RocketSMS Posted February 8 Share Posted February 8 I am getting the Dangerous PHP Functions Message being queued up. However, I don't believe it is correct. I will document it below. Here is the message: Of course, opening it up it looks like this: But I disabled these functions globally and locally. I think it's a faulty message to the console. I recall that in the support window I used to get notified if these were not disabled and now I do not get a notification. I believe the notification was under the PHP box. Here I show that it's now empty: Here I ran the phpinfo command at the public_html root directory and show that it was disabled globally and locally: Possible explanations: (1) The message being sent to the inbox of the webmaster is in error. Note, I believe the error would be identified on the support page if these weren't disabled and there are no error messages in this location. (2) Somehow, there is a subdirectory that has re-enabled the disabled functions. I have no idea how that could have happened. Can you tell me what directory the test for disabled functions is run at for the message routine? Perhaps this is a different directory than the test run by the support page. I could try to run it backwards and see if phpinfo shows an enabled function. Link to comment Share on other sites More sharing options...
Jim M Posted February 8 Share Posted February 8 7 minutes ago, RocketSMS said: Here I ran the phpinfo command at the public_html root directory and show that it was disabled globally and locally: Is your community in public_html? Are you running a separate version of PHP in a different directory? 8 minutes ago, RocketSMS said: (2) Somehow, there is a subdirectory that has re-enabled the disabled functions. I have no idea how that could have happened. Can you tell me what directory the test for disabled functions is run at for the message routine? Perhaps this is a different directory than the test run by the support page. I could try to run it backwards and see if phpinfo shows an enabled function. This would be in admin but you should test in all because it does little to disable the check to still have these functions running in other directories of your server configuration. Link to comment Share on other sites More sharing options...
RocketSMS Posted February 9 Author Share Posted February 9 Quote Is your community in public_html? Are you running a separate version of PHP in a different directory? Yes, of course. That's what I showed this. Here is the evidence. Quote This would be in admin but you should test in all because it does little to disable the check to still have these functions running in other directories of your server configuration. I repeated this for public_html/admin/ and got the same result, as you would expect. I showed that globally it's disabled and also used cPanel to set php.ini file with disable locally as well. So you would expect all subdirectories to have these values unless somehow there was a local .ini file in the Invision directories that reversed this. I am unsure how to repeat the test on all subdirectories from public_html. I suspect there might be thousands. In any case, the fact that I can go to the support page and it doesn't show a problem, but I keep getting messages from the system seems to indicate something is not working as expected. One would think that they would match. In this case, the functions are disabled globally and locally. Link to comment Share on other sites More sharing options...
Marc Stridgen Posted February 9 Share Posted February 9 To clarify on this. The message shows because our software is actually being allowed to run those functions. So its not so much a case of whether or not they are disabled. It's a case of finding why they are not disabled Jim M and Safety1st 2 Link to comment Share on other sites More sharing options...
teraßyte Posted February 9 Share Posted February 9 Do note also that the message doesn't disappear automatically even if you fix the issue. If you disabled the function after you saw the message in ACP, you need to close it yourself. Also, if you want to double-check that the functions are indeed disabled, there is a phpinfo link on the support page. See what it says there rather than testing with an external phpino(). Marc Stridgen 1 Link to comment Share on other sites More sharing options...
RocketSMS Posted February 9 Author Share Posted February 9 Quote To clarify on this. The message shows because our software is actually being allowed to run those functions. So its not so much a case of whether or not they are disabled. It's a case of finding why they are not disabled Actually it shows it's disabled and when it wasn't disabled it was highlighted on the support page. The support page says not problems. But I keep getting this message saying they aren't. Quote Do note also that the message doesn't disappear automatically even if you fix the issue. If you disabled the function after you saw the message in ACP, you need to close it yourself. Yes, I kill the message in the ACP and it comes back after a day or two. I just closed it last night and will report when it reappears. Quote Also, if you want to double-check that the functions are indeed disabled, there is a phpinfo link on the support page. See what it says there rather than testing with an external phpino(). I ran that phpinfo() on the support page as well, and it shows that those functions are disabled globally and locally. This is what you would expect since the support page says there are no problems. Link to comment Share on other sites More sharing options...
teraßyte Posted February 9 Share Posted February 9 Based on your reply, it shouldn't reappear anymore now that you closed it. Link to comment Share on other sites More sharing options...
Jim M Posted February 9 Share Posted February 9 If the notification keeps reappearing, the software is still seeing these functions available to be ran. If you're struggling to see why on your server, you may wish to contact your hosting provider or hire a server administrator. Link to comment Share on other sites More sharing options...
Recommended Posts