Peacebringers

So one of a few webhosts I use decided to disable PHP’s readfile() function. Now I have a reason to dislike them. Why do people assume readfile() is a security benefit when disabled? Let’s just disable half of PHP’s core functions, you know… the ones used to manipulate files, send/receive data across the web like xml-rpc (which would kill blogs like this one), etc. While XML-RPC has always been a subject of heated discussion as some people, (even myself in the past) believe “RPC” to be exactly like native Linux RPC. Education … please?

So I was faced with a disabled readfile() which Gallery uses to display random remote images from it’s array of images stored in your personal gallery. Overall, it’s touchy on Gallery’s past history of security flaws, but they’ve released updates and fixes as they’re made aware. And still, readfile() gets the rap, and gets disabled.

How to overcome it? It was easy, but involved more lines of code without readfile(). Here’s how:
(continue reading…)