I am not sure why they included php, and php can be seens as a vunerability for sure, but just as much as command prompt on your system is a vunerability. If any virus/worm/malware/wahetever can access that php, then it already has good access to your system as it is and can already pretty much do almost anything it wants.

--

Thought about it, mabe they included it as part of modding tools or something. I can't imagine the game itself really using it as most game devs use lua or python usually for scripting in game. You could try just moving/renaming the folder and see if the game still works. I'm gonna guess it will ( though not the dev so not sure ) Then you can be fairly sure you can remove it if you feel its unsafe. If you do need it, you can verify your game cache or reinstall the game..

Originally posted by Squee:

I am not sure why they included php, and php can be seens as a vunerability for sure, but just as much as command prompt on your system is a vunerability. If any virus/worm/malware/wahetever can access that php, then it already has good access to your system as it is and can already pretty much do almost anything it wants.

--

Thought about it, mabe they included it as part of modding tools or something. I can't imagine the game itself really using it as most game devs use lua or python usually for scripting in game. You could try just moving/renaming the folder and see if the game still works. I'm gonna guess it will ( though not the dev so not sure ) Then you can be fairly sure you can remove it if you feel its unsafe. If you do need it, you can verify your game cache or reinstall the game..

They use it. Googled it before I posted.
I try to take as few risks as possible with my system.

So they do .. Well its up to you, but If you are using windows, then by the time they could even use the PHP, the virus or whatever already has full ( or close to full ) access to your machine. PHP doesnt create a leak, it just can be abused. But to be abused you gotta be hacked first, and if you are hacked then i'd think php is the least of your problems.

Just outta curiosity, what program reports php as a big red flag? Cuz I have a whole bunch of php installs spread over multiple machines, ofc virus scanner running and use some other apps to scan regularly too, and they have ever told me its a security risk.

I am glad you pointed this out. I was about to buy this game and I think you should ask for your money back.
PHP is part of the criminal disregard developers have for the security of users computers.
Of course the leader of this is Microsoft, a compnay known to design software specifically to be hacked or infected with malware and viruses.
I also checked my machine and find PHP all over my hard drive.
After this post I will be removing my hard drive and melting it down, writting my congress man and getting fitted for a tin foil hat.
I suggest if you never want to run the risk of a virus you cancel your internet service and turn your computer into a planter.

Originally posted by Dedthom:

I am glad you pointed this out. I was about to buy this game and I think you should ask for your money back.
PHP is part of the criminal disregard developers have for the security of users computers.
Of course the leader of this is Microsoft, a compnay known to design software specifically to be hacked or infected with malware and viruses.
I also checked my machine and find PHP all over my hard drive.
After this post I will be removing my hard drive and melting it down, writting my congress man and getting fitted for a tin foil hat.
I suggest if you never want to run the risk of a virus you cancel your internet service and turn your computer into a planter.

Can the sarcasm, you're not very good at it and it pains me to see your amateurish attempts.
I detect a vulnerability; I delete it. End of story. Is there always a risk of infection? Of course.
My intent is to try and minimize it, not to negate it. That would be impossible as I lack omnipotence required for the task. If I have to wait to safely play a game then I'll wait.
You can do what you like. If it involves a large building and a sharp drop I won't object.

Originally posted by Squee:

So they do .. Well its up to you, but If you are using windows, then by the time they could even use the PHP, the virus or whatever already has full ( or close to full ) access to your machine. PHP doesnt create a leak, it just can be abused. But to be abused you gotta be hacked first, and if you are hacked then i'd think php is the least of your problems.

Just outta curiosity, what program reports php as a big red flag? Cuz I have a whole bunch of php installs spread over multiple machines, ofc virus scanner running and use some other apps to scan regularly too, and they have ever told me its a security risk.

Perhaps. I just don't like needless risks. Alittle obsessive maybe but there are worse things.

Kaspersky. It can be overzealous at times so I took the trouble of checking their entry on PHP.
It was compelling.

All very interesting but will one of you care to inform the ignorant masses what all this means or implies.

Has a virus been flagged up in the game installation or has Mickey Mouse just died of a banana allergy?

Originally posted by Axe:

All very interesting but will one of you care to inform the ignorant masses what all this means or implies.

Has a virus been flagged up in the game installation or has Mickey Mouse just died of a banana allergy?

According to the scan PHP, software Running with Rifles uses, creates a vulnerability. Means it creates a ♥♥♥♥♥ in the armor that a malicious individual or program could exploit to infect your system.
That in my estimation is a needless risk.

Sigh, it never takes long does it.......

Originally posted by RaphielDrake:

Originally posted by Axe:

All very interesting but will one of you care to inform the ignorant masses what all this means or implies.

Has a virus been flagged up in the game installation or has Mickey Mouse just died of a banana allergy?

According to the scan PHP, software Running with Rifles uses, creates a vulnerability. Means it creates a ♥♥♥♥♥ in the armor that a malicious individual or program could exploit to infect your system.
That in my estimation is a needless risk.

Thanks for the reply. I thought for a moment Mickey Mouse was dead.

Seriously though I appreciate your response and I basically understand the open back-door exploit concept.

This is where I leave, satisfied with my answer as it looks like 'someone' might be ready in the wings...

RWR's single player campaign uses PHP as a scripting language, making RWR change maps and track objectives, etc. RWR is designed to be a controllable application, and we have picked PHP as our scripting language for vanilla content.

While playing online, clients have script processing off and PHP isn't used for anything, and we've taken certain measures that the PHP interpreter can not be started remotely by e.g. an ill-behaving server; scripts are always run only on server side in online.

Mods that include scripts indeed pose a fair threat, and such should always be approached with caution. So far, I'm not aware of any available mods that would use custom scripts.

Yeah yeah, but how's Mickey?

Originally posted by pasi.kainiemi:

RWR's single player campaign uses PHP as a scripting language, making RWR change maps and track objectives, etc. RWR is designed to be a controllable application, and we have picked PHP as our scripting language for vanilla content.

While playing online, clients have script processing off and PHP isn't used for anything, and we've taken certain measures that the PHP interpreter can not be started remotely by e.g. an ill-behaving server; scripts are always run only on server side in online.

Mods that include scripts indeed pose a fair threat, and such should always be approached with caution. So far, I'm not aware of any available mods that would use custom scripts.

I understand and have no doubt this is the truth. Nevertheless, I cannot use your product until PHP itself has taken measures. I will not return it but I will not play it again until this is the case.
I will admit to being extremely risk adverse to a fault and I apologize.
Thank you for your reply. I hope you enjoy great success.

Originally posted by Axe:

This is where I leave, satisfied with my answer as it looks like 'someone' might be ready in the wings...

Genuinely unsure what this means or why you are fixated on Mickey Mouse.
Thank you for your response though.

Originally posted by RaphielDrake:

I understand and have no doubt this is the truth. Nevertheless, I cannot use your product until PHP itself has taken measures. I will not return it but I will not play it again until this is the case.
I will admit to being extremely risk adverse to a fault and I apologize.
Thank you for your reply. I hope you enjoy great success.

I suggest you ask for a refund. I think the replies and the ( unneccesary ) tone of some speak for itself. But PHP wont take measures because it's an interpreter and it wont change its nature. The whole reason its mentioned as vunerability ( i assume ) is because its an interpreter. So PHP won't change and I personally doubt the devs would put effort in chaging this non-threat either.

You might want to approach Kaspersky with questions about php and if its an actual risk in your case if you trust them a lot. I have tried to tell you its not a risk, though I understand I am a mere stranger without credibility, and mentioning my references and experience also has no credibility so I won't do so.

All that is left to say is thats its a shame you won't be joining us.