diff options
| -rw-r--r-- | system/core/Common.php | 5 | ||||
| -rw-r--r-- | user_guide_src/source/changelog.rst | 2 | ||||
| -rw-r--r-- | user_guide_src/source/general/common_functions.rst | 7 |
3 files changed, 12 insertions, 2 deletions
diff --git a/system/core/Common.php b/system/core/Common.php index e5dd84369..07f0c6dfd 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -756,6 +756,11 @@ if ( ! function_exists('function_usable')) * *suhosin.executor.disable_eval*. These settings will just * terminate script execution if a disabled function is executed. * + * The above described behavior turned out to be a bug in Suhosin, + * but even though a fix was commited for 0.9.34 on 2012-02-12, + * that version is yet to be released. This function will therefore + * be just temporary, but would probably be kept for a few years. + * * @link http://www.hardened-php.net/suhosin/ * @param string $function_name Function to check for * @return bool TRUE if the function exists and is safe to call, diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 3124dea60..c6d42d923 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -449,7 +449,7 @@ Release Date: Not Released - Changed ``_exception_handler()`` to respect php.ini *display_errors* setting. - Added function :php:func:`is_https()` to check if a secure connection is used. - Added function :php:func:`is_cli()` to replace the ``CI_Input::is_cli_request()`` method. - - Added function :php:func:`function_usable()` to check if a function exists and is not disabled by `Suhosin <http://www.hardened-php.net/suhosin/>`. + - Added function :php:func:`function_usable()` to work around a bug in `Suhosin <http://www.hardened-php.net/suhosin/>`. - Removed the third (`$php_error`) from function :php:func:`log_message()`. - :doc:`Output Library <libraries/output>` changes include: diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index a1007cb4b..1babe5a83 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -202,4 +202,9 @@ checks if it doesn't disable the function being checked. It is useful if you want to check for the availability of functions such as ``eval()`` and ``exec()``, which are dangerous and might be -disabled on servers with highly restrictive security policies.
\ No newline at end of file +disabled on servers with highly restrictive security policies. + +.. note:: This function was introduced because Suhosin terminated + script execution, but this turned out to be a bug. A fix + has been available for some time (version 0.9.34), but is + unfortunately not released yet.
\ No newline at end of file |