PHP configuration file Chinese Version

Source: Internet
Author: User
Tags http file upload server error log syslog qmail
; About php. ini ;;
The file must be named 'php. ini 'and placed in the directory specified by the PHPINIDir command in httpd. conf.
The latest php. ini version can be viewed in the following two locations:
; Http:// View = co
; Http:// View = co

; Syntax ;;
; The syntax of this file is very simple. Blank characters and rows starting with semicolons are ignored.
Chapter titles (for example, [php]) are also ignored, even if they may make some sense in the future.
Set the command format as follows:
; Directive = value
; Directive name (direve VE) is case sensitive! Therefore, "foo = bar" is different from "FOO = bar ".
; Value can be:
; 1. A string defined by quotation marks (for example, "foo ")
; 2. A number (integer or floating point number, such as: 0, 1, 34,-1, 33.55)
3. a PHP constant (for example, E_ALL, M_PI)
4. An INI constant (On, Off, none)
; 5. An expression (for example, E_ALL &~ E_NOTICE)
The expression in the INI file only uses the bitwise operator, non-logical, and parentheses:
; | Bit or
; & Bit and
;~ Bitwise
;! Non-logical
; Boolean indicates opening with On and Off WITH Off.
An empty string can be used after the equal sign without any representation, or with the none Keyword:
; Foo =; Set foo as an empty string
; Foo = none; Set foo as an empty string
; Foo = "none"; Set foo as the string 'none'
If you use constants in the command value dynamic extension (PHP extension or Zend extension,
You can only use these constants after loading these dynamically scalable command lines.

; Httpd. conf ;;
You can overwrite the php. ini value for a specific virtual host or directory in httpd. conf for more flexible configuration:
; Php_admin_value name value; specifies a non-bool instruction. If the value is set to none, the previous setting is cleared.
; Php_admin_flag name on | off; only used to set bool commands
; [Prompt] because many commands do not allow setting with php_value/php_flag, we do not recommend using these two commands.
PHP constants (such as E_ALL) can only be used in php. ini. The corresponding mask value must be used in httpd. conf.

; [Updated on December 3,]
; ========================================================== ========================================================== ============
;; ================================================================ Detailed explanation of configuration instructions ==========================================================
; ========================================================== ========================================================== ============
; The setting value for each of the following commands is the same as the default value built into the PHP-5.2.5.
That is, if 'php. ini 'does not exist, or you have deleted some rows, the default value is the same.

; Apache ;;
; Is valid only when PHP is used as the Apache module.

Child_terminate = Off
; PHP scripts allow the use of the apache_child_terminate () function to stop child processes after the request ends.
This command is only available when PHP is installed as Apache1.3 on UNIX platforms. It does not exist in other cases.

Engine = On
Whether to enable the PHP parsing engine.
Tip: You can enable or disable the PHP parsing engine in httpd. conf Based on directories or virtual hosts.

Last_modified = Off
Whether to place the Last modification time of the PHP script in the Last-Modified response header.

Xbithack = Off
Whether or not the end of the file is parsed as a PHP executable bit group.

; PHP core ;;

The first four configuration options are currently only used for date_sunrise () and date_sunset () functions.

Date. default_latitude = 31.7667
; Default latitude

Date. default_longpolling = 35.2333
; Default longitude

Date. Sun rise_zenith = 90.583333
By default

Date. sunset_zenith = 90.583333
By default, the sunset is at the top of the day.

Date. timezone =
; The default time zone used for all date and time functions when TZ environment variables are not set.
; "PRC" should be used in Mainland China"
The priority of the application time zone is:
; 1. Use the time zone set by the date_default_timezone_set () function (if set)
; 2. TZ environment variable (if not empty)
; 3. The value of this command (if set)
4. PHP speculation (if supported by the operating system)
; 5. If none of the above is successful, use "UTC"


Assert. active = On
; Whether to enable assert () assert Evaluation

Assert. bail = Off
; Whether to abort script execution in the event of a failure assertion

Assert. callback =
; The callback function executed when an assertion fails.

Assert. quiet_eval = Off
; Whether to use quiet evaluation (no error message is displayed, which is equivalent to error_reporting = 0 ).
If it is disabled, the current error_reporting command value is used to evaluate the asserted expression.

Assert. warning = On
; Whether to give a warning to each failure assertion

The security mode is set up to solve the security problem of the Shared Server.
But it is unreasonable in structure to try to solve this problem at the PHP layer,
The correct method should be to modify the web server layer and operating system layer.
Therefore, in PHP6, the security mode is removed and open_basedir-based security protection is used.
; All commands have been deleted in PHP6.

Safe_mode = Off
Whether to enable the security mode.
When the script is enabled, PHP checks whether the owner of the current script is the same as the owner of the operated file,
If they are the same, the operation is allowed. Otherwise, the operation is denied.

Safe_mode_gid = Off
In safe mode, the UID comparison check is performed by default during file access.
But in some cases, strict UID check is not suitable, and the loose GID check is enough.
If you want to extend it to GID-only comparison, you can open this parameter.

Safe_mode_allowed_env_vars = "PHP _"
In security mode, you can only change the prefix list of environment variables (separated by commas ).
; Allows you to set certain environment variables, which may lead to potential security vulnerabilities.
Note: If this parameter is null, PHP allows you to change any environment variable!

Safe_mode_protected_env_vars = "LD_LIBRARY_PATH"
In security mode, you cannot change the list of environment variables (separated by commas ).
These variables are protected even when the safe_mode_allowed_env_vars command is set to allow.

Safe_mode_exec_dir = "/usr/local/php/bin"
In security mode, only executable programs in this directory can be executed by functions of the execution system program.
These functions are: system, escapeshellarg, escapeshellcmd, exec, passthru,
; Proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec

Safe_mode_include_dir =
In security mode, the UID/GID check will be skipped when the group directory and files in its subdirectories are included.
In other words, if the value here is null, any file with a UID/GID that does not match is not allowed to be included.
The directory set here must already exist in the include_path command or be included in the full path.
Multiple directories are separated by colons (semicolons in Win.
; The specified restriction is actually a prefix instead of a directory name,
That is, "/dir/incl" will allow access to "/dir/include" and "/dir/incls"
If you want to control access to a specified directory, add a slash at the end.


Allow_url_fopen = On
; Whether to allow remote file opening

Allow_url_include = Off
; Whether to allow include/require remote files.

Disable_classes =
This command accepts a list of class names separated by commas to disable specific classes.

Disable_functions =
This command accepts a list of function names separated by commas (,) to disable specific functions.

Enable_dl = On
Whether to use the dl () function. The dl () function is only valid when PHP is installed as an apache module.
The dl () function is disabled mainly for security reasons because it can bypass the restrictions of the open_basedir command.
; Always disable the dl () function in safe mode, regardless of how it is set here.
The command is deleted in PHP6, which is set to Off.

Expose_php = On
Whether to expose the fact that PHP is installed on the server (add the signature in the http header ).
It does not directly threaten security, but it makes the client know that PHP is installed on the server.

Open_basedir =
Restrict all files allowed by PHP (including files themselves) to the list of directories in this group.
When a script tries to open a file outside the specified directory tree, it will be rejected.
All symbolic connections are parsed, so it is impossible to avoid this restriction through symbolic connections.
The special value '.' specifies the directory where the script is stored as the reference directory,
But this is dangerous because the working directory of the script can be easily changed by chdir.
For shared servers, it is very useful to flexibly set this command for different virtual hosts or directories in httpd. conf.
In Windows, use semicolons to separate directories, and use colons to separate directories in UNIX.
As the Apache module, the open_basedir path in the parent directory is automatically inherited.
; The specified restriction is actually a prefix instead of a directory name,
That is to say, "/dir/incl" will allow access to "/dir/include" and "/dir/incls ",
If you want to control access to a specified directory, add a slash at the end.
By default, all files are allowed to be opened.

SQL. safe_mode = Off
Whether to use SQL security mode.
If enabled, database connection functions with default values will use these default values to replace the supported parameters.
For the connection functions of different databases, see the corresponding manual page for the default values. [PHP-Core-Error]

Error_reporting = E_ALL &~ E_NOTICE
The error report level is the superposition of bit fields. We recommend that you use E_ALL | E_STRICT
; 1 E_ERROR fatal runtime error
; 2 E_WARNING runtime warning (non-fatal error)
4. parsing error during E_PARSE Compilation
; 8 E_NOTICE runtime reminder (often a bug or intentionally)
; 16 E_CORE_ERROR fatal error during PHP startup
32 _ core_warning warning during initialization (non-fatal error) during PHP startup)
; 64 E_COMPILE_ERROR fatal error during compilation
; 128 E_COMPILE_WARNING warning during compilation (non-fatal error)
256 User-Defined fatal error
; 512 user_warning User-Defined warning (non-fatal error)
1024 E_USER_NOTICE User-Defined notifications (often bugs, or intentionally)
; 2048 E_STRICT code standardization warning (how to modify to forward compatibility)
; 4096 E_RECOVERABLE_ERROR is close to a fatal runtime error. If it is not captured, it is treated as E_ERROR.
; 6143 all except E_STRICT errors (8191 in PHP6, that is, all errors)
Or you can use 2147483647 (all binary bits are 1) to open the current or future errors.

Track_errors = Off
; Whether to save the most recent error or warning message in the variable $ php_errormsg.

Display_errors = On
Whether to display the error information as part of the output.
On the final web site, we strongly recommend that you disable this feature and use error logs instead (see below ).
Opening this feature on the final web site may expose some security information,
For example, the file path, database plan, or other information on your web service.

Display_startup_errors = Off
; Whether to display PHP startup errors.
Even if the display_errors command is enabled, disabling this parameter does not display errors during PHP startup.
We recommend that you disable this feature unless you must use it for debugging.

Report_memleaks = On
Whether to report Memory leakage. This parameter only works in PHP compiled by debugging,
And the error_reporting command must contain E_WARNING

Report_zend_debug = On
; No instructions

Html_errors = On
Whether to use HTML in the error message.
Note: Do not use this feature on the released site!

Docref_root =; "http: // localhost/phpmanual /"
Docref_ext =; ". html"
If the html_errors command is enabled, PHP will display the hyperconnection in the error message,
Directly link to a page that describes this error or the function that causes this error.
You can download the PHP manual from,
And direct the docref_root command to the URL directory of your local manual.
You must also set the docref_ext command to specify the file extension (which must contain '.').
Note: Do not use this feature on published sites.

Error_prepend_string =; "<font color = # f00>"
The string that is output before the error message.
Error_append_string =; "</font>"
The string output after the error message.

Xmlrpc_errors = Off
Xmlrpc_error_number = 0
; No documentation


Define_syslog_variables = Off
Whether to define various System Log variables, such as $ LOG_PID and $ LOG_CRON.
It is a good idea to turn it off to improve efficiency.
You can call the define_syslog_variables () function at runtime to define these variables.

Error_log =
The file to which the error log is recorded. This file must be writable to Web Server users.
Syslog indicates that the logs are recorded in system logs (Event Logs under NT, syslog logs under Unix (3 ))
If no value is set here, the error will be recorded in the Web server error log.

Log_errors = Off
; Whether an error is recorded in the log file. the specific location of the error is determined by the error_log command.
It is strongly recommended that you use logging errors instead of directly outputting them when the final web site is released,
In this way, you can know that there is a problem and no sensitive information is exposed.

Log_errors_max_len = 1024
Set the maximum length of the error source associated with the error message appended to the error log.
The value set here is valid for both the displayed and recorded errors and $ php_errormsg.
The value 0 allows an infinite length.

Ignore_repeated_errors = Off
; Whether to ignore duplicate error messages when logging errors.
; The error message must appear in the same row of the same file.

Ignore_repeated_source = Off
; Whether to ignore duplicate error sources when ignoring duplicate error messages.

To make the mail function available, PHP must be able to access the sendmail program during compilation.
If you use other email programs, such as qmail or postfix, make sure that the corresponding sendmail packaging is used.
PHP first searches for sendmail in the system's PATH environment variable, and then searches in the following order:
It is strongly recommended that sendmail be found in PATH.
In addition, PHP compilation users must be able to access the sendmail program.

SMTP = "localhost"
The host name or IP address of the SMTP server used to send emails in the mail () function. Only for win32.

Smtp_port = 25
The Port Number of the SMTP server. Only for win32.

Sendmail_from =
; The email address in the "From:" header used to send an email. For win32 only
; This option also sets the "Return-Path:" header.

Sendmail_path = "-t-I"
; It is only used for unix and supports parameters ('sendmail-t-I 'by default ')
; Sendmail program path, usually "/usr/sbin/sendmail or/usr/lib/sendmail ".
The configure script will try to find the program and set it to the default value, but if it fails, it can be set here.
; The system that does not use sendmail should set this command as a sendmail alternative (if any ).
For example, a Qmail user can be set to "/var/qmail/bin/sendmail" or "/var/qmail/bin/qmail-inject ".
; Qmail-inject can process emails correctly without any options.

Mail. force_extra_parameters =
; As an additional parameter passed to the sendmail library, the value of the mandatory parameter is added.
These parameters always replace the 5th parameters of mail (), even in safe mode.


Default_socket_timeout = 60
; Default socket timeout (seconds)

Max_execution_time = 30
; The maximum execution time (in seconds) for each script. 0 indicates no limit.
This parameter helps prevent bad scripts from occupying server resources endlessly.
; This command only affects the running time of the script itself, any other time spent outside the running time of the script,
Such as the use of the system ()/sleep () function, database query, and file upload, are not included.
In security mode, you cannot use ini_set () to change this setting at runtime.

Memory_limit = 128 M
The maximum number of memory bytes that a script can apply for (K and M can be used as units ).
This helps prevent poor scripts from consuming all the memory on the server.
To use this command, you must use the "-- enable-memory-limit" configuration option during compilation.
To cancel the memory limit, you must set it to-1.
; After this command is set, the memory_get_usage () function becomes available.

Max_input_time =-1
; The maximum allowed time (in seconds) for each script to parse input data (POST, GET, upload ).
;-1 indicates no restriction.

Max_input_nesting_level = 64
; Maximum nested depth of input variables (no more explanatory documents available)

Post_max_size = 8 M
; The maximum length of bytes allowed for POST data. This setting also affects file upload.
; If the POST data exceeds the limit, $ _ POST and $ _ FILES will be empty.
To upload a large file, the value must be greater than the value of the upload_max_filesize command.
If the memory limit is enabled, the value should be smaller than the value of the memory_limit command.

Realpath_cache_size = 16 K
Specifies the buffer size of the realpath (normalized absolute path name) used by PHP.
; This value should be increased in the PHP system that opens a large number of files to improve performance.

Realpath_cache_ttl = 120
; The validity period (in seconds) of the information in the realpath buffer ).
For systems with few file changes, you can increase this value to improve performance.


File_uploads = On
; Whether to allow HTTP File Upload.
For more information, see the upload_max_filesize, upload_tmp_dir, post_max_size command.

Upload_max_filesize = 2 M
; Maximum size of the file to be uploaded.

Upload_tmp_dir =
Temporary directory for storing files during File Upload (which must be writable by PHP process users ).
If not specified, PHP uses the default temporary directory.

PHP6 deletes the following commands, which is equivalent to all of which are Off.

Magic_quotes_gpc = Off
Whether to use automatic string escape ('"\ NULL) for the input GET/POST/Cookie data ).
The setting will automatically affect the value of the $ _ GEST $ _ POST $ _ COOKIE array.
If you open this command and the magic_quotes_sybase command at the same time, only single quotes (') are escaped (''),
Other special characters are not escaped, that is, ("\ NULL) will remain unchanged !!
We recommend that you disable this feature and use a custom filter function.

Magic_quotes_runtime = Off
Whether to use automatic string escape ('"\ NULL) for data generated from external resources during runtime ).
If this command is enabled, most functions return data from external resources (databases, text files, etc.) and are escaped.
For example, the data obtained by SQL query, the data obtained by using the exec () function, and so on.
If you open this command and the magic_quotes_sybase command at the same time, only single quotes (') are escaped (''),
Other special characters are not escaped, that is, ("\ NULL) will remain unchanged !!
We recommend that you disable this feature and use a custom filter function as needed.

Magic_quotes_sybase = Off
; Whether to use automatic string escape in Sybase format (''indicates ')


Highlight. bg = "# FFFFFF"
Highlight. comment = "# FF8000"
Highlight. default = "# niubb"
Highlight.html = "#000000"
Highlight. keyword = "#007700"
Highlight. string = "# DD0000"
Syntax highlight mode (usually used to display. phps files ).
As long as it can be accepted by <font color = xxx>, it can work normally. Address:

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.