I think the problem could be solved this way:
0. allow_url_include and allow_url_fopen renamed to allow_remote_include
and allow_remote_fopen (not really necessary, just much cleaner, if you
don't like it, ignore it for now).
1. By default, allow_remote_inclue=0, allow_remote_fopen=1
2. Stream can be of three types - remote, local and user/local.
3. User streams can be declared when registered as either remote or
user/local, remote being the default.
4. When operation on user/local stream is run, allow_remote_fopen is
disabled if allow_remote_include was disabled.
Thus, if somebody doesn't mark the stream local, it's remote and behaves
just like http://. If it is marked as local, it can be used in includes
under allow_remote_include=0, however it could not do things like:
function stream_open($path, $mode, $options, &$opened_path)
{
$this->file = fopen($path);
}
and thus make the local include work with remote files.
This would require following changes:
1. Adding optional parameter to stream registration functions.
2. Some tweaking in user streams module to toggle allow_remote_fopen for
user/local streams.
What do you think?
--
Stanislav Malyshev, Zend Products Engineer
[EMAIL PROTECTED] http://www.zend.com/
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
