downloads | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | my php.net 
search for in the  

<Safe ModeUsing PHP from the command line>
Last updated: Thu, 26 Jun 2008

Functions restricted/disabled by safe mode

This is a still probably incomplete and possibly incorrect listing of the functions limited by safe mode.
Safe mode limited functions
Function Limitations
dbmopen() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
dbase_open() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
filepro() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
filepro_rowcount() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
filepro_retrieve() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
ifx_* sql_safe_mode restrictions, (!= safe mode)
ingres_* sql_safe_mode restrictions, (!= safe mode)
mysql_* sql_safe_mode restrictions, (!= safe mode)
pg_lo_import() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
posix_mkfifo() Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
putenv() Obeys the safe_mode_protected_env_vars and safe_mode_allowed_env_vars ini-directives. See also the documentation on putenv()
move_uploaded_file() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
chdir() Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
dl() This function is disabled when PHP is running in safe mode.
backtick operator This function is disabled when PHP is running in safe mode.
shell_exec() (functional equivalent of backticks) This function is disabled when PHP is running in safe mode.
exec() You can only execute executables within the safe_mode_exec_dir. For practical reasons it's currently not allowed to have .. components in the path to the executable. escapeshellcmd() is executed on the argument of this function.
system() You can only execute executables within the safe_mode_exec_dir. For practical reasons it's currently not allowed to have .. components in the path to the executable. escapeshellcmd() is executed on the argument of this function.
passthru() You can only execute executables within the safe_mode_exec_dir. For practical reasons it's currently not allowed to have .. components in the path to the executable. escapeshellcmd() is executed on the argument of this function.
popen() You can only execute executables within the safe_mode_exec_dir. For practical reasons it's currently not allowed to have .. components in the path to the executable. escapeshellcmd() is executed on the argument of this function.
fopen() Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
mkdir() Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
rmdir() Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
rename() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
unlink() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
copy() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed. (on source and target )
chgrp() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
chown() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed.
chmod() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. In addition, you cannot set the SUID, SGID and sticky bits
touch() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
symlink() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed. (note: only the target is checked)
link() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed. (note: only the target is checked)
apache_request_headers() In safe mode, headers beginning with 'authorization' (case-insensitive) will not be returned.
header() In safe mode, the uid of the script is added to the realm part of the WWW-Authenticate header if you set this header (used for HTTP Authentication).
PHP_AUTH variables In safe mode, the variables PHP_AUTH_USER, PHP_AUTH_PW, and AUTH_TYPE are not available in $_SERVER. Regardless, you can still use REMOTE_USER for the USER. (note: only affected since PHP 4.3.0)
highlight_file(), show_source() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed. (note: only affected since PHP 4.2.1)
parse_ini_file() Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed. (note: only affected since PHP 4.2.1)
set_time_limit() Has no effect when PHP is running in safe mode.
max_execution_time Has no effect when PHP is running in safe mode.
mail() In safe mode, the fifth parameter is disabled. (note: only affected since PHP 4.2.3)
All filesystem and stream functions. Checks whether the files or directories being operated upon have the same UID (owner) as the script that is being executed. Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed. (see the safe_mode_include_dir php.ini option.



add a noteadd a note User Contributed Notes
Functions restricted/disabled by safe mode
There are no user contributed notes for this page.



<Safe ModeUsing PHP from the command line>
Last updated: Thu, 26 Jun 2008
show source | credits | sitemap | contact | advertising | mirror sites
Copyright © 2001-2005 The PHP Group
All rights reserved.		 This unofficial mirror is operated at: http://phpbuilder.com/
Last updated: Tue Nov 1 20:20:59 2005 EST
Columns / Articles | Tips / Quickies | News | News Linking and RSS Feeds | Shared Code Library
Mail Archives | Support / Discussion Forums | Get Started! Links | Contribute! | Docs