Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m developing a platform that allows users to create apps using PHP. Is there any safe way of allowing users to do this? Can you restrict use of functions that could damage existing source code or the server in anyway? I only want them able to use basic functions, and give them access to 1 database. This must be possible, because of the existence of shared servers, ran by many users.
…
Any advice?
You can list all disabled functions in your php.ini. You can set it differently for every vhost
Shared hostings are just doing the same as I stated above.
Other functions that can be considered to diable:
readfile,fopen,fsockopen,popen,file_get_contents, include,stream_context_create,chmod,chown
Complete list can be found here
But if you are using these functions inside your code also, It’s better to made all code files readonly to apache user or for all, in this case chown and chmod disabling play great role.