Hi Jan, On Thu, Feb 26, 2015 at 8:15 AM, Jan Ehrhardt <php...@ehrhardt.nl> wrote:
> Stanislav Malyshev in php.internals (Wed, 25 Feb 2015 15:00:21 -0800): > >> This is only a minor detail, compared with the other PHP7 changes. > > > >Not that minor actually since you'd have to enumerate all extensions > >used in your app, which can use libraries, which may use other > >extensions - like Smarty or some other template library - and it may be > >non-trivial to find out all of them. > > The RFC is not clear about that either, but there is always the way out > to allow all in .htaccess: > > php_value "zend.script_extensions" "" > > If you are not sure you can start with this and tighten the rope, if it > is possible. Maybe Yasuo should have made that the default. Then there > would be no BC break at all and just a (sort of a) extra security > measure for people that know what they are doing. > "php_value/php_admin_value" is common sense for me. It's been there since PHP3 at least, IIRC. I will add it to the RFC for documentation purpose when vote is finished. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net
