Home >Backend Development >PHP Tutorial >Summary of the impact of turning on safe_mode mode on functions in PHP_PHP Tutorial
The safe_mode mode in php is a safe mode. When turned on, it can provide strong security to the website, but it will also affect some functions. Below we summarize the impact of safe_mode mode on those specific functions. Friends in need can refer to it. one time.
Function name restriction
dbmopen() checks whether the file or directory being operated on has the same UID (owner) as the script being executed.
dbase_open() checks whether the file or directory being operated on has the same UID (owner) as the script being executed.
filepro() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
filepro_rowcount() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
filepro_retrieve() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
ifx_* sql_safe_mode restriction, (!= safe mode)
ingres_* sql_safe_mode limit, (!= safe mode)
mysql_* sql_safe_mode restriction, (!= safe mode)
pg_loimport() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
posix_mkfifo() checks whether the directory being manipulated has the same UID (owner) as the script being executed.
putenv() respects the safe_mode_protected_env_vars and safe_mode_allowed_env_vars options set by the ini. Please refer to the documentation for the putenv() function.
move_uploaded_file() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
chdir() checks if the directory being manipulated has the same UID (owner) as the script being executed.
dl() This function is disabled in safe mode.
backtick operator This function is disabled in safe mode.
shell_exec() (functionally identical to the backticks function) This function is disabled in safe mode.
exec() can only perform operations in the directory set by safe_mode_exec_dir. For some reason, .. cannot currently be used in the path of an executable object. escapeshellcmd() will be applied to the arguments of this function.
system() can only execute operations in the directory set by safe_mode_exec_dir. For some reason, .. cannot currently be used in the path of an executable object. escapeshellcmd() will be applied to the arguments of this function.
passthru() can only execute operations in the directory set by safe_mode_exec_dir. For some reason, .. cannot currently be used in the path of an executable object. escapeshellcmd() will be applied to the arguments of this function.
popen() can only execute operations in the directory set by safe_mode_exec_dir. For some reason, .. cannot currently be used in the path of an executable object. escapeshellcmd() will be applied to the arguments of this function.
fopen() checks whether the directory being operated on has the same UID (owner) as the script being executed.
mkdir() checks whether the directory being manipulated has the same UID (owner) as the script being executed.
rmdir() checks whether the directory being manipulated has the same UID (owner) as the script being executed.
rename() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed.
unlink() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed.
copy() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (on source and target )
chgrp() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
chown() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed.
chmod() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. In addition, SUID, SGID and sticky bits cannot be set
touch() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed.
symlink() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (Note: only test target)
link() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (Note: only test target)
apache_request_headers() In safe mode, headers starting with "authorization" (case sensitive) will not be returned.
header() In safe mode, if WWW-Authenticate is set, the uid of the current script will be added to the realm portion of this header.
PHP_AUTH variables In safe mode, the variables PHP_AUTH_USER, PHP_AUTH_PW, and PHP_AUTH_TYPE are not available in $_SERVER. But anyway, you can still use REMOTE_USER to get the user name (USER). (Note: Only valid after PHP 4.3.0)
highlight_file(), show_source() Check whether the file or directory being operated on has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (Note, only valid after version 4.2.1)
parse_ini_file() checks whether the file or directory being manipulated has the same UID (owner) as the script being executed. Check if the directory being manipulated has the same UID (owner) as the script being executed. (Note, only valid after version 4.2.1)
set_time_limit() does not work in safe mode.
max_execution_time has no effect in safe mode.
mail() In safe mode, the fifth parameter is blocked