Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞
The first part of the article has led you to a glimpse of the structure of the php.ini file, and explained how to modify the PHP lookup path, error handling, and parser-related options. The second section delves into the configuration files, including how to activate the PHP extensions option, set resource limits for PHP scripts, and dynamically change configuration variables through PHP scripts.
Activate extended options
PHP can use a number of different extension options. In UNIX systems, extended options need to be created at compile time, and for Windows, binary DLL files will be included with PHP publishing. The variable extension_dir includes the directory name where PHP should view the associated extended options.
PHP under Windows includes 20 different extension options, all of which are listed in the php.ini file (through annotations). To activate a specific extension option, just remove the semicolon from the corresponding beginning and restart the server. If you want to disable an extended option (for example, if you need to improve system performance), simply add a semicolon at the beginning of the line.
If the extended option is not listed in the php.ini file, you can use the variable extension and pass the corresponding DLL file name to the variable.
Set Extension-specific variables
The variable extension-specific is stored in a separate area of the configuration file. For example, all variables associated with MySQL extensions should be stored in the [MySQL] area of php.ini.
If you need to use PHP's mail () function, you need to set the following three variables. You need to use SMTP and variable sendmail_from (Windows system) or variable Sendmail_path (Unix system) when sending e-mail messages through the PHP mail () function. For Windows, these variables set the SMTP server used and the "From:" Address displayed in the e-mail message, whereas for UNIX, variable Sendmail_path sets the MTA for message transfer (message transfer agent, mail transfer The path of the agent).
SMTP = myserver.localnet.com
Sendmail_from = email@example.com
Variables Java.class.path, Java.home, Java.library, and Java.library.path are all used to set the path to find Java classes and libraries. These values will be used by Java extensions, so if you want PHP to properly integrate with Java programs, you must make sure that the variables are set correctly.
Java.class.path =. \php_java.jar
Java.home = C:\JDK
Java.library = C:\jdk\jre\bin\hotspot\jvm.dll
The variable session.save_path specifies the temporary directory required to save session information. Typically, this directory defaults to/TMP, but because this default directory does not exist in the Windows system, you must reset it to the correct Windows Temp directory, or the session handler will eject the annoying error message when calling the Session_Start () function. You can also control the duration of the session cookie through variable session.cookie_lifetime.
Session.save_path = c:\windows\temp
Session.cookie_lifetime = 1800
In php.ini, there are many variables associated with the security issues of PHP installations. The most interesting of these is the Safe_mode variable, which is recommended for the ISP and shared hosting service (shared-hosting services), which limits the user's use of PHP.
Safe_mode = Off
When Safe mode is open, you can specify in what directory to look for related files through variable safe_mode_include_dir. By putting a binary program in a specific directory and using the Safe_mode_include_dir variable to tell the directory php,php will limit the types of programs that can run PHP scripts using the EXEC () command. Only binary files in this directory can be accessed through the EXEC () command.
You can also restrict file operations through variable Open_basedir. This variable will be set as the directory name for the file action root (root). After this variable is set, files that are stored outside of this directory tree will not be accessible to PHP. This is a good way to limit users to their home or web directories in a shared system.
Variable Max_execution_time sets the time, in seconds, that PHP waits for the script to finish before the script is forced to terminate. This variable is useful when the script enters an infinite loop state. However, when there is a legitimate activity that takes a long time to complete (such as uploading a large file), this feature can also cause the operation to fail. In such cases you must consider increasing the value of this variable to avoid PHP shutting down the script while the script is performing some important process.
Max_execution_time = 90
Just mention the upload, now let's see how to configure the uploads variable and the form variable.
Configuration file upload and form variables
If the security configuration provided by the security configurations discussed earlier in this article does not meet your requirements, you can further increase the security strength by closing the file upload or by setting the maximum file size limit for each upload. Both of these functions will be implemented by variable file_uploads and upload_max_filesize respectively. In general, you should set a relatively small file size limit unless you have an application designed to receive files (such as a picture book based on Web FTP services) on your system.
File_uploads = On
Upload_max_filesize = 2M
If you don't care about uploading files, but you use a lot of forms in your PHP application, there are two variables that will give you a lot of interest. The first is variable register_globals, which solves the long-standing pain of the PHP developer. In PHP 3.x, this variable defaults to ON. As a result, form variables are automatically converted to PHP variables when the form is submitted.
In PHP 4.x, this variable is set to off by default for security reasons. As a result, form variables will be accessible only through specific $_get and $_post. This also causes many scripts written in PHP 3.x to run into problems, requiring developers to rewrite the script and test it again. For example, the values entered into the form field <input type= "text" name= "email" > will be interpreted as $email for PHP 3.x scripts, and $_post[' emails ' in PHP 4.x scripts, or $_get [' Email '].
This variable can typically be set to OFF, which provides a more secure precaution against scripting attacks that are made through a form. If you need to consider compatibility issues with early PHP 3.x scripts, you should put on.
Register_globals = Off
A variable associated with form submission is post_max_size, which controls the maximum amount of data that PHP can receive in a form submission that takes place in a post method. It seems unlikely that you will need to change the default 8 MB to a larger size. Instead, it should be appropriately reduced to a more realistic value. However, if you want to use the php file upload feature, you need to change this value to be larger than the upload_max_filesize.
Post_max_size = 8M
Added the Max_input_time variable in PHP 5. This variable can be limited in seconds to the time it takes to receive data by post, get, and put. If your application is running on a low speed link, you need to increase this value to accommodate the additional time required to receive data.
Max_input_time = 90
You can also improve the performance of the PHP parser by adjusting some of the variable values. To avoid running scripts that use the system's available memory heavily, PHP allows you to define memory usage limits. Specify the maximum amount of memory that a single script program can use by Memory_limit variables:
Memory_limit = 8M
The value of the variable memory_limit should be appropriately greater than the Post_max_size value.
Another way to improve performance is to disable variable $ARGC and $ARGV, which are used to hold the number of parameters that are passed to the application in the command line and the actual parameter values.
REGISTER_ARGC_ARGV = False
Similarly, you can disable $http_get_vars as well as $http_post_vars, because you are unlikely to use the first two methods in the use of $_get and $_post today. Disabling this feature can lead to performance improvements, but this can only be achieved through the variable register_long_arrays in PHP 5.
Register_long_arrays = False
function Ini_set ()
Finally, you need to pay attention to the Ini_set () function. While PHP reads all the settings in the php.ini configuration file, it also provides the ability to use the Ini_set () function to change these settings according to the Per-script principle. This function receives two parameters: the name of the configuration variable that needs to be adjusted, and the new value of the variable. For example, increase the maximum execution time when a script appears (Maximum execution times):
Ini_set (' Max_execution_time ', 600)
Such a setting will only affect the script being set. Once the script completes, the variable is automatically restored to the original value.
If the PHP application is running on a shared server, it is unlikely that you will be able to access the primary php.ini configuration file. At this point, the function Ini_set () can allow the PHP configuration to be dynamically modified according to the special requirements, which will bring you great convenience.
This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or
reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or
complaint, to firstname.lastname@example.org. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
and provide relevant evidence. A staff member will contact you within 5 working days.