[PHP-DEV] 420 configure broken

I just tried to ./configure on one of our old work maschines and got buildconf: checking installation... buildconf: autoconf version 2.13 (ok) buildconf: automake version 1.4 (ok) buildconf: libtool version 1.4.2 (ok) ./configure ... ... checking for ICAP support... no checking for iconv suppor

Re: [PHP-DEV] [BUG]vulnerabilities in PHP's file uploadcode - still uncovered in 4.1.2

On Tue, Mar 19, 2002 at 11:41:41AM +0100, [EMAIL PROTECTED] wrote: > > I know, but I still don't think it warrants 4.1.3 :) > > > But honestly i doubt a kiddie will use this bug to dos a server. Apache will > > respawn all its childs anyway and for the kids its much easier to use > > their stup

Re: [PHP-DEV] [PATCH] ftp extension safe_mode awareness patch

On Sun, Mar 17, 2002 at 03:12:27PM +0100, [EMAIL PROTECTED] wrote: > > Do you mean 'uploaded' or 'downloaded' here? > depends on your point of view ;) downloaded to the php server, uploaded onto the php server. (anyway meant are files retrieved with ftp_get) stefan -- PHP Development Mailin

[PHP-DEV] [PATCH] ftp extension safe_mode awareness patch

Hi, I want your comments. This patch adds safe_mode awareness to the ftp extension. It was done against the 4.2.0 tree because there must be some changes in the extension because of streams and so i wanted to ensure that it is working first. This patch modifies: is_uploaded_file : works now als

[PHP-DEV] streams crash

following little script crashes now: it crashes in fflush() of libc and backtrace shows that its called by php_stdiop_flush, which is called from php_stream_flush, php_stream_free, Stefan -- PHP Development Mailing List To unsubscribe, visit: http://www.php.net/un

Re: [PHP-DEV] HEAD broken

On Fri, Mar 15, 2002 at 01:23:44PM +0100, [EMAIL PROTECTED] wrote: > > How is it broken? It compiled just fine for me... Hmmm i get stuff like: ext/session/session.lo: In function 'php_set_session_var': /ext/session/session.c:268: undefined reference to 'var_replace' ... and this happens for s

Re: [PHP-DEV] checkuid weirdness

On Thu, Mar 14, 2002 at 08:20:38AM -0800, Rasmus Lerdorf wrote: > How do you figure? Doesn't it only do this in > CHECKUID_ALLOW_FILE_NOT_EXISTS mode? This mode is used for things like > rmdir(), chgrp(), chown(), chmod() where spitting out a safe mode error > when the file in question doesn't e

RE: [PHP-DEV] PHP audit

Hi, due to the fact that I now have a cvs account at the phpaudit project i am able to help on both sides. Of course we would like to have a secure head and 4_2_0 branch but it is understandable that fixing 4.1.2 is the primary goal of the project. First things comes first. Anyway during the next

[PHP-DEV] Re: [PHP-CVS] cvs: php4 /ext/filepro filepro.c

On Thu, Mar 14, 2002 at 05:07:34PM +0200, Andi Gutmans wrote: > Is there any reason why this extension is calling TlsAlloc()? > Why isn't it using the regular TSRM interface like all other extensions? > > Andi The problem with the filepro extension is: its not really maintained i fixed the most

[PHP-DEV] checkuid weirdness

Hello, is there any reason why checkuid returns always "okay" if the file does not exist? It returns okay even if safe_mode forbids access to the directories below. Stefan -- PHP Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-DEV] Bug #15251 Updated: Cannot upload one but two files

ID: 15251 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Critical Bug Type: HTTP related Operating System: Linux PHP Version: 4.2.0 2002-02-07 New Comment: Hmmm tjo, you know the procedure... 1) Can you try it wit

[PHP-DEV] Bug #15251 Updated: Cannot upload one but two files

ID: 15251 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Critical Bug Type: HTTP related Operating System: Linux PHP Version: 4.0CVS-2002-01-28 New Comment: with no effect i mean: uploading one or two files worked witho

[PHP-DEV] Bug #15251 Updated: Cannot upload one but two files

ID: 15251 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Critical Bug Type: HTTP related Operating System: Linux PHP Version: 4.0CVS-2002-01-28 New Comment: $HTTP_POST_FILES["input_name"] if (isset($HTTP_POST_FILES)) {

[PHP-DEV] Bug #15159 Updated: apache chush and write when i use header('') function;

ID: 15159 Updated by: [EMAIL PROTECTED] -Summary: apache chush and write when i use header('') function; Reported By: [EMAIL PROTECTED] Status: Closed Bug Type: Apache related Operating System: linux 2.2.16-20 PHP Version: 4.1.1 New

[PHP-DEV] Bug #14131 Updated: include "http" problem

ID: 14131 Updated by: sesser Old Summary: include "http" problem Reported By: [EMAIL PROTECTED] Status: Bogus Bug Type: Scripting Engine problem Operating System: Windows Server 2000 PHP Version: 4.0.6 New Comment: Still is a configuration error... You must enable remote includes

[PHP-DEV] Bug #15187 Updated: PHP parses untrusted documents (or something like that ;P)

ID: 15187 Updated by: sesser Reported By: [EMAIL PROTECTED] Status: Bogus Bug Type: Scripting Engine problem Operating System: Linux 2.4 PHP Version: 4.1.1 New Comment: speaking of phpnuke... this security problem in phpnuke was reported a while back to its developers. if they havent fixed

[PHP-DEV] Bug #15187 Updated: PHP parses untrusted documents (or something like that ;P)

ID: 15187 Updated by: sesser Reported By: [EMAIL PROTECTED] Status: Bogus Bug Type: Scripting Engine problem Operating System: Linux 2.4 PHP Version: 4.1.1 New Comment: RTFM! Include is for including PHP scripts into your PHP script. If you only want to include parsed output then do not use

[PHP-DEV] Bug #14964 Updated: safe mode & basic authentication

ID: 14964 Updated by: sesser Reported By: [EMAIL PROTECTED] Old Status: Open Status: Closed Bug Type: Unknown/Other Function Operating System: linux PHP Version: 4.1.1 New Comment: This bug was fixed a few days ago in CVS Previous Comments

[PHP-DEV] Bug #14776 Updated: httpd crashes with 4.1.1 (and 4.1.0) when safe-mode=on and header();

ID: 14776 Updated by: sesser Reported By: [EMAIL PROTECTED] Old Status: Open Status: Feedback Bug Type: Reproducible crash Operating System: FreeBSD 4.4-stable PHP Version: 4.1.1 New Comment: I just fixed it in CVS (atleast I cannot crash it here anymore) Please check with latest CVS version