[PHP]
; PHP还是一个不断发展的工具，其功能还在不断地删减
; 而php.ini的设置更改可以反映出相当的变化，
; 在使用新的PHP版本前，研究一下php.ini会有好处的

;;;;;;;;;;;;;;;;;;;
; 关于这个文件 ;
;;;;;;;;;;;;;;;;;;;

; 这个文件控制了PHP许多方面的观点。为了让PHP读取这个文件，它必须被命名为
; 'php.ini'。PHP 将在这些地方依次查找该文件：当前工作目录；环境变量PHPRC
; 指明的路径；编译时指定的路径。
; 在windows下，编译时的路径是Windows安装目录。
; 在命令行模式下，php.ini的查找路径可以用 -c 参数替代。

; 该文件的语法非常简单。空白字符和用分号';'开始的行被简单地忽略（就象你可能
; 猜到的一样）。 章节标题（例如 : [Foo]）也被简单地忽略，即使将来它们可能
; 有某种的意义。
;
; 指示被指定使用如下语法：
; 指示标识符 = 值
; directive = value
; 指示标识符 是 *大小写敏感的* - foo=bar 不同于 FOO = bar。
;
; 值可以是一个字符串，一个数字，一个 PHP 常量 (如： E_ALL or M_PI), INI 常量中的
; 一个 (On, Off, True, False, Yes, No and None) ，或是一个表达式
; (如: E_ALL & ~E_NOTICE), 或是用引号括起来的字符串("foo").
;
; INI 文件的表达式被限制于位运算符和括号。
; | bitwise OR
; & bitwise AND
; ~ bitwise NOT
; ! boolean NOT
;
; 布尔标志可用 1, On, True or Yes 这些值置于开的状态。
; 它们可用 0, Off, False or No 这些值置于关的状态。
;
; 一个空字符串可以用在等号后不写任何东西表示，或者用 None 关键字:
;
; foo = ; 将foo置为空字符串
; foo = none ; 将foo置为空字符串
; foo = "none" ; 将foo置为字符串'none'
;
; 如果你值设置中使用常量，而这些常量属于动态调入的扩展库（不是 PHP 的扩展，就是
; Zend 的扩展），你仅可以调入这些扩展的行*之后*使用这些常量。
;
; 所有在 php.ini-dist 文件里设定的值与内建的默认值相同（这是说，如果 php.ini
; 没被使用或者你删掉了这些行，默认值与之相同）。


;;;;;;;;;;;;;;;;;;;;
; 语言选项 ;
;;;;;;;;;;;;;;;;;;;;

engine = On
; 使 PHP scripting language engine（PHP 脚本语言引擎）在 Apache下有效。
short_open_tag = On
; 允许 <? 标识（这种简单表示）。否则 仅有 <?php and <script> tags 将被识别。
asp_tags = Off
; 允许ASP-style <% %> tags
precision = 14
; 浮点类型数显示时的有效位数

y2k_compliance = Off
; 是否打开 2000年适应 (可能在非Y2K适应的浏览器中导致问题)

output_buffering = Off
; 输出缓存允许你甚至在输出正文内容之后发送 header（标头，包括cookies）行
; 其代价是输出层减慢一点点速度。你可以使用输出缓存在运行时打开输出缓存，
; 或者在这里将指示设为 On 而使得所有文件的输出缓存打开。
output_handler = ; 你可以重定向你的脚本的所有输出到一个函数，
; 那样做可能对处理或以日志记录它有用。
; 例如若你将这个output_handler 设为"ob_gzhandler",
; 则输出会被透明地为支持gzip或deflate编码的浏览器压缩。
; 设一个输出处理器自动地打开输出缓冲。

implicit_flush = Off
; 强制flush（刷新）让PHP 告诉输出层在每个输出块之后自动刷新自身数据。
; 这等效于在每个 print() 或 echo() 调用和每个 HTML 块后调用flush()函数。
; 打开这项设置会导致严重的运行时冲突，建议仅在debug过程中打开。

allow_call_time_pass_reference = On
; 是否让强迫函数调用时按引用传递参数。这一方法遭到抗议，
; 并可能在将来版本的PHP/Zend里不再支持。
; 受到鼓励的指定哪些参数按引用传递的方法是在函数声明里。
; 你被鼓励尝试关闭这一选项并确认你的脚本仍能正常工作，以保证在将来版本的语言里
; 它们仍能工作。（你将在每次使用该特点时得到一个警告，而参数将按值而不是按引用
; 传递）。

; Safe Mode 安全模式
safe_mode = Off
safe_mode_exec_dir =
safe_mode_allowed_env_vars = PHP_
; ？Setting certain environment variables
; ？may be a potential security breach.
; 该指示包含用逗号分隔的前缀列表。安全模式中，用户仅可以替换
; 以在此列出的前缀开头的环境变量的值。
; 默认地，用户将仅能 设定以PHP_开头的环境变量，（如: PHP_FOO=BAR）。
; 注意: 如果这一指示为空，PHP 将让用户更改任意环境变量!

safe_mode_protected_env_vars = LD_LIBRARY_PATH
; 这条指示包含一个用逗号分隔的环境变量列表，那是最终用户将不能用putenv () 更改的。
; 这些变量甚至在safe_mode_allowed_env_vars 设置为允许的情况下得到保护。

disable_functions =
; 这条指示让你可以为了安全的原因让特定函数失效。
; 它接受一个用逗号分隔的函数名列表。
; 这条指示 *不受* 安全模式是否打开的影响。

; 语法高亮模式的色彩。
; 只要能被<font color=???>接受的东西就能工作。

highlight.string = #DD0000
highlight.comment = #FF8000
highlight.keyword = #007700
highlight.bg = #FFFFFF
highlight.default = #0000BB
highlight.html = #000000

; Misc 杂项
expose_php = Off
; 决定 PHP 是否标示它装在服务器上的事实（例如：加在它 —PHP—给Web服务
; 发送的信号上）。
; （我个人的意见，在出现什么power-by的header的时候，把这关掉。）
; 它不会有安全上的威胁, 但它使检查你的服务器上是否安装了PHP成为了可能。


;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;

max_execution_time = 30 ; 每个脚本的最大执行时间, 按秒计
memory_limit = 8388608 ; 一个脚本最大可使用的内存总量 (这里是8MB)


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ;
; 出错控制和登记 ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; 错误报告是按位的。或者将数字加起来得到想要的错误报告等级。
; E_ALL - 所有的错误和警告
; E_ERROR - 致命性运行时错
; E_WARNING - 运行时警告（非致命性错）
; E_PARSE - 编译时解析错误
; E_NOTICE - 运行时提醒(这些经常是是你的代码的bug引起的，
;也可能是有意的行为造成的。(如：基于未初始化的变量自动初始化为一个
;空字符串的事实而使用一个未初始化的变量)

; E_CORE_ERROR - 发生于PHP启动时初始化过程中的致命错误
; E_CORE_WARNING - 发生于PHP启动时初始化过程中的警告(非致命性错)
; E_COMPILE_ERROR - 编译时致命性错
; E_COMPILE_WARNING - 编译时警告(非致命性错)
; E_USER_ERROR - 用户产生的出错消息
; E_USER_WARNING - 用户产生的警告消息
; E_USER_NOTICE - 用户产生的提醒消息
; 例子:
; error_reporting = E_ALL & ~E_NOTICE ; 显示所有的错误，除了提醒
; error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR ; 仅显示错误
error_reporting = E_ALL & ~E_NOTICE ; 显示所有的错误，除了提醒
display_errors = On ; 显示出错误信息(作为输出的一部分)
; 在最终发布的web站点上，强烈建议你关掉这个特性，并使用
; 错误日志代替（参看下面）。
; 在最终发布的web站点继续让 display_errors 有效可能
; 暴露一些有关安全的信息，例如你的web服务上的文件路径、
; 你的数据库规划或别的信息。
display_startup_errors = Off ; 甚至当display_erroes打开了，发生于PHP的启动的步骤中
; 的错误也不会被显示。
; 强烈建议保持使 display_startup_errors 关闭，
; 除了在改错过程中。
log_errors = Off ; 在日志文件里记录错误（服务器指定的日志，stderr标准错误输出，或error_log(下面的））
; 正如上面说明的那样，强烈建议你在最终发布的web站点以日志记录错误
; 取代直接错误输出。

track_errors = Off ; 保存最近一个 错误/警告 消息于变量 $php_errormsg (boolean)
;error_prepend_string = "<font color=ff0000>" ; 于错误信息前输出的字符串
;error_append_string = "</font>" ; 于错误信息后输出的字符串
;error_log = filename ; 记录错误日志于指定文件
;error_log = syslog ; 记录错误日志于系统日志 syslog (NT 下的事件日志, Windows 95下无效)
warn_plus_overloading = Off ; 当将‘+’用于字符串时警告


;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;
variables_order = "EGPCS" ; 这条指示描述了PHP 记录
; GET, POST, Cookie, Environment and Built-in 这些变量的顺序。
; （以 G, P, C, E & S 代表，通常以 EGPCS 或 GPC 的方式引用）。
; 按从左到右记录，新值取代旧值。

register_globals = On ; 是否将这些 EGPCS 变量注册为全局变量。
; 若你不想让用户数据不在全局范围内混乱的话，你可能想关闭它。
; 这和 track_vars 连起来用更有意义 — 这样你可以通过
; $HTTP_*_VARS[] 数组访问所有的GPC变量。

register_argc_argv = On ; 这条指示告诉 PHP 是否声明 argv和argc 变量
; （注：这里argv为数组,argc为变量数）
; （其中包含用GET方法传来的数据）。
; 若你不想用这些变量，你应当关掉它以提高性能。

track_vars = On ; 使$HTTP_*_VARS[]数组有效，这里*在使用时用
; ENV, POST, GET, COOKIE or SERVER替换
post_max_size = 8M ; PHP将接受的POST数据最大大小。


gpc_order = "GPC" ; 这条指示被人反对。用 variables_order 代替。

; Magic quotes
magic_quotes_gpc = On ; 在输入的GET/POST/Cookie数据里使用魔术引用
; （原文就这样，呵呵，所谓magic quotes 应该是指用转义符加在引用性的控制字符上，如 '....）
magic_quotes_runtime= Off ; 对运行时产生的数据使用魔术引用，
; 例如：用SQL查询得到的数据，用exec()函数得到的数据，等等
magic_quotes_sybase = Off ; 采用 Sybase形式的魔术引用（用 '' 脱出 ' 而不用 '）

; 自动在 PHP 文档之前和之后添加文件
auto_prepend_file =
auto_append_file =

; 象4.04b4一样，PHP 默认地总是在 “Content-type:” 头标输出一个字符的编码方式。
; 让输出字符集失效，只要设置为空。
; PHP 的内建默认值是 text/html
default_mimetype = "text/html"
;default_charset = "iso-8859-1"

[PHP] ;;;;;;;;;;; ; WARNING ; ;;;;;;;;;;; ; This is the default settings file for new PHP installations. ; By default, PHP installs itself with a configuration suitable for ; development purposes, and *NOT* for production purposes. ; For several security-oriented considerations that should be taken ; before going online with your site, please consult php.ini-recommended ; and http://php.net/manual/en/security.php. ;;;;;;;;;;;;;;;;;;; ; About php.ini ; ;;;;;;;;;;;;;;;;;;; ; This file controls many aspects of PHP's behavior. In order for PHP to ; read it, it must be named 'php.ini'. PHP looks for it in the current ; working directory, in the path designated by the environment variable ; PHPRC, and in the path that was defined in compile time (in that order). ; Under Windows, the compile-time path is the Windows directory. The ; path in which the php.ini file is looked for can be overridden using ; the -c argument in command line mode. ; ; The syntax of the file is extremely simple. Whitespace and Lines ; beginning with a semicolon are silently ignored (as you probably guessed). ; Section headers (e.g. [Foo]) are also silently ignored, even though ; they might mean something in the future. ; ; Directives are specified using the following syntax: ; directive = value ; Directive names are *case sensitive* - foo=bar is different from FOO=bar. ; ; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one ; of the INI constants (On, Off, True, False, Yes, No and None) or an expression ; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). ; ; Expressions in the INI file are limited to bitwise operators and parentheses: ; | bitwise OR ; & bitwise AND ; ~ bitwise NOT ; ! boolean NOT ; ; Boolean flags can be turned on using the values 1, On, True or Yes. ; They can be turned off using the values 0, Off, False or No. ; ; An empty string can be denoted by simply not writing anything after the equal ; sign, or by using the None keyword: ; ; foo = ; sets foo to an empty string ; foo = none ; sets foo to an empty string ; foo = "none" ; sets foo to the string 'none' ; ; If you use constants in your value, and these constants belong to a ; dynamically loaded extension (either a PHP extension or a Zend extension), ; you may only use these constants *after* the line that loads the extension. ; ; ;;;;;;;;;;;;;;;;;;; ; About this file ; ;;;;;;;;;;;;;;;;;;; ; All the values in the php.ini-dist file correspond to the builtin ; defaults (that is, if no php.ini is used, or if you delete these lines, ; the builtin defaults will be identical). ;;;;;;;;;;;;;;;;;;;; ; Language Options ; ;;;;;;;;;;;;;;;;;;;; ; Enable the PHP scripting language engine under Apache. engine = On ; Enable compatibility mode with Zend Engine 1 (PHP 4.x) zend.ze1_compatibility_mode = Off ; Allow the tags are recognized. ; NOTE: Using short tags should be avoided when developing applications or ; libraries that are meant for redistribution, or deployment on PHP ; servers which are not under your control, because short tags may not ; be supported on the target server. For portable, redistributable code, ; be sure not to use short tags. short_open_tag = On ; Allow ASP-style <% %> tags. asp_tags = Off ; The number of significant digits displayed in floating point numbers. precision = 12 ; Enforce year 2000 compliance (will cause problems with non-compliant browsers) y2k_compliance = On ; Output buffering allows you to send header lines (including cookies) even ; after you send body content, at the price of slowing PHP's output layer a ; bit. You can enable output buffering during runtime by calling the output ; buffering functions. You can also enable output buffering for all files by ; setting this directive to On. If you wish to limit the size of the buffer ; to a certain size - you can use a maximum number of bytes instead of 'On', as ; a value for this directive (e.g., output_buffering=4096). output_buffering = Off ; You can redirect all of the output of your scripts to a function. For ; example, if you set output_handler to "mb_output_handler", character ; encoding will be transparently converted to the specified encoding. ; Setting any output handler automatically turns on output buffering. ; Note: People who wrote portable scripts should not depend on this ini ; directive. Instead, explicitly set the output handler using ob_start(). ; Using this ini directive may cause problems unless you know what script ; is doing. ; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" ; and you cannot use both "ob_gzhandler" and "zlib.output_compression". ; Note: output_handler must be empty if this is set 'On' !!!! ; Instead you must use zlib.output_handler. ;output_handler = ; Transparent output compression using the zlib library ; Valid values for this option are 'off', 'on', or a specific buffer size ; to be used for compression (default is 4KB) ; Note: Resulting chunk size may vary due to nature of compression. PHP ; outputs chunks that are few hundreds bytes each as a result of ; compression. If you prefer a larger chunk size for better ; performance, enable output_buffering in addition. ; Note: You need to use zlib.output_handler instead of the standard ; output_handler, or otherwise the output will be corrupted. zlib.output_compression = Off ; You cannot specify additional output handlers if zlib.output_compression ; is activated here. This setting does the same as output_handler but in ; a different order. ;zlib.output_handler = ; Implicit flush tells PHP to tell the output layer to flush itself ; automatically after every output block. This is equivalent to calling the ; PHP function flush() after each and every call to print() or echo() and each ; and every HTML block. Turning this option on has serious performance ; implications and is generally recommended for debugging purposes only. implicit_flush = Off ; The unserialize callback function will be called (with the undefined class' ; name as parameter), if the unserializer finds an undefined class ; which should be instantiated. ; A warning appears if the specified function is not defined, or if the ; function doesn't include/implement the missing class. ; So only set this entry, if you really want to implement such a ; callback-function. unserialize_callback_func= ; When floats & doubles are serialized store serialize_precision significant ; digits after the floating point. The default value ensures that when floats ; are decoded with unserialize, the data will remain the same. serialize_precision = 100 ; Whether to enable the ability to force arguments to be passed by reference ; at function call time. This method is deprecated and is likely to be ; unsupported in future versions of PHP/Zend. The encouraged method of ; specifying which arguments should be passed by reference is in the function ; declaration. You're encouraged to try and turn this option Off and make ; sure your scripts work properly with it in order to ensure they will work ; with future versions of the language (you will receive a warning each time ; you use this feature, and the argument will be passed by value instead of by ; reference). allow_call_time_pass_reference = On ; ; Safe Mode ; safe_mode = Off ; By default, Safe Mode does a UID compare check when ; opening files. If you want to relax this to a GID compare, ; then turn on safe_mode_gid. safe_mode_gid = Off ; When safe_mode is on, UID/GID checks are bypassed when ; including files from this directory and its subdirectories. ; (directory must also be in include_path or full path must ; be used when including) safe_mode_include_dir = ; When safe_mode is on, only executables located in the safe_mode_exec_dir ; will be allowed to be executed via the exec family of functions. safe_mode_exec_dir = ; Setting certain environment variables may be a potential security breach. ; This directive contains a comma-delimited list of prefixes. In Safe Mode, ; the user may only alter environment variables whose names begin with the ; prefixes supplied here. By default, users will only be able to set ; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). ; ; Note: If this directive is empty, PHP will let the user modify ANY ; environment variable! safe_mode_allowed_env_vars = PHP_ ; This directive contains a comma-delimited list of environment variables that ; the end user won't be able to change using putenv(). These variables will be ; protected even if safe_mode_allowed_env_vars is set to allow to change them. safe_mode_protected_env_vars = LD_LIBRARY_PATH ; open_basedir, if set, limits all file operations to the defined directory ; and below. This directive makes most sense if used in a per-directory ; or per-virtualhost web server configuration file. This directive is ; *NOT* affected by whether Safe Mode is turned On or Off. ;open_basedir = ; This directive allows you to disable certain functions for security reasons. ; It receives a comma-delimited list of function names. This directive is ; *NOT* affected by whether Safe Mode is turned On or Off. disable_functions = ; This directive allows you to disable certain classes for security reasons. ; It receives a comma-delimited list of class names. This directive is ; *NOT* affected by whether Safe Mode is turned On or Off. disable_classes = ; Colors for Syntax Highlighting mode. Anything that's acceptable in ; would work. ;highlight.string = #DD0000 ;highlight.comment = #FF9900 ;highlight.keyword = #007700 ;highlight.bg = #FFFFFF ;highlight.default = #0000BB ;highlight.html = #000000 ; If enabled, the request will be allowed to complete even if the user aborts ; the request. Consider enabling it if executing long request, which may end up ; being interrupted by the user or a browser timing out. ; ignore_user_abort = On ; ; Misc ; ; Decides whether PHP may expose the fact that it is installed on the server ; (e.g. by adding its signature to the Web server header). It is no security ; threat in any way, but it makes it possible to determine whether you use PHP ; on your server or not. expose_php = On ;;;;;;;;;;;;;;;;;;; ; Resource Limits ; ;;;;;;;;;;;;;;;;;;; max_execution_time = 30 ; Maximum execution time of each script, in seconds max_input_time = 60 ; Maximum amount of time each script may spend parsing request data memory_limit = 8M ; Maximum amount of memory a script may consume (8MB) ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; Error handling and logging ; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; error_reporting is a bit-field. Or each number up to get desired error ; reporting level ; E_ALL - All errors and warnings (doesn't include E_STRICT) ; E_ERROR - fatal run-time errors ; E_WARNING - run-time warnings (non-fatal errors) ; E_PARSE - compile-time parse errors ; E_NOTICE - run-time notices (these are warnings which often result ; from a bug in your code, but it's possible that it was ; intentional (e.g., using an uninitialized variable and ; relying on the fact it's automatically initialized to an ; empty string) ; E_STRICT - run-time notices, enable to have PHP suggest changes ; to your code which will ensure the best interoperability ; and forward compatibility of your code ; E_CORE_ERROR - fatal errors that occur during PHP's initial startup ; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's ; initial startup ; E_COMPILE_ERROR - fatal compile-time errors ; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) ; E_USER_ERROR - user-generated error message ; E_USER_WARNING - user-generated warning message ; E_USER_NOTICE - user-generated notice message ; ; Examples: ; ; - Show all errors, except for notices and coding standards warnings ; ;error_reporting = E_ALL & ~E_NOTICE ; ; - Show all errors, except for notices ; ;error_reporting = E_ALL & ~E_NOTICE | E_STRICT ; ; - Show only errors ; ;error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR ; ; - Show all errors except for notices and coding standards warnings ; error_reporting = E_ALL & ~E_NOTICE ; Print out errors (as a part of the output). For production web sites, ; you're strongly encouraged to turn this feature off, and use error logging ; instead (see below). Keeping display_errors enabled on a production web site ; may reveal security information to end users, such as file paths on your Web ; server, your database schema or other information. display_errors = Off ; Even when display_errors is on, errors that occur during PHP's startup ; sequence are not displayed. It's strongly recommended to keep ; display_startup_errors off, except for when debugging. display_startup_errors = Off ; Log errors into a log file (server-specific log, stderr, or error_log (below)) ; As stated above, you're strongly advised to use error logging in place of ; error displaying on production web sites. log_errors = Off ; Set maximum length of log_errors. In error_log information about the source is ; added. The default is 1024 and 0 allows to not apply any maximum length at all. log_errors_max_len = 1024 ; Do not log repeated messages. Repeated errors must occur in same file on same ; line until ignore_repeated_source is set true. ignore_repeated_errors = Off ; Ignore source of message when ignoring repeated messages. When this setting ; is On you will not log errors with repeated messages from different files or ; sourcelines. ignore_repeated_source = Off ; If this parameter is set to Off, then memory leaks will not be shown (on ; stdout or in the log). This has only effect in a debug compile, and if ; error reporting includes E_WARNING in the allowed list report_memleaks = On ; Store the last error/warning message in $php_errormsg (boolean). track_errors = Off ; Disable the inclusion of HTML tags in error messages. ; Note: Never use this feature for production boxes. ;html_errors = Off ; If html_errors is set On PHP produces clickable error messages that direct ; to a page describing the error or function causing the error in detail. ; You can download a copy of the PHP manual from http://www.php.net/docs.php ; and change docref_root to the base URL of your local copy including the ; leading '/'. You must also specify the file extension being used including ; the dot. ; Note: Never use this feature for production boxes. ;docref_root = "/phpmanual/" ;docref_ext = .html ; String to output before an error message. ;error_prepend_string = ""

; String to output after an error message. ;error_append_string = "" ; Log errors to specified file. ;error_log = filename ; Log errors to syslog (Event Log on NT, not valid in Windows 95). ;error_log = syslog ;;;;;;;;;;;;;;;;; ; Data Handling ; ;;;;;;;;;;;;;;;;; ; ; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 ; The separator used in PHP generated URLs to separate arguments. ; Default is "&". ;arg_separator.output = "&" ; List of separator(s) used by PHP to parse input URLs into variables. ; Default is "&". ; NOTE: Every character in this directive is considered as separator! ;arg_separator.input = ";&" ; This directive describes the order in which PHP registers GET, POST, Cookie, ; Environment and Built-in variables (G, P, C, E & S respectively, often ; referred to as EGPCS or GPC). Registration is done from left to right, newer ; values override older values. variables_order = "EGPCS" ; Whether or not to register the EGPCS variables as global variables. You may ; want to turn this off if you don't want to clutter your scripts' global scope ; with user data. This makes most sense when coupled with track_vars - in which ; case you can access all of the GPC variables through the $HTTP_*_VARS[], ; variables. ; ; You should do your best to write your scripts so that they do not require ; register_globals to be on; Using form variables as globals can easily lead ; to possible security problems, if the code is not very well thought of. register_globals = On ; Whether or not to register the old-style input arrays, HTTP_GET_VARS ; and friends. If you're not using them, it's recommended to turn them off, ; for performance reasons. register_long_arrays = On ; This directive tells PHP whether to declare the argv&argc variables (that ; would contain the GET information). If you don't use these variables, you ; should turn it off for increased performance. register_argc_argv = On ; When enabled, the SERVER and ENV variables are created when they're first ; used (Just In Time) instead of when the script starts. If these variables ; are not used within a script, having this directive on will result in a ; performance gain. The PHP directives register_globals, register_long_arrays, ; and register_argc_argv must be disabled for this directive to have any affect. auto_globals_jit = On ; Maximum size of POST data that PHP will accept. post_max_size = 8M ; Magic quotes ; ; Magic quotes for incoming GET/POST/Cookie data. magic_quotes_gpc = On ; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. magic_quotes_runtime = Off ; Use Sybase-style magic quotes (escape ' with '' instead of \'). magic_quotes_sybase = Off ; Automatically add files before or after any PHP document. auto_prepend_file = auto_append_file = ; As of 4.0b4, PHP always outputs a character encoding by default in ; the Content-type: header. To disable sending of the charset, simply ; set it to be empty. ; ; PHP's built-in default is text/html default_mimetype = "text/html" ;default_charset = "iso-8859-1" ; Always populate the $HTTP_RAW_POST_DATA variable. ;always_populate_raw_post_data = On ;;;;;;;;;;;;;;;;;;;;;;;;; ; Paths and Directories ; ;;;;;;;;;;;;;;;;;;;;;;;;; ; UNIX: "/path1:/path2" ;include_path = ".:/php/includes" ; ; Windows: "\path1;\path2" ;include_path = ".;c:\php\includes" ; The root of the PHP pages, used only if nonempty. ; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root ; if you are running php as a CGI under any web server (other than IIS) ; see documentation for security issues. The alternate is to use the ; cgi.force_redirect configuration below doc_root = ; The directory under which PHP opens the script using /~username used only ; if nonempty. user_dir = ; Directory in which the loadable extensions (modules) reside. extension_dir = "C:\severfiles\php5\ext" ; Whether or not to enable the dl() function. The dl() function does NOT work ; properly in multithreaded servers, such as IIS or Zeus, and is automatically ; disabled on them. enable_dl = On ; cgi.force_redirect is necessary to provide security running PHP as a CGI under ; most web servers. Left undefined, PHP turns this on by default. You can ; turn it off here AT YOUR OWN RISK ; **You CAN safely turn this off for IIS, in fact, you MUST.** ; cgi.force_redirect = 1 ; if cgi.nph is enabled it will force cgi to always sent Status: 200 with ; every request. ; cgi.nph = 1 ; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape ; (iPlanet) web servers, you MAY need to set an environment variable name that PHP ; will look for to know it is OK to continue execution. Setting this variable MAY ; cause security issues, KNOW WHAT YOU ARE DOING FIRST. ; cgi.redirect_status_env = ; ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate ; security tokens of the calling client. This allows IIS to define the ; security context that the request runs under. mod_fastcgi under Apache ; does not currently support this feature (03/17/2002) ; Set to 1 if running under IIS. Default is zero. ; fastcgi.impersonate = 1; ; Disable logging through FastCGI connection ; fastcgi.log = 0 ; cgi.rfc2616_headers configuration option tells PHP what type of headers to ; use when sending HTTP response code. If it's set 0 PHP sends Status: header that ; is supported by Apache. When this option is set to 1 PHP will send ; RFC2616 compliant header. ; Default is zero. ;cgi.rfc2616_headers = 0 ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; ; Whether to allow HTTP file uploads. file_uploads = On ; Temporary directory for HTTP uploaded files (will use system default if not ; specified). ;upload_tmp_dir = ; Maximum allowed size for uploaded files. upload_max_filesize = 2M ;;;;;;;;;;;;;;;;;; ; Fopen wrappers ; ;;;;;;;;;;;;;;;;;; ; Whether to allow the treatment of URLs (like http:// or ftp://) as files. allow_url_fopen = On ; Define the anonymous ftp password (your email address) ;from="john@doe.com" ; Define the User-Agent string ; user_agent="PHP" ; Default timeout for socket based streams (seconds) default_socket_timeout = 60 ; If your scripts have to deal with files from Macintosh systems, ; or you are running on a Mac and need to deal with files from ; unix or win32 systems, setting this flag will cause PHP to ; automatically detect the EOL character in those files so that ; fgets() and file() will work regardless of the source of the file. ; auto_detect_line_endings = Off ;;;;;;;;;;;;;;;;;;;;;; ; Dynamic Extensions ; ;;;;;;;;;;;;;;;;;;;;;; ; ; If you wish to have an extension loaded automatically, use the following ; syntax: ; ; extension=modulename.extension ; ; For example, on Windows: ; ; extension=msql.dll ; ; ... or under UNIX: ; ; extension=msql.so ; ; Note that it should be the name of the module only; no directory information ; needs to go here. Specify the location of the extension with the ; extension_dir directive above. ; Windows Extensions ; Note that ODBC support is built in, so no dll is needed for it. ; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) ; extension folders as well as the separate PECL DLL download (PHP 5). ; Be sure to appropriately set the extension_dir directive. extension=php_mbstring.dll ;extension=php_bz2.dll ;extension=php_curl.dll ;extension=php_dba.dll extension=php_dbase.dll ;extension=php_exif.dll ;extension=php_fdf.dll ;extension=php_filepro.dll extension=php_gd2.dll ;extension=php_gettext.dll ;extension=php_ifx.dll extension=php_imap.dll ;extension=php_interbase.dll extension=php_ldap.dll ;extension=php_mcrypt.dll ;extension=php_mhash.dll ;extension=php_mime_magic.dll ;extension=php_ming.dll ;extension=php_mssql.dll ;extension=php_msql.dll extension=php_mysql.dll ;extension=php_oci8.dll ;extension=php_openssl.dll ;extension=php_oracle.dll ;extension=php_pgsql.dll ;extension=php_shmop.dll ;extension=php_snmp.dll ;extension=php_sockets.dll ;extension=php_sqlite.dll ;extension=php_sybase_ct.dll ;extension=php_tidy.dll ;extension=php_xmlrpc.dll ;extension=php_xsl.dll ;;;;;;;;;;;;;;;;;;; ; Module Settings ; ;;;;;;;;;;;;;;;;;;; [Date] ; Defines the default timezone used by the date functions ;date.timezone = [Syslog] ; Whether or not to define the various syslog variables (e.g. $LOG_PID, ; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In ; runtime, you can define these variables by calling define_syslog_variables(). define_syslog_variables = Off [mail function] ; For Win32 only. SMTP = localhost smtp_port = 25 ; For Win32 only. ;sendmail_from = me@example.com ; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). ;sendmail_path = ; Force the addition of the specified parameters to be passed as extra parameters ; to the sendmail binary. These parameters will always replace the value of ; the 5th parameter to mail(), even in safe mode. ;mail.force_extra_parameters = [SQL] sql.safe_mode = Off [ODBC] ;odbc.default_db = Not yet implemented ;odbc.default_user = Not yet implemented ;odbc.default_pw = Not yet implemented ; Allow or prevent persistent links. odbc.allow_persistent = On ; Check that a connection is still valid before reuse. odbc.check_persistent = On ; Maximum number of persistent links. -1 means no limit. odbc.max_persistent = -1 ; Maximum number of links (persistent + non-persistent). -1 means no limit. odbc.max_links = -1 ; Handling of LONG fields. Returns number of bytes to variables. 0 means ; passthru. odbc.defaultlrl = 4096 ; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. ; See the documentation on odbc_binmode and odbc_longreadlen for an explanation ; of uodbc.defaultlrl and uodbc.defaultbinmode odbc.defaultbinmode = 1 [MySQL] ; Allow or prevent persistent links. mysql.allow_persistent = On ; Maximum number of persistent links. -1 means no limit. mysql.max_persistent = -1 ; Maximum number of links (persistent + non-persistent). -1 means no limit. mysql.max_links = -1 ; Default port number for mysql_connect(). If unset, mysql_connect() will use ; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the ; compile-time value defined MYSQL_PORT (in that order). Win32 will only look ; at MYSQL_PORT. mysql.default_port = ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. mysql.default_socket = ; Default host for mysql_connect() (doesn't apply in safe mode). mysql.default_host =