|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2000, Version 4.0.1
+- Added disable_functions php.ini directive, to allow administrators to disable
+ certain functions for security reasons (Zeev)
- Fixed sessions on Win32. When setting the directory depth parameter in
save_path you need to now delimit it with a ';' instead of ':', e.g
"5;/tmp" instead of "5:/tmp" (Andi)
- Changed the Apache handler's return status to 'Declined' when a requested
PHP file could not be found. Returning 'Not Found' caused problems
in the ErrorDocument handler stage in that $REDIRECT_REDIRECT_ERROR_NOTES
- was not getting set at all. Moving to 'Declined' shoudl fix this and I
+ was not getting set at all. Moving to 'Declined' should fix this and I
can't see any other side effects. (Rasmus)
- Fixed scanning decimal numbers in internationalized environments. They should
always be in standard US format e.g. 23.3. (Andi, Zend Engine)
#include "ext/standard/php_dir.h"
#include "ext/standard/php_filestat.h"
#include "ext/standard/php_mail.h"
-#include "ext/standard/php_syslog.h"
+#include "ext/standard/php_ext_syslog.h"
#include "ext/standard/php_standard.h"
#include "ext/standard/php_lcg.h"
#include "ext/standard/php_output.h"
}
+static PHP_INI_MH(OnDisableFunctions)
+{
+ char *func;
+ char *new_value_dup = zend_strndup(new_value, new_value_length); /* This is an intentional leak,
+ * it's not a big deal as it's process-wide
+ */
+
+ func = strtok(new_value_dup, ", ");
+ while (func) {
+ zend_disable_function(func, strlen(func));
+ func = strtok(NULL, ", ");
+ }
+ return SUCCESS;
+}
+
+
/* Need to convert to strings and make use of:
* DEFAULT_SHORT_OPEN_TAG
* PHP_SAFE_MODE
PHP_INI_ENTRY("precision", "14", PHP_INI_ALL, OnSetPrecision)
PHP_INI_ENTRY("sendmail_from", NULL, PHP_INI_ALL, NULL)
PHP_INI_ENTRY("sendmail_path", DEFAULT_SENDMAIL_PATH, PHP_INI_SYSTEM, NULL)
+
+ PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM, OnDisableFunctions)
PHP_INI_END()
; even if safe_mode_allowed_env_vars is
; set to allow to change them.
+
+disable_functions = ; This directive allows you to disable certain
+ ; functions for security reasons. It receives
+ ; a comma separated list of function names.
+ ; This directive is *NOT* affected by whether
+ ; Safe Mode is turned on or off.
+
+
; Colors for Syntax Highlighting mode. Anything that's acceptable in <font color=???> would work.
highlight.string = #DD0000
highlight.comment = #FF8000
; even if safe_mode_allowed_env_vars is
; set to allow to change them.
+
+disable_functions = ; This directive allows you to disable certain
+ ; functions for security reasons. It receives
+ ; a comma separated list of function names.
+ ; This directive is *NOT* affected by whether
+ ; Safe Mode is turned on or off.
+
+
; Colors for Syntax Highlighting mode. Anything that's acceptable in <font color=???> would work.
highlight.string = #DD0000
highlight.comment = #FF8000
; even if safe_mode_allowed_env_vars is
; set to allow to change them.
+
+disable_functions = ; This directive allows you to disable certain
+ ; functions for security reasons. It receives
+ ; a comma separated list of function names.
+ ; This directive is *NOT* affected by whether
+ ; Safe Mode is turned on or off.
+
+
; Colors for Syntax Highlighting mode. Anything that's acceptable in <font color=???> would work.
highlight.string = #DD0000
highlight.comment = #FF8000
projects / php / commitdiff