 |
 |
 |
 |
|
|
Date: 03/08/01
- Next message: Daniel Beckham: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Previous message: Damien Seguy: "[PHP-DOC] cvs: phpdoc /fr/language control-structures.xml"
- Next in thread: Daniel Beckham: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Maybe reply: Daniel Beckham: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Maybe reply: Daniel Beckham: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Maybe reply: Jesus M. Castagnetto: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
danbeck Thu Mar 8 08:30:38 2001 EDT
Modified files:
/phpdoc/en/functions misc.xml
Log:
added security warnings about show_source and highlight_file
Index: phpdoc/en/functions/misc.xml
diff -u phpdoc/en/functions/misc.xml:1.35 phpdoc/en/functions/misc.xml:1.36
--- phpdoc/en/functions/misc.xml:1.35 Fri Nov 3 17:16:10 2000
+++ phpdoc/en/functions/misc.xml Thu Mar 8 08:30:37 2001
@@ -434,7 +434,17 @@
using the colors defined in the built-in syntax highlighter for PHP.
It returns true on success, false otherwise (PHP 4).
</simpara>
- <para>
+ <note>
+ <simpara>
+ Care should be taken when using the
+ <function>show_source</function> and
+ <function>highlight_file</function> functions to make sure that
+ you do not inadvertently reveal sensitive information such as
+ passwords or any other type of information that might create a
+ potential security risk.
+ </simpara>
+ </note>
+ <para>
<example>
<title>Creating a source highlighting URL</title>
<simpara>
@@ -448,11 +458,12 @@
In your httpd.conf you can add the following:
</simpara>
<para>
- <informalexample><programlisting>
+ <informalexample>
+ <programlisting>
<Location /source>
ForceType application/x-httpd-php
</Location>
- </programlisting></informalexample>
+ </programlisting></informalexample>
</para>
<simpara>
And then make a file named "source" and put it in your
@@ -490,9 +501,9 @@
</simpara>
<para>
<informalexample>
- <programlisting>
+ <programlisting>
http://your.server.com/source/path/to/script.php
- </programlisting>
+ </programlisting>
</informalexample>
</para>
</example>
@@ -793,10 +804,18 @@
using the colors defined in the built-in syntax highlighter for PHP.
It returns true on success, false otherwise (PHP 4).
</simpara>
+ <simpara>
+ This function is an alias for the function
+ <function>highlight_file</function>
+ </simpara>
<note>
<simpara>
- This function is an alias for the function
- <function>highlight_file</function>
+ Care should be taken when using the
+ <function>show_source</function> and
+ <function>highlight_file</function> functions to make sure that
+ you do not inadvertently reveal sensitive information such as
+ passwords or any other type of information that might create a
+ potential security risk.
</simpara>
</note>
<simpara>
- Next message: Daniel Beckham: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Previous message: Damien Seguy: "[PHP-DOC] cvs: phpdoc /fr/language control-structures.xml"
- Next in thread: Daniel Beckham: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Maybe reply: Daniel Beckham: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Maybe reply: Daniel Beckham: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Maybe reply: Jesus M. Castagnetto: "[PHP-DOC] cvs: phpdoc /en/functions misc.xml"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]