...

View Full Version : safe_mode



phantom007
08-10-2012, 06:07 PM
Hi

Even when I have set the "safe_mode = On" in my server's php.ini file, how come my user is still able to change the settings in their php page using ini_set() function?

Is there anyway to stop them from changing values using ini_set()?

Thanks

Fou-Lu
08-10-2012, 10:14 PM
Safe mode has never had an affect on ini_set. Safe mode is disappearing soon as well.
I don't know why you want to disable it, but you may specify ini_set under the disabled_functions ini directive.


BTW, I've never added ini_set to a disabled function before. ini_set isn't a construct, so it should work under the disabled functions directive (unlike calls like eval).

phantom007
08-11-2012, 07:10 AM
thanks for the reply,

Another question is that, in the phpinfo() screen i see two values "Local" and "Master" what do they mean?

Fou-Lu
08-11-2012, 07:26 AM
Master is your ini values from php.ini, and local is defined by apache or script level.

phantom007
08-11-2012, 07:34 AM
so if we change a value for example "session.use_trans_sid" to 1 in our script, will it reflect in the phpinfo() screen?

Fou-Lu
08-11-2012, 04:22 PM
It will if it was done either from a point of .htaccess, or within the same script that calls phpinfo(). ini_set is a temporary change of a configuration state, if its done inline with a script its discarded at the end of the script run.

phantom007
08-11-2012, 05:34 PM
Thanks for the reply Fou-Lu



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum