Hi Nuno, > > I was already expecting this kind of answer from you, but you clearly > don't know me. > The previous e-mail wasn't a personal attack nor an attack to your > business, nor I was doing any type of propaganda against you. Calling my actions unethical and my posts pathetic is kinda a personal attack in the real world.
> I didn't know that, really. But in theory I'm also a PHP developer > (although not very active) and I didn't receive any information about > that. > So, I don't know who knew that. But if the security team was aware of > that, I present my excuses to you. The fact that allow_url_fopen does not affect php://input was not only brought up by me before but is actively used by skript kiddies for years. And I really don't like to repeat myself 1000 times. When I brought this up the response I got was: "Yeah whatever. Stopping a few URLs is better than stopping none." > > If people doesn't know the facts, just explain the things to them > nicely. No violence is needed, IMHO. Well PHP developers discuss on IRC how to kill me best by shooting me in my back. I am just answering in the same tone. Stefan -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
