Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Hosting Requirements /

What you need to consider when choosing a hosting provider and plan.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Escapeshellarg() disabled due to security - why is it used?


Reply


1372 Views

Avatar
wedwo

Community Member, 7 Posts

21 January 2010 at 6:11pm

Something I came across after installing SS on 000webhost.com - they don't support the escapeshellarg() function among others 'for security reasons' - but support it if you pay them :)

I noticed this function is used in relation to a geo lookup or something when adding a user in the security section of the admin module / user profile. I imagine it's used to identify the user's location or something like that.

What I want to know is - why is it even used, I don't see any maps on the add user profile at all, I can only guess that it automatically assumes your country when that data is not entered into your profile. It does prevent one from adding a user in the admin module however and is a real issue when hosting on many free providers.

How difficult is it to disable it's use?