phpinfo

View Poll Results: Do you think mods are required?

Voters
22. You may not vote on this poll
  • Yes, to close the many useless threads we have had lately.

    8 36.36%
  • Well every other site has mods, why not AO?

    1 4.55%
  • No way, Im happy although Im open to new ideas.

    7 31.82%
  • Nope Im fine.

    6 27.27%
Results 1 to 2 of 2

Thread: phpinfo

  1. #1
    Member
    Join Date
    Oct 2001
    Posts
    74

    phpinfo

    Recently while trying to broaden my horizons I started to learn php, after writing the basic hello world app and a basic script to query a mysql database I stumbled across phpmyadmin. I had trouble getting it configured correctly for the raq server that my site is on. I wrote a quick script with phpinfo() to get the information I needed. What does phpinfo() tell you...from the phpmanual.......
    "Outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment (if compiled as a module), the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License"

    I did a search on google for phpinfo and was amazed to find hundreds of websites that freely divulge this information. Go try it yourself. At the very least and scripts that contain phpinfo should be in a protected directory. Don't know how to protect a directory take a look at this tut http://faq.clever.net/htaccess.htm
    I am no security guru and all the information that phpinfo dumps may be able to obtained through the use of various tools or methods but having all that information in one place sure gives the kiddies a head start.
    In summary if you use phpinfo for configuration or debugging make sure you put it into a protected directory.

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Location
    Ireland
    Posts
    735
    Yeah, I started learning PHP at the start of the week, because I found a free host which supports PHP among other stuff Hyperlinx and I'm a sucker for freebies.

    I went to http://php.resourceindex.com and most (if not all) of their scripts have a "create a file and put it on the server" or some sort of logging feature. With the "create-a-file"-majigs, there is no file size limit so if you just make a really long file, you can use up the entire memory quota!

    Now, I was wondering if there is some sort of patch, which can set a maximum file limit on each file. I don't want to change the scripts themselves, mainly in case I break something or do something stupid.

    Just thought I'd ask, thanks.
    Jethro

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides