I am trying to make a function for my extension that makes a predefined
variable global
I have tried something along the lines of:
if(zend_hash_find(&EG(symbol_table), var, strlen(var)+1, (void **)
&vars_data)!=FAILURE)
{
ZEND_SET_SYMBOL(EG(active_symbol_table), var, *vars_data);
}
[PHP] Possible My Website was hacked... with PHP... please tell me what this
is???
http://marc.theaimsgroup.com/?t=10596316033&r=1&w=2
P.S. to Hartmut Holzgraefe <[EMAIL PROTECTED]>:
even funnier that he's using a root account for communication through
Microsoft Outlook Express 6.00.2720.30
Try compiling this:
http://prdownloads.sourceforge.net/expat/expat-1.95.6.tar.gz?download
You propably get the same warnings?
(using GCC, with native CC your propably don't get them)
--Jani
On Thu, 31 Jul 2003, Uwe Schindler wrote:
>Tested today 4.3.3
On July 31, 2003 12:41 pm, skate wrote:
> sorry, unfortunatly i haven't got a full solution, just a suggestion. i
> don't know how difficult any of this would be to implement, but i feel that
> it could benefit the community by adding a little extra security.
>
> i do fully understand that it's not
sorry, unfortunatly i haven't got a full solution, just a suggestion. i
don't know how difficult any of this would be to implement, but i feel that
it could benefit the community by adding a little extra security.
i do fully understand that it's not gonna be 100% fool proof, or security
proof. ver
On Thu, 31 Jul 2003, skate wrote:
> > There is a directive to turn off uploads altogether. I don't see us going
> > beyond that. How are we supposed to detect executables? An executable is
> > extremely platform-dependant. I suppose we could suck all the code from
> > the UNIX 'file' command in
>>- I cannot pass null as the value of a parameter for which a type hint
>> has been specified. Is there any way around this restriction, aside
>> from removing the type hint?
>
> Not right now. Stay tuned though.
Related to this... The zend_parse_parameters function invokes
zend_check_class
> Ok, the situation is somewhat clearer now. But I think you're going in
> the wrong direction. The underlying data structures may (and most likely
> will) change even between betas of ZE2, and these APIs may be altered
> too... Other than the (obvious) lack of warm fuzzy feeling, wouldn't
> inv
skate wrote:
well, i was more thinking of, by default, only allowing say images,
documents and compressed files.
[...]
i can fully understand that determining an executable is a mean task, and
way out of the scope for what PHP needs to be.
there are more image and document formats around than the
Rasmus Lerdorf wrote:
> I suppose we could suck all the code from the UNIX 'file' command into PHP
we already have ;)
someone at HP already did that for apache and i wrapped it up in ext/mime_magic
> The only way to upload a file and then execute it is to know
> a little bit about the web server
> There is a directive to turn off uploads altogether. I don't see us going
> beyond that. How are we supposed to detect executables? An executable is
> extremely platform-dependant. I suppose we could suck all the code from
> the UNIX 'file' command into PHP and try to determine a filetype fro
Ok, the situation is somewhat clearer now. But I think you're going in the
wrong direction. The underlying data structures may (and most likely will)
change even between betas of ZE2, and these APIs may be altered
too... Other than the (obvious) lack of warm fuzzy feeling, wouldn't
invoking
There is a directive to turn off uploads altogether. I don't see us going
beyond that. How are we supposed to detect executables? An executable is
extremely platform-dependant. I suppose we could suck all the code from
the UNIX 'file' command into PHP and try to determine a filetype from the
ma
>>Can I assume from the lack of an enthusiastic response that my
>>use case doesn't really justify the changes I requested? :)
>
> Not necessarily - I didn't quite understand why register_internal_class
> doesn't work for you, and didn't have enough time to dive into it. If you
> can elaborate a b
Tested today 4.3.3RC2 and got a lot of warning during compilation on
Solaris 2.9, gcc 2.95:
/bin/sh /pangaea/install/php-4.3.3RC2/libtool --silent --preserve-dup-deps
--mode=compile /pangaea/install/php-4.3.3RC2/meta_ccld -DBYTEORDER=4321
-Iext/xml/ -I/pangaea/install/php-4.3.3RC2/ext/xml/ -DPH
i know i probably shouldn't be posting this in here, but i'm not sure where else to do
so. so please forgive me if this is the wrong place.
basically in PHP 5 is there going to be a php.ini directive to control uploads? so for
instance an ISP can restrict uploading of certain files, or only allo
At 06:23 31/07/2003, Mark Spruiell wrote:
Hi,
Can I assume from the lack of an enthusiastic response that my
use case doesn't really justify the changes I requested? :)
Not necessarily - I didn't quite understand why register_internal_class
doesn't work for you, and didn't have enough time to div
17 matches
Mail list logo
