summaryrefslogtreecommitdiffstats
path: root/user_guide_src/source/general
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-11-07 13:23:29 +0100
committerAndrey Andreev <narf@bofh.bg>2012-11-07 13:23:29 +0100
commite9d2dc85b9cb255aae235635576972e4b7dbd5a8 (patch)
tree139d0ecbef12a87fabb34c64bc77e4d0e2670176 /user_guide_src/source/general
parent17e11cdf1c6ff23f00c3deb2a39a40ffeb446f5c (diff)
Added function_usable() to common functions
It is now used to check whether dangerous functions like eval() and exec() are available. It appears that the Suhosin extension (which is becoming popular) terminates script execution instead of returning e.g. FALSE when it has a function blacklisted. function_exists() checks are insufficient and our only option is to check the ini settings here. Filed an issue here: https://github.com/stefanesser/suhosin/issues/18 ... hopefully we'll be able to deal with this in a more elegant way in the future. (this commit supersedes PR #1809)
Diffstat (limited to 'user_guide_src/source/general')
-rw-r--r--user_guide_src/source/general/common_functions.rst15
1 files changed, 14 insertions, 1 deletions
diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst
index 7f327f00b..22f8d1942 100644
--- a/user_guide_src/source/general/common_functions.rst
+++ b/user_guide_src/source/general/common_functions.rst
@@ -93,4 +93,17 @@ is_https()
==========
Returns TRUE if a secure (HTTPS) connection is used and FALSE
-in any other case (including non-HTTP requests). \ No newline at end of file
+in any other case (including non-HTTP requests).
+
+function_usable($function_name)
+===============================
+
+Returns TRUE if a function exists and is usable, FALSE otherwise.
+
+This function runs a ``function_exists()`` check and if the
+`Suhosin extension <http://www.hardened-php.net/suhosin/>` is loaded,
+checks if it doesn't disable the function being checked.
+
+It is useful if you want to check for the availability of functions
+such as ``eval()`` and ``exec()``, which are dangerous and might be
+disabled on servers with highly restrictive security policies. \ No newline at end of file