Home  >  Article  >  Backend Development  >  Introduction to php disabled function settings and viewing methods (with examples)

Introduction to php disabled function settings and viewing methods (with examples)

不言
不言forward
2019-02-18 13:43:553186browse

This article brings you an introduction to the setting and viewing methods of PHP disabled functions (with examples). It has certain reference value. Friends in need can refer to it. I hope it will be helpful to you.

This article mainly introduces the setting and viewing methods of disabled functions in PHP. It analyzes the methods of disabling functions in PHP and uses PHP probes to view disabled function information in the form of examples. Friends in need can refer to the following

The example in this article describes the setting and viewing methods of PHP disabled functions. Share it with everyone for your reference. The details are as follows:

Open PHP.INI and find this line:

disable_functions =

Add the function to be disabled at the end, such as To disable multiple functions, use half-width commas, separated by

Give an example:


disable_functions = passthru,exec,system,popen,chroot,scandir,chgrp,chown,escapesh
ellcmd,escapeshellarg,shell_exec,proc_open,proc_get_status

Recommended functions to be disabled on the host:


disable_functions = system,exec,shell_exec,passthru,proc_open,proc_close, proc_get_status,checkdnsrr,getmxrr,getservbyname,getservbyport, syslog,popen,show_source,highlight_file,dl,socket_listen,socket_create,socket_bind,socket_accept, socket_connect, stream_socket_server, stream_socket_accept,stream_socket_client,ftp_connect, ftp_login,ftp_pasv,ftp_get,sys_getloadavg,disk_total_space, disk_free_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname

How to check the list of disabled functions on the host, I found a very good probe from the Internet

<?php
header("content-Type: text/html; charset=utf-8");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
error_reporting(0);
ob_end_flush();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Pragma" content="No-cache" />
<meta http-equiv="Expires" content="0" />
<meta http-equiv="cache-control" content="private" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />//加了这句,看看能不能解决linux下显示乱码的问题?
<title>PHP 探针 v1.0</title>
<style type="text/css">
<!--
body{text-align:center;margin-top:20px;background-color:#a9b674;}
#overview{width:700px;margin:0 auto;text-align:left;}
a{text-decoration:underline;color:#992700;}
.strong{color:#992700;}
.basew{width:300px;}
-->
</style>
</head>
<body>
<div id="overview">
<div id="copyright">版权信息
<a href="hello.php?typ=baseinfo">[基本信息]</a> <a href="hello.php?typ=superinfo">[高级信息]</a>
<?php
if (function_exists("phpinfo")){
  echo&#39;<a href="hello.php?typ=phpinfo">[phpinfo]</a>&#39;;}
echo&#39;<br />php探针v1.0 by MKDuse(blueidea-id)<br /><br />此程序代码,可免费使用;但不得用于商业用途;完全转载或使用此代码,请保留版权信息;<br />欢迎指正错误提建议,QQ:122712355</div>&#39;;
if (empty($_GET[&#39;typ&#39;])){
  baseinfo();}
else{
switch ($_GET[&#39;typ&#39;]){
case &#39;phpinfo&#39;:
phpinfoview();
break;
case &#39;superinfo&#39;:
superinfo();
break;
case &#39;baseinfo&#39;:
baseinfo();
break;
default:
baseinfo();}
}
function getime()
{
 $t = gettimeofday();
 return (float)($t[&#39;sec&#39;] + $t[&#39;usec&#39;]/1000000);
}
function baseinfo(){
echo &#39;<h1>基本信息</h1>&#39;;
$arr[]=array("Current PHP version:",phpversion());
$arr[]=array("Zend engine version:",zend_version());
$arr[]=array("服务器版本",$_SERVER[&#39;SERVER_SOFTWARE&#39;]);
$arr[]=array("ip地址",$_SERVER[&#39;REMOTE_HOST&#39;]);//ip
$arr[]=array("域名",$_SERVER[&#39;HTTP_HOST&#39;]);
$arr[]=array("协议端口",$_SERVER[&#39;SERVER_PROTOCOL&#39;].&#39; &#39;.$_SERVER[&#39;SERVER_PORT&#39;]);
$arr[]=array("站点根目录",$_SERVER[&#39;PATH_TRANSLATED&#39;]);
$arr[]=array("服务器时间",date(&#39;Y年m月d日,H:i:s,D&#39;));
$arr[]=array("当前用户",get_current_user());
$arr[]=array("操作系统",php_uname(&#39;s&#39;).php_uname(&#39;r&#39;).php_uname(&#39;v&#39;));
$arr[]=array("include_path",ini_get(&#39;include_path&#39;));
$arr[]=array("Server API",php_sapi_name());
$arr[]=array("error_reporting level",ini_get("display_errors"));
$arr[]=array("POST提交限制",ini_get(&#39;post_max_size&#39;));
$arr[]=array("upload_max_filesize",ini_get(&#39;upload_max_filesize&#39;));
$arr[]=array("脚本超时时间",ini_get(&#39;max_execution_time&#39;).&#39;秒&#39;);
if (ini_get("safe_mode")==0){
$arr[]=array("PHP安全模式(Safe_mode)",&#39;off&#39;);}
else{
$arr[]=array("PHP安全模式(Safe_mode)",&#39;on&#39;);}
if (function_exists(&#39;memory_get_usage&#39;)){
$arr[]=array("memory_get_usage",ini_get(&#39;memory_get_usage&#39;));}
//$arr[]=array("可用空间",intval(diskfreespace(&#39;/&#39;)/(1024 * 1024))."M");
echo&#39;<table>&#39;;
for($i=0;$i<count($arr);$i++)
{
  $overview=&#39;<tr><td class="basew">&#39;.$arr[$i][0].&#39;</td><td>&#39;.$arr[$i][1].&#39;</td></tr>&#39;;
  echo $overview;
}
echo&#39;</table>&#39;;
echo &#39;<h2>服务器性能测试</h2>&#39;;
echo&#39;<table><tr><td>服务器</td><td>整数运算<br />50万次加法(1+1)</td><td>浮点运算<br />50万次平方根(3.14开方)</td></tr>&#39;;
echo&#39;<tr><td>MKDuse的机子(P4 1.5G 256DDR winxp sp2)</td><td>465.08ms</td><td>466.66ms</td></tr>&#39;;
$time_start=getime();
for($i=0;$i<=500000;$i++);
{$count=1+1;}
$timea=round((getime()-$time_start)*1000,2);
echo &#39;<tr class="strong"><td>当前服务器</td><td>&#39;.$timea.&#39;ms</td>&#39;;
$time_start=getime();
for($i=0;$i<=500000;$i++);
{sqrt(3.14);}
$timea=round((getime()-$time_start)*1000,2);
echo &#39;<td>&#39;.$timea.&#39;ms</td></tr></table>&#39;;
?>
<script language="javascript" type="text/javascript">
function gettime()
{
 var time;
 time=new Date();
 return time.getTime();
}
start_time=gettime();
</script>
<?php
echo &#39;<h2>带宽测试</h2>&#39;;
for ($i=0;$i<100;$i++){
print "<!--1234567890#########0#########0#########0#########0#########0#########0#########0#########012345-->";}
?>
<p id="dk"></p>
<script language="javascript" type=&#39;text/javascript&#39;>
var timea;
var netspeed;
timea=gettime()-start_time;
netspeed=Math.round(10/timea*1000);
document.getElementByIdx("dk").innerHTML="向客户端发送10KB数据,耗时"+timea+"ms<br />您与此服务器的连接速度为"+netspeed+"kb/s";
</script>
<?php
echo&#39;<h2>已加载的扩展库(enable)</h2><div>&#39;;
$arr =get_loaded_extensions();
foreach($arr as $value){
  echo $value.&#39;<br />&#39;;}
echo&#39;</div><h2>禁用的函数</h2><p>&#39;;
$disfun=ini_get(&#39;disable_functions&#39;);
if (empty($disfun)){
  echo&#39;没有禁用</p>&#39;;}
else{
echo ini_get(&#39;disable_functions&#39;).&#39;</p>&#39;;}
}//关闭
function superinfo(){
echo&#39;<h1>高级信息</h1><p>PHP_INI_USER 1 配置选项可用在用户的 PHP 脚本或Windows 注册表中<br> PHP_INI_PERDIR 2 配置选项可在 php.ini, .htaccess 或 httpd.conf 中设置 <br>PHP_INI_SYSTEM 4 配置选项可在 php.ini or httpd.conf 中设置 <br>PHP_INI_ALL 7 配置选项可在各处设置</p>&#39;;
$arr1=ini_get_all();
for ($i=0;$i<count($arr1);$i++)
  {
$arr2=array_slice($arr1,$i,1);
print_r($arr2);
echo &#39;<br />&#39;;
}
}
function phpinfoview(){
  phpinfo();
}
?>
</div>
</body>
</html>

The above is the detailed content of Introduction to php disabled function settings and viewing methods (with examples). For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:cnblogs.com. If there is any infringement, please contact admin@php.cn delete