Menu
▾
▴
Re: [SM-PLUGINS] PHP-4.1.2-->Anyone had success using it?
|
From: Brent B. <bb...@pe...> - 2002-03-30 02:39:43
|
So far it's been treating me fine. I upgraded to it immediately when I
heard about the security hole in earlier releases. If memory serves, the
default php.ini file is slightly different. In 4.1.2, by default, you
find:
allow_call_time_pass_reference = Off
In the SM 1.2.5 install I had goin' I noticed that the bit of code for
reporting message bodies that couldn't be displayed properly broke under
4.1.2 with this setting off. (working from memory here) I *think* that
when I turned this on I could report message bodies but not with the
allow_call_time_pass_reference setting on.
I didn't have time to look at the CVS version to see if it had the
same problem or if it'd already been fixed. And I haven't run across any
other message bodies I couldn't display in SM 1.2.5 :-)
Brent
> On Thu, 2002-03-21 at 16:37, Caribe Schreiber wrote:
>> Hey Guys!
>>
>> I fixed my vadmin problem by going back to php-4.0.6. I've heard
>> that SM 1.2.5 is kosher with php-4.1.2, but I tried installing it and
>> couldn't make vadmin work with it. I just patched the source for
>> php-4.0.6 to get rid of the file upload insecurity (I'd suggest that
>> everyone do it...IIRC having a hole that'll allow arbitrary code
>> execution is bad) and everyting's ok again. I was just wondering if
>> the problem is something intrinsic to my setup or if it's a bug in
>> php/sm/vadmin.
>
> Yes, vadmin doesn't work with 4.1.x because they broke^H^H^H^H^H
> changed the way sessions are handled. I am going to see if I can make
> an
> official fix for this some time soonish...
>
> Regards,
> --
> 0> Konstantin ("Icon") Riabitsev
> / ) Duke University Physics Sysadmin
> ~ www.duke.edu/~icon/pubkey.asc
-----------------------------------------
Persistence Software Inc.
1720 South Amphlett Blvd. Third Floor
San Mateo, CA 94402
|