View Single Post
  #3  
Old 21st October 2010, 22:08
ivomendonca ivomendonca is offline
Banned
 
Join Date: Sep 2009
Posts: 132
Thanks: 10
Thanked 13 Times in 7 Posts
Thumbs up

Quote:
Originally Posted by till View Post
Not sure what you did, the function works perfectly on my server.



The php.ini inside the user folder is very easy to be exploited and can be easily used to take over your server.
Ok

ISPConfig uses a optional php.ini file for every website which is in a separate and safe folder. You can set the any kind of php.ini variables directly in the php.ini field on the options tab of the website.
ok


If this is allowed or not depends if you allow the ini_set in your php.ini or not.
IN SITES->PHP.ini try load a php extension that is on your site folder (the simple hello php extension).
This will change the default extension folder and all other php extensions will not load.

I want to load normal default server extensions;
...\php5\default_dir\mysqli.so -> Normal Beavior

And some adicional extensions to load at runtime:

like : \clients\....\web\ioncube.so

Now i(a site owner) can only load, mysqli.so OR ioncube.so

Do you know any workout for that ? Did i make my question clear ?

Ok, Thanks.
Reply With Quote