Home >Backend Development >PHP Problem >How to disable a certain method in php
Steps to disable a certain method in php: 1. Open the php.ini configuration file and look for the configuration item that disables functions, that is, the "disable_functions" item; 2. Add the function that needs to be disabled to the configuration item ( method), multiple functions are separated by English commas, and the syntax is "disable_functions = "symlink,system""; 3. Save the changes and restart the service.
The operating environment of this tutorial: windows7 system, PHP8 version, DELL G3 computer
How to disable a certain method in php
If you want to disable methods (functions) in php, you need to operate in the php.ini configuration file.
Specific steps:
1. Open the php.ini configuration file and look for the "disable_functions" item
The "disable_functions" item is for PHP to disable functions Configuration item
#2. Add the functions that need to be disabled in this configuration item. Multiple functions should be separated by commas;
3. Save the changes and restart the service
View PHP disabled functions
In PHP, you can use the ini_get() function to view PHP disabled functions.
<?php header('content-type:text/html;charset=utf-8'); var_dump(ini_get('disable_functions')); ?>
Description:
The role of the ini_get() function: to get the value of a configuration option is to get the value in php.ini The value of the environment variable.
Return value: Success is a string that returns the configuration option value, and null value returns an empty string. If the configuration option does not exist, false will be returned.
Extended knowledge: Some dangerous PHP functions that need to be disabled
phpinfo()
Function Description: Output PHP environment information and related module, WEB environment and other information.
Danger level: Medium
passthru()
Function description: Allows the execution of an external program and echoes the output, similar to exec().
Danger level: High
exec()
Function description: Allows the execution of an external program (such as UNIX Shell or CMD command, etc.).
Danger level: High
system()
Function description: Allows executing an external program and echoing the output, similar to passthru().
Danger level: High
Function description: Send error information to the specified location (file).
Safety Note: In some versions of PHP, error_log() can be used to bypass PHP safe mode and execute arbitrary commands.
Danger level: low
##ini_alter()##ini_restore()
Danger level: High
##dl()Function description: Load a PHP external while PHP is running (not when starting) module.##pfsockopen()
Function description: Establish a socket persistent connection in the Internet or UNIX domain.
##popen()
Function description: A command can be passed through the parameters of popen() and the popen() The opened file is executed.
Danger Level: High
stream_socket_server()
Function description: Establish an Internet or UNIX server connection.
Danger level: Medium
putenv()
Function description: Used to change the system character set environment when PHP is running. In PHP versions earlier than 5.2.6, you can use this function to modify the system character set environment, and then use the sendmail command to send special parameters to execute the system SHELL command.
Danger level: High
Recommended study: "PHP Video Tutorial"
The above is the detailed content of How to disable a certain method in php. For more information, please follow other related articles on the PHP Chinese website!