@ - Added php.ini option "allow_webdav_methods" to allow handling of
@ WebDAV http requests within PHP scripts. (chregu)
# More methods (for DeltaV) will follow.

Changed handling of output buffer sizes.
@Added php.ini option "double_buffering" that forces an additional first
@output buffer and improved handling of buffer sizes. (Marcus)

rename php_error_func<n> to php_error_docref and support Wez idea
that solves ToDo requirement to point to PHP Manual in error messages.

- Implement Andrei's request for disabling memory leak reporting in debug
builds.
#- Andrei: I can show you the logs :)

new ini setting log_errors_max_len
@-New ini setting log_errors_max_len controls maximum length for error
@ messages. Set it to 0 for infinite. Default is 1024 (old behaviour) (Marcus)

new feature ignoring repeated error messages (defaults to old behaviour)
@You can now disable logging of repeated error messages with two new ini settings ignore_repeated_errors, ignore_repeated_

new feature ignoring repeated error messages (defaults to old behaviour)
@You can now disable logging of repeated error messages with two new ini settings ignore_repeated_errors, ignore_repeated_source. @(Marcus)

show more ...

Shouldn't have made it into my last commit.

TSRMLS related work on streams, as discussed with Zeev.
# Should be the last "broad" commit for a while
# Don't forget to make clean ; make

Maintain headers.

Update headers.

- Adding a callback mechanism to the unserializer. (patch by Bernd
Roemer <berndr@bonn.edu>)
#- An explainatory e-mail will be send to php-dev

Make it possible to enable chunked output buffering without providing
an output handling function

Redesigned thread safety mechanism - nua nua

Add always_populate_raw_post_data ini directive and default it to 0 to
maintain current behaviour. If this is turned on then $HTTP_RAW_POST_DATA
is always populated with a copy of the raw po

Add always_populate_raw_post_data ini directive and default it to 0 to
maintain current behaviour. If this is turned on then $HTTP_RAW_POST_DATA
is always populated with a copy of the raw post data.
@ - Add config option (always_populate_raw_post_data) which when enabled
@ will always populate $HTTP_RAW_POST_DATA regardless of the post mime
@ type (Rasmus)

show more ...

o Fixed Bug #12121: chdir and safe_mode
- [ main/safe_mode.h ] added new checkuid mode:
CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
fails

- [ ex

o Fixed Bug #12121: chdir and safe_mode
- [ main/safe_mode.h ] added new checkuid mode:
CHECKUID_ALLOW_ONLY_FILE: skips directory check if file check
fails

- [ ext/standard/dir.c ] changed php_checkuid() to use
CHECKUID_ALLOW_ONLY_FILE instead of CHECKUID_ALLOW_ONLY_DIR

- [ main/safe_mode.c ] added code for new checkuid mode

o Fixed Bug #12119: safe mode owner check can be bypassed with symlink
- [ main/safe_mode.c ] use VCWD_REALPATH to resolve destination
of symlink before trimming filename

o New Feature: safe_mode_include_dir (php.ini directive)
- Allows bypassing UID/GID checks when including files
from the directory in safe_mode_include_dir and its
subdirectories. (safe_mode must be on, directory must
also be in include_path or full path must be used when
including)

o Fixed Feature: safe_mode_gid (php.ini directive)
- Correctly check (and report) UID/GID bits on directories

o Changed include() fall back to scripts cwd implementation
- CWD added to the (local) search path in php_fopen_with_path()
instead of seperate case. [ main/fopen_wrappers.c ]

show more ...

Fix xmlrpc_error:number handling

Allow errors to be returned as XMLRPC fault packets.

Submitted by: Matt Allen <matt@investigationmarketplace.com>

Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
a gid check instead of a uid check.
@ - Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
@ a

Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
a gid check instead of a uid check.
@ - Add getmygid() and safe_mode_gid ini directive to allow safe mode to do
@ a gid check instead of a uid check. (James E. Flemer, Rasmus)

show more ...

Added new configuration directives:
arg_separator.input and arg_separator.output

- Fix copyright notices with 2001

- Remove the ini_extension_list global
- Switch to delayed loading of Zend extensions

Defer loading of extensions until all configuration entries have been
added to the configuration hash.

- Import Jade Nicoletti's transparent gzip encoding support as an output
handler. Works quite nicely!
- Fix buglets in output buffering
- Add output_handler INI directive

fopen wrappers cleanup
- comfiguration is now done by an ini parameter
instead of a compile time option
- the implementations of the three standard wrappers
now live in se

fopen wrappers cleanup
- comfiguration is now done by an ini parameter
instead of a compile time option
- the implementations of the three standard wrappers
now live in seperate files in ext/standard
- the compiler is happy again, no more warnings

show more ...

More security-related (control) patches:
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit. Defaults to 8MB.
- Impleme

More security-related (control) patches:
- Avoid displaying errors during startup, unless display_startup_errors is enabled.
- Implemented post_size_max limit. Defaults to 8MB.
- Implemented file_uploads on/off directive (defaults to on).

show more ...