1.2.428. Environment Variable Usage¶
This rule collects all environment variables used in the application, for inventory purposes. Environment variables are detected with the usage of the $_SERVER
superglobal variable, or calls to the getenv() and setenv() native functions.
This helps catalog the interactions between the application and its host environment.
<?php
echo $_SERVER['MY_GLOBAL'];
print getenv('DB_HOST');
setenv('SPECIAL_KEY', $calculatedKey);
?>
See also Variable scope.
1.2.428.1. Specs¶
Short name |
Dump/EnvironnementVariables |
Rulesets |
|
Exakat since |
1.9.5 |
PHP Version |
All |
Severity |
Minor |
Time To Fix |
Quick (30 mins) |
Precision |
High |
Available in |