enable_dl is on by default and allows open_basedir restrictions, which limit the files a script can access, to be ignored. For that reason, it's a dangerous option and should be explicitly turned off.

This rule raises an issue when enable_dl is not explicitly set to 0 in php.ini.

Noncompliant Code Example

; php.ini
enable_dl=1  ; Noncompliant

Compliant Solution

; php.ini
enable_dl=0

See