[Phpmyadmin-devel] disabled functions for security
Marc Delisle
DelislMa at CollegeSherbrooke.qc.ca
Sat Mar 8 03:33:09 CET 2003
Alexander,
you are right and I just tested it: PHP 4.3.0 returns FALSE
when ini_get is disabled.
So we could put the @ in front of the 2 ini_get calls, as suggested
in the bug report, but this means they won't be able to upload.
I smell a new faq entry about upgrading their PHP:)
Do you want me to do the job?
Marc
Alexander M. Turek wrote:
> Hi Marc & list,
>
> -----Original Message-----
> From: Marc Delisle
>
>>We got a report from a user, his ISP has disabled ini_get() and
>>mysql_list_dbs() for security reasons.
>>
>>Problem is, in this case, function_exists('ini_get') is true even
>>if ini_get() is disabled.
>
>
> I just read in php's ChangeLog <http://www.php.net/ChangeLog-4.php> that
> this issue has been fixed in php 4.3.0.
> In recent php versions, function_exists should return FALSE for disabled
> functions.
>
> Regards,
>
> Alexander M. Turek
> <alex at bugfixes.info>
>
> +-----------------------------+
> | The phpMyAdmin Project |
> | http://www.phpmyadmin.net |
> | rabus at users.sourceforge.net |
> +-----------------------------+
> | [bugfixes.info] |
> | http://www.bugfixes.info |
> | rabus at bugfixes.info |
> +-----------------------------+
>
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger
> for complex code. Debugging C/C++ programs can leave you feeling lost and
> disoriented. TotalView can help you find your way. Available on major UNIX
> and Linux platforms. Try it free. www.etnus.com
> _______________________________________________
> Phpmyadmin-devel mailing list
> Phpmyadmin-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
>
More information about the Developers
mailing list