output of php -i on command line different from phpinfo() in browser

H

harro

Verified User
Joined
Oct 15, 2005
Messages
177
Following a warning by the CSF firewall 'check', it suggested that I check php for ini_set disabled.

I looked up which php.ini was being used through #> php -i on the command line:
/usr/local/php56/lib/php.ini

Then I added "ini_set" to the disabled_functions in the php.ini. I restarted httpd. I made sure only one php.ini exists (updatedb then locate php.ini), changed the only other php.ini to a symlink to the /usr/local/php56/lib/php.ini

1) when I check on the command line with #> php -i it shows:

Code: 
PHP Version => 5.6.11

System => Linux my.domain.com 2.6.32-26-pve #1 SMP Mon Oct 14 08:22:20 CEST 2013 x86_64
Build Date => Jul 26 2015 18:18:53
...
Loaded Configuration File => /usr/local/php56/lib/php.ini
...
disable_functions => ini_set => ini_set


2) when I run phpinfo(); on my website, it shows:

Code: 
System 	Linux my.domain.com 2.6.32-26-pve #1 SMP Mon Oct 14 08:22:20 CEST 2013 x86_64
Build Date 	Jul 26 2015 18:18:53 
...
Loaded Configuration File 	/usr/local/php56/lib/php.ini 
...
disable_functions	 exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname	
...
PHP Version 	5.6.11

As you can see via option 2) it shows many excluded functions but NOT ini_set (the disable_functions are identical in local_value and master column).

Both outputs show the same build date, same my.domain.com, same version, same php.ini used.


How is it possible that there is a difference in the actual configuration used when checking throug those two methods on the same server??



p.s. this is CentOS 7 with latest DA build and ./build updated to the latest versions of all the packages
 
Hello,

Check values:

[TABLE="width: 600"]
[TR]
[TD="class: e, bgcolor: #CCCCFF"]Scan this dir for additional .ini files[/TD]
[TD="class: v, bgcolor: #CCCCCC"] [/TD]
[/TR]
[TR]
[TD="class: e, bgcolor: #CCCCFF"]additional .ini files parsed[/TD]
[TD="class: v, bgcolor: #CCCCCC"] [/TD]
[/TR]
[/TABLE]
 
Thank you, that was indeed clarifying! That resolved the problem with ini_set not being read. There was another file called /php.conf.d/50-webapps.ini which was included.

Apparently, that file covers additional settings for PATH=/var/www/html



However, that does beg the question why, when I request a phpinfo(); through a php file on the domain of a customer, the server applies the server website php ini settings (which I would expect only to apply to webmail, etc.). This is just a question out of curiosity.
 
Why do you think /usr/local/php5*/lib/php.conf.d/50-webapps.ini affects your user?
How do you run your PHP: suphp, fastcgi, fpm, mod_php?

Check content of /usr/local/directadmin/data/users/<USERNAME>/php/*
 
You must log in or register to reply here.
Back
Top