[geeklog-devel] 1.3.10 to do list
Vincent Furia
vfuria at gmail.com
Wed Aug 4 23:45:28 EDT 2004
For the record, instances of $_REQUEST in files:
public_html/comment.php:11
public_html/lib-common.php:7
public_html/mail/index.php:3
public_html/pdfgenerator.php:13
system/classes/search.class.php:1 <--- I think this is just a comment
I guess I can take care of comment.php if you really think this is
necessary. Honestly I don't think this is that big a deal. Anyone
using PHP < 4.1.0 is open to so many security holes we're probably
doing them a favor...
$_REQUEST makes things, much, much easier (at least in comment.php)
because forms submitting input to the script have a mix of GET and
POST variables (and often some variables are used both ways depending
on from where they are called).
-Vinny
On Wed, 4 Aug 2004 21:02:20 +0200, Dirk Haun <dirk at haun-online.de> wrote:
> Coming back to this:
>
> >We should update the minimum requirements for Geeklog as well. Since
> >we've started using $_REQUEST in the core code in several places we'll
> >need to require PHP 4.1.0 or higher (at a minimum).
>
> Only pdfgenerator.php, comment.php and some comment-related code in lib-
> common.php seem to use $_REQUEST.
>
> How much work would it be to convert that code to using $HTTP_POST_VARS
> and $HTTP_GET_VARS?
>
> We have to move away from the $HTTP_xxx_VARS arrays eventually, as they
> seem to be disabled by default in PHP 5.0.0, but can we make one more
> release with the current requirements (which are PHP 4.0.4) and then
> convert all of it to $_POST, $_GET, and $_REQUEST for the next release
> (and, consequently, raise the requirements to PHP 4.1.0)?
>
>
>
> bye, Dirk
>
> --
> http://www.haun-online.de/
> http://geeklog.info/
>
> _______________________________________________
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
> http://lists.geeklog.net/listinfo/geeklog-devel
>
More information about the geeklog-devel
mailing list