Nyheter på PHPportalen

På PHPportalen försöker vi i så hög grad som möjligt engagera våra medlemmar. Därför har du som medlem chansen att vara med och hjälpa till. Nedan finner du en länk till en sida där du kan lägga till nyheter till vårt nyhetsarkiv. Våra trivsel- och förhållningsregler gäller givetvis även här. Posta inte heller någonting som inte är av allmänt intresse, reklam i alla dess former kommer redigeras bort.

Lägg till nyhet

Smarty 2.4.1 Utgiven - 2003-02-08 09:30:19

[06-February-2003] This is a point release, fixing up a few things caught in 2.4.0.

Release Notes http://smarty.php.net/misc/RELEASE_NOTES
ChangeLog http://smarty.php.net/misc/NEWS
download it http://smarty.php.net/download.php

Nyheten inskickad av Peter    

Smarty 2.4.0 Utgiven - 2003-02-08 09:27:46

[02-February-2003] Smarty now supports the ability to access objects within the templates. Two methods are available, one which closely follows Smartys conventions, and another that follows more traditional object syntax for those familiar with PHP.

The internal compiling engine has also undergone some major work. The regex parsing was rewritten to be more strict, secure and maintainable. Config files are now compiled, which will speed up page rendering quite a bit that use them extensively. Assigned variables are no longer extracted to PHP namespace, saving an extract() call for every template. There is now support for applying modifiers to static values and functions. You can now access constants with $smarty.const.VAR.

For those of you using the security features of Smarty, you are strongly encouranged to upgrade to 2.4.0 as it is possible to execute PHP code in the templates prior to this release via a syntax exploit. (Thanks to Ferdinand Beyer for pointing this out.)

Release Notes http://smarty.php.net/misc/RELEASE_NOTES
ChangeLog http://smarty.php.net/misc/NEWS
download it http://smarty.php.net/download.php

Nyheten inskickad av Peter    

PEAR nu i stabil version - 2003-01-23 12:47:41

Från PHP.net:

[citat][b]PEAR Out of Beta![/b]
[11-Jan-2003] The PEAR development team is proud to announce that PEAR is finally out of its long beta period. As of PHP 4.3, the PEAR installer is installed by default. Unix support is considered stable, while Windows and Darwin are still of beta-quality.[/citat]

Nyheten inskickad av Chavez    

MySQL Control Center 0.8.9 beta - 2003-01-22 21:41:08

Texten från mysql.com....

MySQL Control Center (also known as MySQLCC) is a platform-independent GUI administration client for the MySQL database server.

Interactive queries with a syntax-highlighting SQL editor
With MySQLCC, you can construct queries using a syntax-highlighting text editor, and then view the results in a configurable table display. The table view includes support for viewing images stored in BLOB fields.

Database and table management
MySQLCC makes it easy to create and manage databases and tables, including views for all of the table and field attributes such as comments and key lengths. You can also check, repair, and optimize tables.

Server administration
You can easily view and change server variables, as well as view server status information. MySQLCC also supports multiple servers.

MySQLCC uses Trolltech's Qt toolkit, which means it can run on Microsoft Windows and Unix environments, and we plan on support Mac OS X in future versions.

Nyheten inskickad av Darren    

Apache 2.0.44 släppt - 2003-01-21 01:15:44

Direkt taget från Apache's mailinglista:

[citat]The Apache Software Foundation and The Apache HTTP Server Project are
pleased to announce the seventh public release of the Apache 2.0
HTTP Server. This Announcement notes the significant changes in
2.0.44 as compared to 2.0.43.

This version of Apache is principally a security and bug fix release.
A summary of the bug fixes is given at the end of this document.
Of particular note is that 2.0.44 addresses three security
vulnerabilities affecting the Windows platform.

VU#979793 Versions of Windows 9x and Me could be crashed by a malicious
request to Apache that contains a MS-DOS device name. This is a known
security issues in Microsoft Windows for a which a fix is available:
Apache 2.0.44 has also been patched to correctly filter MS-DOS device
names preventing the crash even if the Microsoft update is not applied
(cve.mitre.org: CAN-2003-0016 [1]).

VU#825177 As a consequence of VU#979793, a remote attacker can
run arbitrary code on a server running Apache under Windows 9x and Me
by sending a carefully crafted POST request containing a MS-DOS device
name (cve.mitre.org: CAN-2003-0016 [1]).

On Windows platforms Apache could be forced to serve unexpected files
by appending illegal characters such as '<' to the request URL
(cve.mitre.org: CAN-2003-0017 [2]).

The Apache Software Foundation would like to thank Matthew Murphy and
Lionel Brits for the responsible reporting of these issues.

The 2.0.44 release marks a change in the Apache release process and a new
level of stability in the 2.0 series. Beginning with this release, we
will make every effort to retain forward compatibility in the
configuration and module API, so that upgrading along the 2.0 series
should be much easier. This compatibility extends backwards to 2.0.42, so
users of that version or later should be able to upgrade without changing
configurations or updating DSO modules. (Users of earlier releases will
need to recompile all modules in order to upgrade to 2.0.44.)

We consider this release to be the best version of Apache available
and encourage users of all prior versions to upgrade.

Apache 2.0.44 is available for download from


Please see the CHANGES_2.0 file, linked from the above page, for
a full list of changes.

Apache 2.0 offers numerous enhancements, improvements, and performance
boosts over the 1.3 codebase. For an overview of new features introduced
after 1.3 please see


When upgrading or installing this version of Apache, please keep
in mind the following:

If you intend to use Apache with one of the threaded MPMs, you must
ensure that the modules (and the libraries they depend on) that you
will be using are thread-safe. Please contact the vendors of these
modules to obtain this information.

Apache 2.0.44 Major changes

Security vulnerabilities closed since Apache 2.0.43

*) Fixed the security vulnerability noted in VU#979793: Apache vulnerable
to DoS via request for MS-DOS device on Windows 9x and Me.

*) Fixed the security vulnerability noted in VU#825177: Apache allows
arbitrary code execution via crafted POST request containing MS-DOS
device name on Windows 9x and Me.

*) Fix CAN-2002-0017: On Windows platforms Apache could be forced to serve
unexpected files by appending illegal characters such as '<' to the
request URL.

Bugs fixed and features added since Apache 2.0.43

*) mod_autoindex: Bring forward the IndexOptions IgnoreCase option
from Apache 1.3. PR 14276
[David Shane Holden , William Rowe]

*) mod_mime: Workaround to prevent a segfault if r->filename=NULL
[Brian Pane]

*) Reorder the definitions for mod_ldap and mod_auth_ldap within
config.m4 to make sure the parent mod_ldap is defined first.
This ensures that mod_ldap comes before mod_auth_ldap in the
httpd.conf file, which is necessary for mod_auth_ldap to load.
PR 14256 [Graham Leggett]

*) Fix the building of cgi command lines when the query string
contains '='. PR 13914 [Ville Skyttä ,
Jeff Trawick]

*) Rename CacheMaxStreamingBuffer to MCacheMaxStreamingBuffer. Move
implementation of MCacheMaxStreamingBuffer from mod_cache to
mod_mem_cache. MCacheMaxStreamingBuffer now defaults to the
lesser of 100,000 bytes or MCacheMaxCacheObjectSize. This should
eliminate the need for explicitly coding MCacheMaxStreamingBuffer
in most configurations. [Bill Stoddard]

as set by apr-util in util_ldap.c. This should allow mod_ldap
to work with the Netscape/Mozilla LDAP library. [Øyvin Sømme
, Graham Leggett]

*) Fix critical bug in new --enable-v4-mapped configure option
implementation which broke IPv4 listening sockets on some
systems. [hiroyuki hanai ]

*) mod_setenvif: Fix BrowserMatchNoCase support for non-regex
patterns [André Malo ]

*) Add version string to provider API. [Justin Erenkrantz]

*) mod_negotiation: Set the appropriate mime response headers
(Content-Type, charset, Content-Language and Content-Encoding)
for negotated type-map "Body:" responses (such as the error
pages.) [André Malo ]

*) mod_log_config: Allow '%%' escaping in CustomLog format
strings to insert a literal, single '%'.
[André Malo ]

*) mod_autoindex: AddDescription directives for directories
now work as in Apache 1.3, where no trailing '/' is
specified on the directory name. Previously, the trailing
'/' *had* to be specified, which was incompatible with
Apache 1.3. PR 7990 [Jeff Trawick]

*) Fix for PR 14556. The expiry calculations in mod_cache were
trying to perform "now + ((date - lastmod) * factor)" where
date == lastmod resulting in "now + 0". The code now follows
the else path (using the default expiration) if date is
equal to lastmod. [rx@armstrike.com (Sergey), Paul J. Reder]

*) Use AP_DECLARE in the debug versions of ap_strXXX in case the
default calling convention is not the same as the one used by
AP_DECLARE. [Juan Rivera ]

*) mod_cache: Don't cache response header fields designated
as hop-by-hop headers in HTTP/1.1 (RFC 2616 Section 13.5.1).
[Estrade Matthieu , Brian Pane]

*) mod_cgid: Handle environment variables containing newlines.
PR 14550 [Piotr Czejkowski , Jeff

*) Move mod_ext_filter out of experimental and into filters.
[Jeff Trawick]

*) Fixed a memory leak in mod_deflate with dynamic content.
PR 14321 [Ken Franken ]

*) Add --[enable|disable]-v4-mapped configure option to control
whether or not Apache expects to handle IPv4 connections
on IPv6 listening sockets. Either setting will work on
systems with the IPV6_V6ONLY socket option. --enable-v4-mapped
must be used on systems that always allow IPv4 connections on
IPv6 listening sockets. PR 14037 (Bugzilla), PR 7492 (Gnats)
[Jeff Trawick]

*) This fixes a problem where the underlying cache code
indicated that there was one more element on the cache
than there actually was. This happened since element 0
exists but is not used. This code allocates the correct
number of useable elements and reports the number of
actually used elements. The previous code only allowed
MCacheMaxObjectCount-1 objects to be stored in the
cache. [Paul J. Reder]

*) mod_setenvif: Add SERVER_ADDR special keyword to allow
envariable setting according to the server IP address
which received the request. [Ken Coar]

*) mod_cgid: Terminate CGI scripts when the client connection
drops. PR 8388 [Jeff Trawick]

*) Rearrange OpenSSL engine initialization to support RAND
redirection on crypto accelerator.
[Frederic DONNAT ]

*) Always emit Vary header if mod_deflate is involved in the
request. [Andre Malo ]

*) mod_isapi: Stop unsetting the 'empty' query string result with
a NULL argument in ecb->lpszQueryString, eliminating segfaults
for some ISAPI modules. PR 14399
[Detlev Vendt ]

*) mod_isapi: Fix an issue where the HSE_REQ_DONE_WITH_SESSION
notification is received before the HttpExtensionProc() returns
HSE_STATUS_PENDING. This only affected isapi .dll's configured
with the ISAPIFakeAsync on directive. PR 11918
[John DeSetto , William Rowe]

*) mod_isapi: Fix the issue where all results from mod_isapi would
run through the core die handler resulting in invalid responses
or access log entries. PR 10216 [William Rowe]

*) Improves the user friendliness of the CacheRoot processing
over my last pass. This version avoids the pool allocations
but doesn't avoid all of the runtime checks. It no longer
terminates during post-config processing. An error is logged
once per worker, indicating that the CacheRoot needs to be set.
[Paul J. Reder]

*) Fix a bug where we keep files open until the end of a
keepalive connection, which can result in:
(24)Too many open files: file permissions deny server access
especially on threaded servers. [Greg Ames, Jeff Trawick]

*) Fix a bug in which mod_proxy sent an invalid Content-Length
when a proxied URL was invoked as a server-side include within
a page generated in response to a form POST. [Brian Pane]

*) Added code to process min and max file size directives and to
init the expirychk flag in mod_disk_cache. Added a clarifying
comment to cache_util. [Paul J. Reder]

*) The value emitted by ServerSignature now mimics the Server HTTP
header as controlled by ServerTokens. [Francis Daly ]

*) Gracefully handly retry situations in the SSL input filter,
by following the SSL libraries' retry semantics.
[William Rowe]

*) Terminate CGI scripts when the client connection drops. This
fix only applies to some normal paths in mod_cgi. mod_cgid
is still busted. PR 8388 [Jeff Trawick]

*) Fix a bug where 416 "Range not satisfiable" was being
returned for content that should have been redirected.
[Greg Ames]

*) Fix memory leak in mod_ssl from internal SSL library allocations
within SSL_get_peer_certificate and X509_get_pubkey.
[Zvi Har'El
Madhusudan Mathihalli ].

*) mod_ssl uses free() inappropriately in several places, to free
memory which has been previously allocated inside OpenSSL.
Such memory should be freed with OPENSSL_free(), not with free().
[Nadav Har'El ,
Madhusudan Mathihalli ].

*) Emit a message to the error log when we return 404 because
the URI contained '%2f'. (This was previously nastily silent
and difficult to debug.) [Ken Coar]

*) Fix streaming output from an nph- CGI script. CGI:IRC now
works. PR 8482 [Jeff Trawick]

*) More accurate logging of bytes sent in mod_logio when
the client terminates the connection before the response
is completely sent [Bojan Smojver ]

*) Fix some problems in the perchild MPM.
[Jonas Eriksson ]

*) Change the CacheRoot processing to check for a required
value at config time. This saves a lot of wasted processing
if the mod_disk_cache module is loaded but no CacheRoot
was provided. This fix also adds code to log an error
and avoid useless pallocs and procesing when the computed
cache file name cannot be opened. This also updates the
docs accordingly. [Paul J. Reder]

*) Introduce the EnableSendfile directive, allowing users of NFS
shares to disable sendfile mechanics when they either fail
outright or provide intermitantly corrupted data. PR
[William Rowe]

*) Resolve the error "An operation was attempted on something
that is not a socket. : winnt_accept: AcceptEx failed.
Attempting to recover." for users of various firewall and
anti-virus software on Windows. PR 8325 [William Rowe]

*) Add the ProxyBadHeader directive, which gives the admin some
control on how mod_proxy should handle bogus HTTP headers from
proxied servers. This allows 2.0 to "emulate" 1.3's behavior if
desired. [Jim Jagielski]

*) Change the LDAP modules to export their symbols correctly
during a Windows build. Add dsp files for Windows. Update
README.ldap file for Windows build instructions.
[Andre Schild ]

*) Performance improvements for the code that generates HTTP
response headers [Brian Pane]

*) Add -S as a synonym for -t -DDUMP_VHOSTS.
[Thom May ]

*) Fix a bug with dbm rewrite maps which caused the wrong value to
be used when the key was not found in the dbm. PR 13204
[Jeff Trawick]

*) Fix a problem with streaming script output and mod_cgid.
[Jeff Trawick]

*) Add ap_register_provider/ap_lookup_provider API.
[John K. Sterling , Justin Erenkrantz]


[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0016
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0017[/citat]

Nyheten inskickad av Chavez    

[ 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 ]
Välkommen Anonymous
Logga in
Markera alla forum som lästa
Skriptarkivet [86 av 97]
Visa nya inlägg
Visa dina inlägg
Visa obesvarade huvudinlägg
Läs vår skola
  Programmera i webbmiljö
  Installationen i Windows
  Variabler och konstanter
Registrerade medlemmar: 19833
Inlägg totalt: 719862
Senaste medlem: 4waytechnologies
Besökare just nu: 23,
0 registrerade,
0 dolda och
23 gäster
Besökare som mest var 501 den 2019-05-02 15:53

Våra medlemmar
Inloggade medlemmar
Bra att veta
För dig som vill länka
Kontakta oss på adressen: info@phpportalen.net
Webbplatsen bygger i grunden på phpBB © 2001, 2002 phpBB Group

Modifieringar har senare gjorts i systemet av PHPportalen
Sid och logotypdesign skapad av Daren Jularic