clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-25 03:47:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,443 Commits 493 Branches 1,366 Tags 848 MiB
25d5adec0d
Commit Graph

106 Commits

Author SHA1 Message Date
Dmitry Stogov
86780519d4 Disabled dl(). Now it is enabled only when a SAPI layer registers it explicitly. Only CLI, CGI and EMBED do this. 2006-03-16 16:53:10 +00:00
Dmitry Stogov
9d7ca01c8b Dropped allow_call_time_pass_reference, the error is maden E_STRICT. 2006-03-16 11:32:00 +00:00
Dmitry Stogov
22055cb8fd Dropped register_long_arrays, added E_CORE for all dropped setting 2006-03-16 09:44:42 +00:00
Ilia Alshanetsky
27e175eef0 So long safe_mode mode. 
Also removed the magic_quotes configure option, no longer relevant since
the magic is gone :-).
 2006-03-08 14:41:45 +00:00
Pierre Joye
bb1ec86f9d - remove magic_quotes_gpc, magic_quotes_runtime, magic_quotes_sybase 
(calling ini_set('magic_....') returns 0|false
- get_magic_quotes_gpc, get_magic_quotes_runtime are kept but always return false
- set_magic_quotes_runtime raises an E_CORE_ERROR
 2006-03-08 00:43:32 +00:00
Pierre Joye
303bfea78f - remove register_globals support (aka "Kill the f***ing thing" :) 2006-03-07 00:20:54 +00:00
foobar
251c5173fd bump year and license version 2006-01-01 13:10:10 +00:00
Rasmus Lerdorf
e1f1857978 Add allow_url_include to let people turn on allow_url_fopen without also 
enabling remote code execution through url wrappers
 2005-11-18 16:20:43 +00:00
foobar
23e671a51e - Bumber up year 2005-08-03 14:08:58 +00:00
Zeev Suraski
02344b1dae Improve the way auto-globals JIT works, and add the ability to turn it off 2004-03-16 19:49:19 +00:00
foobar
e3c80d52da - Remove gpc_order since it doesn't serve any purpose. 2004-01-26 04:15:08 +00:00
foobar
ccfc46b0aa - Happy new year and PHP 5 for rest of the files too.. 
# Should the LICENSE and Zend/LICENSE dates be updated too?
 2004-01-08 17:33:29 +00:00
Ilia Alshanetsky
be5670af2b Fixed bug #26707 (Incorrect error for disabled functions/classes). 2003-12-24 16:38:22 +00:00
James Cox
f68c7ff249 updating license information in the headers. 2003-06-10 20:04:29 +00:00
Ilia Alshanetsky
b20df54af7 Make serialize precision a configurable option. 2003-05-08 01:23:21 +00:00
Marcus Boerger
3fc4a32743 Infrastructure to catch warnings and throw tehm as errors autmatically 2003-05-07 01:02:23 +00:00
David Hill
1edf7f55e5 64 bit corrections to parameters to OnUpdateInt Bug #20994 (Dave) 2003-03-10 14:50:16 +00:00
Zeev Suraski
4e55747a2b Add JIT initialization for _SERVER and _ENV 
(it's less important for the others, even though it should be fairly
easy now too)
 2003-03-02 10:19:15 +00:00
foobar
8e3f23e3c0 ws fixes + missing $Id$ tags, headers added 2003-02-19 08:40:19 +00:00
Sebastian Bergmann
2c5d4b8c23 Bump year. 2002-12-31 15:59:15 +00:00
Marcus Boerger
0d7957bc15 Bug #20433 2002-11-30 18:36:17 +00:00
Marcus Boerger
b7cd48efdd Make it possible to test language features like newly introduced 'abstract' 
independantly from debug mode.
 2002-11-21 14:56:06 +00:00
Hartmut Holzgraefe
8b7e9d7774 some changes to how request input data (Content-Lenght >0) is handled 
- webdav-specific stuff removed (should be handled using httpd.conf
  LIMIT or equivalents)
- always_populate_raw_post_data now working on any method, not just
  POST (and webdav methods with allow_webdav_methods), when
	Content-Length is greater zero
- raw input data is also available using php://input stream,
  this way one doesn't have to care about memory_limit
- input data is now always consumed (although maybe ignored,
  this fixes we had withproblems with keep-alive connections
@ raw POST data is now available as php://input stream (hartmut)
 2002-10-21 16:41:06 +00:00
Ilia Alshanetsky
b9efd22339 Fixed bug #16880. Added an ini option max_input_time that allows the user 
to specify how much time a script may spend parsing input data (POST, GET, etc..).
 2002-10-21 13:09:29 +00:00
Sebastian Bergmann
714c19fe66 Per discussion on #php.bugs (+1 from at least Derick and Jani), revert double_buffering. 2002-09-01 11:33:19 +00:00
Christian Stocker
9495fb9d7d @ - Added php.ini option "allow_webdav_methods" to allow handling of 
@   WebDAV http requests within PHP scripts. (chregu)
# More methods (for DeltaV) will follow.
 2002-08-22 07:48:23 +00:00
Marcus Boerger
2a443b2e77 Changed handling of output buffer sizes. 
@Added php.ini option "double_buffering" that forces an additional first
@output buffer and improved handling of buffer sizes. (Marcus)
 2002-08-20 19:49:37 +00:00
Marcus Boerger
88c385e817 rename php_error_func<n> to php_error_docref and support Wez idea 
that solves ToDo requirement to point to PHP Manual in error messages.
 2002-08-08 19:12:27 +00:00
Derick Rethans
d812929d2f - Implement Andrei's request for disabling memory leak reporting in debug 
builds.
#- Andrei: I can show you the logs :)
 2002-06-26 19:43:46 +00:00
Marcus Boerger
bd9cf79efb new ini setting log_errors_max_len 
@-New ini setting log_errors_max_len controls maximum length for error
@ messages. Set it to 0 for infinite. Default is 1024 (old behaviour) (Marcus)
 2002-04-10 01:27:44 +00:00
Marcus Boerger
ddc6437e32 new feature ignoring repeated error messages (defaults to old behaviour) 
@You can now disable logging of repeated error messages with two new ini settings ignore_repeated_errors, ignore_repeated_source. @(Marcus)
 2002-04-06 18:49:59 +00:00
Wez Furlong
021bf6f01f Shouldn't have made it into my last commit. 2002-03-18 18:57:25 +00:00
Wez Furlong
c9d5e13738 TSRMLS related work on streams, as discussed with Zeev. 
# Should be the last "broad" commit for a while
# Don't forget to make clean ; make
 2002-03-18 18:54:32 +00:00
Sebastian Bergmann
90613d2282 Maintain headers. 2002-02-28 08:29:35 +00:00
Sebastian Bergmann
38933514e1 Update headers. 2001-12-11 15:32:16 +00:00
Derick Rethans
06cdf297a8 - Adding a callback mechanism to the unserializer. (patch by Bernd 
Roemer <berndr@bonn.edu>)
#- An explainatory e-mail will be send to php-dev
 2001-11-26 21:04:21 +00:00
Zeev Suraski
e077c6bc28 Make it possible to enable chunked output buffering without providing 
an output handling function
 2001-08-11 22:55:00 +00:00
Zeev Suraski
d87cc976e1 Redesigned thread safety mechanism - nua nua 2001-07-28 11:36:37 +00:00
Rasmus Lerdorf
9bc97ac865 Add always_populate_raw_post_data ini directive and default it to 0 to 
maintain current behaviour.  If this is turned on then $HTTP_RAW_POST_DATA
is always populated with a copy of the raw post data.
@ - Add config option (always_populate_raw_post_data) which when enabled
@   will always populate $HTTP_RAW_POST_DATA regardless of the post mime
@   type (Rasmus)
 2001-07-17 16:46:07 +00:00
James E. Flemer
771e3e498f o Fixed Bug #12121: chdir and safe_mode 
- [ main/safe_mode.h ] added new checkuid mode:
    CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
	fails

  - [ ext/standard/dir.c ] changed php_checkuid() to use
    CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR

  - [ main/safe_mode.c ] added code for new checkuid mode

o Fixed Bug #12119: safe mode owner check can be bypassed with symlink
  - [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination
    of symlink before trimming filename

o New Feature: safe_mode_include_dir (php.ini directive)
  - Allows bypassing UID/GID checks when including files
    from the directory in safe_mode_include_dir and its
	subdirectories. (safe_mode must be on, directory must
	also be in include_path or full path must be used when
	including)

o Fixed Feature: safe_mode_gid (php.ini directive)
  - Correctly check (and report) UID/GID bits on directories

o Changed include() fall back to scripts cwd implementation
  - CWD added to the (local) search path in php_fopen_with_path()
    instead of seperate case. [ main/fopen_wrappers.c ]
 2001-07-13 18:21:21 +00:00
Sascha Schumann
3dd33fdede Fix xmlrpc_error:number handling 2001-07-13 16:08:39 +00:00
Sascha Schumann
a2ce3c7068 Allow errors to be returned as XMLRPC fault packets. 
Submitted by: Matt Allen <matt@investigationmarketplace.com>
 2001-07-10 15:59:33 +00:00
Rasmus Lerdorf
934e10c7dc Add getmygid() and safe_mode_gid ini directive to allow safe mode to do 
a gid check instead of a uid check.
@ - Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
@ a gid check instead of a uid check. (James E. Flemer, Rasmus)
 2001-07-09 17:36:04 +00:00
foobar
c34d2b91da Added new configuration directives: 
arg_separator.input and arg_separator.output
 2001-04-04 20:46:26 +00:00
Andi Gutmans
eb6ba01d1c - Fix copyright notices with 2001 2001-02-26 06:11:02 +00:00
Zeev Suraski
d294f46f5a - Remove the ini_extension_list global 
- Switch to delayed loading of Zend extensions
 2001-01-15 10:52:02 +00:00
Sascha Schumann
db0b8bc05b Defer loading of extensions until all configuration entries have been 
added to the configuration hash.
 2001-01-15 03:21:05 +00:00
Zeev Suraski
0f7f5c2c0e - Import Jade Nicoletti's transparent gzip encoding support as an output 
handler.  Works quite nicely!
- Fix buglets in output buffering
- Add output_handler INI directive
 2000-11-13 18:54:37 +00:00
Hartmut Holzgraefe
cae27179ce fopen wrappers cleanup 
- comfiguration is now done by an ini parameter
    instead of a compile time option
  - the implementations of the three standard wrappers
    now live in seperate files in ext/standard
  - the compiler is happy again, no more warnings
 2000-10-13 00:09:31 +00:00
Zeev Suraski
b7ecaacd07 More security-related (control) patches: 
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit.  Defaults to 8MB.
- Implemented file_uploads on/off directive (defaults to on).
 2000-09-09 15:02:15 +00:00