Web hosting ecommerce - CHAPTER 21 SECURE PHP PROGRAMMING Attempts
CHAPTER 21 SECURE PHP PROGRAMMING Attempts to execute scripts via functions like popen(), system(), or exec() are only possible when the script resides in the directory specified by the safe_mode_exec_dir configuration directive. This directive is discussed later in this section. HTTP authentication is further strengthened because the UID of the owner of the authentication script is prepended to the authentication realm. Furthermore, the PHP_AUTH variables are not set when safe mode is enabled. If using the MySQL database server, the username used to connect to a MySQL server must be the same as the username of the owner of the file calling mysql_connect(). Safe Mode and Disabled Functions The following is a complete list of functions, variables, and configuration directives that are affected when the safe_mode directive is enabled: apache_request_headers() backticks() and the backtick operator chdir() chgrp() chmod() chown() copy() dbase_open() dbmopen() dl() exec() filepro() filepro_retrieve() filepro_rowcount() fopen() header() highlight_file() ifx_* ingres_* link() mail() max_execution_time() mkdir() move_uploaded_file() mysql_* parse_ini_file() passthru() pg_lo_import() popen() posix_mkfifo() putenv() rename() rmdir() set_time_limit() shell_exec() show_source() symlink() system() touch() unlink() safe_mode_gid (boolean) Scope: PHP_INI_SYSTEM; Default value: 0 This directive changes safe mode s behavior from verifying UIDs before execution to verifying group IDs. For example, if Mary and John are in the same user group, Mary s scripts can call fopen() on John s files. safe_mode_include_dir (string) Scope: PHP_INI_SYSTEM; Default value: NULL You can use safe_mode_include_dir to designate various paths in which safe mode will be ignored if it s enabled. For instance, you might use this function to specify a directory containing various templates that might be incorporated into several user Web sites. You can specify multiple directories by separating each with a colon on Unix-based systems, and a semicolon on Windows.
Visit our web design programs services for an affordable and reliable webhost to suit all your needs.