On several recent occasions I had a need for an incrementer that uses an arbitrary character set and I thought I'd share my code with you. I've used this code in the GPL Virus that I wrote to poke fun at the Wordpress/Thesis/GPL debacle, as well as in some clean up I'm doing for the extremely useful JS Bin project.

He's used the technique in an upcoming URL shortening service to make the shortest possible URLs without overlap. He tried a few methods including using base_convert but they had their limitations. Ultimately, he settled on a custom function that, based on a given character set and increments over it recursively.

In 30 August PHP Team have released new version PHP with number 5.2.4. We have tested this version and now we can say, that not all issues from PHP 5.2.3 are patched. It is possible bypass safe_mode, open_basedir and disabled_functions.

The issue he describes is the lack of a "mail.force_extra_parameters" setting in the php.ini still making it possible to exploit the mail() function to execute arbitrary PHP code.