This is the tip of the iceberg. We're facing the problem with spam and
php inclusion on a mass-hosting server. Not only I want to know how many
times mail() was called but other dangerous function too!
(exec,system,mail,etc...)
What would be nice is a variable similar to "disable_functions", like this:
log_functions="mail, exec, system, etc..."
log_file="/var/log/apache/php-calls.log"
This could log: date, parameters, http-host. It would make post-hacking
intrusion much easier to debug...
Frank
Ilia Alshanetsky a écrit :
I am going to finalize the patch and add it to 5.2.2 in the coming weeks.
Ilia
On 8-Feb-07, at 10:44 AM, Mathieu Gagné wrote:
Hi,
Any news about it?
This would be very interesting having this feature.
As Richard Lynch said, ISPs would love it.
Mathieu
On 2006-12-14 15:50, Ilia Alshanetsky wrote:
The full path is only for the log files, the header only contains the
script name. As far as requests to include the domain name, we cannot
do it reliably. In some instances value can be fakes or outright
injected by the user, nor will this be at all useful for scripts
running on the command line.
Ilia
Ilia Alshanetsky
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
