PHP怎样检测PHPINFO信息_PHP检测PHPINFO信息调用【查看】

2026-01-14
PHP怎样检测PHPINFO信息_PHP检测PHPINFO信息调用【查看】

最可靠方法是用ob_start()捕获输出并匹配标志性HTML片段，如PHP Version或PHP Credits，同时检查disable_functions配置及CLI模式差异。
php怎样检测phpinfo信息_php检测phpinfo信息调用【查看】
怎么判断当前页面是否输出了 phpinfo() 内容

直接检测 phpinfo() 是否被调用过，PHP 本身不提供运行时钩子或状态标志。它只是立即输出 HTML 表格并返回 true（成功）或 false（失败），但不记录“是否已执行”。所以不能靠查变量或函数调用栈来反向确认——除非你主动拦截。
用 ob_start 拦截并检查 phpinfo() 输出内容

这是最可靠、实际可用的方法：把 phpinfo() 的输出捕获到缓冲区，再用字符串匹配判断是否真生成了标准信息表。注意必须在 phpinfo() 调用前开启输出缓冲。
仅对当前请求有效，不影响其他脚本
匹配 PHP Version 或 PHP Credits
等标志性 HTML 片段比匹配文字更稳定（避免语言/版本差异）
若服务器禁用了 phpinfo()（如 disable_functions=phpinfo），调用会失败并触发警告，需配合 @ 抑制或 set_error_handler
ob_start();
@phpinfo();
$output = ob_get_clean();
if (strpos($output, 'PHP Version') !== false || strpos($output, '<h1>PHP Credits') !== false) {
    echo "phpinfo() 已执行且输出正常";
} else {
    echo "phpinfo() 未执行，或被禁用/出错";
}</pre>
<h3>检查 phpinfo() 是否被禁用（disable_functions）</h3>
<p>很多生产环境会通过 <code>php.ini</code> 的 <code>disable_functions</code> 关闭它。这时调用 <code>phpinfo()</code> 会返回 <code>false</code> 并抛出 <code>E_WARNING</code>。单纯看返回值不够，得结合配置检查。</p>
<ul>
<li>用 <code>ini_get('disable_functions')</code> 获取禁用函数列表，再用 <code>in_array('phpinfo', explode(',', ini_get('disable_functions')))</code> 判断</li>
<li>注意空格：<code>disable_functions = exec,passthru,phpinfo</code> 中的逗号后可能有空格，建议用 <code>array_map('trim', ...)</code> 处理</li>
<li>
<code>phpinfo()</code> 在 CLI 模式下默认不输出 HTML，而是纯文本，此时匹配逻辑要相应调整（比如搜 <code>"PHP Version"</code> 而非 HTML 标签）</li>
</ul>
<h3>
<a style="color:#f60; text-decoration:underline;" title="为什么" href="https://www.php.cn/zt/92702.html" target="_blank">为什么</a>不能用 get_defined_functions() 或 debug_backtrace() 检测</h3>
<p>因为 <code>phpinfo()</code> 是语言内置函数，不是用户定义函数，不会出现在 <code>get_defined_functions()['internal']</code> 的“已调用”列表里；<code>debug_backtrace()</code> 只能查当前调用栈，无法回溯历史调用。</p>
<div class="aritcle_card flexRow">
<div class="artcardd flexRow">
								<a class="aritcle_card_img" href="https://www.php.cn/ai/2392" title="萝卜简历"><img
										src="https://img.php.cn/upload/ai_manual/001/246/273/176352302537509.png" alt="萝卜简历"></a></p>
<div class="aritcle_card_info flexColumn">
									<a href="https://www.php.cn/ai/2392" title="萝卜简历">萝卜简历</a></p>
<p>免费在线AI简历制作工具，帮助求职者轻松完成简历制作。</p>
</p></div>
<p>								<a href="https://www.php.cn/ai/2392" title="萝卜简历" class="aritcle_card_btn flexRow flexcenter"><b></b><span>下载</span> </a>
							</div>
</p></div>
<p><span>立即学习</span>“<a href="https://pan.quark.cn/s/7fc7563c4182" style="text-decoration: underline !important; color: blue; font-weight: bolder;" rel="nofollow" target="_blank">PHP免费学习笔记（深入）</a>”；</p>
<p>更关键的是：即使你在一个文件里写了 <code>phpinfo()</code>，它也可能被前面的 <code>exit</code>、<code>die</code>、异常或 <code>http_response_code(403)</code> 阻断——所以“代码存在”不等于“已执行”。真正有意义的检测，永远落在输出结果或系统配置层面。</p>
<p>最易被忽略的一点：某些安全加固模块（如 Suhosin、Hardened PHP）不仅禁用函数，还会在 <code>phpinfo()</code> 输出中自动过滤敏感字段（如 <code>$_SERVER</code>、扩展路径），此时内容虽存在，但关键信息已被裁剪——光看是否有输出还不够，得校验字段完整性。</p>
<p><a href="https://www.php.cn/faq/1980853.html">https://www.php.cn/faq/1980853.html</a></p>
		</div><!-- .entry-excerpt -->
	</div>		</div>
	</article>
	<!-- #post-51101 -->
	<link rel='stylesheet' id='hopeui-comments-css' href='https://blog.wuxhqi.com/wp-content/themes/hopeui/assets/css/comments.min.css?ver=1.1.2' type='text/css' media='all' />
<div id="comments" class="comments-area">
		<div id="respond" class="comment-respond">
		<h3 id="reply-title" class="comment-reply-title">发表回复 <small><a rel="nofollow" id="cancel-comment-reply-link" href="/php%e6%80%8e%e6%a0%b7%e6%a3%80%e6%b5%8bphpinfo%e4%bf%a1%e6%81%af_php%e6%a3%80%e6%b5%8bphpinfo%e4%bf%a1%e6%81%af%e8%b0%83%e7%94%a8%e3%80%90%e6%9f%a5%e7%9c%8b%e3%80%91/#respond" style="display:none;">取消回复</a></small></h3><form action="https://blog.wuxhqi.com/wp-comments-post.php" method="post" id="commentform" class="comment-form">Your email address will not be published. Required fields are marked *<div class="comment-form-comment">
								<textarea id="comment" name="comment" placeholder="Comment" required="required"></textarea>
							</div><div class="row">
							<div class="col-lg-4">
								<div class="comment-form-author">
									<input id="author" name="author" aria-required="true" required="required" placeholder="Name*" />
								</div>
							</div>
<div class="col-lg-4">
							<div class="comment-form-email">
								<input id="email" name="email" required="required" placeholder="Email*" />
							</div>
						</div>
<div class="col-lg-4">
							<div class="comment-form-url">
								<input id="url" name="url"  placeholder="Website" />
							</div>
						</div>
					</div>
<div class="hopeui_style-check">
								<label>
									<input type="checkbox" required="required" /> <span class="checkmark"></span><span>Save my name, email, and website in this browser for the next time I comment.</span>
								</label>
							</div>
<p class="form-submit"><button name="submit" type="submit" id="submit" class="submit hopeui_style-button" value="Post Comment" >
					Post Comment
				</button> <input type='hidden' name='comment_post_ID' value='51101' id='comment_post_ID' />
<input type='hidden' name='comment_parent' id='comment_parent' value='0' />
</p><p style="display: none;"><input type="hidden" id="akismet_comment_nonce" name="akismet_comment_nonce" value="8d5ba408b9" /></p><p style="display: none !important;" class="akismet-fields-container" data-prefix="ak_"><label>Δ<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_1" name="ak_js" value="140"/><script>document.getElementById( "ak_js_1" ).setAttribute( "value", ( new Date() ).getTime() );</script></p></form>	</div><!-- #respond -->
	</div><!-- #comments --></div>					</div>
				</div>
			</main><!-- #primary -->
		</div>
	</div>
</div>
<footer class="footer hopeui_style-footer">
	<div class="copyright-footer">
	<div class="container">
		<div class="row">
			<div class="col-sm-12 m-0 text-center">
				<div class="pt-3 pb-3">
											<span class="copyright">
							Copyright © 2024. Theme by HopeUI						</span>
									</div>
			</div>
		</div>
	</div>
</div><!-- .site-info -->
</footer><!-- #colophon -->
	<!-- === back-to-top === -->
	<div id="back-to-top" class="hopeui_style-top">
		<a class="top" id="top" href="#top">
			<i aria-hidden="true" class="fa fa-caret-up"></i>
					</a>
	</div>
	<!-- === back-to-top End === -->
</div><!-- #page -->
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"/*"},{"not":{"href_matches":["/wp-*.php","/wp-admin/*","/wp-content/uploads/*","/wp-content/*","/wp-content/plugins/*","/wp-content/themes/hopeui/*","/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<script type="text/javascript" src="https://blog.wuxhqi.com/wp-includes/js/comment-reply.min.js?ver=6.9" id="comment-reply-js" async="async" data-wp-strategy="async" fetchpriority="low"></script>
<script type="text/javascript" src="https://blog.wuxhqi.com/wp-content/themes/hopeui/assets/js/select2.min.js?ver=1.1.2" id="select2-js"></script>
<script type="text/javascript" src="https://blog.wuxhqi.com/wp-content/themes/hopeui/assets/js/src/custom.js?ver=1.1.2" id="customizer-js"></script>
<script type="text/javascript" id="wp-statistics-tracker-js-extra">
/* <![CDATA[ */
var WP_Statistics_Tracker_Object = {"requestUrl":"https://blog.wuxhqi.com/wp-json/wp-statistics/v2","ajaxUrl":"https://blog.wuxhqi.com/wp-admin/admin-ajax.php","hitParams":{"wp_statistics_hit":1,"source_type":"post","source_id":51101,"search_query":"","signature":"847dd91cf21dee6fd5821786e631f006","endpoint":"hit"},"option":{"dntEnabled":false,"bypassAdBlockers":false,"consentIntegration":{"name":null,"status":[]},"isPreview":false,"userOnline":false,"trackAnonymously":false,"isWpConsentApiActive":false,"consentLevel":"functional"},"isLegacyEventLoaded":"","customEventAjaxUrl":"https://blog.wuxhqi.com/wp-admin/admin-ajax.php?action=wp_statistics_custom_event&nonce=7ea8625747","onlineParams":{"wp_statistics_hit":1,"source_type":"post","source_id":51101,"search_query":"","signature":"847dd91cf21dee6fd5821786e631f006","action":"wp_statistics_online_check"},"jsCheckTime":"60000"};
//# sourceURL=wp-statistics-tracker-js-extra
/* ]]> */
</script>
<script type="text/javascript" src="https://blog.wuxhqi.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=14.16" id="wp-statistics-tracker-js"></script>
<script defer type="text/javascript" src="https://blog.wuxhqi.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1763702869" id="akismet-frontend-js"></script>
<script id="wp-emoji-settings" type="application/json">
{"baseUrl":"https://s.w.org/images/core/emoji/17.0.2/72x72/","ext":".png","svgUrl":"https://s.w.org/images/core/emoji/17.0.2/svg/","svgExt":".svg","source":{"concatemoji":"https://blog.wuxhqi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.9"}}
</script>
<script type="module">
/* <![CDATA[ */
/*! This file is auto-generated */
const a=JSON.parse(document.getElementById("wp-emoji-settings").textContent),o=(window._wpemojiSettings=a,"wpEmojiSettingsSupports"),s=["flag","emoji"];function i(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function c(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data);e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0);const a=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data);return t.every((e,t)=>e===a[t])}function p(e,t){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var n=e.getImageData(16,16,1,1);for(let e=0;e<n.data.length;e++)if(0!==n.data[e])return!1;return!0}function u(e,t,n,a){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\udde8\ud83c\uddf6","\ud83c\udde8\u200b\ud83c\uddf6")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!a(e,"\ud83e\u1fac8")}return!1}function f(e,t,n,a){let r;const o=(r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):document.createElement("canvas")).getContext("2d",{willReadFrequently:!0}),s=(o.textBaseline="top",o.font="600 32px Arial",{});return e.forEach(e=>{s[e]=t(o,e,n,a)}),s}function r(e){var t=document.createElement("script");t.src=e,t.defer=!0,document.head.appendChild(t)}a.supports={everything:!0,everythingExceptFlag:!0},new Promise(t=>{let n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),c.toString(),p.toString()].join(",")+"));",a=new Blob([e],{type:"text/javascript"});const r=new Worker(URL.createObjectURL(a),{name:"wpTestEmojiSupports"});return void(r.onmessage=e=>{i(n=e.data),r.terminate(),t(n)})}catch(e){}i(n=f(s,u,c,p))}t(n)}).then(e=>{for(const n in e)a.supports[n]=e[n],a.supports.everything=a.supports.everything&&a.supports[n],"flag"!==n&&(a.supports.everythingExceptFlag=a.supports.everythingExceptFlag&&a.supports[n]);var t;a.supports.everythingExceptFlag=a.supports.everythingExceptFlag&&!a.supports.flag,a.supports.everything||((t=a.source||{}).concatemoji?r(t.concatemoji):t.wpemoji&&t.twemoji&&(r(t.twemoji),r(t.wpemoji)))});
//# sourceURL=https://blog.wuxhqi.com/wp-includes/js/wp-emoji-loader.min.js
/* ]]> */
</script>


<script type="text/javascript">
    var a_idx = 0;
    jQuery(document).ready(function ($) {
        $("body").click(function (e) {
            var a = new Array("❤富强❤", "❤民主❤", "❤文明❤", "❤和谐❤", "❤自由❤", "❤平等❤", "❤公正❤", "❤法治❤", "❤爱国❤", "❤敬业❤", "❤诚信❤", "❤友善❤");
            var $i = $("<span></span>").text(a[a_idx]);
            a_idx = (a_idx + 1) % a.length;
            var x = e.pageX, y = e.pageY;
            $i.css({
                "z-index": 99999,
                "top": y - 20,
                "left": x,
                "position": "absolute",
                "font-weight": "bold",
                "color": "rgb(" + ~~(255 * Math.random()) + "," + ~~(255 * Math.random()) + "," + ~~(255 * Math.random()) + ")"
            });
            $("body").append($i);
            $i.animate({"top": y - 180, "opacity": 0}, 1500, function () {
                $i.remove();
            });
        });
    });
</script>
<script>
/*(function($) {
$("div[class=content-area] img").each(function() {
        var src=$(this).attr("src");
        var new_src = "https://blog.wuxhqi.com/test.php?url=" + src;
        $(this).attr("src", new_src);
 });
})(jQuery);*/
</script>

</body>

</html><!--
Performance optimized by Redis Object Cache. Learn more: https://wprediscache.com

使用 PhpRedis (v5.3.2) 从 Redis 检索了 1360 个对象 (225 KB)。
-->