[drupal-devel] performance improvements - avoiding big unserialize()

Gabor Hojtsy gabor at hojtsy.hu
Sun Oct 23 12:01:07 UTC 2005


> why don't we use the var_export() function [1] and save the settings to
> a regular file? And for versions prior to PHP 4.2.0 we could write a
> workaround function - at least it seams pretty simple to implement.

What about security? Do you think, it is correct to include some code
which was created world writable? Or to eval some code in case of a
database source?

Goba



More information about the drupal-devel mailing list