> I just realised that
>
> Example 34-2. Validating file uploads
>
> Is still showing a bullshit example. It constructs a destination path
> for move_uploaded_file() that consists of user input. There is no sanity
> check on it like removing / and .. sequences.
>
> Can one of the DOC guys fina
[EMAIL PROTECTED] is the right list for stuff like this btw ...
--
Hartmut Holzgraefe <[EMAIL PROTECTED]>
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Stefan Esser wrote:
Example 34-2. Validating file uploads
Is still showing a bullshit example. It constructs a destination path
for move_uploaded_file() that consists of user input. There is no sanity
check on it like removing / and .. sequences.
Would you agree that aplying basename() would be o
Rob Richards wrote:
The goal is to be able to use it simultaneously.
Can you file a bug report and include code that produces the crash?
Rob
Sure, it's complicated code, so I'll try to get it all into 1 file and
under 20 lines.
Greg
--
PHP Internals - PHP Runtime Development Mailing List
To unsub
The goal is to be able to use it simultaneously.
Can you file a bug report and include code that produces the crash?
Rob
- Original Message -
From: Greg Beaver
> I've been experimenting with using both simplexml and dom on the same
> document at the same time, and have run into a numbe
[...]
> My questions to the sybase_ct (Hi Timm ;-) ) maintainer:
>
> 1. How is the deadlock/retry logic in sybase_ct_query()
> intended to work? From my understanding a single SQL
> statement will never deadlock.
I have no idea why this was put in in the first place.
> 2. The default setting o
A large telco client of ours is having problems that match Russ' problem
almost exactly... except on Win2k.
Does anyone have pointers to *windows* tools to achieve the kind of
debugging/tracing described below?
Rasmus Lerdorf wrote:
On Tue, 7 Sep 2004, Russ Garrett wrote:
I can watch them for h
At 10:04 AM 9/6/2004 -0700, Rasmus Lerdorf wrote:
On Mon, 6 Sep 2004, Joe Orton wrote:
> On Sun, Sep 05, 2004 at 04:41:44PM -0700, Rasmus Lerdorf wrote:
> > On Sun, 5 Sep 2004, Andi Gutmans wrote:
> > > Yeah I know non-pic doesn't work on all platforms but I gathered that
> > > -prefer-non-pic only
On Wed, 8 Sep 2004, Xuefer wrote:
> >> both mmcache and apc does not have "crash recover"
> >
> > The concept of a crash recover is somewhat flawed in my opinion. The only
> > way to really do this is to catch SIGSEGV, SIGBUS and other such fatal
> > signals and twiddle a knob somewhere in shared
Hi,
I just realised that
Example 34-2. Validating file uploads
Is still showing a bullshit example. It constructs a destination path
for move_uploaded_file() that consists of user input. There is no sanity
check on it like removing / and .. sequences.
Can one of the DOC guys finally fix this cod
>> both mmcache and apc does not have "crash recover"
>
> The concept of a crash recover is somewhat flawed in my opinion. The only
> way to really do this is to catch SIGSEGV, SIGBUS and other such fatal
> signals and twiddle a knob somewhere in shared memory that tells other
> processes to flu
Hi,
I've been experimenting with using both simplexml and dom on the same
document at the same time, and have run into a number of unexplainable
PHP crashes unless I clone the domdocument object before using
simplexml_import_dom()
Is it a design goal of simplexml to be able to use it simultaneo
On Tue, 7 Sep 2004, Russ Garrett wrote:
> Anyhow, the whole backtrace is here, I'd be interested to see what you
> think:
>
> http://static.last.fm/phpbug/bt.txt
Are you sure this happens with Apache1 as well? I see you are running the
prefork mpm, but you are still linking against libpthread whi
Rasmus Lerdorf wrote:
On Tue, 7 Sep 2004, Russ Garrett wrote:
I can watch them for hours in the apache mod_status view, and they'll
show the same last request. They won't respond to a kill -15, I have to
kill -9 them. Strace reports they're doing absolutely nothing.
Could you use 'gcore' to drop a
On Tue, 7 Sep 2004, Russ Garrett wrote:
> I can watch them for hours in the apache mod_status view, and they'll
> show the same last request. They won't respond to a kill -15, I have to
> kill -9 them. Strace reports they're doing absolutely nothing.
Could you use 'gcore' to drop a core from one o
Zeev Suraski wrote:
Is there anything consistent about these failed checksums? Do they
occur in a specific file or a set of certain files?
This is interesting -- there *is* definitely a consistency, it always
happens in one of three files. One is 8k lines long (the main file from
the jpgraph su
Sara Golemon wrote:
> If you need class redefinition, I would much sooner recommend
> classkit_import() which will aggregate all the methods from a new class
> definition over the top of an old class entry. (Note: It's been
documented
Sara, thank you very much for your suggestion. This should be
At 07:05 07/09/2004, Rasmus Lerdorf wrote:
> both mmcache and apc does not have "crash recover"
The concept of a crash recover is somewhat flawed in my opinion. The only
way to really do this is to catch SIGSEGV, SIGBUS and other such fatal
signals and twiddle a knob somewhere in shared memory tha
thanks for your taking care of my bug reports
my optimizer patch is in http://pecl.php.net/bugs/bug.php?id=1678
i guess u've saw it just now. the changes required by the fix isn't that much as my
patch.
i reorgnized the blocks of code into macro(i personally don't like too much boring
repeats),
t
19 matches
Mail list logo