| Key: |
MDL-7947
|
| Type: |
Improvement
|
| Status: |
Resolved
|
| Resolution: |
Fixed
|
| Priority: |
Minor
|
| Assignee: |
Petr Skoda
|
| Reporter: |
Petr Skoda
|
| Votes: |
0
|
| Watchers: |
2
|
|
|
|
Issue Links:
|
Dependency
|
|
|
|
This issue will be resolved by:
|
|
MDL-12782
make magpie use download_file_content() - remote RSS block improvement
|
|
|
|
|
|
|
|
|
Relates
|
|
|
|
This issue has been marked as being related by:
|
|
MDL-12699
META: Curl, download and componentlib issues
|
|
|
|
|
|
|
| Participants: |
Petr Skoda
|
| Security Level: |
None
|
| Resolved date: |
03/Jan/08
|
| Affected Branches: |
MOODLE_16_STABLE, MOODLE_17_STABLE, MOODLE_18_STABLE
|
| Fixed Branches: |
MOODLE_19_STABLE
|
Currently we are using several ways to connect to other servers from PHP code. The easiest way is to use standard cURL php extension. It should be available on majority of servers and it also supports SSL: http://php.net/manual/en/ref.curl.php CURL is considered to be more secure than fopen, snoopy library is buggy and not maintained, there is also the lowlevel socket workaround.
We might use something like getURL() from lib/typo3/class.t3lib_div.php - it has a fallback to fopen(). We could implement proxy user&password ( MDL-7921). Sample fsockopen() proxy with user&password code at http://www.php.net/manual/en/function.fsockopen.php#58196
fopen used in:
1/ healthcenter - slashargument test
2/ language import
3/ timezone import
4/ installer
snoopy used in:
1/ magpie - see MDL-7946 (simplepie uses CURL)
curl already required for:
1/ cas
fsocksopen used in (some of them could use the proxy user&password too):
1/ language import - with proxy
2/ auth/fc
3/ enrol/authorize
4/ paypal ipn
5/ ipatlas
6/ phpmailer
|
|
Description
|
Currently we are using several ways to connect to other servers from PHP code. The easiest way is to use standard cURL php extension. It should be available on majority of servers and it also supports SSL: http://php.net/manual/en/ref.curl.php CURL is considered to be more secure than fopen, snoopy library is buggy and not maintained, there is also the lowlevel socket workaround.
We might use something like getURL() from lib/typo3/class.t3lib_div.php - it has a fallback to fopen(). We could implement proxy user&password ( MDL-7921). Sample fsockopen() proxy with user&password code at http://www.php.net/manual/en/function.fsockopen.php#58196
fopen used in:
1/ healthcenter - slashargument test
2/ language import
3/ timezone import
4/ installer
snoopy used in:
1/ magpie - see MDL-7946 (simplepie uses CURL)
curl already required for:
1/ cas
fsocksopen used in (some of them could use the proxy user&password too):
1/ language import - with proxy
2/ auth/fc
3/ enrol/authorize
4/ paypal ipn
5/ ipatlas
6/ phpmailer |
Show » |
made changes - 17/Dec/06 11:22 PM
| Field |
Original Value |
New Value |
|
Description
|
Currently we are using several ways to connect to other servers from PHP code. The recommended way is to use standard cURL php library. It should be available on majority of servers and it also supports SSL: http://php.net/manual/en/ref.curl.php CURL is considered to be more secure than fopen, snoopy library is buggy and not maintained :-(
We might also use something like getURL() from lib/typo3/class.t3lib_div.php - it does have a fallback to fopen(). We could implement proxy user&password (MDL-7921)
fopen used in:
1/ healthcenter - slashargument test
2/ language import
3/ timezone import
4/ installer
snoopy used in:
1/ magpie - see MDL-7946 (simplepie uses CURL)
curl already required for:
1/ cas
|
Currently we are using several ways to connect to other servers from PHP code. The recommended way is to use standard cURL php library. It should be available on majority of servers and it also supports SSL: http://php.net/manual/en/ref.curl.php CURL is considered to be more secure than fopen, snoopy library is buggy and not maintained :-(
We might also use something like getURL() from lib/typo3/class.t3lib_div.php - it does have a fallback to fopen(). We could implement proxy user&password (MDL-7921). sample fopen() proxy with user&password code at http://www.php.net/manual/en/function.fsockopen.php#58196
fopen used in:
1/ healthcenter - slashargument test
2/ language import
3/ timezone import
4/ installer
snoopy used in:
1/ magpie - see MDL-7946 (simplepie uses CURL)
curl already required for:
1/ cas
|
made changes - 17/Dec/06 11:31 PM
|
Description
|
Currently we are using several ways to connect to other servers from PHP code. The recommended way is to use standard cURL php library. It should be available on majority of servers and it also supports SSL: http://php.net/manual/en/ref.curl.php CURL is considered to be more secure than fopen, snoopy library is buggy and not maintained :-(
We might also use something like getURL() from lib/typo3/class.t3lib_div.php - it does have a fallback to fopen(). We could implement proxy user&password (MDL-7921). sample fopen() proxy with user&password code at http://www.php.net/manual/en/function.fsockopen.php#58196
fopen used in:
1/ healthcenter - slashargument test
2/ language import
3/ timezone import
4/ installer
snoopy used in:
1/ magpie - see MDL-7946 (simplepie uses CURL)
curl already required for:
1/ cas
|
Currently we are using several ways to connect to other servers from PHP code. The recommended way is to use standard cURL php library. It should be available on majority of servers and it also supports SSL: http://php.net/manual/en/ref.curl.php CURL is considered to be more secure than fopen, snoopy library is buggy and not maintained :-(
We might also use something like getURL() from lib/typo3/class.t3lib_div.php - it does have a fallback to fopen(). We could implement proxy user&password (MDL-7921). sample fopen() proxy with user&password code at http://www.php.net/manual/en/function.fsockopen.php#58196
fopen used in:
1/ healthcenter - slashargument test
2/ language import
3/ timezone import
4/ installer
snoopy used in:
1/ magpie - see MDL-7946 (simplepie uses CURL)
curl already required for:
1/ cas
fsocksopen used in (some of them could use the proxy user&password too):
1/ language import - with proxy
2/ auth/fc
3/ enrol/authorize
4/ paypal ipn
5/ ipatlas
6/ phpmailer
|
made changes - 17/Dec/06 11:34 PM
|
Summary
|
Use CURL standard functions instead of snoopy and fopen()
|
Use CURL extension functions instead of snoopy and fopen() if available
|
made changes - 17/Dec/06 11:44 PM
|
Description
|
Currently we are using several ways to connect to other servers from PHP code. The recommended way is to use standard cURL php library. It should be available on majority of servers and it also supports SSL: http://php.net/manual/en/ref.curl.php CURL is considered to be more secure than fopen, snoopy library is buggy and not maintained :-(
We might also use something like getURL() from lib/typo3/class.t3lib_div.php - it does have a fallback to fopen(). We could implement proxy user&password (MDL-7921). sample fopen() proxy with user&password code at http://www.php.net/manual/en/function.fsockopen.php#58196
fopen used in:
1/ healthcenter - slashargument test
2/ language import
3/ timezone import
4/ installer
snoopy used in:
1/ magpie - see MDL-7946 (simplepie uses CURL)
curl already required for:
1/ cas
fsocksopen used in (some of them could use the proxy user&password too):
1/ language import - with proxy
2/ auth/fc
3/ enrol/authorize
4/ paypal ipn
5/ ipatlas
6/ phpmailer
|
Currently we are using several ways to connect to other servers from PHP code. The easiest way is to use standard cURL php extension. It should be available on majority of servers and it also supports SSL: http://php.net/manual/en/ref.curl.php CURL is considered to be more secure than fopen, snoopy library is buggy and not maintained, there is also the lowlevel socket workaround.
We might use something like getURL() from lib/typo3/class.t3lib_div.php - it has a fallback to fopen(). We could implement proxy user&password (MDL-7921). Sample fsockopen() proxy with user&password code at http://www.php.net/manual/en/function.fsockopen.php#58196
fopen used in:
1/ healthcenter - slashargument test
2/ language import
3/ timezone import
4/ installer
snoopy used in:
1/ magpie - see MDL-7946 (simplepie uses CURL)
curl already required for:
1/ cas
fsocksopen used in (some of them could use the proxy user&password too):
1/ language import - with proxy
2/ auth/fc
3/ enrol/authorize
4/ paypal ipn
5/ ipatlas
6/ phpmailer
|
made changes - 31/Dec/07 07:10 AM
|
Link
|
|
This issue has been marked as being related by MDL-12699
[ MDL-12699
]
|
made changes - 03/Jan/08 04:45 AM
|
Link
|
|
This issue will be resolved by MDL-12796
[ MDL-12796
]
|
made changes - 03/Jan/08 04:46 AM
|
Link
|
|
This issue will be resolved by MDL-12782
[ MDL-12782
]
|
made changes - 03/Jan/08 04:49 AM
|
Status
|
Open
[ 1
]
|
Resolved
[ 5
]
|
|
Fix Version/s
|
|
1.9
[ 10190
]
|
|
Resolution
|
|
Fixed
[ 1
]
|
|
Use CURL extension functions instead of snoopy and fopen() if available
