diff options
| author | Andrey Andreev <narf@devilix.net> | 2014-02-05 11:46:36 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2014-02-05 11:46:36 +0100 |
| commit | 86f46f4628f63ef63d28de78da0d8d73013d5a8c (patch) | |
| tree | aa85ab0d40fdc0ff771aae37ab957b8704058b48 | |
| parent | 4a2918a33c756ac7cc9defc2e6acd371e4412af6 (diff) | |
| parent | aaa8ddb5a48af8f37cf1015a7768957cce41acd3 (diff) | |
Merge branch 'develop' into feature/encryption
| -rw-r--r-- | application/language/index.html | 10 | ||||
| -rw-r--r-- | system/core/Common.php | 5 | ||||
| -rw-r--r-- | user_guide_src/source/changelog.rst | 2 | ||||
| -rw-r--r-- | user_guide_src/source/general/common_functions.rst | 7 |
4 files changed, 22 insertions, 2 deletions
diff --git a/application/language/index.html b/application/language/index.html new file mode 100644 index 000000000..c942a79ce --- /dev/null +++ b/application/language/index.html @@ -0,0 +1,10 @@ +<html> +<head> + <title>403 Forbidden</title> +</head> +<body> + +<p>Directory access is forbidden.</p> + +</body> +</html>
\ No newline at end of file diff --git a/system/core/Common.php b/system/core/Common.php index e5dd84369..07f0c6dfd 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -756,6 +756,11 @@ if ( ! function_exists('function_usable')) * *suhosin.executor.disable_eval*. These settings will just * terminate script execution if a disabled function is executed. * + * The above described behavior turned out to be a bug in Suhosin, + * but even though a fix was commited for 0.9.34 on 2012-02-12, + * that version is yet to be released. This function will therefore + * be just temporary, but would probably be kept for a few years. + * * @link http://www.hardened-php.net/suhosin/ * @param string $function_name Function to check for * @return bool TRUE if the function exists and is safe to call, diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 5f45f428d..962c174a9 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -452,7 +452,7 @@ Release Date: Not Released - Changed ``_exception_handler()`` to respect php.ini *display_errors* setting. - Added function :php:func:`is_https()` to check if a secure connection is used. - Added function :php:func:`is_cli()` to replace the ``CI_Input::is_cli_request()`` method. - - Added function :php:func:`function_usable()` to check if a function exists and is not disabled by `Suhosin <http://www.hardened-php.net/suhosin/>`. + - Added function :php:func:`function_usable()` to work around a bug in `Suhosin <http://www.hardened-php.net/suhosin/>`. - Removed the third (`$php_error`) from function :php:func:`log_message()`. - :doc:`Output Library <libraries/output>` changes include: diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index a1007cb4b..1babe5a83 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -202,4 +202,9 @@ checks if it doesn't disable the function being checked. It is useful if you want to check for the availability of functions such as ``eval()`` and ``exec()``, which are dangerous and might be -disabled on servers with highly restrictive security policies.
\ No newline at end of file +disabled on servers with highly restrictive security policies. + +.. note:: This function was introduced because Suhosin terminated + script execution, but this turned out to be a bug. A fix + has been available for some time (version 0.9.34), but is + unfortunately not released yet.
\ No newline at end of file |