No compatibility issues but fixing two annoying safe-mode limitations? Go ahead :-)
- Stig Arcady Genkin wrote: > > This refers to bug 18843 ( http://bugs.php.net/bug.php?id=13843 ) > > I'm willing to give a shot at coding the fix for this bug, provided > that the proposed resolutions (below) are approved by somebody with > cvs commit powers. Otherwise, let's discuss how to fix it some other > way. Right now magic behavior of exec() and friends under safe mode > is not even documented anywhere (at least not under "Safe Mode" or > individual sections for each of the functions), and is the cause of > really unreasonable limitations. > > Problem 1: > ---------- > Under safe mode PHP programmer has no mechanism of passing command-line > parameters that contain spaces to programs with exec() et al. > > Proposed Resolution: > -------------------- > > Allow an array to be passed as the first argument of exec() and > friends, with the following semantics: > > o If the first argument is a string, the functions' semantics > is the same as it is now. This way the new interface is 100% > backward-compatible. > > o If the first argument is an array, we assume that: > - the first element of the array is the command to be executed, > - and all other elements are command-line parameters > - if PHP is in safe mode, quote each parameter separately > > This way the command line and the parameters can be quoted properly > under safe mode, and still allow blanks in parameters. > > Problem 2: > ---------- > Under safe mode a programmer has no mechanism to do include "2>&1" in > the command line with exec() et all. > > Proposed resolution: > -------------------- > > Given the interface improvement as explained above, if the > _last element_ of the array passed as the first parameter of exec() is > a token "2>&1", treat it as a special case and _don't_ magically > escape it under safe mode. > > Many thanks, > -- > Arcady Genkin > > -- > PHP Development Mailing List <http://www.php.net/> > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
