Hi Jan,

On Sun, Feb 22, 2015 at 12:33 AM, Jan Ehrhardt <php...@ehrhardt.nl> wrote:

> Yasuo Ohgaki in php.internals (Sat, 21 Feb 2015 10:06:24 +0900):
> >I think this will be the final discussion before vote.
> >This RFC is to make PHP stronger against script inclusion attacks just
> like
> >other languages.
> >
> >https://wiki.php.net/rfc/script_only_include
> >
> >I hope everyone will like this proposal.
>
> Am I correct in assuning that files with extensions like .inc, .install,
> .module will not be included by default anymore if this RFC is accepted?
> And that only a change in the php.ini can make those files includable?
>
> Drupal uses files like these, even in Drupal 8 beta. Would not that be a
> big obstacle for installing Drupal, especially at shared hosters where
> the user has no control over php.ini?
>

I forgot to write INI type.
The INI is INI_ALL, so users may use any filename extensions.

I added.

Thank you.

--
Yasuo Ohgaki
yohg...@ohgaki.net

Reply via email to