HOME Community Articles Code Library People Mail Archive My Account Contribute PHP Jobs

Open Source Database Feature Comparison Matrix Try Declarative Programming with Annotations and Aspects Locate All Stored Procedures and Their Objects/SQL Tables Building a Stored Procedure Generator Making Tables Read-only in Oracle

24-hour Support Daily Backup Dedicated Servers JSP/Java Servlets PHP MySQL Streaming Audio/Video Telnet/SSH Unix Hosting 24-hour Support

From: alasdair <email protected>
Date: 11/11/02

• Next message: Jirka Kosek: "Re: [PHP-DOC] PDF versions of manual only 267 pages"
• Previous message: Timm Friebe: "[PHP-DOC] [Fwd: Re: [PHP-DEV] [Fwd: [CVS] karma for sybase docs]]"
• In reply to: alasdair <email protected>: "[PHP-DOC] #20371 [NEW]: PHP Change log missing HUGE change"
• Next in thread: philip <email protected>: "[PHP-DOC] #20371 [Bgs->Opn]: PHP Change log missing HUGE change"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 ID: 20371
 Comment by: alasdair <email protected>
 Reported By: alasdair <email protected>
 Status: Bogus
 Bug Type: Documentation problem
 Operating System: FreeBSD
 PHP Version: 4.2.3
 New Comment:

It is however not mentioned on:

http://www.php.net/ChangeLog-4.php

It is not mentioned on this change log that it is
summarised/incomplete. While it may be mentioned elsewhere, this is
more a complaint about the front page change log than anything else.

Previous Comments:
------------------------------------------------------------------------

[2002-11-11 17:01:49] rasmus <email protected>

It's right there in the NEWS file:

- Disabled the fifth parameter in mail() when safe-mode is turned on.
(Derick)

And for that matter, it is also in the ChangeLog:

2002-07-02 Derick Rethans <d.rethans <email protected>>

    * ext/standard/mail.c:
    - Be nice to users and allow them to check if the mail was send

    * ext/standard/mail.c: - Disable 5th parameter to mail in safemode
    - Disabled the fifth parameter to the mail function in safemode.

And yes, we will continue to fix security problems in minor releases.
This was a nasty security hole and needed to be fixed.

------------------------------------------------------------------------

[2002-11-11 16:51:24] alasdair <email protected>

The PHP Changelog for 4.2.3 does not mention the inclusion of a new
directive in Safe Mode to restrict the 5th parameter in the mail()
function.

Quoting somewhere:

"This fifth parameter was added in PHP 4.0.5. Since PHP 4.2.3 this
parameter is disabled in safe_mode and the mail() function will expose
a warning message and return FALSE if you're trying to use it."

There is no mention of this in the Change Log. For PHP, a very widly
used piece of software, i find it totally insane that such a major
change has been implemented in a minor release update. And not only
that, for it to not even be mentioned on the change log!!

It would seem that the Change log is not a valid source of information
- since it cannot even be trusted to include major changes. I would
reccomend slapping whoever comitted this change.

------------------------------------------------------------------------

-- 
Edit this bug report at http://bugs.php.net/?id=20371&edit=1
-- 
PHP Documentation Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

• Next message: Jirka Kosek: "Re: [PHP-DOC] PDF versions of manual only 267 pages"
• Previous message: Timm Friebe: "[PHP-DOC] [Fwd: Re: [PHP-DEV] [Fwd: [CVS] karma for sybase docs]]"
• In reply to: alasdair <email protected>: "[PHP-DOC] #20371 [NEW]: PHP Change log missing HUGE change"
• Next in thread: philip <email protected>: "[PHP-DOC] #20371 [Bgs->Opn]: PHP Change log missing HUGE change"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]