B.8. phpinfo( )
The phpinfo( ) function produces a page of information about PHPwhich version is running, how it is configured, and so forth. Because the output of phpinfo( ) is so informative, I recommend restricting access to any resource that uses this function.
If you use the technique described in Chapter 8 to protect your database access credentials, you want to be sure that you never display the output of phpinfo( ) to the public because it exposes the contents of the $_SERVER superglobal array.