dams Mon Jun 25 15:39:59 2001 EDT
Modified files:
/phpdoc/en/functions info.xml
Log:
Adding some details about putenv and safe mode (from php.ini).
Index: phpdoc/en/functions/info.xml
diff -u phpdoc/en/functions/info.xml:1.49 phpdoc/en/functions/info.xml:1.50
--- phpdoc/en/functions/info.xml:1.49 Mon Jun 25 15:01:14 2001
+++ phpdoc/en/functions/info.xml Mon Jun 25 15:39:59 2001
@@ -31,7 +31,7 @@
<para>
Assertion should be used as a debugging feature only. You may
use them for sanity-checks that test for conditions that should
- always be TRUE and that indicate some programming errors if not
+ always be <literal>TRUE</literal> and that indicate some programming errors if
+not
or to check for the presence of certain features like extension
functions or certain system limits and features.
</para>
@@ -139,7 +139,7 @@
</funcprototype>
</funcsynopsis>
<simpara>
- Returns TRUE if the extension identified by
+ Returns <literal>TRUE</literal> if the extension identified by
<parameter>name</parameter> is loaded. You can see the names of
various extensions by using <function>phpinfo</function>.
</simpara>
@@ -191,8 +191,7 @@
</funcsynopsis>
<para>
Returns the value of the environment variable
- <parameter>varname</parameter>, or FALSE on an error.
-
+ <parameter>varname</parameter>, or <literal>FALSE</literal> on an error.
<informalexample>
<programlisting>
$ip = getenv ("REMOTE_ADDR"); // get the ip number of the user
@@ -203,9 +202,8 @@
You can see a list of all the environmental variables by using
<function>phpinfo</function>. You can find out what many of them
mean by taking a look at the <ulink url="&url.cgispecs;">CGI
- specification</ulink>, specifically the <ulink
- url="&url.cgispec;">page on
- environmental variables</ulink>.
+ specification</ulink>, specifically the <ulink url="&url.cgispec;">page on
+ environmental variables</ulink>.
<note>
<para>
This function does not work in ISAPI mode.
@@ -236,7 +234,7 @@
</funcsynopsis>
<simpara>
Returns the current value of the PHP configuration variable
- specified by <parameter>varname</parameter>, or FALSE if an error
+ specified by <parameter>varname</parameter>, or <literal>FALSE</literal> if an
+error
occurs.
</simpara>
<simpara>
@@ -353,7 +351,7 @@
<para>
Returns the time of the last modification of the current
page. The value returned is a Unix timestamp, suitable for
- feeding to <function>date</function>. Returns FALSE on error.
+ feeding to <function>date</function>. Returns <literal>FALSE</literal> on error.
<example>
<title>getlastmod() example</title>
<programlisting role="php">
@@ -386,7 +384,7 @@
</funcprototype>
</funcsynopsis>
<para>
- Returns the current script's inode, or FALSE on error.
+ Returns the current script's inode, or <literal>FALSE</literal> on error.
</para>
<para>
See also <function>getmyuid</function>,
@@ -416,7 +414,7 @@
</funcprototype>
</funcsynopsis>
<para>
- Returns the current PHP process ID, or FALSE on error.
+ Returns the current PHP process ID, or <literal>FALSE</literal> on error.
</para>
<warning>
<para>
@@ -448,7 +446,7 @@
</funcprototype>
</funcsynopsis>
<simpara>
- Returns the user ID of the current script, or FALSE on error.
+ Returns the user ID of the current script, or <literal>FALSE</literal> on error.
</simpara>
<simpara>
See also <function>getmypid</function>,
@@ -1265,8 +1263,26 @@
</funcsynopsis>
<para>
Adds <parameter>setting</parameter> to the server environment. The
-environment variable will only exist for the duration of the current request.
-At the end of the request the environment is restored to its original state.
+ environment variable will only exist for the duration of the current
+ request. At the end of the request the environment is restored to
+ its original state.
+ </para>
+ <para>
+ Setting certain environment variables may be a potential security breach.
+ The <literal>safe_mode_allowed_env_vars</literal> directive contains a
+ comma-delimited list of prefixes. In Safe Mode, the user may only
+ alter environment variables whose names begin with the prefixes
+ supplied by this directive. By default, users will only be able
+ to set environment variables that begin with <literal>PHP_</literal>
+ (e.g. <literal>PHP_FOO=BAR</literal>). Note: if this directive is empty,
+ PHP will let the user modify ANY environment variable!
+ </para>
+ <para>
+ The <literal>safe_mode_protected_env_vars</literal> directive
+ contains a comma-delimited list of environment variables, that
+ the end user won't be able to change using <function>putenv</function>.
+ These variables will be protected even if
+<literal>safe_mode_allowed_env_vars</literal>
+ is set to allow to change them.
</para>
<para>
<example>
@@ -1425,7 +1441,8 @@
</informalexample>
</para>
<para>
- See also: <function>get_loaded_extensions</function>.
+ See also
+ <function>get_loaded_extensions</function>.
</para>
</refsect1>
</refentry>