; It is strongly recommended that sendmail can be found in PATH.
; Additionally, the user compiling PHP must have access to the sendmail program.
SMTP = "localhost"
; The host name or IP address of the SMTP server used to send emails in the mail() function. Only for win32.
smtp_port = 25
; The port number of the SMTP server. Only for win32.
sendmail_from =
; The email address in the "From:" header used when sending emails. Only for win32
; This option also sets the "Return-Path:" header.
sendmail_path = "-t -i"
;SYS
; Only for unix, it can also support parameters (the default is 'sendmail -t -i')
; The path of the sendmail program, usually "/usr/sbin/sendmail or /usr/lib/sendmail".
; The configure script will try to find the program and set it as the default, but if it fails, you can set it here.
; Systems that do not use sendmail should set this command as a sendmail alternative (if available).
; For example, Qmail users can usually set it to "/var/qmail/bin/sendmail" or "/var/qmail/bin/qmail-inject".
; qmail-inject handles mail correctly without any options.
mail.force_extra_parameters =
; Mandatory additional parameter values passed to the sendmail library as additional parameters.
; These parameters will always replace the 5th parameter of mail(), even in safe mode.
[PHP-Core-ResourceLimit]
default_socket_timeout = 60
; Default socket timeout (seconds)
max_execution_time = 30
; Maximum allowed execution time of each script (seconds), 0 means no limit.
; This parameter helps prevent inferior scripts from endlessly occupying server resources.
; This command only affects the running time of the script itself. Any other time spent outside the running of the script,
; such as the use of system()/sleep() functions, database queries, file uploads, etc., is not included. Inside.
; In safe mode, you cannot use ini_set() to change this setting at runtime.
memory_limit = 128M
; The maximum number of memory bytes that a script can apply for (K and M can be used as units).
; This helps prevent bad scripts from consuming all the memory on the server.
; To be able to use this directive, you must use the "--enable-memory-limit" configuration option when compiling.
; If you want to remove the memory limit, you must set it to -1 .
; After setting this directive, the memory_get_usage() function will become available.
max_input_time = -1
; The maximum allowed time (seconds) for each script to parse input data (POST, GET, upload).
; -1 means no limit.
max_input_nesting_level = 64
; The maximum nesting depth of input variables (no more explanation documents yet)
post_max_size = 8M
; The maximum byte length of POST data allowed. This setting also affects file uploads.
; If the POST data exceeds the limit, $_POST and $_FILES will be empty.
; To upload large files, this value must be greater than the value of the upload_max_filesize directive.
; If memory limit is enabled, then this value should be smaller than the value of the memory_limit directive.
realpath_cache_size = 16K
;SYS
; Specifies the realpath (normalized absolute path name) buffer size used by PHP.
; This value should be increased to improve performance on systems where PHP opens a large number of files.
realpath_cache_ttl = 120
;SYS
; The validity period (seconds) of the information in the realpath buffer.
; For systems where files rarely change, this value can be increased to improve performance.
[PHP-Core-FileUpLoad]
file_uploads = On
;SYS
; Whether to allow HTTP file uploads.
; See upload_max_filesize, upload_tmp_dir, post_max_size instructions
upload_max_filesize = 2M
; The maximum size of files allowed to be uploaded.
upload_tmp_dir =
;SYS
; The temporary directory where files are stored when uploading files (must be a directory writable by the PHP process user).
; If not specified, PHP uses the system default temporary directory.
[PHP-Core-MagicQuotes]
; PHP6 has deleted the following instructions, which is equivalent to all Off
magic_quotes_gpc = On
; Whether to use automatic string escaping for input GET/POST/Cookie data ( ' " NULL ).
; The settings here will automatically affect the value of the $_GEST $_POST $_COOKIE array.
; If this command is turned on at the same time as the magic_quotes_sybase command, only the single quote (') will be escaped as ( ''),
; and other special characters will not be escaped, i.e. ( " NULL ) will remain intact! !
; It is recommended to turn off this feature and use a custom filter function.
magic_quotes_runtime = Off
; Whether to use automatic string escaping ( ' " NULL ) for data generated from external resources at runtime.
; If this command is turned on, most functions will use automatic string escaping ( ' " NULL ) for data generated from external resources (database, database, etc.) Text files, etc.) will be escaped.
; For example: data obtained by SQL query, data obtained by exec() function, etc.
; If this command is opened at the same time as the magic_quotes_sybase command, only Escape the single quote (') to (''),
; other special characters will not be escaped, that is, ( " NULL ) will remain intact! !
; It is recommended to turn off this feature and use a custom filter function depending on the situation.
magic_quotes_sybase = Off
; Whether to use automatic string escaping in the form of Sybase (indicated by '')
[PHP-Core-HighLight]
highlight.bg = "# FFFFFF"
highlight.comment = "#FF8000"
highlight.default = "#0000BB"
highlight.html = "#000000"
highlight.keyword = "#007700"
highlight.string = "# DD0000"
; The color of syntax highlighting mode (usually used to display .phps files).
; As long as it is accepted by , it will work fine.
[PHP-Core-Langue]
short_open_tag = On
; Whether to allow the use of " ?>" short tag. Otherwise the "" long identifier must be used.
; Please do not use short tags unless your php program is only running in a controlled environment and for your own use only.
; If you want to use PHP with XML, you can choose to turn off this option to embed "" directly,
; Otherwise you must use PHP to output: echo '
; This directive will also affect the abbreviation " =", which is equivalent to " echo". To use it, the short tag must also be turned on. =",它和" echo"等价,要使用它也必须打开短标记。
asp_tags = Off
; Whether to allow the ASP style tag "", this will also affect the abbreviation "
; This directive will be deleted in PHP6
arg_separator.output = "&"
; The separator used to separate parameters in the URL generated by PHP.
; You can also use "&" or "," etc.
arg_separator.input = "&"
; A list of separators used by PHP when parsing variables in URLs.
; Each character in the string will be treated as a delimiter.
; You can also use ",&" and so on.
allow_call_time_pass_reference = On
; Whether to force parameters to be passed by reference when calling functions (you will receive a warning every time you use this feature).
; PHP opposes this approach and has deleted this directive (equivalent to setting it to Off) in PHP6 because it affects the cleanliness of the code.
; It is encouraged to explicitly specify in the function declaration which parameters are passed by reference.
; We encourage you to turn this option off to ensure that your scripts will still work properly in future versions of the language.
auto_globals_jit = On
; Whether to create it only when the $_SERVER and $_ENV variables are used (instead of automatically creating it when the script is started).
; If these two arrays are not used in the script, turning on this directive will improve performance.
; For this directive to take effect, the register_globals and register_long_arrays directives must be turned off.
auto_prepend_file =
auto_append_file =
; Specifies the file name to be automatically parsed before/after the main file. Leave empty to disable the feature.
; The file is included as if the include() function was called, so the value of the include_path directive is used.
; NOTE: If the script is terminated via exit(), the automatic suffix will not occur.
variables_order = "EGPCS"
; PHP registers the order of Environment, GET, POST, Cookie, Server variables.
; Represented by E, G, P, C, S respectively, registered from left to right, the new value overwrites the old value.
; For example, setting it to "GP" will cause the POST variable to overwrite the GET variable of the same name,
; and completely ignore the Environment, Cookie, Server variables.
; It is recommended to use "GPC" or "GPCS" and use the getenv() function to access environment variables.
register_globals = Off
; Whether to register E, G, P, C, S variables as global variables.
; Turning this directive on may cause serious security issues unless your scripts are checked very carefully.
; It is recommended to use predefined super global variables: $_ENV, $_GET, $_POST, $_COOKIE, $_SERVER
; This directive is affected by the variables_order directive.
; This directive has been removed in PHP6.
register_argc_argv = On
; Whether to declare $argv and $argc global variables (including information using the GET method).
; It is recommended not to use these two variables and turn off this instruction to improve performance.
register_long_arrays = On
; Whether to enable old-style long arrays (HTTP_*_VARS).
; Encourage the use of short-form predefined superglobal arrays and turn this feature off for better performance.
; This directive has been removed in PHP6.
always_populate_raw_post_data = Off
; Whether to always generate $HTTP_RAW_POST_DATA variable (raw POST data).
; Otherwise, this variable is only generated when data of an unrecognized MIME type is encountered.
; However, a better way to access the raw POST data is php://input .
; $HTTP_RAW_POST_DATA is not available for form data with enctype="multipart/form-data".
unserialize_callback_func =
; If the deserialization processor needs to instantiate an undefined class,
; The callback function specified here will be called by unserialize() with the name of the undefined class as a parameter,
; To avoid getting incomplete "__PHP_Incomplete_Class" objects.
; If no function is specified here, or the specified function does not contain (or implement) the undefined class, a warning message will be displayed.
; So only set this directive if you really need to implement such a callback function.
; To disable this feature, just leave it blank.
y2k_compliance = On
; Whether to force Y2K compliance to turn on (may cause problems in non-Y2K compliant browsers).
zend.ze1_compatibility_mode = Off
; Whether to use the mode compatible with Zend Engine I (PHP 4.x). This directive will be deleted in PHP6 (equivalent to Off).
; This will affect object copying, construction (objects without attributes will produce FALSE or 0), and comparison.
; In compatibility mode, objects will be passed by value instead of the default pass by reference.
precision = 14
; The number of significant digits displayed in floating point data.
serialize_precision = 100
; The precision (significant digits) when serializing and storing floating-point and double-precision data.
; The default value ensures that floating point data is decoded by the deserializer without losing data.
[PHP-Core-OutputControl]
; The output control function is useful, especially when sending HTTP headers after the information has been output.
; The output control function will not act on the HTTP headers sent by functions such as header() or setcookie(),
; but will only affect the information output by the echo() function and the information embedded between the PHP code.
implicit_flush = Off
; Whether to require the PHP output layer to automatically refresh data after each output block.
; This is equivalent to automatically calling the flush() function after each print(), echo(), and HTML block.
; Turning this option on has a serious impact on the performance of program execution and is usually only recommended for debugging.
; In the execution mode of CLI SAPI, this command is On by default.
output_buffering = 0
; Output buffer size (bytes). The recommended value is 4096~8192.
; Output buffering allows you to send HTTP headers (including cookies) even after outputting the body content.
; The price is that the output layer slows down a little.
; Setting up output buffering can reduce writing and sometimes sending network packets.
; The actual benefit of this parameter depends greatly on what web server you are using and what kind of script.
output_handler =
; Redirects the output of all scripts to an output handler function.
; For example, when redirecting to the mb_output_handler() function, the character encoding will be transparently converted to the specified encoding.
; Once you specify an output handler here, output buffering will be automatically turned on (output_buffering=4096).
; Note 0: Only PHP built-in functions can be used here, custom functions should be specified using ob_start() in the script.
; Note 1: Portable scripts must not rely on this directive, but should use the ob_start() function to explicitly specify the output processing function.
; Using this command may cause errors in scripts you are not familiar with.
; Note 2: You cannot use the two output processing functions "mb_output_handler" and "ob_iconv_handler" at the same time.
; You cannot use the "ob_gzhandler" output processing function and the zlib.output_compression directive at the same time.
; Note 3: If you use the zlib.output_handler directive to enable zlib output compression, this directive must be empty. The "root directory" of PHP. Only valid when non-empty.
; If safe_mode=On, all files outside this directory will be rejected.
; If PHP is compiled without specifying FORCE_REDIRECT and is run as CGI on a non-IIS server,
; this directive must be set (see the Security section in the manual).
; The alternative is to use the cgi.force_redirect directive.
include_path = ".:/path/to/php/pear"
; Specify a set of directories for the require(), include(), and fopen_with_path() functions to find files.
; The format is similar to the system's PATH environment variable (separated by colons under UNIX and semicolons under Windows):
; UNIX: "/path1:/path2"
; Windows: "path1;path2"
; Use '.' in the include path to allow relative paths, which represent the current directory.
user_dir =
;SYS
; tells PHP which directory to look for when opening the script using /~username. It is only valid when it is not empty.
; That is, use the basic directory name of PHP files under the user directory, for example: "public_html"
extension_dir = "/path/to/php"
;SYS
; to store extension libraries (modules) directory, which is the directory used by PHP to find dynamic extension modules.
; The default under Windows is "C:/php5"
[PHP-Core-HTTP]
default_mimetype = "text/html"
default_charset = ;"gb2312"
; PHP default The "Content-Type: text/html" HTTP header will be automatically output.
; If the default_charset directive is set to "gb2312",
; then "Content-Type: text/html; charset=gb2312" will be automatically output.
; PHP6 opposes the use of the default_charset directive and recommends the use of the unicode.output_encoding directive.
[PHP-Core-Unicode]
; PHP6 provides comprehensive Unicode support based on the ICU (International Components for Unicode) library.
; You need to use --with-icu-dir=
when compiling to specify the installation location of ICU header files and libraries.
; Except for detect_unicode, all others are new instructions in PHP6.
;
; Information on PHP6 is currently lacking, so the content in this section may be incomplete or even incorrect.
detect_unicode = On
; Indicates whether the Zend engine detects whether a script contains multi-byte characters by checking the script's BOM (Byte Order Mark).
; It is recommended to close. PHP6 has canceled this directive and replaced its function with the unicode.script_encoding directive.
unicode.semantics = Off
; Whether to enable Unicode support.
; If this directive is turned on, PHP will become a complete Unicode environment, such as:
; All strings and variables accepted from HTTP will become Unicode, and all PHP identifiers can also use Unicode characters.
; Moreover, PHP will use Unicode strings internally and be responsible for automatic conversion of peripheral non-Unicode characters,
; For example: HTTP input and output, streams, file system operations, etc., even php.ini itself will be in accordance with UTF -8 encoding to parse.
; After enabling this command, you must explicitly specify the binary string. PHP will not make any assumptions about the contents of binary strings,
; therefore your program must ensure that it can handle binary strings appropriately.
; If you turn this directive off, PHP will behave exactly as it did before:
; Strings will not become Unicode, file and binary strings will be backwards compatible, and php.ini will follow "as- is" style analysis.
; Regardless of whether this directive is turned on or not, all functions and operators transparently support Unicode strings.
unicode.fallback_encoding = UTF-8
; Sets the default value for all other unicode.*_encoding directives.
; That is to say, if a unicode.*_encoding directive is not explicitly set, the value set here will be used.
unicode.runtime_encoding =
; The runtime encoding specifies the encoding used when converting binary strings internally within the PHP engine.
; The settings here have no effect on I/O related operations (such as writing to standard output/reading the file system/decoding HTTP input variables).
; PHP also allows you to convert strings explicitly:
; (binary)$str -- to a binary string
; (unicode)$str -- to a Unicode string
; (string )$str -- Convert to Unicode string if unicode.semantics is On, otherwise convert to binary string
; For example, if the value of this directive is iso-8859-1 and $uni is a Unicode string, then
; $str = (binary)$uni
; will wait for a binary string encoded using iso-8859-1.
; PHP will implicitly convert the relevant strings to Unicode before operations such as connection, comparison, and parameter passing, and then perform operations.
; For example, when connecting a binary string with Unicode,
; PHP will use the settings here to convert the binary string into a Unicode string before performing the operation.
unicode.output_encoding =
; The encoding used by PHP to output non-binary strings.
; Automatically convert output content such as 'print' and 'echo' to the encoding set here (binary strings are not converted).
; When writing data to an external resource such as a file,
; you must rely on the stream encoding feature or manually encode the data using Unicode extended functions.
; The use of the previous default_charset directive is deprecated in PHP6, and this directive is recommended.
; The previous default_charset directive only specified the character set in the Content-Type header and did not perform any conversion on the actual output.
; In PHP6, the default_charset directive is only effective when unicode.semantics is off.
; After setting this directive, the value of this directive will be filled in the 'charset' part of the Content-Type output header,
; regardless of how the default_charset directive is set.
unicode.http_input_encoding =
; The encoding of the content of variables (such as $_GET and _$POST) obtained through HTTP.
; This feature was still under development until April 2007....
unicode.filesystem_encoding =
; The encoding of the directory name and file name of the file system.
; File system related functions (such as opendir()) will use this encoding to accept and return file names and directory names.
; The setting here must be exactly the same as the encoding actually used by the file system.
unicode.script_encoding =
; The default encoding of the PHP script itself.
; You can use any encoding supported by ICU to write PHP scripts.
; If you want to set the encoding for a separate script file, you can use
;
; at the beginning of the script to specify it. Note: It must start with the first line and should not contain any characters (including spaces).
; This method can only affect the script in which it is located, and will not affect any other included scripts.
unicode.stream_encoding = UTF-8
unicode.from_error_mode = 2
unicode.from_error_subst_char = 3f
; No documentation yet
[PHP-Core-Misc]
auto_detect_line_endings = Off
; Whether to let PHP automatically detect end-of-line characters (EOL).
; If your script must process Macintosh files,
; Or if you are running on a Macintosh and also need to process unix or win32 files,
; Turning this command on will allow PHP to automatically detect EOL so that fgets() and The file() function works fine.
; But it will also cause incompatible behavior for people who use the carriage return (CR) as the project separator under Unix systems.
; Additionally, there is a small performance penalty when detecting EOL habits on the first row.
; tokenizer ; zlib ; SimpleXML ; dom ; SPL ; wddx ; xml ; xmlreader ; xmlwriter Valid
cgi.discard_path = Off
; No documentation yet (new directive for PHP6)
cgi.fix_pathinfo = On
;SYS
; Whether to provide real PATH_INFO/PATH_TRANSLATED support for CGI (comply with cgi specification).
; The previous behavior was to set PATH_TRANSLATED to SCRIPT_FILENAME regardless of PATH_INFO.
; Turning this option on will cause PHP to fix its paths to comply with the CGI specification, otherwise the old non-conforming behavior will still be used.
; You are encouraged to turn this directive on and fix your script to use SCRIPT_FILENAME instead of PATH_TRANSLATED .
; See the cgi specification for more information on PATH_INFO.
cgi.force_redirect = On
;SYS
; Whether to turn on cgi force redirection. It is highly recommended to turn it on to provide security for PHP running in CGI mode.
; If you turn it off yourself, please be responsible for the consequences.
; NOTE: It must be turned off on IIS/OmniHTTPD/Xitami!
cgi.redirect_status_env =
;SYS
; If cgi.force_redirect=On and PHP is running under a server other than Apache and Netscape,
; You may need to set a cgi redirection environment variable name, PHP will look for it to know if it can continue.
; Setting this variable can lead to security vulnerabilities, please be sure to understand what you are doing before setting it.
cgi.rfc2616_headers = 0
; Specifies what headers PHP uses when sending HTTP response codes.
; 0 means sending a "Status: " header, supported by Apache and other web servers.
; If set to 1, PHP uses the RFC2616 standard header.
; Unless you know what you are doing, keep its default value 0
cgi.nph = Off
; Whether to force all requests to send the "Status: 200" status code in CGI mode.
cgi.check_shebang_line =On
;SYS
; CGI PHP checks whether the line starting with #! at the top of the script.
; This start line is necessary if the script is to be run both standalone and in PHP CGI mode.
; If this directive is turned on, CGI mode PHP will skip this line.
fastcgi.impersonate = Off
;SYS
; FastCGI in IIS supports the ability to impersonate client security tokens.
; This enables IIS to define the security context of the request upon which the runtime is based.
; mod_fastcgi in Apache does not support this feature (03/17/2002)
; Set to On if running in IIS, default is Off.
fastcgi.logging = On
;SYS
; Whether to log connections made through FastCGI.
[PHP-Core-Weirdy]
; These options only exist in the documentation, but not in the output of the phpinfo() function
; The maximum number of backtracking steps for PCRE.
pcre.recursion_limit = 100000
; The maximum recursion depth of PCRE.
; If you set this value very high, it may exhaust the process's stack space and cause PHP to crash.
[Session]
; Unless a variable is registered using session_register() or $_SESSION.
; Otherwise, no session records will be automatically added regardless of whether session_start() is used or not.
; Objects that include resource variables or have circular references. Objects that contain references to themselves cannot be saved in the session.
; The register_globals directive affects the storage and restoration of session variables.
session.save_handler = "files"
; The name of the handler that stores and retrieves data associated with the session. Defaults to files ("files").
; If you want to use a custom processor (such as a database-based processor), use "user".
; There is a processor using PostgreSQL: http://sourceforge.net/projects/phpform-ext/
session.save_path = "/tmp"
; Parameters passed to the storage processor. For the files processor, this value is the path to the session data file where the session data file was created.
; The default is the temporary folder path under Windows.
; You can use the pattern "N;[MODE;]/path" to define the path (N is an integer).
; N means using N-level subdirectories instead of saving all data files in one directory.
; [MODE;] Optional, must use octal number, default 600 (=384), indicating the maximum number of session files saved in each directory.
; This is a great idea to improve performance for a large number of sessions.
; Note 0: The double quotes around "N;[MODE;]/path" cannot be omitted.
; Note 1: [MODE;] does not rewrite the umask of the process.
; Note 2: PHP does not automatically create these folder structures. Please use the mod_files.sh script in the ext/session directory to create it.
; Note 3: If the folder can be accessed by insecure users (such as the default "/tmp"), it will cause security vulnerabilities.
; Note 4: Automatic garbage collection will fail when N>0. For details, see the section on garbage collection below.
session.name = "PHPSESSID"
;The session ID identification name used in cookies can only contain letters and numbers.
session.auto_start = Off
; Automatically initialize the session when the customer visits any page, disabled by default.
; Because class definitions must be loaded before the session is started, you cannot store objects in the session if this option is turned on.
session.serialize_handler = "php"
; Processor used to serialize/deserialize data, php is a standard serialization/deserialization processor.
; Alternatively, you can use "php_binary". When WDDX support is enabled, only "wddx" can be used.
session.gc_probability = 1
session.gc_divisor = 100
; Defines the probability of starting the garbage collection program every time the session is initialized.
; The calculation formula for this collection probability is as follows: session.gc_probability/session.gc_divisor
; The more frequently the session page is accessed, the smaller the probability should be. The recommended value is 1/1000~5000.
session.gc_maxlifetime = 1440
; After the number of seconds indicated by this parameter, the saved data will be considered 'garbage' and cleaned by the garbage collection program.
; The judgment criterion is the last time the data was accessed (for the FAT file system, the last time the data was refreshed).
; If multiple scripts share the same session.save_path directory but have different session.gc_maxlifetimes,
; then the minimum value among all session.gc_maxlifetime directives will prevail.
; If you use multiple levels of subdirectories to store data files, the garbage collection process will not start automatically.
; You must use a shell script, cron entry, or other method written by yourself to perform garbage collection.
; For example, the following script is equivalent to setting "session.gc_maxlifetime=1440" (24 minutes):
; cd /path/to/sessi****; find -cmin +24 | xargs rm
session.referer_check =
; If the "Referer" field in the request header does not contain the string specified here, the session ID will be considered invalid.
; Note: If the "Referer" field does not exist at all in the request header, the session ID will still be considered valid.
; The default is empty, that is, no check is performed (all are considered valid).
session.entropy_file = ;"/dev/urandom"
; An additional external high-entropy resource (file) used to create the session ID,
; such as "/dev/random" or "/dev/random" on UNIX systems "/dev/urandom"
session.entropy_length = 0
; Number of bytes to read from high-entropy resources (recommended value: 16).
session.use_cookies = On
; Whether to use cookies to save the session ID on the client
session.use_only_cookies = Off
; Whether to only use cookies to save the session ID on the client. The default value for PHP6 is On.
; Turning this option on can avoid the security issues caused by using URL to pass the session.
; But clients with cookies disabled will make the session not work.
session.cookie_lifetime = 0
; Pass the session ID cookie validity period (seconds), 0 means it is only valid while the browser is open.
session.cookie_path = "/"
; Pass the cookie path of the session ID.
session.cookie_domain =
; Pass the cookie scope of the session ID.
; The default is empty to indicate the host name generated according to the cookie specification.
session.cookie_secure = Off
; Whether to only send cookies through secure connections (https).
session.cookie_httponly = Off
; Whether to add the httpOnly flag in the cookie (only HTTP protocol access is allowed),
; This will cause client scripts (JavaScript, etc.) to be unable to access the cookie.
; Turning this command on can effectively prevent session ID hijacking through XSS attacks.
session.cache_limiter = "nocache"
; Set to {nocache|private|public} to specify cache control mode for session pages,
; or set to empty to prevent caching disabled from being sent in the http response header Order.
session.cache_expire = 180
; Specifies the validity period (minutes) of the session page in the client cache
; When session.cache_limiter=nocache, this setting is invalid.
session.use_trans_sid = Off
; Whether to use clear code to display SID (session ID) in the URL.
; It is prohibited by default because it will bring security risks to your users:
; 1- Users may tell other people the URL containing a valid sid through email/irc/QQ/MSN....
; 2- URLs containing valid sid's may be saved on public computers.
; 3- Users may save URLs with fixed sids in their favorites or browsing history.
; URL-based session management always carries more risks than cookie-based session management and should be disabled.
session.bug_compat_42 = On
session.bug_compat_warn = On
; Versions before PHP4.2 have an unspecified "BUG":
; Allow global initialization even when register_globals=Off session variable,
; If you use this feature in PHP 4.3 or later, a warning will be displayed.
; It is recommended to close this "BUG" and display a warning. PHP6 has deleted these two instructions, which is equivalent to setting them all to Off.
session.hash_function = 0
; Hash algorithm for generating SID. SHA-1 is more secure
; 0: MD5 (128 bits)
; 1: SHA-1 (160 bits)
; It is recommended to use SHA-1.
session.hash_bits_per_character = 4
; Specifies how many bits are saved in each character in the SID string,
; These binary numbers are the results of the hash function.
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
