[PHP-DOC] cvs: phpdoc /en/features safe-mode.xml

[Jakub Vrana]

vrana           Tue Jul 27 13:27:12 2004 EDT

  Modified files:              
    /phpdoc/en/features safe-mode.xml 
  Log:
  Arguments are escaped (bug #21975)
  
http://cvs.php.net/diff.php/phpdoc/en/features/safe-mode.xml?r1=1.49&r2=1.50&ty=u
Index: phpdoc/en/features/safe-mode.xml
diff -u phpdoc/en/features/safe-mode.xml:1.49 phpdoc/en/features/safe-mode.xml:1.50
--- phpdoc/en/features/safe-mode.xml:1.49       Mon Jan 19 01:11:19 2004
+++ phpdoc/en/features/safe-mode.xml    Tue Jul 27 13:27:11 2004
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.49 $ -->
+<!-- $Revision: 1.50 $ -->
  <chapter id="features.safe-mode">
   <title>Safe Mode</title>
 
@@ -461,28 +461,36 @@
         <entry>You can only execute executables within the <link 
         linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
         For practical reasons it's currently not allowed to have
-        <literal>..</literal> components in the path to the executable.</entry>
+        <literal>..</literal> components in the path to the executable.
+        <function>escapeshellcmd</function> is executed on the argument of this
+        function.</entry>
        </row>
        <row>
         <entry><function>system</function></entry>
         <entry>You can only execute executables within the <link 
         linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
         For practical reasons it's currently not allowed to have
-        <literal>..</literal> components in the path to the executable.</entry>
+        <literal>..</literal> components in the path to the executable.
+        <function>escapeshellcmd</function> is executed on the argument of this
+        function.</entry>
        </row>
        <row>
         <entry><function>passthru</function></entry>
         <entry>You can only execute executables within the <link 
         linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
         For practical reasons it's currently not allowed to have
-        <literal>..</literal> components in the path to the executable.</entry>
+        <literal>..</literal> components in the path to the executable.
+        <function>escapeshellcmd</function> is executed on the argument of this
+        function.</entry>
        </row>
        <row>
         <entry><function>popen</function></entry>
         <entry>You can only execute executables within the <link 
         linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
         For practical reasons it's currently not allowed to have
-        <literal>..</literal> components in the path to the executable.</entry>
+        <literal>..</literal> components in the path to the executable.
+        <function>escapeshellcmd</function> is executed on the argument of this
+        function.</entry>
         <!-- TODO: not sure. popen uses a completely different implementation
         Don't know why, don't know whether it's behaving the same -->
        </row>