Home >Backend Development >PHP Tutorial >Summary of the impact of turning on safe_mode mode on functions in PHP_PHP Tutorial

Summary of the impact of turning on safe_mode mode on functions in PHP_PHP Tutorial

WBOY
WBOYOriginal
2016-07-13 17:14:111391browse

The safe_mode mode in php is a safe mode. When turned on, it can provide strong security to the website, but it will also affect some functions. Below we summarize the impact of safe_mode mode on those specific functions. Friends in need can refer to it. one time.

Function name restriction

dbmopen() checks whether the file or directory being operated on has the same UID (owner) as the script being executed.
dbase_open() checks whether the file or directory being operated on has the same UID (owner) as the script being executed.

filepro() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
filepro_rowcount() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
filepro_retrieve() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.

ifx_* sql_safe_mode restriction, (!= safe mode)
ingres_* sql_safe_mode limit, (!= safe mode)
mysql_* sql_safe_mode restriction, (!= safe mode)
pg_loimport() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
posix_mkfifo() checks whether the directory being manipulated has the same UID (owner) as the script being executed.

putenv() respects the safe_mode_protected_env_vars and safe_mode_allowed_env_vars options set by the ini. Please refer to the documentation for the putenv() function.
move_uploaded_file() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.

chdir() checks if the directory being manipulated has the same UID (owner) as the script being executed.
dl() This function is disabled in safe mode.
backtick operator This function is disabled in safe mode.
shell_exec() (functionally identical to the backticks function) This function is disabled in safe mode.
exec() can only perform operations in the directory set by safe_mode_exec_dir. For some reason, .. cannot currently be used in the path of an executable object. escapeshellcmd() will be applied to the arguments of this function.
system() can only execute operations in the directory set by safe_mode_exec_dir. For some reason, .. cannot currently be used in the path of an executable object. escapeshellcmd() will be applied to the arguments of this function.
passthru() can only execute operations in the directory set by safe_mode_exec_dir. For some reason, .. cannot currently be used in the path of an executable object. escapeshellcmd() will be applied to the arguments of this function.
popen() can only execute operations in the directory set by safe_mode_exec_dir. For some reason, .. cannot currently be used in the path of an executable object. escapeshellcmd() will be applied to the arguments of this function.
fopen() checks whether the directory being operated on has the same UID (owner) as the script being executed.
mkdir() checks whether the directory being manipulated has the same UID (owner) as the script being executed.
rmdir() checks whether the directory being manipulated has the same UID (owner) as the script being executed.
rename() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed.

unlink() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed.
copy() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (on source and target )
chgrp() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
chown() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
chmod() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. In addition, SUID, SGID and sticky bits cannot be set
touch() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed.
symlink() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (Note: only test target)
link() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (Note: only test target)

apache_request_headers() In safe mode, headers starting with "authorization" (case sensitive) will not be returned.
header() In safe mode, if WWW-Authenticate is set, the uid of the current script will be added to the realm portion of this header.
PHP_AUTH variables In safe mode, the variables PHP_AUTH_USER, PHP_AUTH_PW, and PHP_AUTH_TYPE are not available in $_SERVER. But anyway, you can still use REMOTE_USER to get the user name (USER). (Note: Only valid after PHP 4.3.0)

highlight_file(), show_source() Check whether the file or directory being operated on has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (Note, only valid after version 4.2.1)
parse_ini_file() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (Note, only valid after version 4.2.1)

set_time_limit() does not work in safe mode.
max_execution_time has no effect in safe mode.
mail() In safe mode, the fifth parameter is blocked

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629057.htmlTechArticleThe safe_mode mode in php is the safe mode. When turned on, it can provide strong security to the website, but at the same time it will also affect some Functions have an impact. Below we summarize the impact of safe_mode mode on those specific functions...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn