PHP Configuration
PHP Configuration
-
open_basedir (php.ini or
httpd.conf) Limit files that can be opened to the specified directory-tree
-
disable_functions (php.ini) disable
certain functions
-
disable_classes (php.ini) disable certain
classes
-
allow-url-fopen (php.ini) the URL-aware fopen
wrappers
-
magic_quotes_gpc
-
- all ' (single-quote), " (double quote), \ (backslash) and NUL's are escaped with a backslash automatic
- ini_get ('magic_quotes_gpc');
- get_magic_quotes_gpc ()
--- php.ini-dist ---
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = On
--- php.ini-recommended ---
; - magic_quotes_gpc = Off [Performance]
; Input data is no longer escaped with slashes so that it can be sent
into
; SQL databases without further manipulation. Instead, you should
use the
; function addslashes() on each input element you wish to send to a
database.