My 2cents, the actually best would be to completely forbid the usage of URLs inside include/require and introduce a new keyword: include_url that works like the current include would work and rename allow_url_include into allow_dangerous_urls (for include_url only).
Basically this would protect everyone from URL includes with no way around and if someone really really wants this dangerous feature he has to explicitly request it via include_url. Stefan Esser -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
