string is less that 2236+3 chars, it's ok too...
Reproduce code:
---
preg_match("/(((?http://bugs.php.net/?id=28461&edit=1
#28285 [Fbk->NoF]: php_mysql.dll unclear on module installation
ID: 28285 Updated by: [EMAIL PROTECTED] Reported By: pburden98 at yahoo dot com -Status: Feedback +Status: No Feedback Bug Type: *Configuration Issues Operating System: windows 98 2nd Edition PHP Version: 5.0.0RC2 New Comment: No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". Previous Comments: [2004-05-13 19:29:13] [EMAIL PROTECTED] Please try these simplified instructions (and don't copy any files anywhere except for php.ini). 1. Unpack snap to say c:\php 2. Make sure c:\php is in your system path 3. Adjust apache config accordingly (load c:\php\php5apache.dll directly) This should work. Please remember to remove any remains of old php installs. [2004-05-08 10:28:53] noreply at brutex dot de What I found out, that might be of interest: If you do a correct setup of PHP5.0.0RC2 and then you try to enable php_mysql extension it says to me at loading "Prozedureinsprungpunkt nicht gefunden". Found some google results of similar problems. To me it seems there is an error in libMySQL.dll, however it is the same with php_mysqli.dll. I am using Win2000 with apache. The error occours when I startup apache. [2004-05-05 16:37:35] pburden98 at yahoo dot com Description: Standard installation of php5 works with apache how ever I am trying to enable c:\php\ext\php_mysql.dll Chosen path of installation as follows 1) Installed php5rc2 1.1 unzip into directory c:\php 1.1 copied "c:\php\php-php.ini-dist" to "C:\Program Files\Apache Group\Apache\php.ini" 1.2 edited php.ini 1.2.1 changed line 'extension_dir = "./"' to extension_dir = "c:\php\ext\" 2) Setup Apache with php5rc2 2.1 copied "c:\php\php5ts.dll" to "C:\Program Files\Apache Group\Apache\php5ts.dll" 2.2 added the following lines to "C:\Program Files\Apache Group\Apache\conf\httpd.conf" ---start of new lines added to httpd.conf--- LoadModule php5_module c:/php/php5apache.dll AddModule mod_php5.c AddType application/x-httpd-php .php ---end of new lines added to httpd.conf--- 3) Set up test environment on Apache so I check php5 works 3.1 I set up a "virtualhost 192.168.0.5:8081" on apache ---Start of new lines in httpd.conf--- Listen *:8081 DocumentRoot /phpco/www/ ServerName pjb DirectoryIndex index.html index.htm index.php ---End of new lines in httpd.conf--- 3.2 I set up a file index.php in the directory ---start contents of index.php--- hi from apache ---end contents of index.php--- 3.3 I setup phpinfo.php too 3.4 Restarted the apache. No problems accept for (exec() command not found 'bug in apache'). saw the message "Apache/1.3.29 (Win32) PHP/5.0.0RC2 running..." 4 Tested the PHP5 4.1 Visited the site "http://192.168.0.5:8081/"; ---OUTPUT on mozilla 1.6--- hi from apache hi from php5rc2 ---OUTPUT on mozilla 1.6--- 4.2 Also done a phpinfo.php Out i saw looked fine. 5 Enabled mysql extension 5.1 uncommented line 565 "extension=php_mysql.dll" 6 verified there is no more required dll files to be installed 6.1 I checked the INSTALL notes on any other dll files required for the mysql extension to run [nothin] 6.2 I checked the php.net manuals on dll files to be installed [nothing] 7 Restarted apache 8 Verified it wasnt any dlls required by old distrobution 8.1 I reported the following http://bugs.php.net/bug.php?id=28255 SOFTWARE THAT WORKS === windows98 box -- SOFTWARE USED (sorted by Installed order) 1 Mozilla 1.6 [binary edition] works 2 MySQL server version: 4.0.18 [binary edtion] works 3 Apache/1.3.29 [binary edtion] works 4 php5.0.0rc2 [binary edition] works but with no extensions linux box (stable all works, I have lots projects that work) - PHP Version 4.2.2 [compiled by redhat team version9 386] works Apache httpd-2.0.40-21.9 [compiled by redhat team version9 386] works MySQL server version: 4.0.18-standard [compiled by me] works Expected result: Expected it to run or explain what is missing. Actual result: -- Error reported when loading php5 Start of error PHP Warning: PHP Startup: Unable to load dynamic library '/php/ext/php_mysql.dll' - A device attached to the system is not functioning. in Unknown on line 0 End of error This is unclear. And I wanted to use php5 to connect to my linux box. I dont know what php5 wants for me to use the mysql functions in php. I have done the following to try and fix the problem 1) STFW (Searched the fantastic web) 1.1 Found out it could be a DLL file problem not loaded or not part of the syste
#28378 [Fbk->NoF]: Apache.exe Application error cause by php
ID: 28378
Updated by: [EMAIL PROTECTED]
Reported By: Kattana_ at hotmail dot com
-Status: Feedback
+Status: No Feedback
Bug Type: Apache2 related
Operating System: Windows XP Pro SP1
PHP Version: 5.0.0RC2
New Comment:
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
Previous Comments:
[2004-05-13 09:14:06] [EMAIL PROTECTED]
What does "PHP 4 compatibility is enabled" mean?
[2004-05-12 22:12:55] Kattana_ at hotmail dot com
Description:
I am running php5rc2 and apache 2.0.49 on winXP sp1. php4 compatability
is enabled.
When running the following piece of code i got Application error from
apache.exe. the error text is "The instruction at "0x0068d6ff"
referenced memory at 0x. The memory could not be "read"."
The line causeing the error is:
$this->documentElement->appendChild($element);
Reproduce code:
---
class Authors extends DomDocument {
function __construct() {
//has to be called!
parent::__construct();
}
function addAuthor($name,$password,$group) {
$item = $this->createElement('author');
$attr = $item->setAttribute('name',$name);
$attr = $item->setAttribute('password',md5($password));
if($group=='none'){
$this->documentElement->appendChild($item);
}else{
foreach($this->documentElement->childNodes as $element){
if($element->nodeName == 'group' &&
$element->getAttribute('name') == $group){
$element->appendChild($item);
$this->documentElement->appendChild($element);
}
}
}
}
}
Expected result:
Unknown
The line:
$element->appendChild($item);
wasnt appending the child so i was testing some quick hacks to see what
would work.
Actual result:
--
PHP crash and no output.
--
Edit this bug report at http://bugs.php.net/?id=28378&edit=1
#28460 [Com]: zlib_output_compression On keepalive connections linger
ID: 28460 Comment by: scottmacvicar at ntlworld dot com Reported By: pixl at 7pt dot net Status: Open Bug Type: Zlib Related Operating System: Linux, Redhat, 2.4.21-9.0.3.ELs PHP Version: 4.3.6 New Comment: Does the same problem occur with apache 1? Previous Comments: [2004-05-20 21:09:45] pixl at 7pt dot net Description: PHP 4.3.6 Apache 2 (prefork) When using zlib_output_compression = On, with vBulletin Version 3.0.0 Internet Explorer and Mozilla Firefox does not show that the page has completed loading, until the keepalive timer expires (15 seconds in my config). Doing test with ethereal I see this. with apachebench it works correcly ab -n 2 -k -H "Accept-Encoding: gzip" http://forums.anabolicreview.com/ after the html is pulled the client sends a [FIN] packet and the server terminates the connection. with Mozilla FireFox .8, the client pulls the page and images in about .2 seconds, then sits in globe spinning mode (little animation goes in the corner) for 15 seconds. At 15 seconds the server sends a [FIN-ACK] packet the connection is closed and the client is no longer connected. Internet Explorer 6 does exactly the same as mozilla. This only occurs with zlib_output_compression =on, with zlib_output_compression = off OR the obgzhandler settings on this does not occur. Most of the problem I have is a human one, users see that the animation in there browser is still going for 15 seconds and make complaints that the message board is going slow even when the page has loaded in under a second. I have currenly turned zlib-compression off, and enabled gzip compression in vbulletins settings (im assuming using ob_gzhandler in the php) and compression is working fine, I've just read in enough documentation that zlib_output_compression is the recommended way to run php. If you need certian detailed information please ask, I'll reneable zilb on the server and reproduce the problem. Thank You, Peter apache2 configuration CFLAGS="-O2 -mcpu=pentium4 -march=pentium4"; export CFLAGS "./configure" \ "--prefix=/usr/local/apache" \ "--enable-shared=max" \ "$@" php 4.3.6 configuration './configure' '--with-apxs2=/usr/local/httpd/bin/apxs' '--with-config-file-path=/usr/local/httpd' '--disable-debug' '--disable-ipv6' '--disable-display-source' '--disable-cgi' '--with-zlib' '--with-gettext' '--with-bz2' '--with-gd' '--enable-gd-native-ttf' '--enable-memory-limit' '--enable-sysvshm' '--enable-sysvsem' '--enable-sysvmsg' '--enable-shared' '--with-freetype-dir=/usr' '--with-mysql=/usr' '--with-tiff-dir=/usr' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' -- Edit this bug report at http://bugs.php.net/?id=28460&edit=1
#28463 [NEW]: Configuration broken under AMD64 for some options
From: zerokode at gmx dot net Operating system: Linux SuSE 9.1 / 64 PHP version: 4.3.6 PHP Bug Type: *Configuration Issues Bug description: Configuration broken under AMD64 for some options Description: There is a bug in the PHP configuraton system under AMD64... As most of the libraries are configured to be placed in lib64/ directory, the PHP won't check the lib64/ directory, but only the lib/ ones... -- Edit bug report at http://bugs.php.net/?id=28463&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28463&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28463&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28463&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28463&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28463&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28463&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28463&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28463&r=support Expected behavior: http://bugs.php.net/fix.php?id=28463&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28463&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28463&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28463&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28463&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28463&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28463&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28463&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28463&r=float
#28463 [Opn]: Configuration broken under AMD64 for some options
ID: 28463 User updated by: zerokode at gmx dot net Reported By: zerokode at gmx dot net Status: Open Bug Type: *Configuration Issues Operating System: Linux SuSE 9.1 / 64 PHP Version: 4.3.6 New Comment: This usually breaks, when used --with-gd Previous Comments: [2004-05-20 23:23:39] zerokode at gmx dot net Description: There is a bug in the PHP configuraton system under AMD64... As most of the libraries are configured to be placed in lib64/ directory, the PHP won't check the lib64/ directory, but only the lib/ ones... -- Edit this bug report at http://bugs.php.net/?id=28463&edit=1
#28462 [NEW]: Cast array to properties of custom objects
From: bart at mediawave dot nl Operating system: Irrelevant PHP version: 5.0.0RC2 PHP Bug Type: Feature/Change Request Bug description: Cast array to properties of custom objects Description: A lot of functions in PHP return arrays in stead of objects. Of course it's possible to simply cast the return value to an object like: $urlObject = (object) parse_url($url); But then I would get an instance of the stdClass. I can imagine situations where people would like to cast arrays into properties of their own custom objects. Maybe something like: cast_array2object($array, $someCustomObject); or something like: $this .= (object) parse_url($url); -- Edit bug report at http://bugs.php.net/?id=28462&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28462&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28462&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28462&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28462&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28462&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28462&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28462&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28462&r=support Expected behavior: http://bugs.php.net/fix.php?id=28462&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28462&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28462&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28462&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28462&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28462&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28462&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28462&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28462&r=float
#28461 [NEW]: segmentation fault when using backreferences on a long string
From: xanthor at xanthor dot tk
Operating system: Linux, WindowsXP©
PHP version: 4.3.6
PHP Bug Type: PCRE related
Bug description: segmentation fault when using backreferences on a long string
Description:
This line crash PHP with a segmentation fault.
It use a 3-chars-long back reference, on a 2236+3 chars-long string
If the back references is only 2 chars long, it's ok.
If the long string is less that 2236+3 chars, it's ok too...
Reproduce code:
---
preg_match("/(((?http://bugs.php.net/?id=28461&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28461&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28461&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=28461&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=28461&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=28461&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=28461&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=28461&r=oldversion
Not developer issue:http://bugs.php.net/fix.php?id=28461&r=support
Expected behavior: http://bugs.php.net/fix.php?id=28461&r=notwrong
Not enough info:http://bugs.php.net/fix.php?id=28461&r=notenoughinfo
Submitted twice:http://bugs.php.net/fix.php?id=28461&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=28461&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28461&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=28461&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=28461&r=isapi
Install GNU Sed:http://bugs.php.net/fix.php?id=28461&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=28461&r=float
#28457 [WFx]: PHP should be able to check certain conditions before invoking the script
ID: 28457 User updated by: floeff at arcor dot de Reported By: floeff at arcor dot de Status: Wont fix Bug Type: Feature/Change Request Operating System: Linux PHP Version: 4.3.6 New Comment: Having mod_php can be a security risk, too. Previous Comments: [2004-05-20 20:42:43] [EMAIL PROTECTED] Having a windows box on the internet is a security risk too, and people still do it even if they are warned. [2004-05-20 19:47:03] floeff at arcor dot de You should at least provide some tips for stopping these problems, as I consider this a security risk. [2004-05-20 18:55:03] [EMAIL PROTECTED] This is not something that PHP should implement, as it's not PHPs job to make sure your system "doesn't overload". It's an operating systems feature, or at most done by the webserver. [2004-05-20 17:14:22] floeff at arcor dot de Description: PHP should be able to check certain conditions before invoking the script. I would like to be able to check - number of already running PHP(-as-CGI) instances - load average of the system If some user-definable values are exceed, PHP should NOT invoke the required script, but instead printing out a "System overload, please try again later" message. -- Edit this bug report at http://bugs.php.net/?id=28457&edit=1
#28458 [Com]: Problem storing objects in Session
ID: 28458
Comment by: dharana at dharana dot net
Reported By: chrispeery at cox dot net
Status: Open
Bug Type: Session related
Operating System: Red Hat Linux 2.4.9-e.12
PHP Version: 5.0.0RC2
New Comment:
This is intended behaviour. Objects are passed by reference by default
in php 5.
Previous Comments:
[2004-05-20 19:09:21] chrispeery at cox dot net
Description:
The problem occurs when you store an object into the
session and then try and create a local copy of that
object. In PHP version 4.3.4 when you create the local
copy of the object and modify it the object in the
session does not change. However with PHP 5.0.0RC2
when you modify the local copy of the object it will
also modify the object that is stored in the session.
Is this the desired behavior for the newer version.
Also one more thing to point out, if your working with
any other datatype like array or strings stored in the
session this does not happen.
Reproduce code:
---
TEST SESSION WITH OBJECT");
$my_object = (object) array('value_one'=>'1');
$_SESSION['TEST_OBJECT'] = $my_object;
$local_object_copy = $_SESSION['TEST_OBJECT'];
echo("SESSION BEFORE:");
var_dump($_SESSION['TEST_OBJECT']);
echo("");
echo("LOCAL COPY BEFORE:");
var_dump($local_object_copy);
echo("");
$local_object_copy->value_one = '2';
echo("SESSION AFTER:");
var_dump($_SESSION['TEST_OBJECT']);
echo("");
echo("LOCAL COPY AFTER:");
var_dump($local_object_copy);
?>
Expected result:
I would expect for the local copy of the object to be
modified and the object stored in the Session not to be
modified. Unless of course I explicity set my local
variable like so ($local_object_copy =&
$_SESSION['TEST_OBJECT'];)
Actual result:
--
The actual result is that the object stored in the
session has the exact same value as the local copy I
created.
--
Edit this bug report at http://bugs.php.net/?id=28458&edit=1
#28460 [NEW]: zlib_output_compression On keepalive connections linger
From: pixl at 7pt dot net Operating system: Linux, Redhat, 2.4.21-9.0.3.ELs PHP version: 4.3.6 PHP Bug Type: Zlib Related Bug description: zlib_output_compression On keepalive connections linger Description: PHP 4.3.6 Apache 2 (prefork) When using zlib_output_compression = On, with vBulletin Version 3.0.0 Internet Explorer and Mozilla Firefox does not show that the page has completed loading, until the keepalive timer expires (15 seconds in my config). Doing test with ethereal I see this. with apachebench it works correcly ab -n 2 -k -H "Accept-Encoding: gzip" http://forums.anabolicreview.com/ after the html is pulled the client sends a [FIN] packet and the server terminates the connection. with Mozilla FireFox .8, the client pulls the page and images in about .2 seconds, then sits in globe spinning mode (little animation goes in the corner) for 15 seconds. At 15 seconds the server sends a [FIN-ACK] packet the connection is closed and the client is no longer connected. Internet Explorer 6 does exactly the same as mozilla. This only occurs with zlib_output_compression =on, with zlib_output_compression = off OR the obgzhandler settings on this does not occur. Most of the problem I have is a human one, users see that the animation in there browser is still going for 15 seconds and make complaints that the message board is going slow even when the page has loaded in under a second. I have currenly turned zlib-compression off, and enabled gzip compression in vbulletins settings (im assuming using ob_gzhandler in the php) and compression is working fine, I've just read in enough documentation that zlib_output_compression is the recommended way to run php. If you need certian detailed information please ask, I'll reneable zilb on the server and reproduce the problem. Thank You, Peter apache2 configuration CFLAGS="-O2 -mcpu=pentium4 -march=pentium4"; export CFLAGS "./configure" \ "--prefix=/usr/local/apache" \ "--enable-shared=max" \ "$@" php 4.3.6 configuration './configure' '--with-apxs2=/usr/local/httpd/bin/apxs' '--with-config-file-path=/usr/local/httpd' '--disable-debug' '--disable-ipv6' '--disable-display-source' '--disable-cgi' '--with-zlib' '--with-gettext' '--with-bz2' '--with-gd' '--enable-gd-native-ttf' '--enable-memory-limit' '--enable-sysvshm' '--enable-sysvsem' '--enable-sysvmsg' '--enable-shared' '--with-freetype-dir=/usr' '--with-mysql=/usr' '--with-tiff-dir=/usr' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' -- Edit bug report at http://bugs.php.net/?id=28460&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28460&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28460&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28460&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28460&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28460&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28460&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28460&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28460&r=support Expected behavior: http://bugs.php.net/fix.php?id=28460&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28460&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28460&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28460&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28460&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28460&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28460&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28460&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28460&r=float
#28457 [WFx]: PHP should be able to check certain conditions before invoking the script
ID: 28457 Updated by: [EMAIL PROTECTED] Reported By: floeff at arcor dot de Status: Wont fix Bug Type: Feature/Change Request Operating System: Linux PHP Version: 4.3.6 New Comment: Having a windows box on the internet is a security risk too, and people still do it even if they are warned. Previous Comments: [2004-05-20 19:47:03] floeff at arcor dot de You should at least provide some tips for stopping these problems, as I consider this a security risk. [2004-05-20 18:55:03] [EMAIL PROTECTED] This is not something that PHP should implement, as it's not PHPs job to make sure your system "doesn't overload". It's an operating systems feature, or at most done by the webserver. [2004-05-20 17:14:22] floeff at arcor dot de Description: PHP should be able to check certain conditions before invoking the script. I would like to be able to check - number of already running PHP(-as-CGI) instances - load average of the system If some user-definable values are exceed, PHP should NOT invoke the required script, but instead printing out a "System overload, please try again later" message. -- Edit this bug report at http://bugs.php.net/?id=28457&edit=1
#28459 [NEW]: Documentation and Object/class problem
From: alpzrjvr at hotmail dot com
Operating system: Slackware 9.0
PHP version: 4.3.6
PHP Bug Type: Class/Object related
Bug description: Documentation and Object/class problem
Description:
http://cr2.php.net/language.oop.constructor
PHP manual says:
In PHP 3, the function B() in class A will suddenly become a constructor
in class B, although it was never intended to be. The rule in PHP 3 is: 'A
constructor is a function of the same name as the class.'. PHP 3 does not
care if the function is being defined in class B, or if it has been
inherited.
This is fixed in PHP 4 by modifying the rule to: 'A constructor is a
function of the same name as the class it is being defined in.'. Thus in
PHP 4, the class B would have no constructor function of its own and the
constructor of the base class would have been called, printing 'I am the
constructor of A.'.
But, I test the script in diferent PHP's versions and the result was:
"I am a regular function named B in class A.
I am not a constructor in A." ... with PHP 4.x.x .
Reproduce code:
---
\n";
}
function B()
{
echo "I am a regular function named B in class A.\n";
echo "I am not a constructor in A.\n";
}
}
class B extends A
{
function C()
{
echo "I am a regular function.\n";
}
}
$b = new B();
or
$b = new B; (also works)
?>
Expected result:
I am the constructor of A.
Actual result:
--
I am a regular function named B in class A.
I am not a constructor in A.
--
Edit bug report at http://bugs.php.net/?id=28459&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28459&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28459&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=28459&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=28459&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=28459&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=28459&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=28459&r=oldversion
Not developer issue:http://bugs.php.net/fix.php?id=28459&r=support
Expected behavior: http://bugs.php.net/fix.php?id=28459&r=notwrong
Not enough info:http://bugs.php.net/fix.php?id=28459&r=notenoughinfo
Submitted twice:http://bugs.php.net/fix.php?id=28459&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=28459&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28459&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=28459&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=28459&r=isapi
Install GNU Sed:http://bugs.php.net/fix.php?id=28459&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=28459&r=float
#28457 [WFx]: PHP should be able to check certain conditions before invoking the script
ID: 28457 User updated by: floeff at arcor dot de Reported By: floeff at arcor dot de Status: Wont fix Bug Type: Feature/Change Request Operating System: Linux PHP Version: 4.3.6 New Comment: You should at least provide some tips for stopping these problems, as I consider this a security risk. Previous Comments: [2004-05-20 18:55:03] [EMAIL PROTECTED] This is not something that PHP should implement, as it's not PHPs job to make sure your system "doesn't overload". It's an operating systems feature, or at most done by the webserver. [2004-05-20 17:14:22] floeff at arcor dot de Description: PHP should be able to check certain conditions before invoking the script. I would like to be able to check - number of already running PHP(-as-CGI) instances - load average of the system If some user-definable values are exceed, PHP should NOT invoke the required script, but instead printing out a "System overload, please try again later" message. -- Edit this bug report at http://bugs.php.net/?id=28457&edit=1
#28458 [NEW]: Problem storing objects in Session
From: chrispeery at cox dot net
Operating system: Red Hat Linux 2.4.9-e.12
PHP version: 5.0.0RC2
PHP Bug Type: Session related
Bug description: Problem storing objects in Session
Description:
The problem occurs when you store an object into the
session and then try and create a local copy of that
object. In PHP version 4.3.4 when you create the local
copy of the object and modify it the object in the
session does not change. However with PHP 5.0.0RC2
when you modify the local copy of the object it will
also modify the object that is stored in the session.
Is this the desired behavior for the newer version.
Also one more thing to point out, if your working with
any other datatype like array or strings stored in the
session this does not happen.
Reproduce code:
---
TEST SESSION WITH OBJECT");
$my_object = (object) array('value_one'=>'1');
$_SESSION['TEST_OBJECT'] = $my_object;
$local_object_copy = $_SESSION['TEST_OBJECT'];
echo("SESSION BEFORE:");
var_dump($_SESSION['TEST_OBJECT']);
echo("");
echo("LOCAL COPY BEFORE:");
var_dump($local_object_copy);
echo("");
$local_object_copy->value_one = '2';
echo("SESSION AFTER:");
var_dump($_SESSION['TEST_OBJECT']);
echo("");
echo("LOCAL COPY AFTER:");
var_dump($local_object_copy);
?>
Expected result:
I would expect for the local copy of the object to be
modified and the object stored in the Session not to be
modified. Unless of course I explicity set my local
variable like so ($local_object_copy =&
$_SESSION['TEST_OBJECT'];)
Actual result:
--
The actual result is that the object stored in the
session has the exact same value as the local copy I
created.
--
Edit bug report at http://bugs.php.net/?id=28458&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28458&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28458&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=28458&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=28458&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=28458&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=28458&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=28458&r=oldversion
Not developer issue:http://bugs.php.net/fix.php?id=28458&r=support
Expected behavior: http://bugs.php.net/fix.php?id=28458&r=notwrong
Not enough info:http://bugs.php.net/fix.php?id=28458&r=notenoughinfo
Submitted twice:http://bugs.php.net/fix.php?id=28458&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=28458&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28458&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=28458&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=28458&r=isapi
Install GNU Sed:http://bugs.php.net/fix.php?id=28458&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=28458&r=float
#28457 [Opn->WFx]: PHP should be able to check certain conditions before invoking the script
ID: 28457 Updated by: [EMAIL PROTECTED] Reported By: floeff at arcor dot de -Status: Open +Status: Wont fix Bug Type: Feature/Change Request Operating System: Linux PHP Version: 4.3.6 New Comment: This is not something that PHP should implement, as it's not PHPs job to make sure your system "doesn't overload". It's an operating systems feature, or at most done by the webserver. Previous Comments: [2004-05-20 17:14:22] floeff at arcor dot de Description: PHP should be able to check certain conditions before invoking the script. I would like to be able to check - number of already running PHP(-as-CGI) instances - load average of the system If some user-definable values are exceed, PHP should NOT invoke the required script, but instead printing out a "System overload, please try again later" message. -- Edit this bug report at http://bugs.php.net/?id=28457&edit=1
#28456 [Opn->Bgs]: upload php vulnerability
ID: 28456
User updated by: overflow at neuf dot fr
Reported By: overflow at neuf dot fr
-Status: Open
+Status: Bogus
Bug Type:Unknown/Other Function
PHP Version: 4.3.4
New Comment:
$_FILES['userfile']['type'] can be fake by the client with raw http :
Content-Type: text/plain
Previous Comments:
[2004-05-20 17:49:38] mail at young dot org dot ua
Oh, yes.
I have try to analyze this question, and got following result:
If Post data looks like this:
Content-Disposition: form-data; name="userfile";
filename="../test.html"
Variable $_FILES['userfile']['name'] initializes with value
"../test.html"
And one more example code taken from PHP manual:
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
{
Trying to copy file into '/var/www/uploads/../test.html
And in opinien this situation potential dangerous.
[2004-05-20 17:03:17] overflow at neuf dot fr
Description:
upload php vulnerability for $_FILES['userfile']['name'] can contain
string "../" if the name start with a "." with a fake raw http :
Content-Disposition: form-data; name="userfile";
filename="../../../test.html"
Reproduce code:
---
http://slythers.tcpteam.org/uploadphpvuln.txt
Expected result:
security vulnerability in upload script
--
Edit this bug report at http://bugs.php.net/?id=28456&edit=1
#28456 [Com]: upload php vulnerability
ID: 28456
Comment by: mail at young dot org dot ua
Reported By: overflow at neuf dot fr
Status: Open
Bug Type:Unknown/Other Function
PHP Version: 4.3.4
New Comment:
Oh, yes.
I have try to analyze this question, and got following result:
If Post data looks like this:
Content-Disposition: form-data; name="userfile";
filename="../test.html"
Variable $_FILES['userfile']['name'] initializes with value
"../test.html"
And one more example code taken from PHP manual:
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
{
Trying to copy file into '/var/www/uploads/../test.html
And in opinien this situation potential dangerous.
Previous Comments:
[2004-05-20 17:03:17] overflow at neuf dot fr
Description:
upload php vulnerability for $_FILES['userfile']['name'] can contain
string "../" if the name start with a "." with a fake raw http :
Content-Disposition: form-data; name="userfile";
filename="../../../test.html"
Reproduce code:
---
http://slythers.tcpteam.org/uploadphpvuln.txt
Expected result:
security vulnerability in upload script
--
Edit this bug report at http://bugs.php.net/?id=28456&edit=1
#28457 [NEW]: PHP should be able to check certain conditions before invoking the script
From: floeff at arcor dot de Operating system: Linux PHP version: 4.3.6 PHP Bug Type: Feature/Change Request Bug description: PHP should be able to check certain conditions before invoking the script Description: PHP should be able to check certain conditions before invoking the script. I would like to be able to check - number of already running PHP(-as-CGI) instances - load average of the system If some user-definable values are exceed, PHP should NOT invoke the required script, but instead printing out a "System overload, please try again later" message. -- Edit bug report at http://bugs.php.net/?id=28457&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28457&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28457&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28457&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28457&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28457&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28457&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28457&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28457&r=support Expected behavior: http://bugs.php.net/fix.php?id=28457&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28457&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28457&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28457&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28457&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28457&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28457&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28457&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28457&r=float
#28456 [NEW]: upload php vulnerability
From: overflow at neuf dot fr Operating system: PHP version: 4.3.4 PHP Bug Type: Unknown/Other Function Bug description: upload php vulnerability Description: upload php vulnerability for $_FILES['userfile']['name'] can contain string "../" if the name start with a "." with a fake raw http : Content-Disposition: form-data; name="userfile"; filename="../../../test.html" Reproduce code: --- http://slythers.tcpteam.org/uploadphpvuln.txt Expected result: security vulnerability in upload script -- Edit bug report at http://bugs.php.net/?id=28456&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28456&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28456&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28456&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28456&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28456&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28456&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28456&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28456&r=support Expected behavior: http://bugs.php.net/fix.php?id=28456&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28456&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28456&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28456&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28456&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28456&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28456&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28456&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28456&r=float
#28455 [Opn->Bgs]: java.lang.OutOfMemoryError
ID: 28455 Updated by: [EMAIL PROTECTED] Reported By: nelsongomes dot novabase at millenniumbcp dot pt -Status: Open +Status: Bogus Bug Type: Java related Operating System: Windows 2000 PHP Version: 4.3.4 New Comment: Sorry, but your problem does not imply a bug in PHP itself. For a list of more appropriate places to ask for help using PHP, please visit http://www.php.net/support.php as this bug system is not the appropriate forum for asking support questions. Thank you for your interest in PHP. . Previous Comments: [2004-05-20 13:47:01] nelsongomes dot novabase at millenniumbcp dot pt Description: I'm using jvm.dll under IIS, and the system memory is fine. The problem is the limits of the JVM memory size. How can I change the memory limits on the JVM? -- Edit this bug report at http://bugs.php.net/?id=28455&edit=1
#28454 [Bgs]: cannot set sendmail_path in httpd.conf
ID: 28454 User updated by: bugs dot php dot net at phoenixdigital dot com Reported By: bugs dot php dot net at phoenixdigital dot com Status: Bogus Bug Type: *Configuration Issues Operating System: Freebsd 4.9 Stable PHP Version: 4.3.4 New Comment: I have posted an entry in the online php manual for this problem incase others come across it. Previous Comments: [2004-05-20 13:36:53] bugs dot php dot net at phoenixdigital dot com Thankyou :) I thought that you could only set ini variables with this php_value sendmail_path "/usr/sbin/sendmail -t -i -f [EMAIL PROTECTED]" I did not know about this one. php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f [EMAIL PROTECTED]" It works perfectly. Sorry for submitting a bug but I found nothing in any newsgroup/google/mailing list regarding this problem and assumed it was bug. Thanks for a great product people :) [2004-05-20 13:21:47] [EMAIL PROTECTED] php_admin_value sendmail_path "blah" works just fine. [2004-05-20 12:45:59] bugs dot php dot net at phoenixdigital dot com Actually come to think of it I have moved this back into the config issues as a bug because you thought I was talking about a .htaccess file. It is fair enough that you limit the modification of sendmail_path in a .htaccess file. However as the manual states you CAN modify this in the httpd.conf which is where we are trying to modify it. Since htttp.conf files are generally only controlled by administrators then this is not a security issue. [2004-05-20 12:44:19] [EMAIL PROTECTED] It can be set in httpd.conf, just not in a virtual host setting. [2004-05-20 12:35:35] bugs dot php dot net at phoenixdigital dot com Also you said I can't set in in .htaccess I am not being picky but I did state that I am trying to set it in the httpd.conf which is completely different. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/28454 -- Edit this bug report at http://bugs.php.net/?id=28454&edit=1
#28455 [NEW]: java.lang.OutOfMemoryError
From: nelsongomes dot novabase at millenniumbcp dot pt Operating system: Windows 2000 PHP version: 4.3.4 PHP Bug Type: Java related Bug description: java.lang.OutOfMemoryError Description: I'm using jvm.dll under IIS, and the system memory is fine. The problem is the limits of the JVM memory size. How can I change the memory limits on the JVM? -- Edit bug report at http://bugs.php.net/?id=28455&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28455&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28455&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28455&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28455&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28455&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28455&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28455&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28455&r=support Expected behavior: http://bugs.php.net/fix.php?id=28455&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28455&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28455&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28455&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28455&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28455&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28455&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28455&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28455&r=float
#28454 [Bgs]: cannot set sendmail_path in httpd.conf
ID: 28454 User updated by: bugs dot php dot net at phoenixdigital dot com Reported By: bugs dot php dot net at phoenixdigital dot com Status: Bogus Bug Type: *Configuration Issues Operating System: Freebsd 4.9 Stable PHP Version: 4.3.4 New Comment: Thankyou :) I thought that you could only set ini variables with this php_value sendmail_path "/usr/sbin/sendmail -t -i -f [EMAIL PROTECTED]" I did not know about this one. php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f [EMAIL PROTECTED]" It works perfectly. Sorry for submitting a bug but I found nothing in any newsgroup/google/mailing list regarding this problem and assumed it was bug. Thanks for a great product people :) Previous Comments: [2004-05-20 13:21:47] [EMAIL PROTECTED] php_admin_value sendmail_path "blah" works just fine. [2004-05-20 12:45:59] bugs dot php dot net at phoenixdigital dot com Actually come to think of it I have moved this back into the config issues as a bug because you thought I was talking about a .htaccess file. It is fair enough that you limit the modification of sendmail_path in a .htaccess file. However as the manual states you CAN modify this in the httpd.conf which is where we are trying to modify it. Since htttp.conf files are generally only controlled by administrators then this is not a security issue. [2004-05-20 12:44:19] [EMAIL PROTECTED] It can be set in httpd.conf, just not in a virtual host setting. [2004-05-20 12:35:35] bugs dot php dot net at phoenixdigital dot com Also you said I can't set in in .htaccess I am not being picky but I did state that I am trying to set it in the httpd.conf which is completely different. [2004-05-20 12:33:27] bugs dot php dot net at phoenixdigital dot com Then this is a documentation issue because on this page http://au.php.net/ini_set sendmail_path DEFAULT_SENDMAIL_PATH PHP_INI_SYSTEM where PHP_INI_SYSTEM 4 Entry can be set in php.ini or httpd.conf It claims you CAN set it in a httpd.conf NOT The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/28454 -- Edit this bug report at http://bugs.php.net/?id=28454&edit=1
#28454 [Opn->Bgs]: cannot set sendmail_path in httpd.conf
ID: 28454
Updated by: [EMAIL PROTECTED]
Reported By: bugs dot php dot net at phoenixdigital dot com
-Status: Open
+Status: Bogus
Bug Type: *Configuration Issues
Operating System: Freebsd 4.9 Stable
PHP Version: 4.3.4
New Comment:
php_admin_value sendmail_path "blah"
works just fine.
Previous Comments:
[2004-05-20 12:45:59] bugs dot php dot net at phoenixdigital dot com
Actually come to think of it I have moved this back into the config
issues as a bug because you thought I was talking about a .htaccess
file.
It is fair enough that you limit the modification of sendmail_path in a
.htaccess file.
However as the manual states you CAN modify this in the httpd.conf
which is where we are trying to modify it. Since htttp.conf files are
generally only controlled by administrators then this is not a security
issue.
[2004-05-20 12:44:19] [EMAIL PROTECTED]
It can be set in httpd.conf, just not in a virtual host setting.
[2004-05-20 12:35:35] bugs dot php dot net at phoenixdigital dot com
Also you said I can't set in in .htaccess I am not being picky but I
did state that I am trying to set it in the httpd.conf which is
completely different.
[2004-05-20 12:33:27] bugs dot php dot net at phoenixdigital dot com
Then this is a documentation issue because on this page
http://au.php.net/ini_set
sendmail_path DEFAULT_SENDMAIL_PATH PHP_INI_SYSTEM
where
PHP_INI_SYSTEM 4 Entry can be set in php.ini or httpd.conf
It claims you CAN set it in a httpd.conf NOT
[2004-05-20 12:26:45] [EMAIL PROTECTED]
This is not a bug, but meant to work like this due to security reasons.
(Ie, we don't want people to be able to configure their own sendmail
path in .htaccess files).
The correct way of doing what you want is to use the php_admin_value
mail.force_extra_parameters setting, which is configurable per vhost..
unfortunately that only works in PHP 5 (dev).
If you are comfortable patching, you can apply the following patch to
php 4.3.6 (it should also apply to 4.3.4):
Index: main/main.c
===
RCS file: /repository/php-src/main/main.c,v
retrieving revision 1.512.2.53
diff -u -p -r1.512.2.53 main.c
--- main/main.c 9 Feb 2004 04:05:56 - 1.512.2.53
+++ main/main.c 20 May 2004 10:26:04 -
@@ -356,7 +356,7 @@ PHP_INI_BEGIN()
#endif
PHP_INI_ENTRY("precision",
"14", PHP_INI_ALL,OnSetPrecision)
PHP_INI_ENTRY("sendmail_from", NULL,
PHP_INI_ALL,NULL)
- PHP_INI_ENTRY("sendmail_path", DEFAULT_SENDMAIL_PATH,
PHP_INI_SYSTEM, NULL)
+ PHP_INI_ENTRY("sendmail_path", DEFAULT_SENDMAIL_PATH,
PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
PHP_INI_ENTRY("disable_functions", "",
PHP_INI_SYSTEM, NULL)
PHP_INI_ENTRY("disable_classes","",
PHP_INI_SYSTEM, NULL)
But make sure to use php_admin_value sendmail_path "your command" so
that it can't be overridden from .htaccess files.
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/28454
--
Edit this bug report at http://bugs.php.net/?id=28454&edit=1
#28454 [Bgs->Opn]: cannot set sendmail_path in httpd.conf
ID: 28454
User updated by: bugs dot php dot net at phoenixdigital dot com
Reported By: bugs dot php dot net at phoenixdigital dot com
-Status: Bogus
+Status: Open
-Bug Type: Documentation problem
+Bug Type: *Configuration Issues
Operating System: Freebsd 4.9 Stable
PHP Version: 4.3.4
New Comment:
Actually come to think of it I have moved this back into the config
issues as a bug because you thought I was talking about a .htaccess
file.
It is fair enough that you limit the modification of sendmail_path in a
.htaccess file.
However as the manual states you CAN modify this in the httpd.conf
which is where we are trying to modify it. Since htttp.conf files are
generally only controlled by administrators then this is not a security
issue.
Previous Comments:
[2004-05-20 12:44:19] [EMAIL PROTECTED]
It can be set in httpd.conf, just not in a virtual host setting.
[2004-05-20 12:35:35] bugs dot php dot net at phoenixdigital dot com
Also you said I can't set in in .htaccess I am not being picky but I
did state that I am trying to set it in the httpd.conf which is
completely different.
[2004-05-20 12:33:27] bugs dot php dot net at phoenixdigital dot com
Then this is a documentation issue because on this page
http://au.php.net/ini_set
sendmail_path DEFAULT_SENDMAIL_PATH PHP_INI_SYSTEM
where
PHP_INI_SYSTEM 4 Entry can be set in php.ini or httpd.conf
It claims you CAN set it in a httpd.conf NOT
[2004-05-20 12:26:45] [EMAIL PROTECTED]
This is not a bug, but meant to work like this due to security reasons.
(Ie, we don't want people to be able to configure their own sendmail
path in .htaccess files).
The correct way of doing what you want is to use the php_admin_value
mail.force_extra_parameters setting, which is configurable per vhost..
unfortunately that only works in PHP 5 (dev).
If you are comfortable patching, you can apply the following patch to
php 4.3.6 (it should also apply to 4.3.4):
Index: main/main.c
===
RCS file: /repository/php-src/main/main.c,v
retrieving revision 1.512.2.53
diff -u -p -r1.512.2.53 main.c
--- main/main.c 9 Feb 2004 04:05:56 - 1.512.2.53
+++ main/main.c 20 May 2004 10:26:04 -
@@ -356,7 +356,7 @@ PHP_INI_BEGIN()
#endif
PHP_INI_ENTRY("precision",
"14", PHP_INI_ALL,OnSetPrecision)
PHP_INI_ENTRY("sendmail_from", NULL,
PHP_INI_ALL,NULL)
- PHP_INI_ENTRY("sendmail_path", DEFAULT_SENDMAIL_PATH,
PHP_INI_SYSTEM, NULL)
+ PHP_INI_ENTRY("sendmail_path", DEFAULT_SENDMAIL_PATH,
PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
PHP_INI_ENTRY("disable_functions", "",
PHP_INI_SYSTEM, NULL)
PHP_INI_ENTRY("disable_classes","",
PHP_INI_SYSTEM, NULL)
But make sure to use php_admin_value sendmail_path "your command" so
that it can't be overridden from .htaccess files.
[2004-05-20 09:08:44] bugs dot php dot net at phoenixdigital dot com
if possible can you please adjust the email address in my bug report to
be a non real domain as I don't want my email to be trawled from this
bug report.
please change it to
php_value sendmail_path '/usr/sbin/sendmail -t -i -f
[EMAIL PROTECTED]'
Thanks
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/28454
--
Edit this bug report at http://bugs.php.net/?id=28454&edit=1
#28454 [Opn->Bgs]: cannot set sendmail_path in httpd.conf
ID: 28454
Updated by: [EMAIL PROTECTED]
Reported By: bugs dot php dot net at phoenixdigital dot com
-Status: Open
+Status: Bogus
Bug Type: *Configuration Issues
Operating System: Freebsd 4.9 Stable
PHP Version: 4.3.4
New Comment:
This is not a bug, but meant to work like this due to security reasons.
(Ie, we don't want people to be able to configure their own sendmail
path in .htaccess files).
The correct way of doing what you want is to use the php_admin_value
mail.force_extra_parameters setting, which is configurable per vhost..
unfortunately that only works in PHP 5 (dev).
If you are comfortable patching, you can apply the following patch to
php 4.3.6 (it should also apply to 4.3.4):
Index: main/main.c
===
RCS file: /repository/php-src/main/main.c,v
retrieving revision 1.512.2.53
diff -u -p -r1.512.2.53 main.c
--- main/main.c 9 Feb 2004 04:05:56 - 1.512.2.53
+++ main/main.c 20 May 2004 10:26:04 -
@@ -356,7 +356,7 @@ PHP_INI_BEGIN()
#endif
PHP_INI_ENTRY("precision",
"14", PHP_INI_ALL,OnSetPrecision)
PHP_INI_ENTRY("sendmail_from", NULL,
PHP_INI_ALL,NULL)
- PHP_INI_ENTRY("sendmail_path", DEFAULT_SENDMAIL_PATH,
PHP_INI_SYSTEM, NULL)
+ PHP_INI_ENTRY("sendmail_path", DEFAULT_SENDMAIL_PATH,
PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL)
PHP_INI_ENTRY("disable_functions", "",
PHP_INI_SYSTEM, NULL)
PHP_INI_ENTRY("disable_classes","",
PHP_INI_SYSTEM, NULL)
But make sure to use php_admin_value sendmail_path "your command" so
that it can't be overridden from .htaccess files.
Previous Comments:
[2004-05-20 09:08:44] bugs dot php dot net at phoenixdigital dot com
if possible can you please adjust the email address in my bug report to
be a non real domain as I don't want my email to be trawled from this
bug report.
please change it to
php_value sendmail_path '/usr/sbin/sendmail -t -i -f
[EMAIL PROTECTED]'
Thanks
[2004-05-20 09:04:22] bugs dot php dot net at phoenixdigital dot com
Description:
Hi,
We are having trouble getting emails sent from php to set the
return-path header in messages. This is important as we host many sites
from our servers and want bounces to go to the hosted sites address
rather than our system address.
adding this line to the virtual host section in the apache conf.
php_value sendmail_path '/usr/sbin/sendmail -t -i -f
[EMAIL PROTECTED]'
then checking the a page with phpinfo() in it the change is not
visible.
We can set this value in the php.ini file perfectly but however we
cannot set it on a site by site basis in the virtual hosts directive.
--
Edit this bug report at http://bugs.php.net/?id=28454&edit=1
#28454 [Opn]: cannot set sendmail_path in httpd.conf
ID: 28454 User updated by: bugs dot php dot net at phoenixdigital dot com Reported By: bugs dot php dot net at phoenixdigital dot com Status: Open Bug Type: *Configuration Issues Operating System: Freebsd 4.9 Stable PHP Version: 4.3.4 New Comment: if possible can you please adjust the email address in my bug report to be a non real domain as I don't want my email to be trawled from this bug report. please change it to php_value sendmail_path '/usr/sbin/sendmail -t -i -f [EMAIL PROTECTED]' Thanks Previous Comments: [2004-05-20 09:04:22] bugs dot php dot net at phoenixdigital dot com Description: Hi, We are having trouble getting emails sent from php to set the return-path header in messages. This is important as we host many sites from our servers and want bounces to go to the hosted sites address rather than our system address. adding this line to the virtual host section in the apache conf. php_value sendmail_path '/usr/sbin/sendmail -t -i -f [EMAIL PROTECTED]' then checking the a page with phpinfo() in it the change is not visible. We can set this value in the php.ini file perfectly but however we cannot set it on a site by site basis in the virtual hosts directive. -- Edit this bug report at http://bugs.php.net/?id=28454&edit=1
#28454 [NEW]: cannot set sendmail_path in httpd.conf
From: bugs dot php dot net at phoenixdigital dot com Operating system: Freebsd 4.9 Stable PHP version: 4.3.4 PHP Bug Type: *Configuration Issues Bug description: cannot set sendmail_path in httpd.conf Description: Hi, We are having trouble getting emails sent from php to set the return-path header in messages. This is important as we host many sites from our servers and want bounces to go to the hosted sites address rather than our system address. adding this line to the virtual host section in the apache conf. php_value sendmail_path '/usr/sbin/sendmail -t -i -f [EMAIL PROTECTED]' then checking the a page with phpinfo() in it the change is not visible. We can set this value in the php.ini file perfectly but however we cannot set it on a site by site basis in the virtual hosts directive. -- Edit bug report at http://bugs.php.net/?id=28454&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28454&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28454&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28454&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28454&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28454&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28454&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28454&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=28454&r=support Expected behavior: http://bugs.php.net/fix.php?id=28454&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=28454&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=28454&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28454&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28454&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28454&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28454&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=28454&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28454&r=float
