Maybe it would be a good idea to have a list of recommended extensions
for hosting providers that states what functionality an extension
provides, what it depends upon and some brief analysis of runtime
overhead and possibilities of abuse. While this would obviously not
fully solve the problem it may encourage hosts to take extensions that
are not bundled with the default distribution into consideration. This
and similar suggestions could be grouped into some sort of guidelines
for hosting providers.
my 2c and regards,
Vlad Bosinceanu
Antony Dovgal wrote:
On 12/31/2006 02:43 AM, Kevin Waterson wrote:
While mime_magic is deprecated, it does not mean it cannot be used.
So there certainly is a way to do it without PECL.
Currently, but it will be moved sometime in the future.
Anyone capable of installing core extension, is capable of
installing an extension from PECL, in most cases it's as easy as
`pecl install <name>`.
Not everybody has access to this, particularly in a mutliple hosting
environment.
Sure, but the very same applies to core extensions.
It would be nice to be able to verify/validate file types by mimetype
with a simple core function
that is available on all platforms. If the only way of doing this is
in PECL then portablity
is lost and so is any surity of what type of file an uploaded file
may be, without resorting to hacks.
Including an extension into the core does not mean it will become
available on all hostings, especially taking into account that this
extension has an external dependency (libfile).
Also, I'm not sure I understand what portability you're talking about.
ext/mime_magic can be also missing if your sysadmin did not enable it
when building PHP.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
