[Phpmyadmin-devel] disabled functions for security

Marc Delisle DelislMa at CollegeSherbrooke.qc.ca
Sun Mar 9 04:57:03 CET 2003

Garvin Hicking wrote:
> Hi Marc!
>>I know it's not what you meant, that's why I said "another suggestion".
> Ah, now I get it. I'm sorry for my misinterpretation. :)
>>The current is_upload philosophy avoids displaying the file selector
>>if we cannot detect that uploads are allowed. So if we reverse the
>>logic, we will avoid displaying the file selector if we detect that
>>uploads are not allowed, and sometimes (where PHP is < 43000 and
>>ini_get() is not available), we will display a file selector that
>>won't work. I think that this is acceptable.
> I agree with your notion against a new configuration directive. Just a question:
> Haven't there been issues with enabled is_upload, where the form got screwed up
> because of the form/form-data enctype attribute? Were there only certain
> php-installations affected? I don't remember...
> Regards,
> Garvin.

There was this thread:

maybe this was the same problem that duplicate fields (Apache config 
error), I  don't remember if we got confirmation about this.


More information about the Developers mailing list