From 1e7e134c7df5a84486289ab05e701e3da2aa27e9 Mon Sep 17 00:00:00 2001
From: Gabor Hojtsy <goba@php.net>
Date: Sat, 20 Jan 2001 19:13:22 +0000
Subject: [PATCH] .php3 -> .php

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@39892 c90b9560-bf6c-de11-be94-00142212c4b1
---
 chapters/security.xml | 60 +++++++++++++++++++++----------------------
 security/index.xml    | 60 +++++++++++++++++++++----------------------
 2 files changed, 60 insertions(+), 60 deletions(-)

diff --git a/chapters/security.xml b/chapters/security.xml
index 50a5b90316..9a2bd9933b 100644
--- a/chapters/security.xml
+++ b/chapters/security.xml
@@ -83,15 +83,15 @@
        Usually some web server configuration directives (Apache:
        Action) are used to redirect requests to documents like
        <filename
-       role="url">http://my.host/secret/script.php3</filename> to the
+       role="url">http://my.host/secret/script.php</filename> to the
        PHP interpreter.  With this setup, the web server first checks
        the access permissions to the directory <filename
        role="uri">/secret</filename>, and after that creates the
        redirected request <filename
-       role="url">http://my.host/cgi-bin/php/secret/script.php3</filename>.
+       role="url">http://my.host/cgi-bin/php/secret/script.php</filename>.
        Unfortunately, if the request is originally given in this form,
        no access checks are made by web server for file <filename
-       role="uri">/secret/script.php3</filename>, but only for the
+       role="uri">/secret/script.php</filename>, but only for the
        <filename role="uri">/cgi-bin/php</filename> file.  This way
        any user able to access <filename
        role="uri">/cgi-bin/php</filename> is able to access any
@@ -125,9 +125,9 @@
      to the configure script.  You still have to make sure your PHP
      scripts do not rely on one or another way of calling the script,
      neither by directly <filename
-     role="php">http://my.host/cgi-bin/php/dir/script.php3</filename>
+     role="php">http://my.host/cgi-bin/php/dir/script.php</filename>
      nor by redirection <filename
-     role="php">http://my.host/dir/script.php3</filename>.
+     role="php">http://my.host/dir/script.php</filename>.
     </simpara>
     <simpara>
      Redirection can be configured in Apache by using AddHandler and
@@ -140,7 +140,7 @@
     <simpara>
      This compile-time option prevents anyone from calling PHP
      directly with a url like <filename
-     role="php">http://my.host/cgi-bin/php/secretdir/script.php3</filename>.
+     role="php">http://my.host/cgi-bin/php/secretdir/script.php</filename>.
      Instead, PHP will only parse in this mode if it has gone through
      a web server redirect rule.
     </simpara>
@@ -149,8 +149,8 @@
      the following directives:
     </simpara>
     <programlisting role="apache-conf">
-Action php3-script /cgi-bin/php
-AddHandler php3-script .php3
+Action php-script /cgi-bin/php
+AddHandler php-script .php
     </programlisting>
     <simpara>
      This option has only been tested with the Apache web server, and
@@ -199,21 +199,21 @@ AddHandler php3-script .php3
      linkend="ini.user-dir">user_dir</link>.  When user_dir is unset,
      only thing controlling the opened file name is
      <parameter>doc_root</parameter>.  Opening an url like <filename
-     role="url">http://my.host/~user/doc.php3</filename> does not
+     role="url">http://my.host/~user/doc.php</filename> does not
      result in opening a file under users home directory, but a file
-     called <filename role="uri">~user/doc.php3</filename> under
+     called <filename role="uri">~user/doc.php</filename> under
      doc_root (yes, a directory name starting with a tilde
      [<literal>~</literal>]).
     </simpara>      
     <simpara>
      If user_dir is set to for example <filename
      role="dir">public_php</filename>, a request like <filename
-     role="url">http://my.host/~user/doc.php3</filename> will open a
-     file called <filename>doc.php3</filename> under the directory
+     role="url">http://my.host/~user/doc.php</filename> will open a
+     file called <filename>doc.php</filename> under the directory
      named <filename role="dir">public_php</filename> under the home
      directory of the user.  If the home of the user is <filename
      role="dir">/home/user</filename>, the file executed is
-     <filename>/home/user/public_php/doc.php3</filename>.
+     <filename>/home/user/public_php/doc.php</filename>.
     </simpara>
     <simpara>
      <parameter>user_dir</parameter> expansion happens regardless of
@@ -254,22 +254,6 @@ AddHandler php3-script .php3
   
   </sect1>
 
-  <sect1 id="security.current">
-   <title>Keeping Current</title>
-   <simpara>
-    PHP, like any other large system, is under constant scrutiny and
-    improvement. Each new version will often include both major and
-    minor changes to enhance and repair security flaws, configuration
-    mishaps, and other issues that will affect the overall security
-    and stability of your system.
-   </simpara>
-   <simpara>
-    Like other system-level scripting languages and programs, the best
-    approach is to update often, and maintain awareness of the latest
-    versions and their changes.
-   </simpara>
-  </sect1>
-
   <sect1 id="security.apache">
    <title>Installed as an Apache module</title>
    <simpara>
@@ -406,7 +390,7 @@ echo "$file_to_delete has been deleted!";
      <title>More secure file name checking</title>
      <programlisting role="php">
 &lt;?php
-$username = get_env("REMOTE_USER");
+$username = getenv("REMOTE_USER");
 $homedir = "/home/$username";
 
 if (!ereg('^[^./][^/]*$', $userfile))
@@ -601,6 +585,22 @@ exec ($evil_var);
     become one.
    </simpara>
   </sect1>
+
+  <sect1 id="security.current">
+   <title>Keeping Current</title>
+   <simpara>
+    PHP, like any other large system, is under constant scrutiny and
+    improvement. Each new version will often include both major and
+    minor changes to enhance and repair security flaws, configuration
+    mishaps, and other issues that will affect the overall security
+    and stability of your system.
+   </simpara>
+   <simpara>
+    Like other system-level scripting languages and programs, the best
+    approach is to update often, and maintain awareness of the latest
+    versions and their changes.
+   </simpara>
+  </sect1>
  </chapter>
 
 <!-- Keep this comment at the end of the file
diff --git a/security/index.xml b/security/index.xml
index 50a5b90316..9a2bd9933b 100644
--- a/security/index.xml
+++ b/security/index.xml
@@ -83,15 +83,15 @@
        Usually some web server configuration directives (Apache:
        Action) are used to redirect requests to documents like
        <filename
-       role="url">http://my.host/secret/script.php3</filename> to the
+       role="url">http://my.host/secret/script.php</filename> to the
        PHP interpreter.  With this setup, the web server first checks
        the access permissions to the directory <filename
        role="uri">/secret</filename>, and after that creates the
        redirected request <filename
-       role="url">http://my.host/cgi-bin/php/secret/script.php3</filename>.
+       role="url">http://my.host/cgi-bin/php/secret/script.php</filename>.
        Unfortunately, if the request is originally given in this form,
        no access checks are made by web server for file <filename
-       role="uri">/secret/script.php3</filename>, but only for the
+       role="uri">/secret/script.php</filename>, but only for the
        <filename role="uri">/cgi-bin/php</filename> file.  This way
        any user able to access <filename
        role="uri">/cgi-bin/php</filename> is able to access any
@@ -125,9 +125,9 @@
      to the configure script.  You still have to make sure your PHP
      scripts do not rely on one or another way of calling the script,
      neither by directly <filename
-     role="php">http://my.host/cgi-bin/php/dir/script.php3</filename>
+     role="php">http://my.host/cgi-bin/php/dir/script.php</filename>
      nor by redirection <filename
-     role="php">http://my.host/dir/script.php3</filename>.
+     role="php">http://my.host/dir/script.php</filename>.
     </simpara>
     <simpara>
      Redirection can be configured in Apache by using AddHandler and
@@ -140,7 +140,7 @@
     <simpara>
      This compile-time option prevents anyone from calling PHP
      directly with a url like <filename
-     role="php">http://my.host/cgi-bin/php/secretdir/script.php3</filename>.
+     role="php">http://my.host/cgi-bin/php/secretdir/script.php</filename>.
      Instead, PHP will only parse in this mode if it has gone through
      a web server redirect rule.
     </simpara>
@@ -149,8 +149,8 @@
      the following directives:
     </simpara>
     <programlisting role="apache-conf">
-Action php3-script /cgi-bin/php
-AddHandler php3-script .php3
+Action php-script /cgi-bin/php
+AddHandler php-script .php
     </programlisting>
     <simpara>
      This option has only been tested with the Apache web server, and
@@ -199,21 +199,21 @@ AddHandler php3-script .php3
      linkend="ini.user-dir">user_dir</link>.  When user_dir is unset,
      only thing controlling the opened file name is
      <parameter>doc_root</parameter>.  Opening an url like <filename
-     role="url">http://my.host/~user/doc.php3</filename> does not
+     role="url">http://my.host/~user/doc.php</filename> does not
      result in opening a file under users home directory, but a file
-     called <filename role="uri">~user/doc.php3</filename> under
+     called <filename role="uri">~user/doc.php</filename> under
      doc_root (yes, a directory name starting with a tilde
      [<literal>~</literal>]).
     </simpara>      
     <simpara>
      If user_dir is set to for example <filename
      role="dir">public_php</filename>, a request like <filename
-     role="url">http://my.host/~user/doc.php3</filename> will open a
-     file called <filename>doc.php3</filename> under the directory
+     role="url">http://my.host/~user/doc.php</filename> will open a
+     file called <filename>doc.php</filename> under the directory
      named <filename role="dir">public_php</filename> under the home
      directory of the user.  If the home of the user is <filename
      role="dir">/home/user</filename>, the file executed is
-     <filename>/home/user/public_php/doc.php3</filename>.
+     <filename>/home/user/public_php/doc.php</filename>.
     </simpara>
     <simpara>
      <parameter>user_dir</parameter> expansion happens regardless of
@@ -254,22 +254,6 @@ AddHandler php3-script .php3
   
   </sect1>
 
-  <sect1 id="security.current">
-   <title>Keeping Current</title>
-   <simpara>
-    PHP, like any other large system, is under constant scrutiny and
-    improvement. Each new version will often include both major and
-    minor changes to enhance and repair security flaws, configuration
-    mishaps, and other issues that will affect the overall security
-    and stability of your system.
-   </simpara>
-   <simpara>
-    Like other system-level scripting languages and programs, the best
-    approach is to update often, and maintain awareness of the latest
-    versions and their changes.
-   </simpara>
-  </sect1>
-
   <sect1 id="security.apache">
    <title>Installed as an Apache module</title>
    <simpara>
@@ -406,7 +390,7 @@ echo "$file_to_delete has been deleted!";
      <title>More secure file name checking</title>
      <programlisting role="php">
 &lt;?php
-$username = get_env("REMOTE_USER");
+$username = getenv("REMOTE_USER");
 $homedir = "/home/$username";
 
 if (!ereg('^[^./][^/]*$', $userfile))
@@ -601,6 +585,22 @@ exec ($evil_var);
     become one.
    </simpara>
   </sect1>
+
+  <sect1 id="security.current">
+   <title>Keeping Current</title>
+   <simpara>
+    PHP, like any other large system, is under constant scrutiny and
+    improvement. Each new version will often include both major and
+    minor changes to enhance and repair security flaws, configuration
+    mishaps, and other issues that will affect the overall security
+    and stability of your system.
+   </simpara>
+   <simpara>
+    Like other system-level scripting languages and programs, the best
+    approach is to update often, and maintain awareness of the latest
+    versions and their changes.
+   </simpara>
+  </sect1>
  </chapter>
 
 <!-- Keep this comment at the end of the file