Re: [PHP-DEV] Sound API for php

Andi Gutmans wrote: > You might want to put this into Pear. In any case, if you want to post the > API just to get people's input (naming conventions of functions and so on) > feel free to post here. > Thanks for the suggestion to put this into Pear. I have subscribed to the dev list and I'll

RE: [PHP-DEV] Re: #19286 [NEW]: header() Control Char Injection

> Yasuo Ohgaki wrote: > > This obvious security risk is mentioned in bugtraq today. > > > > IMHO, this is users' fault. They must check values before > > using it. In this specfic case, user should use simple regex > > before feeding str to header(). > > > > Any opinion to meke this to "won't fix

Re: [PHP-DEV] Re: #19286 [NEW]: header() Control Char Injection

I'll make it "won't fix". -- Yasuo Ohgaki Melvyn Sopacua wrote: > On Sun, 8 Sep 2002, Yasuo Ohgaki wrote: > > YO>>> Date: Sun, 08 Sep 2002 11:01:44 +0900 > YO>>> From: Yasuo Ohgaki <[EMAIL PROTECTED]> > YO>>> To: [EMAIL PROTECTED] > YO>>> Subject: [PHP-DEV] Re: #19286 [NEW]: header() Control Ch

Re: [PHP-DEV] Re: #19286 [NEW]: header() Control Char Injection

On September 7, 2002 09:58 pm, Yasuo Ohgaki wrote: > This obvious security risk is mentioned in bugtraq today. > > IMHO, this is users' fault. They must check values before > using it. In this specfic case, user should use simple regex > before feeding str to header(). > > Any opinion to meke this

Re: [PHP-DEV] Re: #19286 [NEW]: header() Control Char Injection

On Sun, 8 Sep 2002, Yasuo Ohgaki wrote: YO>>> Date: Sun, 08 Sep 2002 11:01:44 +0900 YO>>> From: Yasuo Ohgaki <[EMAIL PROTECTED]> YO>>> To: [EMAIL PROTECTED] YO>>> Subject: [PHP-DEV] Re: #19286 [NEW]: header() Control Char Injection YO>>> YO>>> Yasuo Ohgaki wrote: YO>>> > This obvious security ri

[PHP-DEV] Re: #19286 [NEW]: header() Control Char Injection

Yasuo Ohgaki wrote: > This obvious security risk is mentioned in bugtraq today. > > IMHO, this is users' fault. They must check values before > using it. In this specfic case, user should use simple regex > before feeding str to header(). > > Any opinion to meke this to "won't fix"? One thing w

[PHP-DEV] [PATCH] ext/sysvmsg compatibility

Hi, Attached, compatibility patch, for BSD/OS 4.x and at quick glance, also FreeBSD 4.6-RELEASE. The reported error without patch is: /home/mdev/cvs/php4/ext/sysvmsg/sysvmsg.c: In function `zif_msg_receive': /home/mdev/cvs/php4/ext/sysvmsg/sysvmsg.c:271: sizeof applied to an incomplete type /hom

[PHP-DEV] Re: #19286 [NEW]: header() Control Char Injection

This obvious security risk is mentioned in bugtraq today. IMHO, this is users' fault. They must check values before using it. In this specfic case, user should use simple regex before feeding str to header(). Any opinion to meke this to "won't fix"? -- Yasuo Ohgaki [EMAIL PROTECTED] wrote: > F

[PHP-DEV] Re: [PHP-CVS] cvs: php4 /ext/standard info.c

Edin Kadribasic wrote: > This is a bit too unserious IMHO. > > Edin I have to agree. Besides, "\"char can be differect shape depend om charsets according to the ISO standard. -- Yasuo Ohgaki > > On Sat, 07 Sep 2002 23:14:23 - > "Jan Lehnardt" <[EMAIL PROTECTED]> wrote: > >>jan

[PHP-DEV] Re: [PHP-CVS] cvs: php4 /ext/standard info.c

This is a bit too unserious IMHO. Edin On Sat, 07 Sep 2002 23:14:23 - "Jan Lehnardt" <[EMAIL PROTECTED]> wrote: > jan Sat Sep 7 19:14:23 2002 EDT > > Modified files: > /php4/ext/standardinfo.c > Log: >- cosmetics > > > Index: php4/ext/stan

[PHP-DEV] Re: Problems with PHP.net MX

[EMAIL PROTECTED] wrote: > Will we lose the mail or not? That is my _only_ mail right now, that would > be so bad :-/ except for a small handful of messages that already bounced because of a little slip-up during the transition, all the messages should make it through, possibly with some delays.

[PHP-DEV] Re: Problems with PHP.net MX

Will we lose the mail or not? That is my _only_ mail right now, that would be so bad :-/ -- Nicos - CHAILLAN Nicolas [EMAIL PROTECTED] www.WorldAKT.com - Hébergement de sites Internet "Jim Winstead" <[EMAIL PROTECTED]> a écrit dans le message de news: [EMAIL PROTECTED] > In article <[EMAIL PROT

[PHP-DEV] php-4.2.3 -> Thanks+Kudos

I would like to express my sincere appreciation to the php dev team, the qa team, the php-doc magicians, and as always the "countless others" for their extraordinary continuing efforts in making php4 the best. Awesome work from incredibly awesome people. My humble thanks. Regards Mike Robinson

Re: [PHP-DEV] Re: php4 /ext/standard http_fopen_wrapper.c

On September 7, 2002 12:46 pm, Peter Neuman wrote: > Hello, > > "Sterling Hughes" <[EMAIL PROTECTED]>: > > There won't be anymore releases off this branch -- why? > > In the Main Version the safety hole was recovered, why not in branch? > > Peter Neuman This bug only occurs in 4.3.0 and does not

Re: [PHP-DEV] Sound API for php

Hi, At 19:28 7-9-2002, Tony Leake wrote: >I have started to write an audio api for PHP. > >I have written a wrapper to ecasound which is a very powerful >audio processing library that runs on Linux and I believe several >other *NIX's. At the simple end it will play audio files in most >audio for

Re: [PHP-DEV] Re: php4 /ext/standard http_fopen_wrapper.c

Hello, "Sterling Hughes" <[EMAIL PROTECTED]>: > There won't be anymore releases off this branch -- why? In the Main Version the safety hole was recovered, why not in branch? Peter Neuman -- PHP Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.ph

[PHP-DEV] Problems with PHP.net MX

Hi, Are there any problems with PHP.net MX? I should host a MX Backup if it is needed. It looks I dont receive my mails anymore, well it takes few hours. (4h...). -- Nicos - CHAILLAN Nicolas [EMAIL PROTECTED] www.WorldAKT.com - Hébergement de sites Internet -- PHP Development Mailing List <

[PHP-DEV] Cannot use Session on pressing back

Hi, I am using session_start() and session_register("variablename") . The when I click on the back button from the browser it shows me the following error: "Warning: Page has Expired The page you requested was created using information you submitted in a form. This page is no longer available.

[PHP-DEV] user_agent (Was: Re: [PHP-CVS] cvs: php4 /ext/standard http_fopen_wrapper.c)

On Sat, Sep 07, 2002 at 03:55:05PM -, Sterling Hughes wrote : > sterling Sat Sep 7 11:55:05 2002 EDT > > Modified files: > /php4/ext/standardhttp_fopen_wrapper.c > Log: > commit the correct/up-to-date version There is one thing left: O

[PHP-DEV] [ANNOUNCE] PHP 4.2.3 released

PHP 4.2.3 has been released. It is a maintenance release and includes a large number of fixes for the previous 4.2.2 version. 4.2.3 is a recommended upgrade for all users of PHP, and particularly Windows users. Full list of changes: - Enabled strcoll() on win32. (Markus) - Fixed possible ASCI

Re: [PHP-DEV] Sound API for php

> For the 'web-side' of things - could these conversion function be >used, > to convert files on the webserver? Or even something like: > song.wav -> convert_to_mp3 -> stream_on_socket > song.mp3 -> convert_to_windows_media -> stream_on_socket There's no reason why you couldn't convert files on

[PHP-DEV] Re: Problems with PHP.net MX

In article <[EMAIL PROTECTED]> you wrote: > Are there any problems with PHP.net MX? I should host a MX Backup if > it is > needed. It looks I dont receive my mails anymore, well it takes few > hours. > (4h...). mail handling is being transitioned to a different machine (and the machine that used

Re: [PHP-DEV] Re: php4 /ext/standard http_fopen_wrapper.c

> Hello, > > "Ilia Alshanetsky" <[EMAIL PROTECTED]>: > > > Log: > > Fixed a massive memory leak that occurs when an opened webpage returns > > a non 200 return code. > > Add Please also to Branch 4.2.0... > There won't be anymore releases off this branch -- why? (besides the fact that th

Re: [PHP-DEV] Sound API for php

You might want to put this into Pear. In any case, if you want to post the API just to get people's input (naming conventions of functions and so on) feel free to post here. Andi At 06:28 PM 9/7/2002 +0100, Tony Leake wrote: >Hi, > >I have started to write an audio api for PHP. > >I have writt

[PHP-DEV] Re: php4 /ext/standard http_fopen_wrapper.c

Hello, "Ilia Alshanetsky" <[EMAIL PROTECTED]>: > Log: > Fixed a massive memory leak that occurs when an opened webpage returns > a non 200 return code. Add Please also to Branch 4.2.0... Thanks Peter Neuman -- PHP Development Mailing List To unsubscribe, visit:

Re: [PHP-DEV] Cannot use Session on pressing back

Hi, this list is for the development OF php, not WITH php. Please ask questions at: [EMAIL PROTECTED] or in this case: news://comp.infosystems.www.authoring.misc as this is normal behavior for POST data. At 18:34 7-9-2002, Monil Chheda wrote: >Hi, > >I am using session_start() and >session_

[PHP-DEV] Sound API for php

Hi, I have started to write an audio api for PHP. I have written a wrapper to ecasound which is a very powerful audio processing library that runs on Linux and I believe several other *NIX's. At the simple end it will play audio files in most audio formats (wav, mp3, ogg-vorbis, AIFF etc) and co

Re: [PHP-DEV] Status of mysql_db_query()

On Saturday 07 September 2002 17:07, Melvyn Sopacua wrote: > Or would you say, that your previous example is really a userland issue and > docu- mentation should provide some examples? Yes for bc-compatibitlity it should be a userland issue. I'll add some more doc-notes/explanations during the

[PHP-DEV] Re: Problems with PHP.net MX

Sep 7 22:29:51 WorldAKT postfix/pickup[90851]: D081160ECA: uid=0 from= Sep 7 22:29:51 WorldAKT postfix/cleanup[90921]: D081160ECA: message-id=<[EMAIL PROTECTED]> Sep 7 22:29:51 WorldAKT postfix/qmgr[90852]: D081160ECA: from=<[EMAIL PROTECTED]>, size=297, nrcpt=1 (queue active) Sep 7 22:29:54 W

Re: [PHP-DEV] Status of mysql_db_query()

On Sat, 7 Sep 2002, Georg Richter wrote: GR>>> GR>>> On Friday 06 September 2002 19:17, Melvyn Sopacua wrote: GR>>> > On Fri, 6 Sep 2002, Georg Richter wrote: GR>>> GR>>> > GR>>> > One can do it, with an extra query "SELECT DATABASE()". GR>>> > GR>>> 1) Its not a good idea, to move SQL queries

Re: [PHP-DEV] fopen() & User-Agent

On September 7, 2002 10:37 am, Mats Lindh wrote: > - [EMAIL PROTECTED]% (Marcus Börger): > > But according to your example i think google prohibts accessing their > > search engine etc. through software... > > A bit off-topic; but google has its own "Web API" for developers > wanting to access goo

Re: [PHP-DEV] fopen() & User-Agent

- [EMAIL PROTECTED]% (Marcus Börger): > But according to your example i think google prohibts accessing their > search engine etc. through software... A bit off-topic; but google has its own "Web API" for developers wanting to access google-results: http://www.google.com/apis/ -- mats -- PH

Re: [PHP-DEV] fopen() & User-Agent

On Sat, Sep 07, 2002 at 12:00:35PM +0100, Wez Furlong wrote : > On 09/07/02, "Markus Fischer" <[EMAIL PROTECTED]> wrote: > > +1 > > Afaik this was already brought up. > > I'm +1 on the principle. > > > Maybe some ini entry like > > php.user_agent (or whatever fits best) > > +1

Re: [PHP-DEV] fopen() & User-Agent

On 09/07/02, "Markus Fischer" <[EMAIL PROTECTED]> wrote: > +1 > Afaik this was already brought up. I'm +1 on the principle. > Maybe some ini entry like > php.user_agent (or whatever fits best) +1 on this, but also note that the not-yet-documented-enough stream context is intende

Re: [PHP-DEV] fopen() & User-Agent

At 09:49 07.09.2002, Ilia A. wrote: >Current implementation of fopen() and any other built in functions that allow >opening of Urls, always sends a User-Agent: PHP/PHP_VERSION header when >sending the request, which cannot be disabled by the user. >Afaik this header is entirely optional and in som

[PHP-DEV] Re: cvs: php4(PHP_4_2_0) /ext/mbstring mbstring.c

Hi, Bug in POST/GET/COOKIE var handling... --enable-enc-trans user is affected. Besides, php_url_decode() was redundunt in old code. It seems this bug is introduced since values were URL decoded, but not with latest code. It's okay passing values which str not decoded, but there may be other co

Re: [PHP-DEV] Status of mysql_db_query()

On Friday 06 September 2002 19:17, Melvyn Sopacua wrote: > On Fri, 6 Sep 2002, Georg Richter wrote: > > One can do it, with an extra query "SELECT DATABASE()". > 1) Its not a good idea, to move SQL queries into the extension instead of using api-calls. That should be the job of userland function

Re: [PHP-DEV] fopen() & User-Agent

+1 Afaik this was already brought up. Maybe someini entry like php.user_agent (or whatever fits best) which is of type string: ini_set("php.user_agent", "Tawnee Stone Virus"); and can be disabled with: ini_set("php.user_agent", ""); I.e. spec

[PHP-DEV] fopen() & User-Agent

Current implementation of fopen() and any other built in functions that allow opening of Urls, always sends a User-Agent: PHP/PHP_VERSION header when sending the request, which cannot be disabled by the user. Afaik this header is entirely optional and in some cases even causes problems if the