Patrick R. Michaud said... > On Thu, Feb 15, 2007 at 11:11:26AM -0000, marc wrote: > > Patrick R. Michaud said... > > > However, the recipeupdates.php script requires that PHP be configured > > > to allow url fopens, and many web hosting providers have this > > > capability turned off as a security precaution. > > > > Also, why not use curl instead of fopen? As you say, it's not at all > > unusual for fopen to be switched off on shared hosts, and > > allow_url_fopen has been unavailable since 4.3.4 (so say the docs). > > I suspect that a lot of PHP installations will have allow_url_fopen > enabled but not have curl present.
Okay, we've just had different experiences (with shared hosts). > And from a security perspective > I would find it strange for a web hosting provider to disable > allow_url_fopen but leave curl enabled. (This isn't to say that > there might be a good reason for doing this, or that web hosting > providers don't do strange things. :-) Oh, I agree completely; it's a silly situation, but it seems to happen quite a lot. > Also, allow_url_fopen is still available in PHP after 4.3.4 -- > what changed in 4.3.5 is that allow_url_fopen can only be set > in the system's php.ini file (prior to that it could be set > anywhere, including a .htaccess file or a running script). > I'm running PHP 4.4.4 and 5.0.4 on a couple of systems and > they all have allow_url_fopen present. Yup, but that excludes those using shared hosts, which was my original point. (I meant unavailable for shared host users, I just avoided restating the context, since you'd know.) Ah well, another customised recipe for my collection :-| Thank heavens for Subversion. -- Cheers, Marc _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
