PHP. INI configuration file roaming 2

Source: Internet
Author: User
Tags php file upload

The first part of this article has introduced the structure of the php. ini file and explained how to modify the PHP search path, handle errors, and related options of the parser. The second part will go deep into the configuration file, including how to activate PHP extension options, set resource limits for PHP scripts, and dynamically change configuration variables through PHP scripts. Activating extension options PHP can use many different extension options. In UNIX systems, extension options need to be created at compilation. For Windows, binary DLL files are included with PHP releases. The extension_dir variable includes the directory name for PHP to view related extension options. Extension_dir = "C: Program FilesInternet ToolsApacheinphp4extensions" PHP In Windows contains 20 different extension options, all of which are listed in the php. ini file (via comments ). To activate a specific extension option, you only need to remove the semicolon at the beginning of the line and restart the server. To disable an extension option (for example, to improve system performance), you only need to add a semicolon at the beginning of the line. If the extension option is not listed in the php. ini file, you can use the extension variable and pass the corresponding DLL file name to the variable. Extension = php_domxml.dll extension = php_dbase.dll: Set the extension-specific variable extension-specific to be stored in a separate region in the configuration file. For example, all variables related to the MySQL extension function should be stored in the [MySQL] area of php. ini. If you need to use the mail () function of PHP, you need to set the following three variables. When sending email information through the PHP mail () function, use SMTP and the variable sendmail_from (Windows System) or variable sendmail_path (UNIX system ). For Windows, these variables set the SMTP server used and the "From:" address displayed in the email information. For UNIX, the sendmail_path variable sets the MTA (mail Transmission proxy, mail transfer agent) path for mail Transmission. SMTP = myserver.localnet.com sendmail_from = me@localhost.com sendmail_path =/usr/sbin/sendmail variable java. class. path, java. home, java. library and java. library. all paths are used to set the paths for finding Java classes and libraries. These values will be used by Java extensions, so if you want PHP to correctly integrate with the Java program, you must ensure that these variables are correctly set. Java. class. path =. php_java.jar java. home = c: jdk java. library = c: jdkjreinhotspotjvm. dll java. library. path =. variable session. save_path specifies the temporary directory required to save session information. In general, this directory is/tmp by default, but because this default directory does not exist in Windows, you must reset it to the correct Windows temporary directory, otherwise, the session handler will pop up an annoying error message when calling the session_start () function. At the same time, the session cookie validity period can be controlled through the variable session. cookie_lifetime. Session. save_path = c: windowsemp session. cookie_lifetime = 1800 security settings in php. ini, there are many variables related to security issues installed in PHP. The most interesting one is the safe_mode variable. We recommend that you set it for the ISP and shared-host services. This variable will limit the usage scope of PHP. Safe_mode = Off when safe mode is enabled, you can use the variable safe_mode_include_dir to specify the directory in which the relevant files are located. Place the binary program in a specific directory and use the safe_mode_include_dir variable to inform PHP of the directory. PHP will restrict the types of programs that can run PHP scripts using the exec () command. In this directory, only binary files can be accessed through the exec () command. Safe_mode_include_dir =/usr/local/lib/php/safe-include safe_mode_exec_dir =/usr/local/lib/php/safe-bin you can also use the open_basedir variable to restrict file operations. This variable is used as the root directory name of the file operation. After this variable is set, for PHP, files stored outside the directory tree will not be accessible. This is a good way to restrict users to their home or Web directories in the sharing system. Open_basedir =/home/web/variable max_execution_time sets the time for PHP to wait for the script to be executed before the script is forcibly terminated. The time is calculated in seconds. This variable is useful when the script enters an infinite loop state. However, when there is a legal activity that takes a long time to complete (such as uploading large files), this function will also cause operation failure. In this case, you must consider increasing the value of this variable to avoid PHP closing the script when the script is executing an important process. Max_execution_time = 90 just mentioned upload. Now let's take a look at how to configure uploads variables and form variables. Configuration File Upload and form variables. If the security strength of the Security Configuration discussed earlier in this article does not meet your requirements, you can disable file upload or set the maximum file size limit for each upload to further improve security. The preceding two functions are implemented through the variables file_uploads and upload_max_filesize. Generally, unless an application in the system designed to receive files (for example, an image book based on the Web FTP service), you should set a relatively small file size limit. File_uploads = On upload_max_filesize = 2 M if you are not interested in uploading files, but use a large number of forms in PHP applications, there are two variables that will interest you a lot. The first is the variable register_globals, which solves the long-term pain points of PHP developers. In PHP 3.x, this variable is On by default. The form variables are automatically converted to PHP variables when the form is submitted. In PHP 4.x, this variable is set to Off by default for security reasons. Therefore, form variables can only be accessed through a specific $ _ GET and $ _ POST. This also caused a lot of problems during the running of scripts written in PHP 3. x, requiring developers to rewrite the script and re-test it. For example, input to form fieldsFor PHP 3. the x script can be understood as $ email, whereas in PHP 4. the x script is used as $ _ POST [email] or $ _ GET [email]. Generally, you can set this variable to Off to provide more security measures for script attacks through forms. If you need to consider compatibility with the early PHP 3.x script, you should place it On. Register_globals = Off a variable related to form submission is post_max_size, which controls the maximum amount of data that PHP can receive in a form submission using the POST method. It seems unlikely that the default 8 MB size needs to be increased. Instead, it should be appropriately reduced to a more practical value. If you want to use the PHP file upload function, you need to change this value to a value greater than upload_max_filesize. Post_max_size = 8 M added the max_input_time variable to PHP 5. This variable can be used to limit the time when data is received through POST, GET, and PUT in seconds. If the application's running environment is on a low-speed link, you need to add this value to adapt to the more time required to receive data. Max_input_time = 90 performance adjustment you can also adjust some variable values to improve the performance of the PHP parser. To avoid using a large amount of available memory by running scripts, PHP allows you to define the memory usage limit. Use the memory_limit variable to specify the maximum memory capacity that a single script program can use: the value of memory_limit = 8 M variable memory_limit should be greater than the value of post_max_size. Another way to improve performance is to disable the variables $ argc and $ argv. These two values are used to store the number of parameters passed to the application in the command line and the actual parameter values. Register_argc_argv = false is similar. You can also disable $ HTTP_GET_VARS and $ HTTP_POST_VARS, because the first two methods are unlikely to be used today when $ _ GET and $ _ POST are used. Disabling this function can improve performance, but this can only be achieved through the register_long_arrays variable in PHP 5. Register_long_arrays = false: The ini_set () function. Finally, pay attention to the ini_set () function. When PHP reads all the settings in the php. ini configuration file, it also provides the ability to use the ini_set () function to change these settings according to the per-script principle. This function receives two parameters: the name of the configuration variable to be adjusted and the new value of the variable. For example, add maximum execution time when a script appears ): This setting will only affect the configured script. Once the script is executed, the variable is automatically restored to the original value. If the PHP application runs on a shared server, you are unlikely to be able to access the main php. ini configuration file. In this case, the function ini_set () allows you to dynamically modify the PHP configuration according to special requirements, which will bring you great convenience.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.