PHP configuration video tutorial: http://www.cnzz.cc/edu/Server/windows/1967.html
PHP is a very powerful server-side scripting language. You will learn how to run php. ini file configuration in the IIS environment.
This tutorial applies to Windows XP 2000 2003
1. decompress the downloaded PHP-5.2.5-Win32.zip file and copy it to: D: \ serverroot \ PHP (based on your needs, such as you can also put it in c: \ PHP );
Ii. php. ini file selection
Set a valid PHP configuration file, PHP. ini. The package contains two INI files: php. ini-Dist and PHP. ini-recommended. We recommend that you use PHP. ini-recommended because this file optimizes the performance and security of the default settings. Carefully read the instructions in this document and study the INI settings chapter to manually set each project. If you want to achieve the best security effect, you 'd better use this file, although PHP works well under the default INI file. Copy the selected INI file to the directory that PHP can find and change it to PhP. ini. By default, PHP searches for PHP. ini in the Windows directory:
In Windows 9x/ME/XP/2003, copy the selected INI file to % WINDIR %, usually c: \ windows. (C: \ WINDOWS \ PHP. INI)
In Windows NT/2000, copy the selected INI file to % WINDIR % or % SystemRoot %. Generally, c: \ WINNT or c: \ winnt40 corresponds to the server version.
If NTFS is used in Windows NT, 2000 XP, or 2003, make sure that the user name running webserver has the permission to read PHP. ini (for example, to make it readable to everyone ).
PHP. ini-Dist is generally usedProgramDevelopment.
PHP. ini-recommended is used for online services.
3. Modify the php. ini file
1. Search: extension_dir = "./" to extension_dir = "D: \ serverroot \ PHP \ ext \"
2. Change "safe_mode = off" to "safe_mode = on"
Shell_exec () and ''functions that can execute system commands are prohibited. Other execution functions include exec (), system (), passthru (), and popen () only programs in the directory specified by safe_mode_exec_dir can be executed. If you want to execute some commands or programs, find the following:
Safe_mode_exec_dir =
Specifies the path of the program to be executed, for example:
Safe_mode_exec_dir = D: \ serverroot \ PHP \
Copy the program to the Directory D: \ serverroot \ PHP \. In this way, the restricted function can execute the program in this directory.
3. Change "display_errors = on" to "display_errors = off"
Generally, PHP prompts an error when it is not connected to the database or in other cases. The error message contains the current path information of the PHP script or the queried SQL statement, this type of information is insecure when it is provided to hackers. Therefore, we recommend that you disable error messages on servers.
Display_errors = off
Log_errors = on
You must also set the directory where the error logs are stored to find the following line.
; Error_log = filename
Remove the comment and change filename to the specified file.
Error_log = D:/usr/php_error.log
4. Change "disable_functions =" to "disable_functions = phpinfo, system, exec, passthru, shell_exec, popen, is_dir ".
We do not want to execute PHP functions that can execute commands, including system (), or phpinfo () functions that can view PHP information, so we can disable them:
5. Search: If magic_quotes_gpc is off, change it to on to enable magic_quotes_gpc to prevent SQL injection.
6. Search: register_globals (register_globals = off is changed to register_globals = on)
Variables submitted in PHP, including those submitted using post or get, will be automatically registered as global variables for direct access, which is very insecure for the server, therefore, if we cannot register it as a global variable, we disable the register global variable option:
7. Search: Add/www // * after open_basedir. Note: WWW is the file stored in the website Program */
This option can disable file operations outside the specified directory, and effectively eliminate attacks by calling functions such as include () to local files or remote files.
8. Set expose_php to off, so that PHP will not disclose information in the HTTP file header.
To prevent hackers from obtaining information about the PHP version on the server, we can disable this information in the HTTP header.
9. Set "allow_url_fopen" to "off" to disable the remote file function.
10. Search for the string "; Windows extensions" and remove the semicolon (;) at the beginning of the line below. You can open more
; Extension = php_dbase.dll optional
; Extension = php_mcrypt.dll
; Extension = php_gd2.dll this item is used to support the GD library. It is generally required and is required.
; Extension = php_ldap.dll optional
; Extension = php_mbstring.dll if this option is not selected, phpMyAdmin will prompt an error, required
; Extension = php_mssql.dll this item is used to support the MSSQL database, optional
; Extension = php_mysql.dll this item is used to support MySQL databases, required
11. copy the related DLL files in the PHP and ext directories to c: \ windows \ system32, including php_mbstring.dll, php_mcrypt.dll, php_gd2.dll, php_dbase.dll, Ghost, php_mysql.dll, and libmysql. DLL, etc.) If you do not need to understand what, the simplest way is to copy all.
12. Change short_open_tag = off to short_open_tag = on PHP to enable short tag support.
Iv. IIS and PHP integration configuration-create a website
(1) Start IIS manager and create a new website (virtual host );
(2) enter the website name. If the name is changed to the ID in IIS, enter the website name as needed.
(3) You do not need to enter the website IP address. If the port does not have special requirements, you can keep it at 80. Finally, enter the website domain name correctly.
(4) Select wwwroot as the website directory in the website partition.
(5) For PHP applications, you must grant the site the "read" and "run script" permissions.
(6) A site has been created successfully.
4. Integrated configuration of IIS and PHP-make the site support PHP
(1) Open the website properties just created,
(2) In the site Properties window, click the "main directory" tab and click "configuration". In the displayed "application configuration" dialog box, click "add, to support php isapi, select the executable file: D: \ serverroot \ PHP \ php5isapi. DLL, the extension is. PHP: Get and post. Click "OK" to add and check whether the. php extension is successfully loaded in the "Application configuration" window. If yes, click OK to close the Configuration window and return to the main site Properties window.
(3) Click the "document" tab, add the index.htm?index.html and index. php files to the default content document, and sort all default documents in the descending order. Click OK to close the site property Configuration window and return to the main interface of IIS manager.
(4) Right-click "Web Service extension" to add PHP extension support.
(5) In the "new web service extension" dialog box shown in, enter PHP for the "extension", and select D: \ serverroot \ PHP \ php5isapi for the "File. DLL, and set this PHP extension to allow by default.
(6) restart the IIS service.
5. Test whether PHP support is normal.
The integration of IIS and PHP has been completed. Next we need to test whether PHP support is normal.
(1) go to the D: \ wwwroot \ directory and create a new phpinfo. php file with the following content:
<? PHP
Phpinfo ();
?>
(2) Open IE and enter: Ht