I'm surprised I didn't find this last October when I posted the first round.
Unfortunately most system administrators realise mysql isn't enabled by
default with PHP 5 and then just enable mysql alone ignoreing mysqli.
Since this could be considered a security fix I'm hoping Derick will
make an exception and just patch this for 4.4.5. But even if he doesn't,
maybe Ilia will apply the patches to 5_2 and HEAD. Unless there is an
easy way to mass educated people about MySQLi.
Regards,
Scott
Olivier Hill wrote:
Hello Scott,
I did something similar a while ago. You can see [1] why this will not
be included in PHP4, as it is considered a new feature.
Regards,
Olivier
[1] http://marc.theaimsgroup.com/?t=115220027800004&r=1&w=2
On 1/24/07, Scott MacVicar <[EMAIL PROTECTED]> wrote:
This is a gentle nudge, there was no interest since this was posted 2
months ago, we had a client who get exploited recently because of this
issue. We use mysqli where appropriate but sometimes its not available
because hosts don't know any better.
Since there are no plans to deprecate the mysql extension any time soon
we at least need the ability to protect ourselves. Patches are again PHP
4_4, 5_2 and HEAD.
Scott
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
