Jump to:

456 Posts in 113 Topics by 199 members

Hosting Requirements

SilverStripe Forums » Hosting Requirements » Escapeshellarg() disabled due to security - why is it used?

What you need to consider when choosing a hosting provider and plan.

Moderators: martimiz, Howard, Sean, Ryan M., biapar, Willr, Ingo, swaiba

Page: 1	Go to End
Author	Topic:	894 Views

wedwo

Community Member
7 Posts

Escapeshellarg() disabled due to security - why is it used?

21 January 2010 at 6:11pm

Something I came across after installing SS on 000webhost.com - they don't support the escapeshellarg() function among others 'for security reasons' - but support it if you pay them
I noticed this function is used in relation to a geo lookup or something when adding a user in the security section of the admin module / user profile. I imagine it's used to identify the user's location or something like that.
What I want to know is - why is it even used, I don't see any maps on the add user profile at all, I can only guess that it automatically assumes your country when that data is not entered into your profile. It does prevent one from adding a user in the admin module however and is a real issue when hosting on many free providers.
How difficult is it to disable it's use?

		894 Views
Page: 1	Go to Top

The Trials and Tribulations of a Freelancer

<p><em>Guest blogger Ryan Wachtl is an independant US-based web developer and runs the SilverStripe user group in Madison. Prior to this, Ryan wrote about <a href="http://www.silverstripe.org/silverstripe-paypal-mini-cart-integration/">SilverStripe PayPal Mini Cart Integration</a>.<br/></em></p>

Read on

Follow @SilverStripe

Quick links

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.