e cause why someone might confuse the lists.
I think, that the suggestion from Marcus could clearifiy that.
Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
From: [EMAIL PROTECTED]
Operating system: redhat 7.0
PHP version: 4.0.1pl2
PHP Bug Type: Filesystem function related
Bug description: unlink ignores permissions
unlink seems to run as root.
i have set file permissions to 444 (owner root) and tried to open this file for
writ
On Sat, 11 Jan 2003, Sebastian Bergmann wrote:
> Sascha Schumann wrote:
> > You removed those files from the PHP 5 branch which you
> > claimed were supposed to be used in the PHP 5 branch.
>
> ext/com/ are the old files, ext/rpc/com are the new files
Yeah, somehow m
ks to me like it should have been set to 'closed' after
fixing the crash bug.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
RLEN_P(return_value) < len / 2) {
>
> Does this mean we now always need to cast the result of the
> Z_STRLEN_P/Z_STRLEN_PP macros to int? That seems pretty annoying and not to
> producing ugly code.
Certainly not.
What kind of warnings was the compiler (which one?)
.
Any objections?
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
On Sun, 12 Jan 2003, Moriyoshi Koizumi wrote:
> On Sun, Jan 12, 2003 at 12:12:39AM +0100, Sascha Schumann wrote:
> > As many past security advisories have shown, signedness
> > issues are the frequent cause for severe vulnerabilities in
> > software (recent e
because C does not define how a negative number will
appear when cast to an unsigned type.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
On Mon, 13 Jan 2003, Derick Rethans wrote:
> So, save versions are 1.28, 1.30 and 1.75 for now? Perhaps restrict
> buildconf to check for this?
It's a configure/genfiles-time check as hashed out in an
older thread.
- Sascha
--
PHP Development Mailing List <http://ww
h I do wonder why
you would need that -- the makefiles are supposed to work
even with Tru64's native make.
I've committed a portability fix for the use of the "which"
command.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
> What are the headers required out here to compile this code
> successfully? Libs to link with?
There is a SAPI API call for that (in HEAD, but I intend to
merge it into the 4.3 branch).
SAPI_API int sapi_get_fd(int *fd TSRMLS_DC);
- Sascha
--
PHP Development Mailin
mp;article=16651
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
st, we could start from there.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
x will
become useful immediately for my purposes. I need something
to rely on and that is PHP 4 at this time.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
to fix something.
Signedness change: The compiler might issue a warning or not.
Developer knows: Usually nothing.
There are so many signedness issues in ext/standard alone,
that I would not want to run with such warnings enabled.
- Sascha
--
PHP Development Mailing List <
A couple of things crossed my mind:
5. Looking at Linux's syscall implementation and implementing
the good ideas in FreeBSD.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
0 includes, but people out
> there write code like that.
How about writing a mini preprocessor for such cases which
does the interpolation step everytime a programmer updates a
source file? That would save way more cycles than killing
some fstat calls.
- Sascha
--
PHP Devel
nted
either in about 50 LOC of PHP or sh/awk. That won't work of
course, if you rely heavily on dynamic includes where the
filename is determined at run-time.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
. This proved to be the
major obstacle for small sets.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
#x27;t documented yet.
The BM algorithm is outdated and can savely be dropped.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
str_replace. Instead of scanning the "haystack" one time
per replacement text, we would scan it only once.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
t; bucket, ornot.
>
> I think this group of people is very small (less then 10 I assume), so I
> dont see it as much of a problem to 're'use the 4th parameter.
Let me add that even I have never used it. It's save to
redeploy.
- Sascha
--
PHP De
han 5.000 blocks (5MB for 1k-blocks) more disk usage per year. Where
> do you see the real problem if the commits are not mailed to php-cvs list?
Cluttering the history of an important file is an extremely
bad idea.
- Sascha
--
PHP Development Mailing List <http://www.php.
> > How is that possible?
>
> I don't think it is, because it needs to be done at checkout time, not at
> build time.
What are you smoking?
That's a one line addition to the snapshot script.
- Sascha, creator, snaps.php.net
--
PHP Development Mailing List
is conceivable that someone does not run buildconf
immediately. But that is unlikely from my POV.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
eckout date here?
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
ld work.
Have CVS $Id$'s been discussed yet?
This line will give you the timestamp from the latest
checked in file:
find . -type f|xargs grep '$Id: ' |grep -v Binary |\
sed 's#.*\([12].../../.. ..:..:..\).*#\1#'| sort | tail -1
- Sascha
--
, hence ucb) and they had to keep those utilities for
their customers in SysV-based Solaris 2.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
knows of a system that doesn't carry egrep?.
"egrep" is going to be deprecated by POSIX, but I suppose
that switching back to it makes sense for now.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
FYI
- Sascha
-- Forwarded message --
Date: Tue, 04 Feb 2003 21:24:36 -0600
From: Robert Boehne <[EMAIL PROTECTED]>
To: Lars Hecking <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: To sed or not to sed
Lars,
You're in luck! CVS Libtool goes
You can see the current mappings here:
http://cvs.php.net/co.php/CVSROOT/modules?login=2&r=1.33
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
bly just use this method. Of course, this will not solve
> the threadsafety concerns (nothing really can other than documentation).
Yay! This is doubleplusgood.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
should nowadays be very slow
> compared to whatever php_combined_lcg() needs to do.
>
> Shall more entropy be always true?
No, some users might depend on the return format (think of
database entries).
- Sascha
--
PHP Development Mailing List <http://www.php.net
?
Thanks for the heads up, I'll look into it.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
downloaded for
free from
http://www-3.ibm.com/software/webservers/httpservers/
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
ion.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
On Tue, 11 Feb 2003, Hans Prins wrote:
> Thx guys,
>
> I'll play around with it some more and see if I can secure it some more :)
Keep in mind that many proxies remove the referrer
information.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
T
d the check to
vspprintf where it is applied only once per call.
- Sascha
Index: spprintf.c
===
RCS file: /repository/php4/main/spprintf.c,v
retrieving revision 1.12
diff -u -r1.12 spprintf.c
--- spprintf.c 11 Feb 2003
real test cases which could be
tested against.
> p.s.: I asked about adding the cli manpage some days ago, can you help?
$(mkinstalldirs) $(mandir)/man1
$(INSTALL_DATA) page.1 $(mandir)/man1/page.1
should be sufficient.
- Sascha
--
PHP Development Mailing List
On Thu, 13 Feb 2003, Marcus Börger wrote:
> I updated all m4,autoconf & libtool AND now i can no longer build php
>
> Anybody help?
Get autoconf-2.13 and m4-1.4 (not 1.4o) from ftp.gnu.org.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsub
o the order of build
> and install?
Ensure that m4 --version actually outputs 1.4 and not 1.4o.
Some rpms are mislabeled in that area.
Otherwise, the only problem source comes from having a
"polluted" installation where multiple autoconf/libtool
versions are s
There are also some awk scripts around which extract that
information.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
, so that you can
simply commit/maintain your modules to PECL.
http://www.php.net/cvs-php.php
Welcome o'board.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
On Fri, 21 Feb 2003, Jani Taskinen wrote:
>
> I object! :) It should be one function with extra parameter
> to decide the action..
Please put this code into ext/completely_unneeded.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscri
> I'm not 100% sure if we want this feature, but perhaps it is worth
> revisiting that patch.
Alternatively, I would suggest to teach the submitter of that
patch regarding fopen, fwrite, implode. He might have
overlooked those existing functions.
- Sascha
--
PHP
On Fri, 21 Feb 2003, Derick Rethans wrote:
> On Fri, 21 Feb 2003, Sascha Schumann wrote:
>
> > > I'm not 100% sure if we want this feature, but perhaps it is worth
> > > revisiting that patch.
> >
> > Alternatively, I would suggest to teach the submit
ts? Get real.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
his utility function should become part of the PHP core.
It really belongs into some kind of utility collection where
it can be implemented in PHP. A PEAR class would be the
perfect location for it.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsub
re of PHP. Or is your argument "we already
have so much bloat, a bit more is ok, too"?
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
t it does? Does it feed all entries to
the PHP INI system or is this is a custom layer wrapping the
DBA API for storage of application settings?
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
PHP layer.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
Or more accurately:
> PHP5 -> co php5
> PHP4.3 -> co -rPHP_4_3 php4
> PHP4 -> co -rPHP_4 php4
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
> So I think the fix of adding OnUpdateLong() is the correct fix.
I was under the impression that OnUpdateInt was actually
expecting a long. I remember changing some int's to long's
to address 64 bit issues. Do I remember this incorrectly?
- Sascha
--
PHP Develo
control.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
I think that simply adding OnUpdateLong and deprecating
OnUpdateInt is fine while retaining its current semantics. I
just don't see any value in changing the meaning of
OnUpdateInt; at least that's how I interpreted Andi's
message.
- Sascha
--
PHP Deve
_changing_ the existing semantics is that
programmers will not notice that they need to adapt types
from long to int. That leaves 64 bit platforms with a new
set of problems, because the upper half of the long won't be
initialized.
- Sascha
--
PHP Development Mailing
> how do I use PHP_CHECK_FUNC to make it work even when the extension is
> shared?
You can manipulate LDFLAGS directly:
php_save=$LDFLAGS
LDFLAGS="-L$dir $LDFLAGS"
.. check ..
LDFLAGS=$php_save
- Sascha
--
PHP Development Mailing List <http
the PHP_4 branch.
> is there also a PHP_4 branch in the Zend module or ist HEAD supposed to be
> PHP_4 ?
There is also a PHP_4 branch in the Zend module, so a regular
$ cd php4
$ cvs upd -r PHP_4
works.
- Sascha
--
PHP Development Mailing List <http://www.php.ne
On Mon, 3 Mar 2003, Sebastian Bergmann wrote:
> Harald Radi wrote:
> > PHP_4
>
> But why is the version of the PHP_4 branch 4.5, and not 4.4?
4.4 was used already in HEAD for some time. So we skipped it.
- Sascha
--
PHP Development Mailing List <http://www.php.ne
l/python/tcl
> ddecided to adhere to the mathematical definition.
ISO C truncates towards zero. It specifically says in 6.5.5
Multiplicative Operators:
If the quotient a/b is representable, the expression (a/b)*b
+ a%b shall equal a.
So -27 % 7 yields -6.
- Sascha
t; a = floor(a/b) * b + r
for 0 <= r < b applies only, if a, b are members of N
("natürliche Zahlen", > 0). You cannot simply extend it to
Z.
As such, it does not apply to the example -27 mod 7, because
-27 is evidently not part of N.
- Sascha
--
PHP
magic once again.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
> Don't they have to do that anyway..? :)
No, why? For example, the session extension will be largely
unchanged. The same code works in PHP 4 and 5.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
result in -3. If that is what you expect, then I think you also
> have to expect -27%7 to return -6.
Agreed.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
eLong)
is not sufficient? Is not it a safe assumption that those
modules which still use 'int's are simply the result of a
mistake on the developer's side?
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
Please supply 1 as the 6th argument to PHP_NEW_EXTENSION.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
> > Can I check this into PHP_4 & PHP_4_3 ?
>
> Nope :)
PHP_4 is ok.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
ozen
files which were generated using m4-1.4o cause problems.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
then -- the
engine and your own code. It's often preferrable to have a
stable environment for your own testing needs and that is
where PHP_4 comes in.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
> # ./flex --version
> flex 2.5.27
What does this output?
flex -V -v --version 2>/dev/null
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
On Fri, 7 Mar 2003, David Hill wrote:
>
> > What does this output?
> >
> > flex -V -v --version 2>/dev/null
> >
> > - Sascha
>
>
> # flex-2.5.27/flex -V -v --version 2>/dev/null
> flex 2.5.27
This should be parsed corr
forgotten to PHP_4, so please stop the FUD.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
urces are available at the same URL all the time;
however, it is not always the same source.
> Hmmm.. are they really deleted, or it's just
> that the snaps.php.net only shows the recent files?
Old files are purged regularly.
- Sascha
--
PHP Development Mailing List <
MODERATED.
-1.
The list could be renamed so that it is less confusing for
newbie PHP developers.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
because of BC concerns.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
t; and so a list called
"php-dev" makes absolute sense to them.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
> Let's ask the mysql guys, they did change the name too. (I think that we
> atleast agree that the noise is annoying, right?)
Not really. Maybe I'm more used to skipping noise.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, vis
vory tower.
> it will be reviewed by someone when they get the time.
This manual review effectively implies censorship which is
undesirable in an open environment. I doubt it would serve
the PHP community in any way.
- Sascha
--
PHP Development Mailing List <http://w
hane's two section thing
first before we evaluate more draconic measures.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
> You lose:
You lose time for implementing and maintaining this system,
and you lose time for moderating emails. You also reduce the
incentive to contribute.
Again, let's take the less intrusive steps first and leave
the heavy handed ones as a last resort.
reshmeat and had a lovely time trying to
> build :-)
Unless you are working on the .re sources, you don't need
re2c.
> I am taking note of the problems I encountered and was planning on
> updating something (README.CVS-RULES ?) after another week or so.
Good id
3. Apply the same system as is in use for
Let's evaluate the results of the first two items before
going one step further. There is no need for haste.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
very likely that we will lose useful input, if we implement
the third item prematurely.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
On Thu, 13 Mar 2003, Joe Orton wrote:
> Commit of autoconf code cleanups to php4 (4_3 branch) needed
> for systems which have system libraries in /usr/lib64 rather
> than /usr/lib.
Please post patches.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
On Sat, 17 Aug 2002, Dan Kalowsky wrote:
> I disagree that it should go out as is, very strongly at that too.
I agree with Dan here.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
#x27;m not aware of that a few days matter
to you? If not, I don't see any problem with merging all
important fixes and commencing the QA process afterwards.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
On Sat, 17 Aug 2002, Zeev Suraski wrote:
> At 22:58 17/08/2002, Sascha Schumann wrote:
> > > 64-bit fixes (for whatever reason), I think that's quite alright. 64-bit
> > > support is a major thing, which people, especially businesses, will not
> > > really ex
gns
to him.
2.) A crafts a link containing SID and sends it to victim V.
3.) A keeps SID alive by repeatedly accessing X using SID.
4.) V opens link and authenticates.
5.) A's script notices (4). A can overtake V's session.
- Sascha
--
PHP Develo
_only_cookies and be done with it. No amount of
checking on the server side can otherwise prevent this class
of attacks.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
ect oneself by
activating session.use_only_cookies.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
ogle still finds
http://www.jscript.dk/unpatched/MS02-023update.html
"Yesterday I hosted a list of 14 publickly known unpatched
vulnerabilities, today I host a list of 12 such. It can still
be found at http://jscript.dk/unpatched/
- Sascha
--
PHP Development Mailing
On Wed, 28 Aug 2002, Marcus Boerger wrote:
> Hi Sascha is ther a waay to build three modules, in particular
> i want to build cli, cgi and the apache module.
>
Yes, it would look like this:
1. ./configure
2. make
3. make clean
4. goto 1
- Sascha
--
PHP De
> nice if there was a 'canned' way of doing it. I use the apache sapi and
> the cli, and it would be nice to be able to build them with a single
> make.
That's already in.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscr
hat you can do incremental builds.
- Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
be enabled on
any server. Maybe we could use a GET Param on this (only for the .phps's)
like:
http://localhost/test.phps?linenumbers=0
http://localhost/test.phps?linenumbers=1
in which we would default linenumbers to zero.
Best regards
Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
reate it; i wonder why zend_highlight
doesn't get this structure itself?). By setting this flag to TRUE, you can
omit sending a header from the PHP-Functions.
I know, this is a kludge, but at least it's an option.
Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
give the admin/customer
ability to change some settings via web-interfaces, should not have to
rewrite the whole httpd.conf.
Does this apply to PHP, too?
Sascha
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
I totally agree to you - and i still can't catch up the point what the current
discussion is about.
Sascha
> The underlying effect is minimal, no noticable change. The effect of
> having the option there is mind blowing for IRC based support staff who
> are dealing with (for wa
This is exactly, what the code should do; in Zend/zend_operators.c there is an
special function for this to do (increment_string), so i assume this is the
expected result.
Sascha
> I know there is a better way to do that, and this code is silly, but
> still...
> Try running these two
ways send out the status line. If a user
had called header() to set the status code, the error would
have been the same, regardless of the SAPI layer change.
If IIS cannot accept the CGI RFC format, a configuration
option needs to be added which chooses one of the formats.
1 - 100 of 532 matches
Mail list logo
