No because it was preciselly because of cgi that CWD wasn't removed from the php.ini search path. Have a look at the following thread:
http://www.zend.com/lists/php-dev/200202/msg01325.html Edin ----- Original Message ----- From: "Moriyoshi Koizumi" <[EMAIL PROTECTED]> To: "Edin Kadribasic" <[EMAIL PROTECTED]> Cc: "Derick Rethans" <[EMAIL PROTECTED]>; "Jani Taskinen" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, December 12, 2002 12:44 PM Subject: Re: [PHP-DEV] Critical Bug #20887 > > At the time CLI was introduced I argued to remove . from php.ini > > search path, but that was not accepted because some people > > apparently use this feature for having different configurations for > > different virtual hosts. > > > > Therefore . was removed only from CLI's php.ini search path. > > This feature looks somewhat evil since it enables users to bypass the safe > mode restrictions enforced by the administrator, or am I missing > something? > > Anyway, the following patch should make sense for #20887? > > Moriyoshi > > Index: main/php_ini.c > =================================================================== > RCS file: /repository/php4/main/php_ini.c,v > retrieving revision 1.106 > diff -u -r1.106 php_ini.c > --- main/php_ini.c 12 Nov 2002 20:56:47 -0000 1.106 > +++ main/php_ini.c 12 Dec 2002 11:22:17 -0000 > @@ -272,7 +272,8 @@ > > /* Add cwd */ > #ifdef INI_CHECK_CWD > - if (strcmp(sapi_module.name, "cli")!=0) { > + if (strcmp(sapi_module.name, "cgi")==0 > + || strcmp(sapi_module.name, "cgi-fcgi")==0) { > if (*php_ini_search_path) { > strcat(php_ini_search_path, paths_separator); > } > > -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php
