Commit Graph

42 Commits

Author SHA1 Message Date
James E. Flemer
771e3e498f o Fixed Bug #12121: chdir and safe_mode
- [ main/safe_mode.h ] added new checkuid mode:
    CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
	fails

  - [ ext/standard/dir.c ] changed php_checkuid() to use
    CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR

  - [ main/safe_mode.c ] added code for new checkuid mode

o Fixed Bug #12119: safe mode owner check can be bypassed with symlink
  - [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination
    of symlink before trimming filename

o New Feature: safe_mode_include_dir (php.ini directive)
  - Allows bypassing UID/GID checks when including files
    from the directory in safe_mode_include_dir and its
	subdirectories. (safe_mode must be on, directory must
	also be in include_path or full path must be used when
	including)

o Fixed Feature: safe_mode_gid (php.ini directive)
  - Correctly check (and report) UID/GID bits on directories

o Changed include() fall back to scripts cwd implementation
  - CWD added to the (local) search path in php_fopen_with_path()
    instead of seperate case. [ main/fopen_wrappers.c ]
2001-07-13 18:21:21 +00:00
Rasmus Lerdorf
934e10c7dc Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
a gid check instead of a uid check.
@ - Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
@ a gid check instead of a uid check. (James E. Flemer, Rasmus)
2001-07-09 17:36:04 +00:00
Harald Radi
d9c1247c86 added new com entries 2001-06-24 22:40:41 +00:00
Daniel Beulshausen
a82f4f76e8 add mbstring & xslt 2001-06-11 15:43:50 +00:00
Rui Hirokawa
f96a2539a7 added options for mbstring extension. 2001-06-10 09:44:31 +00:00
foobar
99cb747f71 Added missing configuration directive: from
which is used by fopen() to be send as the default password
2001-06-01 03:19:53 +00:00
Daniel Beulshausen
26f85bbbe7 add printer ext to php.ini & maintain extensions file 2001-04-05 12:41:25 +00:00
foobar
c34d2b91da Added new configuration directives:
arg_separator.input and arg_separator.output
2001-04-04 20:46:26 +00:00
Harald Radi
21d00778e5 added [com] section 2001-03-20 22:45:10 +00:00
Zeev Suraski
d7e17582da Update .ini's and NEWS 2001-03-07 10:08:19 +00:00
Daniel Beulshausen
7357ee8fa4 rename php_mssql70.dll to php_mssql.dll, as we have only one mssql extension 2001-01-22 19:15:32 +00:00
Jon Parise
175cf6b08a Make this comment readable. 2001-01-02 21:37:21 +00:00
foobar
b0adbf8aff Added the arg_separator directive. 2000-12-28 09:36:56 +00:00
Frank M. Kromann
ad17d8f0a4 The ODBC extension looks for settings named odbc. and not uodbc. 2000-11-29 22:10:46 +00:00
Daniel Beulshausen
d5af60ca2f update win32 extension section 2000-11-27 11:57:30 +00:00
Frank M. Kromann
67f66b32c0 Adding php.ini value to set default batch size for mssql extension 2000-11-21 03:11:33 +00:00
Zeev Suraski
0f7f5c2c0e - Import Jade Nicoletti's transparent gzip encoding support as an output
handler.  Works quite nicely!
- Fix buglets in output buffering
- Add output_handler INI directive
2000-11-13 18:54:37 +00:00
Frank M. Kromann
1bf216ca57 Adding textlimit and textsize parameters to MSSQL sections 2000-10-23 00:45:23 +00:00
Chris Vandomelen
0e705a5f60 Added new INI entries to default php.ini files. 2000-10-22 23:49:57 +00:00
foobar
adb12b50b5 url_rewriter.tags needs to have " around the parameter to work. 2000-10-18 12:35:53 +00:00
Hartmut Holzgraefe
cae27179ce fopen wrappers cleanup
- comfiguration is now done by an ini parameter
    instead of a compile time option
  - the implementations of the three standard wrappers
    now live in seperate files in ext/standard
  - the compiler is happy again, no more warnings
2000-10-13 00:09:31 +00:00
Sebastian Bergmann
8520f94796 Removed obsolete entries from php.ini. 2000-10-06 05:14:46 +00:00
Hénot David
409e2e7e98 Changed the php.ini examples to match the names in the source code. 2000-09-13 16:12:50 +00:00
Daniel Beulshausen
119ad66740 - a comma sneaked in before the java extension
- added the java configuration section
#can you please add the setting for *nix as well?
2000-09-13 13:27:52 +00:00
Daniel Beulshausen
0f22953a67 added note about odbc support and changed to the appropriate names of the windows extensions 2000-09-13 13:03:01 +00:00
Zeev Suraski
b7ecaacd07 More security-related (control) patches:
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit.  Defaults to 8MB.
- Implemented file_uploads on/off directive (defaults to on).
2000-09-09 15:02:15 +00:00
Zeev Suraski
eb32144902 - Remove track_vars - it is now always on
- Make the various $HTTP_*_VARS[] arrays be defined always,
  even if they're empty
- Fix Win32 build and warnings
2000-09-05 19:06:29 +00:00
Sterling Hughes
ade2c31625 Add the session.use_trans_sid option to php.ini file. 2000-09-04 22:22:16 +00:00
Zeev Suraski
6a8440fb70 Advise people to use error logging instead of error displaying on production web sites 2000-08-26 14:25:47 +00:00
Rasmus Lerdorf
6d7cc46e38 Delete this suggestion as it was leading newbie users to use this file
without understanding what they were doing.  Experienced users will find
and use this file on their own.
2000-08-21 04:09:13 +00:00
David Croft
08c6773691 renamed ini section, quoted default host and tabulated.
# it doesn't make sense to have the tab-width set to 4 when we're
# using tabs for alignment in this case, it just makes it look screwy
# in everything but emacs
2000-08-15 09:47:35 +00:00
Hartmut Holzgraefe
b04a02660e changed default sendmail flags from '-t' to '-t -i' (bugid#5374) 2000-08-04 22:42:11 +00:00
John Donagher
e9427bc078 # Added example entries for the pfpro extension to the php.ini templates 2000-07-24 17:58:38 +00:00
Hénot David
15ff1d211b Added extension ii for Ingres II native support.
@- Added extension ii for Ingres II native support. See README in ext/ii
@  directory. (David H)
2000-07-17 21:29:30 +00:00
Zeev Suraski
2c94141b12 Add missing enable_dl 2000-06-26 18:16:54 +00:00
Zeev Suraski
0beee41fc6 max_execution_time is no longer UNIX only... 2000-06-26 16:34:12 +00:00
Zeev Suraski
f29eae1302 Move timeout code to Zend, allow Win32 timeouts
@- Implemented max_execution_time under Win32 (Zeev)
2000-06-16 01:53:35 +00:00
Zeev Suraski
7213c743f0 - Added disable_functions php.ini support
- Fixed Win32 build
2000-05-29 17:22:35 +00:00
Sascha Schumann
ee3c06a533 Fix register_argc_argv entry.
Submitted by: André Langhorst <A.Langhorst@itbnet.de>
2000-05-10 09:31:53 +00:00
Zeev Suraski
9cbcade6c9 Support E_USER_* error types 2000-04-19 15:10:14 +00:00
Zeev Suraski
83252f57b6 *** empty log message *** 2000-04-07 19:55:05 +00:00
Zeev Suraski
982f4b525c @- Added php.ini-optimized (Zeev) 2000-04-07 14:55:53 +00:00