Safe mode is a bad idea. :) It's not safe; it may only have the effect
of making you think you're safe. If you have a particular reason to
use it then maybe it's OK, but just be aware that it will not exist in
future versions of PHP and relying on it is not a good idea. Security,
Lars Torben Wilson ha scritto:
Hi Nico,
First the obligatory safe_mode is deprecated and not recommended
speech. . .but I guess you've already seen that in the docs and
decided to use it anyway.
I read it, but I don't know if I have to interpret it as php6 wil only
work in safe mode or
Lars Torben Wilson ha scritto:
2009/8/28 Nico Sabbi nsa...@officinedigitali.it:
Hi,
I'm testing one of my sites in safe_mode, but I'm experiencing some
strangeness that is not documented.
The settings are:
in php.ini:
include_path =
Please create a file(.php) and write follow codes for more details.
?php
phpinfo();
?
2009/8/31 Nico Sabbi nsa...@officinedigitali.it:
Lars Torben Wilson ha scritto:
2009/8/28 Nico Sabbi nsa...@officinedigitali.it:
Hi,
I'm testing one
2009/8/31 Nico Sabbi nsa...@officinedigitali.it:
Lars Torben Wilson ha scritto:
Hi Nico,
First the obligatory safe_mode is deprecated and not recommended
speech. . .but I guess you've already seen that in the docs and
decided to use it anyway.
I read it, but I don't know if I have to
add this
php_admin_value open_basedir
2009/8/28 Nico Sabbi nsa...@officinedigitali.it:
Hi,
I'm testing one of my sites in safe_mode, but I'm experiencing some
strangeness that is not documented.
The settings are:
in php.ini:
include_path =
hack988 hack988 ha scritto:
add this
php_admin_value open_basedir
done, but it doesn't make a difference:
php_admin_value open_basedir
/server/home/nsabbi:/server/home/apache/php4:.:..
*Fatal error*: require_once() [function.require
http://nsabbi/login/function.require]: Failed opening
2009/8/28 Nico Sabbi nsa...@officinedigitali.it:
Hi,
I'm testing one of my sites in safe_mode, but I'm experiencing some
strangeness that is not documented.
The settings are:
in php.ini:
include_path =
.:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/
in
On Thu, 2007-09-20 at 16:14 -0400, tedd wrote:
Hi gang:
Would someone be so kind as to explain to me how one can use exec()
with safe_mode on?
http://ca.php.net/manual/en/features.safe-mode.php#ini.safe-mode-exec-dir
Cheers,
Rob.
--
Safe Mode is one of those things that Systems Administrators don't
really want users turning on/off willy-nilly...
So it can only get set in php.ini and maybe httpd.conf, almost-for-sure.
Check the docs on what can be set where -- There's a nifty chart
somewhere on http://php.net
On Fri, May
On Sat, May 20, 2006 9:34 am, tedd wrote:
3. Place it in your working directory.
NO!
Place it in the directory where PHP expects it to be.
http://php.net/phpinfo
will tell you where that is.
In recent Apache/PHP installs, there is an Apache directory to change
that, but in older versions, it
At 3:46 PM -0500 5/22/06, Richard Lynch wrote:
On Sat, May 20, 2006 9:34 am, tedd wrote:
3. Place it in your working directory.
NO!
Place it in the directory where PHP expects it to be.
Not meaning to be argumentative, but I was simply repeating what was stated at:
At 9:01 PM -0400 5/19/06, John Hicks wrote:
tedd wrote:
Hi gang:
Please excuse me for asking another dumb-ass question, but here goes.
I'm finding that setting safe_mode to ON is more difficult than I
first thought.
In my phpinfo, safe_mode is set to OFF
-snip-
You would think the fine
On 5/20/06, tedd [EMAIL PROTECTED] wrote:
At 9:01 PM -0400 5/19/06, John Hicks wrote:
tedd wrote:
Hi gang:
Please excuse me for asking another dumb-ass question, but here goes.
I'm finding that setting safe_mode to ON is more difficult than I
first thought.
In my phpinfo, safe_mode is set to
What other obvious thing am I not seeing?
php.net/ini says that php.ini in the working directory is only
used if PHP is run from the command line.
For PHP running on the web server, you should edit the
system's php.ini file. You can find the location of this file
with phpinfo(). Look for
tedd wrote:
Hi gang:
Please excuse me for asking another dumb-ass question, but here goes.
I'm finding that setting safe_mode to ON is more difficult than I first
thought.
In my phpinfo, safe_mode is set to OFF
However, if I try to set it to ON in my .htaccess such as:
php_value
[snip]
I try to use move_upload_file function with safe_mode (with PHP 4.3.10).
When I turn the safe_mode off, the function works fine, but when I turn it
back to on, the function doesn't work (with no error message).
When I read the documentation about safe_mode, I do not see any
restriction
On Sunday 08 August 2004 17:30, Kevin wrote:
please show us the output of 'ls -al' of the directories in question.
Yes, I have seen the permission and its rwx-rwx-rwx i.e 777.
The full output showing the owner.group would have been nice. Anyway:
Warning: mkdir(): SAFE MODE Restriction in
So after the directories are created, those are the actual permissions
that
are on them? Did you actually check this or are you assuming it? If you
can,
please show us the output of 'ls -al' of the directories in question.
Yes, I have seen the permission and its rwx-rwx-rwx i.e 777.
--
PHP
On Saturday 07 August 2004 20:17, Kevin wrote:
I am able to make first two directories i.e 'full1/1' and 'thumb/1'. Script
do not allow me to make 'full1/1/1' and 'thumb/1/1' too. I also have tried
removing umask function.
What are the permissions on the directories that you are able to make?
Permissions are set to 0777.
Jason Wong [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
On Saturday 07 August 2004 20:17, Kevin wrote:
I am able to make first two directories i.e 'full1/1' and 'thumb/1'.
Script
do not allow me to make 'full1/1/1' and 'thumb/1/1' too. I also have
On Sunday 08 August 2004 12:00, Kevin wrote:
Please do not top post.
Permissions are set to 0777.
So after the directories are created, those are the actual permissions that
are on them? Did you actually check this or are you assuming it? If you can,
please show us the output of 'ls -al' of
Jason,
safe_mode_gid may indeed be the solution, though it seems to go way too
far in relaxing things.
It's the functionality of safe_mode that I want ... with the proviso
that the web server should be able to read files that it writes.
I will not consider turning off safe_mode entirely, any
Take a look at safe_mode_gid, it tells PHP to do safe mode owner
checking using the group id rather than user id.
safe_mode_gid boolean
By default, Safe Mode does a UID compare check when opening files. If
you want to relax this to a GID compare, then turn on safe_mode_gid.
Whether to use UID
Hi Jim,
I had the very same strange issue with a cfg var not changing.
It worked after using ini_restore(). (I played around with
ini_set() before. Did you as well?)
I am not sure if it has anything to do with it. It sounds pretty
illogical. But PHP ignoring a setting in php.ini sounds
Jim Hatridge wrote:
Can someone give me an idea what next to do? Either how to turn off safe_mode
or a work around on the code. BTW I'm using SuSE 8.0, PHP, and Mysql on a
self-made PI/233.
Jim,
If you have changed safe_mode in php.ini and phpinfo() still reports it
as on, then I would
VirtualHost *
DocumentRoot /home/scripts
ServerName scripts.blahblah.com
ErrorLog /home/nobody/logs/hosting/error.scripts.blahblah.com.log
CustomLog /home/nobody/logs/hosting/access.scripts.blahblah.com.log common
php_admin_flag safe_mode off (or on)
/VirtualHost
- Original Message
On Thu, 21 Jun 2001 14:35:50 -0700 (PDT), Rasmus Lerdorf
[EMAIL PROTECTED] wrote:
If you are using Apache you can set any PHP directive in Directory ...
or VirtualHost ... block by doing something like:
php_admin_flag safe_mode On
Do those directives work in .htaccess files too?
--
PHP
Egan pressed the little lettered thingies in this order...
On Thu, 21 Jun 2001 14:35:50 -0700 (PDT), Rasmus Lerdorf
[EMAIL PROTECTED] wrote:
If you are using Apache you can set any PHP directive in Directory ...
or VirtualHost ... block by doing something like:
php_admin_flag
How do set only safe_mode = On in certain directories while others are Off. And
vice versa.
If you are using Apache you can set any PHP directive in Directory ...
or VirtualHost ... block by doing something like:
php_admin_flag safe_mode On
-Rasmus
--
PHP General Mailing List
30 matches
Mail list logo