[PHP-DEV] HEAD broken on *NIX

/php4/main/php_ini.c:236: MAX_PATH undeclared -- Sebastian Bergmann http://sebastian-bergmann.de/ http://phpOpenTracker.de/ Did I help you? Consider a gift: http://wishlist.sebastian-bergmann.de/ -- PHP Development Mailing List To unsubscribe, vis

[PHP-DEV] [PATCH] apache2filter -- enable compilation

Hi, since from, 20020506 (2.0.37-dev) Removed r->boundary in request_rec. Index: php_functions.c === RCS file: /repository/php4/sapi/apache2filter/php_functions.c,v retrieving revision 1.22 diff -u -r1.22 php_functions.c --- php_fun

[PHP-DEV] [PATCH] xslt sablot backend

Hello, Two problems with sablot support in PHP 4.1.2 (and propably later releases). 1) This patch makes xslt/sablot to work with libsablot >= 0.90 and also makes it incompatible with earlier sablotron releases. This fix might be in HEAD already (at least it seems so), but please include this wi

Re: [PHP-DEV] Re: [PHP-CVS] cvs: php4 /sapi/cgi cgi_main.c /sapi/cliphp_cli.c

On Sat, 11 May 2002, Markus Fischer wrote: > > Someone came up that it may be a use for PECL modules (or any > C extension) which relies on a certain API number. Maybe Stig > can see a use for it? Blame Derick who came up with the idea > (I think ? :-) *hides*. I'm still not buyin

Re: [PHP-DEV] Re: [PHP-CVS] cvs: php4 /sapi/cgi cgi_main.c /sapi/cli php_cli.c

On Sat, May 11, 2002 at 06:43:54AM -0400, Dan Kalowsky wrote : > On Sat, 11 May 2002, Markus Fischer wrote: > > > > Someone came up that it may be a use for PECL modules (or any > > C extension) which relies on a certain API number. Maybe Stig > > can see a use for it? Blame Derick wh

Re: [PHP-DEV] Re: [PHP-CVS] cvs: php4 /sapi/cgi cgi_main.c /sapi/cli php_cli.c

> > A "de facto" standard stating -v is for version information. And please > > PLEASE don't use RPM as a model for software development. > > It is NOT a model for me. It was just the quickest thing I > could find. I've seen numerous apps using switches this way > in the past years, t

[PHP-DEV] Any idea why we have two html_puts()'s?

We currently have two html_puts()'s - the old zend_html_puts(), and a relatively new php_html_puts(). Was there any good reason for adding php_html_puts()? It duplicates the same logic of both zend_html_putc() and zend_html_puts(). Zeev -- PHP Development Mailing List

Re: [PHP-DEV] Re: [PHP-CVS] cvs: php4 /sapi/cgi cgi_main.c /sapi/cli php_cli.c

"php-config" is for displaying information like this without the need for further parsing. Why not just add --zend-module-api --php-module-api and --zend-ext-api flags to php-config outputting the number and nothing else? - Stig On Sat, 2002-05-11 at 04:00, Markus Fischer wrote: > Hi, > >

Re: [PHP-DEV] Re: [PHP-CVS] cvs: php4 /sapi/cgi cgi_main.c /sapi/cli php_cli.c

Hi, that's even better! :) - Markus On Sat, May 11, 2002 at 03:42:00PM +0200, Stig S. Bakken wrote : > "php-config" is for displaying information like this without the need > for further parsing. Why not just add --zend-module-api > --php-module-api and --zend-ext-api flags to php

[PHP-DEV] Safe Mode

In the process of writing an installer in PHP for one of my projects I've come in contact with a number of servers running PHP with safe_mode enabled. As you can probably imagine the installer at first broke completely because of safe_mode restrictions. Despite the restriction I was able to wri

Re: [PHP-DEV] Safe Mode

> If the safe_mode like functionality remains it should simply block all file > system and shell execution code since with it most of that code becomes > useless anyway. It already does this. You can only execute things in the safe_mode_exec_dir. -Rasmus -- PHP Development Mailing List

Re: [PHP-DEV] Safe Mode

> There are numerous ways to bypass it, rely on file system utils if they are in > the path, Won't work. > make the script copy itself and then write stuff as webserver, You always write stuff as web server > install a small script into cgi-bin directory that will do the same thing That's not

[PHP-DEV] On vacation

I'm on vacation until June 16th and will not read any mail until I return. Your mail concerning "Assigned PHP 4 bugs reminder" will be read when I'm back. PS See http://www.venaas.no/whereami/ for my current location. Stig -- PHP Development Mailing List To unsubscribe, v

[PHP-DEV] [PATCH] add PATH_INFO and PATH_TRANSLATED to apache 2 sapi

Diff'ed against the stable 4.2.0 source package. Adds the same behavior as the CGI and ISAPI modules with regard to PATH_INFO and PATH_TRANSLATED variables to the Apache 2 filter interface. If the user does not specifically set the AcceptPathInfo configuration variable to "off", the patch passes

Re: [PHP-DEV] Safe Mode

On May 11, 2002 11:35 am, you wrote: > > There are numerous ways to bypass it, rely on file system utils if they > > are in the path, > > Won't work. > > > make the script copy itself and then write stuff as webserver, > > You always write stuff as web server What is the point of limiting the scr

Re: [PHP-DEV] Safe Mode

> What is the point of limiting the script's write access if it can just bypass > that by making a copy of itself? This merely adds an annoyance step for the > programmer. If user joe makes a copy of his script so it now is owned by nobody, it still doesn't let him read user bob's scripts. > > T

Re: [PHP-DEV] Safe Mode

At 20:17 11/05/2002, Rasmus Lerdorf wrote: > > Ideally every ISP would use it and each virtual host would have such a > > directory. In reality I've set to see a SINGLE ISP that has used that > option. > > In fact I didn't know about it myself until you told me about on IRC. > >Well, it is well d

Re: [PHP-DEV] Safe Mode

Zeev Suraski wrote: > At 20:17 11/05/2002, Rasmus Lerdorf wrote: > >> > Ideally every ISP would use it and each virtual host would have such a >> > directory. In reality I've set to see a SINGLE ISP that has used >> that option. >> > In fact I didn't know about it myself until you told me about

Re: [PHP-DEV] Safe Mode

> > > > That's not really a PHP issue. Many ISP's turn off cgi-bin access so > > > in those cases that won't work. > > > > Cerainly some ISPs do that, but most do offer cgi-bin directories in > > addition to PHP, because many of their customers rely on perl/c etc.. > > scripts that can be run via

Re: [PHP-DEV] Safe Mode

> > Yes, but safe_mode guards against one user getting at another's user's > > data. So again, I fail to see your point here. > > No offence but this bullshit. > > On a system with safe_mode > show_source("/etc/passwd"); > ?> > > Works!! What data did you protect?! None in this case, but that h

Re: [PHP-DEV] Safe Mode

> None in this case, but that has nothing to do with the problem. That is > obviously a bug. Did you submit it? Bug Report #17155 :) >The fact is that the problem cannot be > solved purely by UNIX-level permissions. Things like safe-mode or > open_basedir are needed. > > And the ISP that is on

Re: [PHP-DEV] Safe Mode

> Heh, I am certain that most ISPs admins are not subscribed to the development > list of every software they are running, monitoring such lists would be near > impossible due to large cumulative volume of email. I am sure some IPSs will > do exactly what you suggest and disable the function, but

[PHP-DEV] [PATCH] Bug #16629 apache2filter

Hi, Dunno if that solves that bug entirely, but at least it follows the php.ini on/off config flags, instead of putting 0 and 1 for boolean settings. Index: apache_config.c === RCS file: /repository/php4/sapi/apache2filter/apache_

[PHP-DEV] CVS Account Request: ekilfoil

I plan to develop and maintain PEAR packages, and Stig S. Bakken from the pear-dev mailing list said i need a PHP cvs account. I assume i'll only need access to the /pear directory until pear's CVS is split from php. I already have some modules at http://www.ypass.net/php, and I am planning o

Re: [PHP-DEV] Safe Mode

On Sat, 2002-05-11 at 19:27, Zeev Suraski wrote: > At 20:17 11/05/2002, Rasmus Lerdorf wrote: > > > Ideally every ISP would use it and each virtual host would have such a > > > directory. In reality I've set to see a SINGLE ISP that has used that > > option. > > > In fact I didn't know about it m