Zeev Suraski ([EMAIL PROTECTED]) wrote:
> At 12:04 29/07/2001, Stephen van Egmond wrote:
> >2. when a uploaded file fails is_uploaded_file().
>
> My English parser bailed out on this one :)
How's your PHP parser doing? :)
foreach $f ($HTTP_POST_FILES) {
if (!is_uploaded_file($f)) {
die "Ayiee!";
}
}
> While it may be rare to find a situation in which it's useful more than
> move_uploaded_file(), these cases do exist. I'm not sure what's wrong with
> it, can you be more specific?
My feelings upon seeing it were of the "aw, man, couldn't something
else check for that?". There isn't any reason you would want to accept
a file that failed is_uploaded_file() -- so why bother even leaving it
as a possibility.
While I'm typing this, I also understand that it may have been an
emergency introduction into the language in response to a vulnerability
report. And I also understand that functionality that exists in some
Server API should, in some way, be reproducible in the core without
duplicating code.
-Steve
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
