Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7

Thread: safe_mode

  1. #1
    Regular Coder
    Join Date
    Jun 2006
    Location
    UK
    Posts
    922
    Thanks
    302
    Thanked 3 Times in 3 Posts

    Question safe_mode

    Hi

    Even when I have set the "safe_mode = On" in my server's php.ini file, how come my user is still able to change the settings in their php page using ini_set() function?

    Is there anyway to stop them from changing values using ini_set()?

    Thanks

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Safe mode has never had an affect on ini_set. Safe mode is disappearing soon as well.
    I don't know why you want to disable it, but you may specify ini_set under the disabled_functions ini directive.

    Edit:
    BTW, I've never added ini_set to a disabled function before. ini_set isn't a construct, so it should work under the disabled functions directive (unlike calls like eval).
    Last edited by Fou-Lu; 08-10-2012 at 11:17 PM.

  • Users who have thanked Fou-Lu for this post:

    phantom007 (08-11-2012)

  • #3
    Regular Coder
    Join Date
    Jun 2006
    Location
    UK
    Posts
    922
    Thanks
    302
    Thanked 3 Times in 3 Posts
    thanks for the reply,

    Another question is that, in the phpinfo() screen i see two values "Local" and "Master" what do they mean?

  • #4
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Master is your ini values from php.ini, and local is defined by apache or script level.

  • Users who have thanked Fou-Lu for this post:

    phantom007 (08-11-2012)

  • #5
    Regular Coder
    Join Date
    Jun 2006
    Location
    UK
    Posts
    922
    Thanks
    302
    Thanked 3 Times in 3 Posts
    so if we change a value for example "session.use_trans_sid" to 1 in our script, will it reflect in the phpinfo() screen?

  • #6
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    It will if it was done either from a point of .htaccess, or within the same script that calls phpinfo(). ini_set is a temporary change of a configuration state, if its done inline with a script its discarded at the end of the script run.

  • Users who have thanked Fou-Lu for this post:

    phantom007 (08-11-2012)

  • #7
    Regular Coder
    Join Date
    Jun 2006
    Location
    UK
    Posts
    922
    Thanks
    302
    Thanked 3 Times in 3 Posts
    Thanks for the reply Fou-Lu


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •