Script kiddies quite like to abuse some of these functions amongst others:
show_source, system, shell_exec, passthru, exec, popen, proc_openStop them in their tracks by securing PHP in DirectAdmin:
cd /usr/local/directadmin/custombuild/./build secure_php