View Full Version : safe_mode

08-10-2012, 07:07 PM

Even when I have set the "safe_mode = On" in my server's php.ini file, how come my user is still able to change the settings in their php page using ini_set() function?

Is there anyway to stop them from changing values using ini_set()?


08-10-2012, 11:14 PM
Safe mode has never had an affect on ini_set. Safe mode is disappearing soon as well.
I don't know why you want to disable it, but you may specify ini_set under the disabled_functions ini directive.

BTW, I've never added ini_set to a disabled function before. ini_set isn't a construct, so it should work under the disabled functions directive (unlike calls like eval).

08-11-2012, 08:10 AM
thanks for the reply,

Another question is that, in the phpinfo() screen i see two values "Local" and "Master" what do they mean?

08-11-2012, 08:26 AM
Master is your ini values from php.ini, and local is defined by apache or script level.

08-11-2012, 08:34 AM
so if we change a value for example "session.use_trans_sid" to 1 in our script, will it reflect in the phpinfo() screen?

08-11-2012, 05:22 PM
It will if it was done either from a point of .htaccess, or within the same script that calls phpinfo(). ini_set is a temporary change of a configuration state, if its done inline with a script its discarded at the end of the script run.

08-11-2012, 06:34 PM
Thanks for the reply Fou-Lu