[Phpmyadmin-devel] disabled functions for security
Marc Delisle
DelislMa at CollegeSherbrooke.qc.ca
Sun Mar 9 04:57:03 CET 2003
Garvin Hicking wrote:
> Hi Marc!
>
>
>>I know it's not what you meant, that's why I said "another suggestion".
>
>
> Ah, now I get it. I'm sorry for my misinterpretation. :)
>
>
>>The current is_upload philosophy avoids displaying the file selector
>>if we cannot detect that uploads are allowed. So if we reverse the
>>logic, we will avoid displaying the file selector if we detect that
>>uploads are not allowed, and sometimes (where PHP is < 43000 and
>>ini_get() is not available), we will display a file selector that
>>won't work. I think that this is acceptable.
>
>
> I agree with your notion against a new configuration directive. Just a question:
> Haven't there been issues with enabled is_upload, where the form got screwed up
> because of the form/form-data enctype attribute? Were there only certain
> php-installations affected? I don't remember...
>
> Regards,
> Garvin.
Garvin,
There was this thread:
https://sourceforge.net/forum/forum.php?thread_id=816587&forum_id=72909
maybe this was the same problem that duplicate fields (Apache config
error), I don't remember if we got confirmation about this.
Marc
More information about the Developers
mailing list