sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-16 00:48:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

- More correct safe-mode documentation

Browse source 
- Partially added warnings to the functions themselves
- Small xml-id fix in cybermut


git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@52878 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Jeroen van Wolffelaar 2001-07-31 22:28:30 +00:00
parent 738d3a7a78
commit 77912fb35c
9 changed files with 87 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

116
features/safe-mode.xml
View file

@ -1,4 +1,4 @@
<!-- $Revision: 1.6 $ -->
<!-- $Revision: 1.7 $ -->
<chapter id="features.safe-mode">
<title>Safe mode</title>
@ -107,20 +107,24 @@ Warning: readfile() has been disabled for security reasons in
<entry>&sm.uidcheck;</entry>
</row>
<row>
<entry><function>imap_thread</function></entry>
<entry>??</entry>
<entry><function>ifx_*</function></entry>
<entry>sql_safe_mode restrictions, (!= safe-mode)</entry>
<!-- TODO: more info on sql-safe-mode -->
</row>
<row>
<entry><function>ifxus_tell_slob</function></entry>
<entry>??</entry>
<entry><function>ingres_*</function></entry>
<entry>sql_safe_mode restrictions, (!= safe-mode)</entry>
<!-- TODO: more info on sql-safe-mode -->
</row>
<row>
<entry><function>muscat_close</function></entry>
<entry>??</entry>
<entry><function>mysql_*</function></entry>
<entry>sql_safe_mode restrictions, (!= safe-mode)</entry>
<!-- TODO: more info on sql-safe-mode -->
</row>
<row>
<entry><function>pg_loimport</function></entry>
<entry>&sm.uidcheck;</entry>
<!-- source TODO: there is no PHP-warning for that safe-mode-restriction -->
</row>
<row>
<entry><function>posix_mkfifo</function></entry>
@ -128,27 +132,64 @@ Warning: readfile() has been disabled for security reasons in
</row>
<row>
<entry><function>putenv</function></entry>
<entry>??</entry>
<entry>Obeys the safe_mode_protected_env_vars and
safe_mode_allowed_env_vars ini-directives. See also the documentation
on <function>putenv</function></entry>
<!-- TODO: document those directives in chapters/config.xml -->
</row>
<row>
<entry><function>move_uploaded_file</function></entry>
<entry>&sm.uidcheck;</entry>
<entry>&sm.uidcheck; <!-- TODO: check this --></entry>
</row>
<!-- TODO: from here on, add warning to the function itself -->
<row>
<entry><function>chdir</function></entry>
<entry>&sm.uidcheck.dir;</entry>
</row>
<row>
<entry><function>dl</function></entry>
<entry>??</entry>
<entry>&sm.disabled;</entry>
</row>
<row>
<entry><function>shell_exec</function></entry>
<entry>??</entry>
<entry><link linkend="language.operators.execution">backtick operator</link></entry>
<entry>&sm.disabled;</entry>
</row>
<row>
<entry><function>shell_exec</function> (functional equivalent
of backticks)</entry>
<entry>&sm.disabled;</entry>
</row>
<row>
<entry><function>exec</function></entry>
<entry>You can only execute executables within the <link
linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
For practical reasons it's currently not allowed to have
<literal>..</literal> components in the path to the executable.</entry>
</row>
<row>
<entry><function>system</function></entry>
<entry>You can only execute executables within the <link
linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
For practical reasons it's currently not allowed to have
<literal>..</literal> components in the path to the executable.</entry>
</row>
<row>
<entry><function>passthru</function></entry>
<entry>You can only execute executables within the <link
linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
For practical reasons it's currently not allowed to have
<literal>..</literal> components in the path to the executable.</entry>
</row>
<row>
<entry><function>popen</function></entry>
<entry>&sm.uidcheck.dir; <!-- not sure!! --></entry>
<entry>You can only execute executables within the <link
linkend="ini.safe-mode-exec-dir">safe_mode_exec_dir</link>.
For practical reasons it's currently not allowed to have
<literal>..</literal> components in the path to the executable.</entry>
<!-- TODO: not sure. popen uses a completely different implementation
Don't know why, don't know whether it's behaving the same -->
</row>
<row>
<entry><function>mkdir</function></entry>
@ -160,15 +201,17 @@ Warning: readfile() has been disabled for security reasons in
</row>
<row>
<entry><function>rename</function></entry>
<entry>&sm.uidcheck; <!-- on the old name only, it seems --></entry>
<entry>&sm.uidcheck; &sm.uidcheck.dir;<!-- on the old name only, it seems. Is rename preventing moving files? --></entry>
</row>
<row>
<entry><function>unlink</function></entry>
<entry>&sm.uidcheck;</entry>
<entry>&sm.uidcheck; &sm.uidcheck.dir;</entry>
</row>
<row>
<entry><function>copy</function></entry>
<entry>&sm.uidcheck; <!-- source AND target,should be noted --></entry>
<entry>&sm.uidcheck; &sm.uidcheck.dir; (on
<parameter>source</parameter> and
<parameter>target</parameter>) </entry>
</row>
<row>
<entry><function>chgrp</function></entry>
@ -180,48 +223,29 @@ Warning: readfile() has been disabled for security reasons in
</row>
<row>
<entry><function>chmod</function></entry>
<entry>&sm.uidcheck; <!-- there is more than this,
i believe you can't set the SUID/SGID/sticky bits? --></entry>
<entry>&sm.uidcheck; In addition, you cannot
set the SUID, SGID and sticky bits</entry>
</row>
<row>
<entry><function>touch</function></entry>
<entry>&sm.uidcheck;</entry>
<entry>&sm.uidcheck; &sm.uidcheck.dir;</entry>
</row>
<row>
<entry><function>symlink</function></entry>
<entry>&sm.uidcheck; <!-- only link-target, it seems? --></entry>
<entry>&sm.uidcheck; &sm.uidcheck.dir; (note: only the target is
checked)</entry>
</row>
<row>
<entry><function>link</function></entry>
<entry>&sm.uidcheck; <!-- only link-target, it seems? --></entry>
</row>
<row>
<entry><function>ob_gzhandler</function></entry>
<entry>&sm.uidcheck;</entry>
<entry>&sm.uidcheck; &sm.uidcheck.dir; (note: only the target is
checked)</entry>
</row>
<row>
<entry><function>getallheaders</function></entry>
<entry>??</entry>
</row>
<row>
<entry><function>exec</function></entry>
<entry>??</entry>
</row>
<row>
<entry><function>system</function></entry>
<entry>??</entry>
</row>
<row>
<entry><function>passthru</function></entry>
<entry>??</entry>
</row>
<row>
<entry><function>mail</function></entry>
<entry>??</entry>
</row>
<row>
<entry><link linkend="language.operators.execution">backtick operator</link></entry>
<entry>??</entry>
<entry>In safe-mode, headers beginning with 'authorization'
(case-insensitive)
will not be returned. Warning: this is broken with the aol-server
implementation of <function>getallheaders</function>!</entry>
</row>
<row>
<entry>Any function that uses

6
functions/cybermut.xml
View file

@ -40,7 +40,7 @@
</note>
</partintro>
<refentry id="function.cybermut_creerformulairecm">
<refentry id="function.cybermut-creerformulairecm">
<refnamediv>
<refname>cybermut_creerformulairecm</refname>
<refpurpose>Generate HTML form of request for payment</refpurpose>
@ -104,7 +104,7 @@ $VERSION="1.2";
</refsect1>
</refentry>
<refentry id="function.cybermut_testmac">
<refentry id="function.cybermut-testmac">
<refnamediv>
<refname>cybermut_testmac</refname>
<refpurpose>
@ -177,7 +177,7 @@ if ($mac_ok) {
</refsect1>
</refentry>
<refentry id="function.cybermut_creerreponsecm">
<refentry id="function.cybermut-creerreponsecm">
<refnamediv>
<refname>cybermut_creerreponsecm</refname>
<refpurpose>

1
functions/dbase.xml
View file

@ -147,6 +147,7 @@ if (!dbase_create($dbname, $def))
Returns a dbase_identifier for the opened database, or &false; if
the database couldn't be opened.
</para>
&note.sm.uidcheck;
</refsect1>
</refentry>

1
functions/dbm.xml
View file

@ -67,6 +67,7 @@ dbmclose ($dbm);
information on DBM files, see your Unix man pages, or obtain
<ulink url="&url.gdbm;">GNU's GDBM</ulink>.
</para>
&note.sm.uidcheck;
</refsect1>
</refentry>

3
functions/filepro.xml
View file

@ -29,6 +29,7 @@
<para>
No locking is done, so you should avoid modifying your filePro
database while it may be opened in PHP.</para>
&note.sm.uidcheck;
</refsect1>
</refentry>
@ -102,6 +103,7 @@
</funcsynopsis>
<para>
Returns the data from the specified location in the database.</para>
&note.sm.uidcheck;
</refsect1>
</refentry>
@ -141,6 +143,7 @@
</funcsynopsis>
<para>
Returns the number of rows in the opened filePro database.</para>
&note.sm.uidcheck;
<para>
See also <function>filepro</function>.</para>
</refsect1>

2
functions/filesystem.xml
View file

@ -2136,6 +2136,8 @@ mkdir ("/path/to/my/dir", 0700);
system.
</para>
&note.sm.uidcheck;
<para>
See also <function>is_uploaded_file</function>, and the section
<link linkend="features.file-upload">Handling file uploads</link>

5
functions/info.xml
View file

@ -1332,6 +1332,11 @@ if (substr(php_uname(), 0, 7) == "Windows") {
These variables will be protected even if <literal>safe_mode_allowed_env_vars</literal>
is set to allow to change them.
</para>
<warning>
<para>
These directives have only effect when <link linkend="features.safe-mode">safe-mode</link> itself is enabled!
</para>
</warning>
<para>
<example>
<title>Setting an Environment Variable</title>

1
functions/pgsql.xml
View file

@ -907,6 +907,7 @@ for ($i=0; $i&lt;$num; $i++) {
object otherwise. Remember that handling large objects in
PostgreSQL must happen inside a transaction.
</para>
&note.sm.uidcheck;
</refsect1>
</refentry>

1
functions/posix.xml
View file

@ -578,6 +578,7 @@
<para>
Needs to be written ASAP.
</para>
&note.sm.uidcheck.dir;
</refsect1>
</refentry>