ID: 20371 Comment by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Bogus Bug Type: Documentation problem Operating System: FreeBSD PHP Version: 4.2.3 New Comment:
It is however not mentioned on: http://www.php.net/ChangeLog-4.php It is not mentioned on this change log that it is summarised/incomplete. While it may be mentioned elsewhere, this is more a complaint about the front page change log than anything else. Previous Comments: ------------------------------------------------------------------------ [2002-11-11 17:01:49] [EMAIL PROTECTED] It's right there in the NEWS file: - Disabled the fifth parameter in mail() when safe-mode is turned on. (Derick) And for that matter, it is also in the ChangeLog: 2002-07-02 Derick Rethans <[EMAIL PROTECTED]> * ext/standard/mail.c: - Be nice to users and allow them to check if the mail was send * ext/standard/mail.c: - Disable 5th parameter to mail in safemode - Disabled the fifth parameter to the mail function in safemode. And yes, we will continue to fix security problems in minor releases. This was a nasty security hole and needed to be fixed. ------------------------------------------------------------------------ [2002-11-11 16:51:24] [EMAIL PROTECTED] The PHP Changelog for 4.2.3 does not mention the inclusion of a new directive in Safe Mode to restrict the 5th parameter in the mail() function. Quoting somewhere: "This fifth parameter was added in PHP 4.0.5. Since PHP 4.2.3 this parameter is disabled in safe_mode and the mail() function will expose a warning message and return FALSE if you're trying to use it." There is no mention of this in the Change Log. For PHP, a very widly used piece of software, i find it totally insane that such a major change has been implemented in a minor release update. And not only that, for it to not even be mentioned on the change log!! It would seem that the Change log is not a valid source of information - since it cannot even be trusted to include major changes. I would reccomend slapping whoever comitted this change. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=20371&edit=1 -- PHP Documentation Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
