Edit report at http://bugs.php.net/bug.php?id=53256&edit=1
ID: 53256 User updated by: geoffreyfishing at users dot sourceforge dot net Reported by: geoffreyfishing at users dot sourceforge dot net Summary: Protect .ini files by default. Status: Open Type: Feature/Change Request Package: PHP options/info functions Operating System: All PHP Version: 5.3.3 Block user comment: N New Comment: I think you are misunderstanding my idea. The idea is not to parse the ini file, the idea is to prevent the ini file from being directly requested. Like for example if the ini file got requested, php.exe would just return an empty string. Or, you could have an "access denied" error, or "404 not found" error or something else. Previous Comments: ------------------------------------------------------------------------ [2010-11-07 22:31:09] cataphr...@php.net I don't see the usefulness. Why would the webserver be configured to read the ini files as PHP files in the first place?... Am I missing something? ------------------------------------------------------------------------ [2010-11-07 19:39:13] geoffreyfishing at users dot sourceforge dot net Description: ------------ With the parse_ini_file() function, many people are coming up with different ways to protect ini files (need proof? check the comments for that function). The idea here is to register the .ini file with the PHP parser, and then have the parser just return like a blank screen or something. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=53256&edit=1
