[Phpmyadmin-devel] disabled functions for security
Marc Delisle
DelislMa at CollegeSherbrooke.qc.ca
Sat Mar 8 13:38:02 CET 2003
Garvin Hicking wrote:
> Hi!
>
>
>>So we could put the @ in front of the 2 ini_get calls, as suggested
>>in the bug report, but this means they won't be able to upload.
>>I smell a new faq entry about upgrading their PHP:)
>
>
> Can't we put an override file_upload directive in the configuration? I don't see why
> users shouldn't be able to use a function only because a hoster forbids the function
> to see whether a function is available. Users who know, that file upload is enabled
> for them can then enable it. A comment in the config should document, that Users
> should know what they're doing.
>
> Nevertheless, this is an annoying issue. :-\
>
> Regards,
> Garvin.
So, another suggestion. We reverse the logic of this part of code.
If we cannot detect that file uploads are disabled, we set $is_upload to
TRUE.
Marc
More information about the Developers
mailing list