On Thu, Feb 15, 2007 at 11:11:26AM -0000, marc wrote: > Patrick R. Michaud said... > > However, the recipeupdates.php script requires that PHP be configured > > to allow url fopens, and many web hosting providers have this > > capability turned off as a security precaution. > > Also, why not use curl instead of fopen? As you say, it's not at all > unusual for fopen to be switched off on shared hosts, and > allow_url_fopen has been unavailable since 4.3.4 (so say the docs).
I suspect that a lot of PHP installations will have allow_url_fopen enabled but not have curl present. And from a security perspective I would find it strange for a web hosting provider to disable allow_url_fopen but leave curl enabled. (This isn't to say that there might be a good reason for doing this, or that web hosting providers don't do strange things. :-) Also, allow_url_fopen is still available in PHP after 4.3.4 -- what changed in 4.3.5 is that allow_url_fopen can only be set in the system's php.ini file (prior to that it could be set anywhere, including a .htaccess file or a running script). I'm running PHP 4.4.4 and 5.0.4 on a couple of systems and they all have allow_url_fopen present. Thanks! Pm _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
