andrei Sat Dec 21 15:09:09 2002 EDT Modified files: (Branch: PHP_4_3) /php4/sapi/apache mod_php4.c Log: Make PHP_AUTH_* variables not available in safe mode under Apache. Patch by Philip Olson. Index: php4/sapi/apache/mod_php4.c diff -u php4/sapi/apache/mod_php4.c:1.146 php4/sapi/apache/mod_php4.c:1.146.2.1 --- php4/sapi/apache/mod_php4.c:1.146 Sun Nov 10 14:34:09 2002 +++ php4/sapi/apache/mod_php4.c Sat Dec 21 15:09:09 2002 @@ -17,7 +17,7 @@ | PHP 4.0 patches by Zeev Suraski <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ */ -/* $Id: mod_php4.c,v 1.146 2002/11/10 19:34:09 iliaa Exp $ */ +/* $Id: mod_php4.c,v 1.146.2.1 2002/12/21 20:09:09 andrei Exp $ */ #include "php_apache_http.h" @@ -415,7 +415,7 @@ authorization = table_get(r->headers_in, "Authorization"); } if (authorization - && !auth_type(r) + && (!PG(safe_mode) || (PG(safe_mode) && !auth_type(r))) && !strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) { tmp = uudecode(r->pool, authorization); SG(request_info).auth_user = getword_nulls_nc(r->pool, &tmp, ':');
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php