ini_get
Why does this function even exist?
Hackers use this function in the following function to open up php to more attacks. I found the below inside a virus file on one of my servers:
----------------------------------------------------
@ini_restore("safe_mode");
@ini_restore("open_basedir");
@ini_restore("safe_mode_include_dir");
@ini_restore("safe_mode_exec_dir");
@ini_restore("disable_functions");
@ini_restore("allow_url_fopen");
ini_restore
(PHP 4, PHP 5)
ini_restore — Restores the value of a configuration option
Description
void ini_restore
( string
$varname
)Restores a given configuration option to its original value.
Parameters
-
varname -
The configuration option name.
Return Values
No value is returned.
Examples
Example #1 ini_restore() example
<?php
$setting = 'y2k_compliance';
echo 'Current value for \'' . $setting . '\': ' . ini_get($setting), PHP_EOL;
ini_set($setting, ini_get($setting) ? 0 : 1);
echo 'New value for \'' . $setting . '\': ' . ini_get($setting), PHP_EOL;
ini_restore($setting);
echo 'Original value for \'' . $setting . '\': ' . ini_get($setting), PHP_EOL;
?>
The above example will output:
Current value for 'y2k_compliance': 1 New value for 'y2k_compliance': 0 Original value for 'y2k_compliance': 1
See Also
- ini_get() - Gets the value of a configuration option
- ini_get_all() - Gets all configuration options
- ini_set() - Sets the value of a configuration option
add a note
User Contributed Notes
ini_restore
eli at ski-forums dot com
20-Jan-2011 12:28