[Phpmyadmin-devel] disabled functions for security
Garvin Hicking
squirrel at supergarv.de
Sun Mar 9 03:30:09 CET 2003
Hi Marc!
> I know it's not what you meant, that's why I said "another suggestion".
Ah, now I get it. I'm sorry for my misinterpretation. :)
> The current is_upload philosophy avoids displaying the file selector
> if we cannot detect that uploads are allowed. So if we reverse the
> logic, we will avoid displaying the file selector if we detect that
> uploads are not allowed, and sometimes (where PHP is < 43000 and
> ini_get() is not available), we will display a file selector that
> won't work. I think that this is acceptable.
I agree with your notion against a new configuration directive. Just a question:
Haven't there been issues with enabled is_upload, where the form got screwed up
because of the form/form-data enctype attribute? Were there only certain
php-installations affected? I don't remember...
Regards,
Garvin.
More information about the Developers
mailing list