;;;;;;;;;;;;;;;;;;
;; Author: Jin Buguo
;; Date: 2006.11.12
;;;;;;;;;;;;;;;;;
;; Copyright Statement ;;
;;;;;;;;;;;;;;;;;
; The author of this article is a free software enthusiast, so although this article is not software, it is released in the spirit of the GPL.
; Anyone can freely use, reproduce, copy and redistribute, but the author's attribution must be retained,
; Nor may any terms in the statement be modified in any form, nor may any other conditions be attached.
; You can freely link, download, and disseminate this document, but the prerequisite is that the full text must be reproduced in its entirety, including complete copyright information and the translator's statement.
;
; The author of this article is very willing to share the fruits of his labor with others. If you are interested in my other translation works or technical articles,
; A list of existing titles can be viewed at:
; http://lamp.linux.gov.cn/jinbuguo_florilegium.html
;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; BUG report, discussion and discussion ;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Due to the limited level of the author, there is no guarantee that the content of the work is accurate, please make your own identification while reading.
; If you find an error in the work, please write to me to point it out, even if it is a typo. I will humbly accept any suggestions to improve the quality of the work.
; If you are willing to further discuss and discuss the relevant content in the work with me, you are also welcome to contact me.
; Contact information: Email: csfrank@citiz.net; QQ: 70171448; MSN: csfrank122@hotmail.com
;
;;;;;;;;;;;;;;;
;; Introduction ;;
;;;;;;;;;;;;;;;
; This article is not a simple translation of the English version of php.ini, but based on my own understanding after referring to many materials,
; Based on the original php.ini, some configuration instructions for practical modules have been added, and the arrangement of the file content has been adjusted.
; Since the author doesn't like no-free stuff, other database module configuration options except MySQL and PostgreSQL have been removed.
;;;;;;;;;;;;;;;;;;
;; About php.ini ;;
;;;;;;;;;;;;;;;;;;
; This file must be named 'php.ini' and placed in the directory specified by the PHPIniDir directive in httpd.conf.
; The latest version of php.ini can be viewed at the following two locations:
; http://cvs.php.net/viewvc.cgi/php-src/php.ini-recommended?view=co
; http://cvs.php.net/viewvc.cgi/php-src/php.ini-dist?view=co
;;;;;;;;;;;;;
;; Grammar ;;
;;;;;;;;;;;;;
; The syntax of this file is very simple. Whitespace characters and lines starting with semicolons are simply ignored.
; Section titles (eg: [php]) are also simply ignored, even though they may have some meaning in the future.
;
; The format of the setting command is as follows:
; directive = value
; Directive names are case-sensitive! So "foo=bar" is different from "FOO=bar".
; Value can be:
; 1. A string delimited by quotation marks (such as: "foo")
; 2. A number (integer or floating point number, such as: 0, 1, 34, -1, 33.55)
; 3. A PHP constant (such as: E_ALL, M_PI)
; 4. An INI constant (On, Off, none)
; 5. An expression (such as: E_ALL & ~E_NOTICE)
;
; Expressions in INI files only use: bitwise operators, logical NOT, parentheses:
; | bit or
; & bits and
; ~ bit non
; ! Logical NOT
;
; The Boolean flag is On to indicate on and Off to indicate off.
;
; An empty string can be represented by not writing anything after the equal sign, or using the none keyword:
; foo = ; ; Set foo to an empty string
; foo = none ; Set foo to an empty string
; foo = "none" ; Set foo to the string 'none'
;
; If you use constants from dynamic extensions (PHP extensions or Zend extensions) in directive values,
; Then you can only use these constants after loading these dynamically expanded command lines.
;;;;;;;;;;;;;;;;;;;
;; httpd.conf ;;
;;;;;;;;;;;;;;;;;;;
; You can also override the value of php.ini in httpd.conf for more flexible configuration:
; php_value name value ; Set a non-bool type command. Set value to none to clear the previous setting
; php_flag name on|off ;Only used to set bool type instructions
;
; PHP constants (such as E_ALL) can only be used in php.ini, and the corresponding mask value must be used in httpd.conf.
; Commands with the "SYS" flag can only be used in the global configuration section of httpd.conf,
; Directives with the "ini" flag cannot be used in httpd.conf, they can only be used in php.ini.
;================================================== =========================================
;;====================================Detailed explanation of configuration instructions======== ================================
;================================================== =========================================
; The settings for each of the following directives are the same as the built-in defaults in PHP-5.2.0.
; That is, if 'php.ini' does not exist, or if you delete certain lines, the default value will be the same.
;;;;;;;;;;;;;;;
;; Apache ;;
;;;;;;;;;;;;;;;
[Apache]
; Only valid when using PHP as an Apache module.
engine = On
; Whether to enable the PHP parsing engine.
; The PHP parsing engine can be turned on or off based on directory or virtual host in httpd.conf.
last_modified = Off
; Whether to place the last modification time of the PHP script in the Last-Modified response header.
xbithack = Off
; Whether to parse it as a PHP executable byte group regardless of what the end of the file is.
child_terminate = Off
; Whether the PHP script is allowed to use the apache_child_terminate() function to terminate the child process after the request ends.
; This directive is only available when PHP is installed as an Apache1.3 module on UNIX platforms. It does not exist in any other case.
;;;;;;;;;;;;;;;;
;; PHP Core ;;
;;;;;;;;;;;;;;;;
[PHP-Core-DateTime]
; The first four configuration options are currently only used by the date_sunrise() and date_sunset() functions.
date.default_latitude = 31.7667
;Default latitude
date.default_longitude = 35.2333
;Default longitude
date.sunrise_zenith = 90.583333
;Default sunrise zenith
date.sunset_zenith = 90.583333
;Default sunset zenith
date.timezone =
; The default time zone used for all date and time functions when the TZ environment variable is not set.
; Mainland China should use "PRC"
; The priority order of application time zones is:
; 1. The time zone set using the date_default_timezone_set() function (if set)
; 2. TZ environment variable (if not empty)
; 3. The value of this command (if set)
; 4. PHP speculates by itself (if the operating system supports it)
; 5. If none of the above succeeds, use UTC
[PHP-Core-Assert]
assert.active = On
; Whether to enable assert() assertion evaluation
assert.bail = Off
; Whether to abort script execution when a failed assertion occurs
assert.callback =
; Callback function executed when a failed assertion occurs
assert.quiet_eval = Off
; Whether to use quiet evaluation (no error messages are displayed, equivalent to error_reporting=0).
; If off, the current error_reporting directive value is used when evaluating assertion expressions.
assert.warning = On
; Whether to issue a warning for every failed assertion
[PHP-Core-SafeMode]
; Safe mode is set up to solve the security problems of shared servers.
; But trying to solve this problem at the PHP layer is structurally unsound,
; The correct approach should be to modify the web server layer and operating system layer.
; Therefore, safe mode is abolished in PHP6 and is intended to be replaced by the open_basedir directive.
safe_mode = Off
;SYS
; Whether to enable safe mode.
; When opening, PHP will check whether the owner of the current script is the same as the owner of the file being operated,
; If they are the same, the operation is allowed; if they are different, the operation is denied.
safe_mode_gid = Off
;SYS
; In safe mode, a UID comparison check is performed by default when accessing files.
; But in some cases strict UID checking is not suitable, and loose GID checking is enough.
; If you want to relax this to only do GID comparisons, you can turn this parameter on.
safe_mode_allowed_env_vars = "PHP_"
;SYS
; A comma-separated list of prefixes for environment variables that users can only change in safe mode.
; Allows users to set certain environment variables, which may lead to potential security vulnerabilities.
; Note: If the value of this parameter is empty, PHP will allow the user to change any environment variable!
safe_mode_protected_env_vars = "LD_LIBRARY_PATH"
;SYS
; A comma-separated list of environment variables that users cannot change in safe mode.
; These variables will be protected even when the safe_mode_allowed_env_vars directive is set to allowed.
safe_mode_exec_dir = "/usr/local/php/bin"
;SYS
; In safe mode, only executable programs in this directory are allowed to be executed by functions that execute system programs.
; These functions are: system, escapeshellarg, escapeshellcmd, exec, passthru,
; proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec
safe_mode_include_dir =
;SYS
; In safe mode, UID/GID checking will be skipped when files in this group directory and its subdirectories are included.
; In other words, if the value here is empty, any file whose UID/GID does not match will not be allowed to be included.
; The directory set here must already exist in the include_path directive or be included with a full path.
; Use colons (semicolons under Win) to separate multiple directories.
; The specified limit is actually a prefix, not a directory name,
; That means "/dir/incl" will allow access to "/dir/include" and "/dir/incls"
; If you wish to restrict access to a specific directory, add a trailing slash.
sql.safe_mode = Off
;SYS
; Whether to use SQL safe mode.
; If on, database connection functions that specify default values will use these default values instead of supported parameters.
; For the connection function of each different database, please refer to the corresponding manual page for its default value.
[PHP-Core-Safe]
allow_url_fopen = On
;ini
; Whether to allow opening remote files
allow_url_include = Off
;SYS
; Whether to allow include/require remote files.
disable_classes =
;ini
; This directive accepts a comma-separated list of class names to disable specific classes.
disable_functions =
;ini
; This directive accepts a comma-separated list of function names to disable specific functions.
enable_dl = On
;SYS
; Whether to allow the use of dl() function. The dl() function only works when PHP is installed as an apache module.
; Disabling the dl() function is mainly for security reasons, because it can bypass the restrictions of the open_basedir directive.
; Always disable the dl() function in safe mode, regardless of what is set here.
expose_php = On
;ini
; Whether to expose the fact that PHP is installed on the server (add its signature in the http header).
; It poses no direct security threat, but it lets the client know that PHP is installed on the server.
open_basedir =
;SYS
; Restrict all files (including the files themselves) that PHP is allowed to operate to this group of directory lists.
; When a script attempts to open a file outside the specified directory tree, it will be rejected.
; All symbolic links are resolved, so it is not possible to circumvent this restriction through symbolic links.
; The special value '.' specifies that the directory where the script is stored will be used as the base directory.
; But this is somewhat dangerous, because the script's working directory can be easily changed by chdir().
; For shared servers, it will be very useful to flexibly set this directive in httpd.conf.
; Use semicolons to separate directories on Windows and colons on UNIX systems.
; When used as an Apache module, the open_basedir path in the parent directory will be automatically inherited.
; The specified limit is actually a prefix, not a directory name,
; That is to say, "/dir/incl" will allow access to "/dir/include" and "/dir/incls",
; If you wish to restrict access to a specific directory, add a trailing slash.
; The default is to allow all files to be opened.
[PHP-Core-Error]
error_reporting = E_ALL & ~E_NOTICE
; The error reporting level is a superposition of bit fields. It is recommended to use E_ALL | E_STRICT
; 1 E_ERROR Fatal runtime error
; 2 E_WARNING Runtime warning (non-fatal error)
; 4 E_PARSE Compile time parsing error
; 8 E_NOTICE Runtime reminder (often a bug, maybe intentional)
; 16 E_CORE_ERROR Fatal error during initialization during PHP startup
; 32 E_CORE_WARNING Warning during initialization process when PHP starts (non-fatal error)
; 64 E_COMPILE_ERROR Fatal error during compilation
; 128 E_COMPILE_WARNING Compile time warning (non-fatal error)
; 256 E_USER_ERROR User-defined fatal error
; 512 E_USER_WARNING User-defined warning (non-fatal error)
; 1024 E_USER_NOTICE User-defined reminder (often a bug, maybe intentional)
; 2048 E_STRICT Coding standardization warning (recommended how to modify for forward compatibility)
; 4096 E_RECOVERABLE_ERROR A near-fatal runtime error. If not caught, it will be treated as E_ERROR
; 6143 E_ALL All errors except E_STRICT (8191 in PHP6, including all)
track_errors = Off
; Whether to save the latest error or warning message in the variable $php_errormsg.
display_errors = On
; Whether to display error messages as part of the output.
; On the final published web site, it is strongly recommended that you turn this feature off and use error logging instead (see below).
; Turning this feature on in the final published website may expose some security information,
; Such as file paths, database plans or other information on your web service.
display_startup_errors = Off
; Whether to display PHP startup errors.
; Even if the display_errors directive is turned on, turning this parameter off will not display PHP startup errors.
; It is recommended that you turn this feature off unless you must use it for debugging.
report_memleaks = On
; Whether to report memory leaks. This parameter only works in PHP compiled in debug mode,
; and must include E_WARNING
in the error_reporting directive
report_zend_debug = On
; No documentation yet
html_errors = On
; Whether to use HTML tags in error messages.
; NOTE: Do not use this feature on published sites!
docref_root = ;"http://localhost/phpmanual/"
docref_ext = ;".html"
; If the html_errors directive is turned on, PHP will display a hyperlink on the error message,
; Link directly to a page describing the error or the function that caused the error.
; You can download the php manual from http://www.php.net/docs.php,
; and point the docref_root directive to the URL directory where your local manual is located.
; You must also set the docref_ext directive to specify the file extension (must contain '.').
; NOTE: Do not use this feature on published sites.
error_prepend_string = ;""
; String used for output before error message
error_append_string = ;""
; String used for output after error message
xmlrpc_errors = Off
xmlrpc_error_number = 0
; No documentation yet
[PHP-Core-Logging]
define_syslog_variables = Off
; Whether to define various system log variables, such as: $LOG_PID, $LOG_CRON, etc.
; Good idea to turn it off to be more efficient.
; You can define these variables at runtime by calling the define_syslog_variables() function.
error_log =
; Which file to log errors to. The file must be writable by the web server user.
; syslog means recording to the system log (event log under NT, syslog(3) under Unix)
; If no value is set here, errors will be logged to the web server's error log.
log_errors = Off
; Whether to record errors in the log file, and where to record them depends on the error_log directive.
; It is strongly recommended that you use logging errors instead of direct output when you finally publish the web site,
; This lets you know what went wrong without exposing sensitive information.
log_errors_max_len = 1024
; Set the maximum length of error sources associated with error messages appended to the error log.
; The value set here is valid for displayed and logged errors as well as $php_errormsg.
; Set to 0 to allow unlimited length.
ignore_repeated_errors = Off
; Whether to ignore repeated error messages when recording error logs.
; Error messages must appear on the same line in the same file to be considered duplicates.
ignore_repeated_source = Off
; Whether to ignore duplicate error sources when ignoring duplicate error messages.
[PHP-Core-Mail]
; For the mail functions to be available, PHP must have access to the sendmail program at compile time.
; If using other mail programs, such as qmail or postfix, make sure to use the corresponding sendmail wrapper.
; PHP will first search for sendmail in the system's PATH environment variable, and then search in the following order:
; /usr/bin:/usr/sbin:/usr/etc:/etc:/usr/ucblib:/usr/lib
; It is strongly recommended that sendmail can be found in PATH.
; In addition, the user compiling PHP must have access to the sendmail program.
SMTP = "localhost"
; The host name or IP address of the SMTP server used to send mail in the mail() function. Only for win32.
smtp_port = 25
; The port number of the SMTP server. Only for win32.
sendmail_from =
; The email address in the "From:" header used when sending emails. Only for win32
; This option also sets the "Return-Path:" header.
sendmail_path = "-t -i"
;SYS
; Only for unix, also supports parameters (default is 'sendmail -t -i')
; The path of the sendmail program, usually "/usr/sbin/sendmail or /usr/lib/sendmail".
; The configure script will try to find the program and set it as the default, but if that fails, it can be set here.
; Systems that do not use sendmail should set this command to the sendmail alternative (if one exists).
; For example, Qmail users can usually set it to "/var/qmail/bin/sendmail" or "/var/qmail/bin/qmail-inject".
; qmail-inject does not require any options to process mail correctly.
mail.force_extra_parameters =
; Mandatory additional parameter values passed to the sendmail library as additional parameters.
; These parameters always replace the 5th parameter of mail(), even in safe mode.
[PHP-Core-ResourceLimit]
default_socket_timeout = 60
;Default socket timeout (seconds)
max_execution_time = 30
; Maximum allowed execution time of each script (seconds), 0 means no limit.
; This parameter helps prevent inferior scripts from endlessly occupying server resources.
; This directive only affects the running time of the script itself, any other time spent outside of the script running,
; For example, the use of system()/sleep() functions, database queries, file uploads, etc. are not included.
; In safe mode, you cannot use ini_set() to change this setting at runtime.
memory_limit = 16M
; The maximum number of memory bytes that a script can apply for (K and M can be used as units).
; This helps prevent bad scripts from consuming all the memory on the server.
; To be able to use this directive the "--enable-memory-limit" configuration option must be used during compilation.
; If you want to remove the memory limit, you must set it to -1.
; After setting this directive, the memory_get_usage() function will become available.
max_input_time = -1
; Maximum allowed time (seconds) for each script to parse input data (POST, GET, upload).
; -1 means no limit.
post_max_size = 8M
; Maximum byte length allowed for POST data. This setting also affects file uploads.
; If the POST data exceeds the limit, $_POST and $_FILES will be empty.
; To upload large files, this value must be greater than the value of the upload_max_filesize directive.
; If memory limit is enabled, this value should be smaller than the value of the memory_limit directive.
realpath_cache_size = 16K
;SYS
; Specifies the realpath (normalized absolute path name) buffer size used by PHP.
; This value should be increased to improve performance on systems where PHP opens a large number of files.
realpath_cache_ttl = 120
;SYS
; Validity period (seconds) of the information in the realpath buffer.
; For systems where files rarely change, this value can be increased to improve performance.
[PHP-Core-FileUpLoad]
file_uploads = On
;SYS
; Whether to allow HTTP file upload.
; See upload_max_filesize, upload_tmp_dir, post_max_size instructions
upload_max_filesize = 2M
; Maximum size of files allowed to be uploaded.
upload_tmp_dir =
;SYS
; The temporary directory where files are stored when uploading files (must be a directory writable by the PHP process user).
; If not specified PHP uses the system default temporary directory.
[PHP-Core-MagicQuotes]
; PHP6 will cancel the magic quotes, which is equivalent to all the following instructions being Off
magic_quotes_gpc = On
; Whether to use automatic string escaping ( ' " NULL ) for input GET/POST/Cookie data.
; The settings here will automatically affect the value of the $_GEST $_POST $_COOKIE array.
; If this command is turned on at the same time as the magic_quotes_sybase command, only single quotes (') will be escaped to (''),
; Other special characters will not be escaped, i.e. ( " NULL ) will remain intact!!
; It is recommended to turn off this feature and use a custom filter function.
magic_quotes_runtime = Off
; Whether to use automatic string escaping ( ' " NULL ) for data generated from external resources at runtime.
; If this directive is turned on, data returned by most functions from external resources (databases, text files, etc.) will be escaped.
; For example: data obtained by SQL query, data obtained by exec() function, etc.
; If this command is turned on at the same time as the magic_quotes_sybase command, only single quotes (') will be escaped to (''),
; Other special characters will not be escaped, i.e. ( " NULL ) will remain intact!!
; It is recommended to turn off this feature and use a custom filter function depending on the situation.
magic_quotes_sybase = Off
; Whether to use Sybase-style automatic string escaping (use '' to represent ')
[PHP-Core-HighLight]
highlight.bg = "#FFFFFF"
highlight.comment = "#FF8000"
highlight.default = "#0000BB"
highlight.html = "#000000"
highlight.keyword = "#007700"
highlight.string = "#DD0000"
; Color for syntax highlighting mode (usually used for displaying .phps files).
; Anything acceptable by will work fine.
[PHP-Core-Langue]
short_open_tag = On
; Whether the "" short identifier is allowed. Otherwise the "" long identifier must be used.
; Do not use short tags unless your PHP program is running in a controlled environment and for your own use only.
; If you want to use PHP with XML, you can choose to turn off this option to facilitate direct embedding of "",
; Otherwise you have to use PHP to output:
; This directive also affects the abbreviation "
asp_tags = Off
; Whether to allow the ASP-style tag "<% %>", which will also affect the abbreviation "<%=".
; This directive will be removed in PHP6
arg_separator.output = "&"
; The delimiter used to separate parameters in the URL generated by PHP.
; In addition, you can also use "&" or "," and so on.
arg_separator.input = "&"
; A list of delimiters used by PHP when parsing variables in URLs.
; Each character in the string will be treated as a delimiter.
; In addition, you can also use ",&" and so on.
allow_call_time_pass_reference = On
; Whether to force parameters to be passed by reference in function calls (you will receive a warning every time you use this feature).
; PHP opposes this approach and will no longer support it in future versions because it affects the cleanliness of the code.
; It is encouraged to explicitly specify in the function declaration which parameters are passed by reference.
; We encourage you to turn this option off to ensure that your scripts will still work properly in future versions of the language.
auto_globals_jit = On
; Whether to create it only when the $_SERVER and $_ENV variables are used (instead of automatically creating them when the script is started).
; If these two arrays are not used in the script, turning this directive on will result in a performance improvement.
; For this directive to take effect, the register_globals and register_long_arrays directives must be turned off.
auto_prepend_file =
auto_append_file =
; Specify filenames to be automatically parsed before/after the main file. Empty disables this feature.
; The file is included as if the include() function was called, so the value of the include_path directive is used.
; NOTE: If the script terminates via exit(), automatic suffixing will not occur.
variables_order = "EGPCS"
; PHP registers the order of Environment, GET, POST, Cookie, Server variables.
; Represented by E, G, P, C, S respectively, registered from left to right, the new value overwrites the old value.
; For example, setting to "GP" will cause a POST variable to overwrite a GET variable with the same name,
; and completely ignore Environment, Cookie, Server variables.
; It is recommended to use "GPC" or "GPCS" and use the getenv() function to access environment variables.
register_globals = Off
; Whether to register E, G, P, C, S variables as global variables.
; Turning this directive on may cause serious security problems unless your scripts are checked very carefully.
; It is recommended to use predefined superglobal variables: $_ENV, $_GET, $_POST, $_COOKIE, $_SERVER
; This directive is affected by the variables_order directive.
; This directive has been removed in PHP6.
register_argc_argv = On
; Whether to declare $argv and $argc global variables (including information using the GET method).
; It is recommended not to use these two variables and turn off this directive to improve performance.
register_long_arrays = On
; Whether to enable old-style long arrays (HTTP_*_VARS).
; Encourage the use of short-form predefined superglobal arrays and turn this feature off for better performance.
; This directive has been removed in PHP6.
always_populate_raw_post_data = Off
; Whether to always generate the $HTTP_RAW_POST_DATA variable (raw POST data).
; Otherwise, this variable is generated only when data of an unrecognized MIME type is encountered.
; However, a better way to access the raw POST data is php://input .
; $HTTP_RAW_POST_DATA is not available for form data with enctype="multipart/form-data".
unserialize_callback_func =
; If the deserialization handler needs to instantiate an undefined class,
; The callback function specified here will be called by unserialize() with the name of the undefined class as a parameter,
; To avoid getting incomplete "__PHP_Incomplete_Class" objects.
; If no function is specified here, or the specified function does not contain (or implement) the undefined class, a warning message will be displayed.
; So only set this directive if you really need to implement such a callback function.
; To disable this feature, simply leave it blank.
y2k_compliance = On
; Whether to force the 2000 adaptation to be turned on (may cause problems in non-Y2K compliant browsers).
zend.ze1_compatibility_mode = Off
; Whether to use a mode compatible with Zend Engine I (PHP 4.x).
; This will affect object copying, construction (objects without attributes will produce FALSE or 0), and comparison.
; In compatibility mode, objects will be passed by value instead of the default pass by reference.
precision = 14
; The number of significant digits displayed in floating-point data.
serialize_precision = 100
; The precision (significant number of digits) when serializing and storing floating-point and double-precision data.
; The default value ensures that floating point data is decoded by the deserializer without losing data.
[PHP-Core-OutputControl]
; Output control functions are useful, especially when sending HTTP headers after information has been output.
; The output control function will not act on HTTP headers sent by functions such as header() or setcookie(),
; It will only affect information similar to the output of the echo() function and the information embedded in the PHP code.
implicit_flush = Off
; Whether to require the PHP output layer to automatically refresh data after each output block.
; This is equivalent to automatically calling the flush() function after each print(), echo(), HTML block.
; Turning this option on has a serious impact on the performance of program execution and is generally only recommended for debugging.
; In CLI SAPI execution mode, this command defaults to On.
output_buffering = 0
; Output buffer size (bytes). The recommended value is 4096~8192.
; Output buffering allows you to send HTTP headers (including cookies) even after outputting the body content.
; The price is that the output layer slows down a little.
; Setting up output buffering can reduce writes and sometimes the sending of network packets.
; The actual benefit of this parameter depends greatly on what web server you are using and what kind of script.
output_handler =
; Redirect the output of all scripts to an output handling function.
; For example, when redirecting to the mb_output_handler() function, the character encoding will be transparently converted to the specified encoding.
; Once you specify an output handler here, output buffering will automatically be turned on (output_buffering=4096).
; Note 0: Only PHP built-in functions can be used here, custom functions should be specified using ob_start() in the script.
; Note 1: Portable scripts must not rely on this directive, but should use the ob_start() function to explicitly specify the output processing function.
; Using this command may cause errors in scripts you are not familiar with.
; Note 2: You cannot use the two output processing functions "mb_output_handler" and "ob_iconv_handler" at the same time.
; You cannot use the "ob_gzhandler" output processing function and the zlib.output_compression directive at the same time.
; Note 3: If you use the zlib.output_handler directive to enable zlib output compression, this directive must be empty.
[PHP-Core-Directory]
doc_root =
;SYS
; PHP's "root directory". Only valid when non-empty.
; If safe_mode=On, all files outside this directory will be rejected.
; If FORCE_REDIRECT is not specified when compiling PHP and is run in CGI mode on a non-IIS server,
; then this directive must be set (see the Security section in the manual).
; An alternative is to use the cgi.force_redirect directive.
include_path = ".:/path/to/php/pear"
; Specify a set of directories for the require(), include(), and fopen_with_path() functions to find files.
; The format is similar to the system's PATH environment variable (separated by colons under UNIX and semicolons under Windows):
; UNIX: "/path1:/path2"
; Windows: "path1;path2"
; Use '.' in the include path to allow relative paths, which represent the current directory.
user_dir =
;SYS
; Tell PHP which directory to look for when opening the script using /~username. It is only valid when it is not empty.
; That is, use the basic directory name of the PHP file under the user directory, for example: "public_html"
extension_dir = "/path/to/php"
;SYS
; The directory where extension libraries (modules) are stored, which is the directory used by PHP to find dynamic extension modules.
; The default under Windows is "C:/php5"
[PHP-Core-HTTP]
default_mimetype = "text/html"
default_charset = ;"gb2312"
; PHP will automatically output the "Content-Type: text/html" HTTP header by default.
; If the default_charset directive is set to "gb2312",
; then "Content-Type: text/html; charset=gb2312" will be automatically output.
[PHP-Core-Unicode]
detect_unicode = On
; No documentation yet
[PHP-Core-Misc]
auto_detect_line_endings = Off
; Whether to let PHP automatically detect end-of-line characters (EOL).
; If your script must handle Macintosh files,
; Or you are running on a Macintosh and need to process unix or win32 files at the same time,
; Turning on this directive allows PHP to automatically detect EOL so that the fgets() and file() functions can work properly.
; But it will also cause incompatible behavior for people who use the carriage return (CR) as the project separator under Unix systems.
; Additionally, there is a small performance penalty when detecting the EOL habit of the first row.
browscap = ;"c:/windows/system32/inetsrv/browscap.ini"
;SYS
; Only PWS and IIS require this setting
; You can download it from http://www.garykeith.com/browsers/downloads.asp
; Get a browsercap.ini file.
ignore_user_abort = Off
; Whether to insist on completing the entire request even after the user aborts the request.
; You should consider opening it when performing a long request,
; Because long requests may cause the user to abort midway or the browser to time out.
user_agent = ;"PHP"
; Define "User-Agent" string
;url_rewriter.tags = "a=href,area=href,frame=src,form=,fieldset="
; Although this directive belongs to the core part of PHP, it is used for the configuration of the Session module
extension
; Load dynamic extensions when PHP starts. For example: extension=mysqli.so
; "=" After that, only the name of the module file can be used, and no path information can be included.
; Path information should only be provided by the extension_dir directive.
;Idea, on Windows, the following extensions are already built-in:
; bcmath ; calendar ; com_dotnet ; ctype ; session ; filter ; ftp ; hash
; iconv ; json ; odbc ; pcre ; Reflection ; date ; libxml ; standard
; tokenizer ; zlib ; SimpleXML ; dom ; SPL ; wddx ; xml ; xmlreader ; xmlwriter
[PHP-Core-CGI]
; These instructions are only valid when running PHP in CGI mode
cgi.discard_path = Off
; No documentation yet
cgi.fix_pathinfo = On/Off(??)
; Whether to provide real PATH_INFO/PATH_TRANSLATED support for CGI (comply with the cgi specification).
; The previous behavior was to set PATH_TRANSLATED to SCRIPT_FILENAME regardless of PATH_INFO.
; Turning this option on will cause PHP to correct its paths to comply with the CGI specification, otherwise the old non-conforming behavior will still be used.
; You are encouraged to turn this directive on and correct your script to use SCRIPT_FILENAME instead of PATH_TRANSLATED.
; See the cgi specification for more information on PATH_INFO.
cgi.force_redirect = On
; Whether to enable cgi forced redirection. It is highly recommended to turn it on to provide security for PHP running in CGI mode.
; If you turn it off yourself, please be responsible for the consequences.
; NOTE: This must be turned off on IIS/OmniHTTPD/Xitami!
cgi.redirect_status_env =
; If cgi.force_redirect=On and PHP is running under a server other than Apache and Netscape,
; You may need to set a cgi redirection environment variable name, PHP will look for it to know whether it can continue execution.
; Setting this variable can lead to security vulnerabilities, please be sure to know what you are doing before setting it.
cgi.rfc2616_headers = 0
; Specifies what headers PHP uses when sending HTTP response codes.
; 0 means sending a "Status: " header, supported by Apache and other web servers.
; If set to 1, PHP uses the RFC2616 standard header.
; Unless you know what you are doing, keep its default value 0
cgi.nph = Off
; Whether to force all requests to send the "Status: 200" status code in CGI mode.
fastcgi.impersonate = Off
; FastCGI in IIS supports the ability to impersonate client security tokens.
; This enables IIS to define the security context of the request upon which the runtime is based.
; mod_fastcgi in Apache does not support this feature (03/17/2002)
; Set to On if running in IIS, default is Off.
fastcgi.logging = On
; Whether to log connections made through FastCGI.
[PHP-Core-Weirdy]
; These options only exist in the documentation, but not in the output of the phpinfo() function
async_send = Off
; Whether to send asynchronously.
from = ;"john@doe.com"
; Define the password for anonymous ftp (an email address)
;;;;;;;;;;;;;;;;;;;;;
;; Near core module ;;
;;;;;;;;;;;;;;;;;;;
[Pcre]
;Perl compatible regular expression module
pcre.backtrack_limit = 100000
; Maximum number of backtracking steps for PCRE.
pcre.recursion_limit = 100000
; The maximum recursion depth of PCRE.
; If you set this value very high, it may exhaust the process's stack space and cause PHP to crash.
[Session]
; Unless a variable is registered using session_register() or $_SESSION.
; Otherwise, no session records will be automatically added regardless of whether session_start() is used.
; Objects that include resource variables or have circular references. Objects that contain references to themselves cannot be saved in the session.
; The register_globals directive affects the storage and restoration of session variables.
session.save_handler = "files"
; The name of the handler for storing and retrieving data associated with the session. Defaults to files ("files").
; If you want to use a custom processor (such as a database-based processor), use "user".
; There is a processor using PostgreSQL: [url]http://sourceforge.net/projects/phpform-ext/[/url]
session.save_path = "/tmp"
; Parameters passed to the storage processor. For the files processor, this value is the path to the session data file where the session data file was created.
; The default is the temporary folder path under Windows.
; You can define the path using the pattern "N;[MODE;]/path" (N is an integer).
; N means using N-level subdirectories instead of saving all data files in one directory.
; [MODE;] Optional, must use octal number, default 600 (=384), indicating the maximum number of session files saved in each directory.
; This is a good idea to improve performance for large numbers of sessions.
; Note 0: The double quotes around "N;[MODE;]/path" cannot be omitted.
; Note 1: [MODE;] does not rewrite the umask of the process.
; Note 2: PHP does not automatically create these folder structures. Please use the mod_files.sh script in the ext/session directory to create it.
; Note 3: If the folder can be accessed by insecure users (such as the default "/tmp"), it will cause security vulnerabilities.
; Note 4: Automatic garbage collection will fail when N>0. For details, see the section on garbage collection below.
session.name = "PHPSESSID"
;The session ID identification name used in cookies can only contain letters and numbers.
session.auto_start = Off
; Automatically initialize the session when the customer accesses any page, disabled by default.
; Because class definitions must be loaded before the session is started, you cannot store objects in the session if this option is turned on.
session.serialize_handler = "php"
; Processor used to serialize/deserialize data. PHP is a standard serialization/deserialization processor.
; Alternatively, "php_binary" can be used. When WDDX support is enabled, only "wddx" will be used.
session.gc_probability = 1
session.gc_divisor = 100
; Defines the probability of starting the garbage collection process every time a session is initialized.
; The calculation formula for this collection probability is as follows: session.gc_probability/session.gc_divisor
; The more frequently the session page is accessed, the smaller the probability should be. The recommended value is 1/1000~5000.
session.gc_maxlifetime = 1440
; After the number of seconds indicated by this parameter, the saved data will be considered 'garbage' and cleaned by the garbage collector.
; The judgment criterion is the time when the data was last accessed (for the FAT file system, it is the time when the data was last refreshed).
; If multiple scripts share the same session.save_path directory but have different session.gc_maxlifetimes,
; Then the minimum value among all session.gc_maxlifetime directives will prevail.
; If multiple levels of subdirectories are used to store data files, garbage collection will not start automatically.
; You must use a shell script, cron entry, or other method written by yourself to perform garbage collection.
; For example, the following script is equivalent to setting "session.gc_maxlifetime=1440" (24 minutes):
; cd /path/to/sessions; find -cmin +24 | xargs rm
session.referer_check =
; If the "Referer" field in the request header does not contain the string specified here the session ID will be considered invalid.
; NOTE: If the "Referer" field is not present at all in the request header, the session ID will still be considered valid.
; The default is empty, that is, no checking is performed (all are considered valid).
session.entropy_file = ;"/dev/urandom"
; Additional external high-entropy resource (file) used to create the session ID,
; For example, "/dev/random" or "/dev/urandom" on UNIX systems
session.entropy_length = 0
; Number of bytes to read from high-entropy resources (recommended value: 16).
session.use_cookies = On
; Whether to use cookies to save the session ID on the client
session.use_only_cookies = Off
; Whether to just use cookies to save the session ID on the client
; Turn this option on to avoid security issues caused by using URLs to pass sessions.
; But a client with cookies disabled will make the session not work.
session.cookie_lifetime = 0
; Pass the session ID cookie validity period (seconds), 0 means it is only valid while the browser is open.
session.cookie_path = "/"
; Pass the cookie path of the session ID.
session.cookie_domain =
; Pass the cookie scope of the session ID.
; The default is empty to indicate the host name generated according to the cookie specification.
session.cookie_secure = Off
; Whether to only send cookies over secure connections (https).
session.cookie_httponly = Off
; Whether to add the httpOnly flag in the cookie (only allows HTTP protocol access),
; This will cause client-side scripts (javascript, etc.) to be unable to access the cookie.
; Turning on this directive can effectively prevent session ID hijacking through XSS attacks.
session.cache_limiter = "nocache"
; Set to {nocache|private|public} to specify the cache control mode of session pages,
; Or set to empty to prevent caching-disabled commands from being sent in http response headers.
session.cache_expire = 180
; Specify the validity period of the session page in the client cache (minutes)
; When session.cache_limiter=nocache, the setting here is invalid.
session.use_trans_sid = Off
; Whether to use clear code to display the SID (session ID) in the URL.
; Disabled by default because it poses a security risk to your users:
; 1- Users may tell others the URL containing a valid sid through email/irc/QQ/MSN....
; 2- URLs containing valid sid's may be saved on public computers.
; 3- Users may save URLs with fixed sids in their favorites or browsing history.
; URL-based session management always carries more risks than cookie-based session management and should be disabled.
session.bug_compat_42 = On
session.bug_compat_warn = On
; Versions before PHP4.2 have an unspecified "BUG":
; Allow global session variables to be initialized even when register_globals=Off,
; If you use this feature in PHP 4.3 or later, a warning will be displayed.
; It is recommended to close this "BUG" and display a warning.
session.hash_function = 0
; Hash algorithm for generating SID. SHA-1 is more secure
; 0: MD5 (128 bits)
; 1: SHA-1 (160 bits)
; It is recommended to use SHA-1.
session.hash_bits_per_character = 4
; Specify how many bits to save in each character in the SID string,
; These binary numbers are the results of the hash function.
; 4: 0-9, a-f
; 5: 0-9, a-v
; 6: 0-9, a-z, A-Z, "-", ","
; Recommended value is 5
url_rewriter.tags = "a=href,area=href,frame=src,form=,fieldset="
; This directive belongs to the core part of PHP and does not belong to the Session module.
; Specify which HTML tags to rewrite to include SID (only valid when session.use_trans_sid=On)
; form and fieldset are special:
; If you include them, the URL rewriter will add a hidden "" which contains additional information that should be appended to the URL.
; If you want to comply with XHTML standards, please remove the form item and add
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
