Thanks, Daniel - -- I do use passthru() -- in an entirely different part of the application (a place where it runs a mysqldump to do a manual backup). Of course, I have millions of backticks delimiting SQL fields and tables.
The error log is reporting specifically shell_exec(). Would a stray backtick call that error? On Tue, Apr 9, 2013 at 2:39 PM, Daniel Brown <danbr...@php.net> wrote: > On Tue, Apr 9, 2013 at 3:11 PM, Ken Kixmoeller <phph...@comcast.net> > wrote: > > Hi -- - > > > > Strange problem. One of my applications was just moved to a new server. > The > > new server has php configured to blacklist some functions (using > > "disable_functions="). One of the "banned" functions is exec(). > > > > The error log is reporting "shell_exec() has been disabled for security > > reasons" --- but exec() or shell_exec() are not in my code *anywhere*. > The > > program and line number being reported makes absolutely no sense. > > > > Are there other php commands that really call exec() or shell_exec() ??? > > Any clues how this could happen? Fixes (other than un-blacklisting the > > command, of course)? > > > > Many thanks, > > > > Ken > > If you're positive you aren't executing any command line code > (backticks, passthru(), et cetera), then check to see if arbitrary > code is somehow being attempted via your scripts. > > -- > </Daniel P. Brown> > Network Infrastructure Manager > http://www.php.net/ >