PHP Security Consortium released PhpSecInfo 0.2.1 an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. The new release fixed some significant bugs, from the changelog :
- uid and gid tests now correctly test the user and group that PHP is executing as (requires that exec() or posix functions are enabled)
- Changed upload_max_filesize and post_max_size return “OK” if current value is equal to recommended value
- fixed nonstandard naming with a couple locally used constants
- fixed problem with XHTML validity in cases of not run tests
