PHP :: Request #40651 :: Remote file inclusion

Request #40651	Remote file inclusion
Submitted:	2007-02-27 00:40 UTC	Modified:	2007-02-27 08:22 UTC
From:	florin at flachi dot net	Assigned:
Status:	Closed	Package:	Feature/Change Request
PHP Version:	5.2.1	OS:	Irrelevent
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	florin at flachi dot net
New email:
PHP Version:		OS:

New Comment:

[2007-02-27 00:40 UTC] florin at flachi dot net

Description:
------------
Many webhosting companies and not only have a lot of problems because of the ability of users to include remote files. This can be stopped by disabling allow_url_fopen but that will also stop to fopen () remote files. This is widely used by a lot of scripts and users get angry all the time if we disable allow_url_fopen.

All these things can be solved by creating an option in php.ini to allow administrators to disable users to include remote files. Thank you.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2007-02-27 08:22 UTC] derick@php.net

We already have this:

http://no.php.net/manual/en/ref.filesystem.php#ini.allow-url-include

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Jul 13 15:01:33 2025 UTC