Hello Wez, and i thought i was finished with this :-)
Well yeah you could do things like: [EMAIL PROTECTED] /usr/src/PHP_5_2 $ php -r "include 'data:;base64,PD9waHAgZWNobyAiSGVsbG8gd29ybGQKIjsgPz4=';" make: `sapi/cli/php' is up to date. Hello world Hey you have a strange sender identification "[EMAIL PROTECTED]" which is what i get for the personal mail that btw doesn't include a subject. best regards marcus Sunday, May 14, 2006, 10:55:59 PM, you wrote: > Are you sure about that? > Seems to me that this is one case that really should be protected by > allow_url_fopen, as it allows specifying arbitrary data in the > filename. > While this is not quite such a big deal in HEAD, it is in PHP 5.2. > I think this needs further analysis and discussion before we roll PHP 5.2. > --Wez. > On 5/14/06, Marcus Boerger <[EMAIL PROTECTED]> wrote: >> helly Sun May 14 19:13:17 2006 UTC >> >> Modified files: >> /php-src/main/streams memory.c >> Log: >> - No need to have this controlled by allow_url_fopen >> >> http://cvs.php.net/viewcvs.cgi/php-src/main/streams/memory.c?r1=1.19&r2=1.20&diff_format=u >> Index: php-src/main/streams/memory.c >> diff -u php-src/main/streams/memory.c:1.19 php-src/main/streams/memory.c:1.20 >> --- php-src/main/streams/memory.c:1.19 Sun May 14 01:39:24 2006 >> +++ php-src/main/streams/memory.c Sun May 14 19:13:17 2006 >> @@ -16,7 +16,7 @@ >> +----------------------------------------------------------------------+ >> */ >> >> -/* $Id: memory.c,v 1.19 2006/05/14 01:39:24 helly Exp $ */ >> +/* $Id: memory.c,v 1.20 2006/05/14 19:13:17 helly Exp $ */ >> >> #define _GNU_SOURCE >> #include "php.h" >> @@ -701,7 +701,7 @@ >> php_stream_wrapper php_stream_rfc2397_wrapper = { >> &php_stream_rfc2397_wops, >> NULL, >> - 1, /* is_url */ >> + 0, /* is_url */ >> }; >> >> /* >> >> -- >> PHP CVS Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> Best regards, Marcus -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
