* Mon Jul 14 2008 Joe Orton <jorton@redhat.com> 5.2.6-3

- update to 5.2.6
- sync default php.ini with upstream
- drop extension_dir from default php.ini, rely on hard-coded
  default, to make php-common multilib-safe (#455091)
- update to r3 of systzdata patch

php-4.3.9-metaphone.patch

@@ -1,14 +0,0 @@
-
-https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=135828
-
---- php-4.3.9/ext/standard/metaphone.c.metaphone
-+++ php-4.3.9/ext/standard/metaphone.c
-@@ -152,7 +152,7 @@
- 						(*phoned_word)[p_idx++] = c; \
- 					}
- /* Slap a null character on the end of the phoned word */
--#define End_Phoned_Word	{(*phoned_word)[p_idx] = '\0';}
-+#define End_Phoned_Word	Phonize('\0')
- /* How long is the phoned word? */
- #define Phone_Len	(p_idx)
- 

php-5.2.5-systzdata.patch

@@ -1,3 +1,12 @@
+
+Add support for use of the system timezone database, rather
+than embedding a copy.  Discussed upstream but was not desired.
+
+History:
+r3: fix a crash if /usr/share/zoneinfo doesn't exist (Raphael Geissert)
+r2: add filesystem trawl to set up name alias index
+r1: initial revision
+
 --- php-5.2.5/ext/date/lib/timelib.m4.systzdata
 +++ php-5.2.5/ext/date/lib/timelib.m4
 @@ -78,3 +78,17 @@ stdlib.h
@@ -82,7 +91,7 @@
 +	timelib_tzdb_index_entry *db_index;
 +	char **dirstack;
 +
-+	/* LIFO stack to hold directory entres to scan; each slot is a
++	/* LIFO stack to hold directory entries to scan; each slot is a
 +	 * directory name relative to the zoneinfo prefix. */
 +	dirstack_size = 32;
 +	dirstack = malloc(dirstack_size * sizeof *dirstack);
@@ -144,7 +153,7 @@
 +			free(ents[--count]);
 +		}
 +		
-+		free(ents);
++		if (count != -1) free(ents);
 +		free(top);
 +	} while (dirstack_top);
 +

php.ini

@@ -299,6 +299,7 @@ expose_php = On
 
 max_execution_time = 30     ; Maximum execution time of each script, in seconds
 max_input_time = 60	; Maximum amount of time each script may spend parsing request data
+;max_input_nesting_level = 64 ; Maximum input variable nesting level
 memory_limit = 32M      ; Maximum amount of memory a script may consume (16MB)
 
 
@@ -353,6 +354,18 @@ error_reporting  =  E_ALL
 ; instead (see below).  Keeping display_errors enabled on a production web site
 ; may reveal security information to end users, such as file paths on your Web
 ; server, your database schema or other information.
+;
+; possible values for display_errors:
+;
+; Off          - Do not display any errors 
+; stderr       - Display errors to STDERR (affects only CGI/CLI binaries!)   
+; On or stdout - Display errors to STDOUT (default)
+;  
+; To output errors to STDERR with CGI/CLI:              
+;display_errors = "stderr"
+;
+; Default
+;
 display_errors = Off
 
 ; Even when display_errors is on, errors that occur during PHP's startup
@@ -516,9 +529,6 @@ doc_root =
 ; if nonempty.
 user_dir =
 
-; Directory in which the loadable extensions (modules) reside.
-extension_dir = "/usr/lib/php/modules"
-
 ; Whether or not to enable the dl() function.  The dl() function does NOT work
 ; properly in multithreaded servers, such as IIS or Zeus, and is automatically
 ; disabled on them.
@@ -540,6 +550,14 @@ enable_dl = On
 ; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
 ; cgi.redirect_status_env = ;
 
+; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
+; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
+; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
+; this to 1 will cause PHP CGI to fix it's paths to conform to the spec.  A setting
+; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
+; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; cgi.fix_pathinfo=1
+
 ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
 ; security tokens of the calling client.  This allows IIS to define the
 ; security context that the request runs under.  mod_fastcgi under Apache
@@ -548,7 +566,7 @@ enable_dl = On
 ; fastcgi.impersonate = 1;
 
 ; Disable logging through FastCGI connection
-; fastcgi.log = 0
+; fastcgi.logging = 0
 
 ; cgi.rfc2616_headers configuration option tells PHP what type of headers to
 ; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
@@ -938,6 +956,8 @@ session.save_path = "/var/lib/php/session"
 ; Whether to use cookies.
 session.use_cookies = 1
 
+;session.cookie_secure =
+
 ; This option enables administrators to make their users invulnerable to
 ; attacks which involve passing session ids in URLs; defaults to 0.
 ; session.use_only_cookies = 1

php.spec

@@ -5,8 +5,8 @@
 
 Summary: The PHP HTML-embedded scripting language
 Name: php
-Version: 5.2.5
+Version: 5.2.6
-Release: 7
+Release: 3
 License: PHP
 Group: Development/Languages
 URL: http://www.php.net/
@@ -27,7 +27,6 @@ Patch9: php-5.2.4-embed.patch
 Patch21: php-5.2.4-odbc.patch
 Patch22: php-4.3.11-shutdown.patch
 Patch24: php-5.2.3-macropen.patch
-Patch25: php-4.3.9-metaphone.patch
 
 # Functional changes
 Patch30: php-5.0.4-dlopen.patch
@@ -367,7 +366,6 @@ support for using the pspell library to PHP.
 %patch21 -p1 -b .odbc
 %patch22 -p1 -b .shutdown
 %patch24 -p1 -b .macropen
-%patch25 -p1 -b .metaphone
 
 %patch30 -p1 -b .dlopen
 %patch31 -p1 -b .easter
@@ -594,9 +592,6 @@ install -m 644    *.gif $RPM_BUILD_ROOT%{contentdir}/icons/
 install -m 755 -d $RPM_BUILD_ROOT%{_libdir}/php/pear \
                   $RPM_BUILD_ROOT%{_datadir}/php
 
-# Use correct libdir
-sed -i -e 's|%{_prefix}/lib|%{_libdir}|' $RPM_BUILD_ROOT%{_sysconfdir}/php.ini
-
 # install the DSO
 install -m 755 -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules
 install -m 755 build-apache/libs/libphp5.so $RPM_BUILD_ROOT%{_libdir}/httpd/modules
@@ -728,6 +723,13 @@ rm files.* macros.php
 %files pspell -f files.pspell
 
 %changelog
+* Mon Jul 14 2008 Joe Orton <jorton@redhat.com> 5.2.6-3
+- update to 5.2.6
+- sync default php.ini with upstream
+- drop extension_dir from default php.ini, rely on hard-coded
+  default, to make php-common multilib-safe (#455091)
+- update to r3 of systzdata patch
+
 * Thu Apr 24 2008 Joe Orton <jorton@redhat.com> 5.2.5-7
 - split pspell extension out into php-spell (#443857)
 

sources

@@ -1 +1 @@
-61a0e1661b70760acc77bc4841900b7a  php-5.2.5.tar.gz
+1720f95f26c506338f0dba3a51906bbd  php-5.2.6.tar.gz