The phpinfo(); function generates a comprehensive information screen showing how PHP is configured on the system. This function is often used to check the system's PHP configuration, view installed modules, and analyze the server environment.

Basic Usage:

<?php
phpinfo();
?>

When this code is written to a .php file and run from a browser, it creates a page containing all the configuration information related to PHP.

Main Information Displayed on the phpinfo() Page:

PHP Version
Installed PHP modules (curl, mbstring, openssl, gd, etc.)
Path to the PHP ini file (Loaded Configuration File)
Active ini settings and values (e.g., upload_max_filesize, memory_limit)
Server API (Apache, Nginx, FPM, CGI)
Environment variables (ENV)
HTTP headers
Global variables such as $_SERVER, $_GET, $_POST

When to Use?

To check if the php.ini file is loaded correctly
To see if a specific module (e.g., ionCube, PDO, mbstring) is installed
To verify the PHP version and configuration settings
To test HTTP information sent to the server from the outside

Security Warning:

Since the phpinfo(); output contains very detailed system information, it should not be left open on live (public) servers. The following are particularly valuable to attackers:

PHP version
Installed modules
Server directory structures
HTTP header details

Safe Usage Recommendation:

Test files such as phpinfo.php should only be created temporarily and deleted when finished.
Access to this file can be restricted with .htaccess:

<Files "phpinfo.php">
  Require ip 127.0.0.1
</Files>

Alternative: Viewing Only Specific Information

phpinfo(INFO_MODULES);
phpinfo(INFO_CONFIGURATION);
phpinfo(INFO_ENVIRONMENT);

In this way, only the relevant sections can be listed instead of all the information.

The phpinfo(); function is an indispensable tool for PHP developers and system administrators in configuration verification. However, it should be used carefully and for a limited time in a production environment.