Hi,
My point still is that this is a change in behaviour. fopen()
and readfile() didn't had such a change lately, they were
affected by safe_mode since a long time if not since the
beginning.
And yes, if function which in the past were not affected by
safe_mode/open_basedir suddenly are, I am for documenting
this change.
- Markus
On Sat, May 11, 2002 at 12:20:20PM -0700, Rasmus Lerdorf wrote :
> Well, the harm is that I don't see such noted on fopen(), readfile(),
> include, etc. If you start putting them in for other functions won't
> people then naturally assume that these other functions are not subject to
> safe-mode/open_basedir restrictions?
>
> On Sat, 11 May 2002, Markus Fischer wrote:
>
> > Hi,
> >
> > there are reports about this (don't know their # though).
> >
> > Am I the only who thinks that documenting such a change of
> > the behaviour of a function is important?
> >
> > And if it's like you said, then it just is that way. Nothing
> > is more painful for a user to find out a function now behaves
> > differently without a note why and since when. There's no
> > harm done, I only can see a benefit.
> >
> > - Markus
> >
> > On Sat, May 11, 2002 at 12:04:51PM -0700, Rasmus Lerdorf wrote :
> > > If such functions exist, then they need to be fixed. If you find some,
> > > submit a bug report. It's like documenting for each and every function
> > > whether it works or not. Yes, there are bugs in some functions, that
> > > doesn't mean that in every working function we put a note that says, "Hey,
> > > this function actually works".
> > >
> > > -Rasmus
> > >
> > > On Sat, 11 May 2002, Markus Fischer wrote:
> > >
> > > > Hi,
> > > >
> > > > the fact that would you said is true, but is only the theory,
> > > > doesn't convince me not to document the things, especially
> > > > such BC things. With theory I mean there're a still a few PHP
> > > > functions out there accessing the file system which arent'
> > > > covered by either safe_mode or open_basedir (I darkly
> > > > remmeber some posix() things, but I'm not sure).
> > > >
> > > > Personally I reather also document the fact the
> > > > highlight_file is also affected by open_basedir then removing
> > > > the paragraph completely.
> > > >
> > > > - Markus
> > > >
> > > > On Sat, May 11, 2002 at 11:54:58AM -0700, Rasmus Lerdorf wrote :
> > > > > Well, and open_basedir, but do we really need to document this?
> > > > > Theoretically every function that reads files and subject to
> > > > > safe-mode/open_basedir restrictions.
> > > > >
> > > > > -Rasmus
> > > > >
> > > > > On Sat, 11 May 2002, Markus Fischer wrote:
> > > > >
> > > > > > mfischer Sat May 11 14:51:46 2002 EDT
> > > > > >
> > > > > > Modified files:
> > > > > > /phpdoc/en/reference/misc/functions highlight-file.xml
> > > > > > Log:
> > > > > > - highlight_file() is now affected by safe_mode.
> > > > > >
> > > > > >
> > > > > > Index: phpdoc/en/reference/misc/functions/highlight-file.xml
> > > > > > diff -u phpdoc/en/reference/misc/functions/highlight-file.xml:1.2
>phpdoc/en/reference/misc/functions/highlight-file.xml:1.3
> > > > > > --- phpdoc/en/reference/misc/functions/highlight-file.xml:1.2 Wed
>Apr 17 02:40:42 2002
> > > > > > +++ phpdoc/en/reference/misc/functions/highlight-file.xml Sat May 11
>14:51:44 2002
> > > > > > @@ -1,5 +1,5 @@
> > > > > > <?xml version="1.0" encoding="iso-8859-1"?>
> > > > > > -<!-- $Revision: 1.2 $ -->
> > > > > > +<!-- $Revision: 1.3 $ -->
> > > > > > <!-- splitted from ./en/functions/misc.xml, last change in rev 1.22 -->
> > > > > > <refentry id="function.highlight-file">
> > > > > > <refnamediv>
> > > > > > @@ -40,6 +40,13 @@
> > > > > > you do not inadvertently reveal sensitive information such as
> > > > > > passwords or any other type of information that might create a
> > > > > > potential security risk.
> > > > > > + </simpara>
> > > > > > + </note>
> > > > > > + <note>
> > > > > > + <simpara>
> > > > > > + Since PHP 4.2.1 this function is also affected by <link
> > > > > > + linkend="ini.safe-mode">safe mode</link>, i.e. only files which
>pass the
> > > > > > + <link linkend="ini.safe-mode">safe mode</link> restriction are
>shown.
> > > > > > </simpara>
> > > > > > </note>
> > > > > > <para>
> > > > > >
> > > > > >
> > > >
> > > > --
> > > > Please always Cc to me when replying to me on the lists.
> > > > GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc
> > > > "I'm not stupid, you know? :)" - Jani Taskinen
> > > >
> >
> > --
> > Please always Cc to me when replying to me on the lists.
> > GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc
> > "I'm not stupid, you know? :)" - Jani Taskinen
> >
--
Please always Cc to me when replying to me on the lists.
GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc
"I'm not stupid, you know? :)" - Jani Taskinen
