1.2.424. Environment Variable Usage

This rule collects all environment variables used in the application, for inventory purposes. Environment variables are detected with the usage of the $_SERVER superglobal variable, or calls to the getenv() and setenv() native functions.

This helps catalog the interactions between the application and its host environment.

<?php

echo $_SERVER['MY_GLOBAL'];

print getenv('DB_HOST');

setenv('SPECIAL_KEY', $calculatedKey);

?>

See also Variable scope.

1.2.424.1. Specs

Short name	Dump/EnvironnementVariables
Rulesets	All, CE, Changed Behavior, Dump
Exakat since	1.9.5
PHP Version	All
Severity	Minor
Time To Fix	Quick (30 mins)
Precision	High
Available in	Entreprise Edition, Community Edition, Exakat Cloud