Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:74082
Return-Path: <smalyshev@sugarcrm.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 64265 invoked from network); 9 May 2014 06:52:44 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 9 May 2014 06:52:44 -0000
Authentication-Results: pb1.pair.com smtp.mail=smalyshev@sugarcrm.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=smalyshev@sugarcrm.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain sugarcrm.com designates 108.166.43.99 as permitted sender)
X-PHP-List-Original-Sender: smalyshev@sugarcrm.com
X-Host-Fingerprint: 108.166.43.99 smtp99.ord1c.emailsrvr.com Linux 2.6
Received: from [108.166.43.99] ([108.166.43.99:57511] helo=smtp99.ord1c.emailsrvr.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 9A/1D-15882-A3B7C635 for <internals@lists.php.net>; Fri, 09 May 2014 02:52:43 -0400
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp5.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 0F4E81B1583;
	Fri,  9 May 2014 02:52:40 -0400 (EDT)
X-Virus-Scanned: OK
Received: by smtp5.relay.ord1c.emailsrvr.com (Authenticated sender: smalyshev-AT-sugarcrm.com) with ESMTPSA id E4D3A1B1806;
	Fri,  9 May 2014 02:52:35 -0400 (EDT)
Message-ID: <536C7B33.6050704@sugarcrm.com>
Date: Thu, 08 May 2014 23:52:35 -0700
Organization: SugarCRM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Laruence <laruence@php.net>
CC: PHP Internals <internals@lists.php.net>
References: <CABBJUpcwV_rDcoXuY2D4Q0i6+oB1gg-QM3_w0xbeL5_3Mmo6nw@mail.gmail.com>
In-Reply-To: <CABBJUpcwV_rDcoXuY2D4Q0i6+oB1gg-QM3_w0xbeL5_3Mmo6nw@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: ext/curl safe_upload is changed
From: smalyshev@sugarcrm.com (Stas Malyshev)

Hi!

>      I noticed that this change : https://github.com/php/php-src/commit/24447dca
> 
>      it has broken some tests  in ext/curl...  did you run make test before?

Which tests? AFAIK the tests on Travis include curl, and they are green.

>      Anyway,  the current behavior is silent return if the codes uses
> old upload style("@filename");

What you mean by silent return? If unsafe upload is not turned on,
@filename is just a variable like any other.

>      I think it's better to throw a warning or something error about that....

I don't think so. "@filename" is a string like any others, there's no
reason to throw warnings on legitimate upload values.
-- 
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227