Puede darse el caso de que, por motivos de seguridad, el servidor en el que vayamos a alojar nuestras aplicaciones PHP tenga deshabilitada la directiva allow_url_fopen en la configuración PHP.

La directiva allow_url_fopen permite, cuando su valor está en “On”, pasar urls (http, ftp) a la función fopen(), en lugar de la ubicacion física del archivo. Por motivos de seguridad, esta directiva puede (y seguramente debe) estar deshabilitada.

En un primer intento de resolver el asunto sin tener que editar el php.ini se nos puede ocurrir utilizar la función ini_set() para cambiar a On el valor de allow_url_fopen durante la ejecución del Script. Teóricamente podríamos hacerlo de cualquiera de estas dos formas:

ini_set(allow_url_fopen, ‘On’);
ini_set(allow_url_fopen, ‘1′);

Sin embargo, en la práctica, esta directiva no puede ser cambiada de este modo debido a que a partir de la versión 4.3.4 de PHP, este valor de configuración solo se puede especificar a nivel global en los archivos de configuración php.ini ó httpd.conf

Pero no nos demos por vencidos porque, desde su versión 4.0.2, PHP soporta Libcurl, una biblioteca creada por Daniel Stenberg, que permite conectar y comunicar a diferentes tipos de servidores con diferentes tipos de protocolos ( http, https, ftp, gopher, telnet, dict, archivo y protocolos LDAP). Podremos, por ejemplo, obtener el contenido de una web, extraer datos XML o transferir archivos de servidores FTP.

Una vez nos hayamos asegurado de que el PHP de nuestro servidor está compilado con soporte cURL podremos empezar a utilizar las funciones de la librería libcurl para PHP.

Aquí os dejo un ejemplo en el que utilizo cURL para acceder al xml que la API de youtube nos ofrece, en este caso, al solicitar el listado de videos de determinado usuario.


<?php
$feedURL = "http://gdata.youtube.com/feeds/api/users/tu_usuario/uploads";

//Cerramos la sesión CURL
curl_close($curl);
?>


Glosario:
curl. Herramienta de linea de comandos para la transferencia de archivos.
libcurl. Libreria multiplataforma que permite la transferencia de archivos desde el lado del cliente y a través de múltiples protocolos.

Pagal nutylėjimą PhpMyAdmin leidžia importuoti ne didesnius nei 2MB failus. Deja, kartais to neužtenka. Norint šį limitą padidinti Jums reikės redaguoti du failus:
php.ini - PHP nustatymų failas
config.inc.php – PhpMyAdmin nustatymų failas

Pirmajame reikia surasti tokias direktyvas post_max_size, upload_max_filesize. Keisimime įkeliamo failo dydžio limitą.
Antrajame $cfg['ExecTimeLimit']. Keisime užklausos vykdymo maksimalų laiką. Pagal nutylėjimą būna 300.

Si al tratar de correr una pagina PHP en Expression Web nos aparece el siguiente error:

Entonces tendremos que configurar nuestro servidor de PHP para que funcione con Expression Web.

Esto es muy fácil:

1.- Si no tenemos un motor dinámico PHP (Mas info) entonces descargamos la aplicación XAMPP

2.- Una vez instalada Abrimos Expression web y creamos una pagina llamada:

phpinfo.php

Colocamos el siguiente código:

   1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

   2: <html xmlns="http://www.w3.org/1999/xhtml">

   3: <head>

   4: <meta content="text/html; charset=utf-8" http-equiv="Content-Type" />

   5: <title>Sin título 1</title>

   6: </head>

   7: <body>

   8: <?php

   9: phpinfo();

  10: ?>

  11: </body>

  12: </html>

3.-En Expression Web damos clic en el menu Herramientas –> Opciones de Aplicación

y en la ruta colocamos la siguiente: C:\xampp\php\php-cgi.exe

Damos clic en Aceptar, Guardamos nuestra pagina y probamos

Aparece el siguiente mensaje:

Presionamos en SI.

Y listo =) nuestra pagina PHP corriendo en Expression Web

If you encounter this error: [ERROR] Error in accept: Cannot allocate memory

Then open your php.ini file and try to set higher values, to:

memory_limit = 64M
max_execution_time = 60
max_input_time = 90

Create a a php file (‘test.php’) with notepad and write the following code:

phpinfo();

Upload the file on your server, and open it via a browser to get access at all the information.

For example you may find: Configuration File (php.ini) Path

Se eliminaron de esta lista los polémicos register-globals y safe-mode por dos motivos: en PHP5 se encuentran desactivados por defecto y porque serán eliminados en PHP6.

1. engine
   Quizás la más imporante de todas, si se encuentra configurada a Off directamente no podremos usar PHP.
2. expose-php
   Cambiándolo a Off evitaremos que el servidor web reporte la versión de PHP que estamos usando, además de cualquier extensión. También podemos eliminar la “firma” de Apache desactivando la opción ServerSignature en su archivo httpd.conf
3. max-execution-time
   Es el límite de tiempo que tiene un script para ejecutarse y es importante si tenemos algunos que pueden potencialmente consumir muchos recursos del servidor.
4. memory-limit
   Aunque la mayoría de los proveedores de hosting compartido tiene un límite pequeño de 7 a 16 Mb, un límite mayor puede evitar problemas si tenemos problemas de memoria.
5. post-max-size
   Si estamos aceptamos que el usuario suba archivos al servidor, con esta opción podemos poner un límite al tamaño de los archivos aceptados.
6. magic-quotes-gpc
   Otra muy polémica opción que sigue causando confusión y que será eliminada en PHP6. Su finalidad es “escapar” las comillas simples, dobles y caracteres especiales en una cadena de caracteres.
7. disable-functions y disable-classes
   Permiten desactivar el uso de ciertas funciones y clases de PHP, efectivamente restringiéndo la disponibilidad de las que presenten un riesgo de seguridad, como exec, fopen, system, etc.

Todas estas opciones pueden cambiarse en el archivo principal de configuración de PHP (generalmente php.ini), o bien en nuestros propios scripts usando la función ini-set, si no se encuentra desactivada, por supuesto.

• Artículo completo en Newb To Pro.

Suggerimento rapidorapido pescato dal forum di supporto di Dreamhost.

Nel caso si abbia la necessità di personalizzare il PHP.INI, ad esempio (come è servito a me) per aumentare il timeout di uno script, la procedura è questa:

1. Se non presente, creare una directory ‘cgi-bin’ all’interno della directory che ospita il dominio (mkdir ~/domain.com/cgi-bin/)
2. Nella home del proprio utente, creare un file (php_update.sh) contenente il seguente script:

   #/bin/sh
   
   CGIFILE="$HOME/dominio.com/cgi-bin/php.cgi"
   INIFILE="$HOME/dominio.com/cgi-bin/php.ini"
   
   cp /usr/local/bin/php "$CGIFILE"
   cp /etc/php/php.ini "$INIFILE"
   
   perl -p -i -e '
   s/.*post_max_size.*/post_max_size = 100M/;
   s/.*upload_max_filesize.*/upload_max_filesize = 100M/;
   s/.*max_execution_time.*/max_execution_time = 600/;
   s/.*memory_limit.*/memory_limit = 90M/;
   ' "$INIFILE"
   

3. Renderlo eseguibile (chmod +x php_update.sh) ed eseguirlo (./php_update.sh).
4. Aggiornare il file .htaccess nella root del sito (o crearlo se non presente) e aggiungere la riga seguente: “AddHandler php-cgi .php” (senza i “)
5. Aggiungere lo script al crontab in modo da farlo eseguire a scadenza settimanale, in modo da mantenere la propria copia locale di php.ini aggiornata con quello principale.

“disable_functions” (Güvenlik)
“disable_functions” ile serverınızda birçok fonksiyonun çalışmasınıengelleyebilirsiniz bu sayede sitenize inject edilen scriptler, shelleriçin güvenliğinizi almış olursunuz. Bu kadar fonksiyon fazla gelebilirama iyi bir güvenlik için şart.

 disable_functions = foreach, glob, openbasedir, posix_getpwuid, f_open, system,dl, array_compare, array_user_key_compare, passthru, cat, exec, popen, proc_close, proc_get_status, proc_nice, proc_open, escapeshellcmd, escapeshellarg, show_source, posix_mkfifo, ini_restore, mysql_list_dbs, get_current_user, getmyuid,pconnect, link, symlink, fin, passthruexec, fileread, shell_exec, pcntl_exec, ini_alter, parse_ini_file, leak, apache_child_terminate, chown, posix_kill, posix_setpgid, posix_setsid, posix_setuid, proc_terminate, syslog, allow_url_fopen, fpassthru, execute, shell, curl_exec, chgrp, stream_select, passthru, socket_select, socket_create, socket_create_listen, socket_create_pair, socket_listen, socket_accept, socket_bind, socket_strerror, pcntl_fork, pcntl_signal, pcntl_waitpid, pcntl_wexitstatus, pcntl_wifexited, pcntl_wifsignaled, pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, openlog, apache_get_modules, apache_get_version, apache_getenv, apache_note, apache_setenv, virtual

Eğer bu kadar fonsiyonu devre dışı bırakmak fazla geldiyse alttaki gibi de ayarlayabilirsiniz bu da güvenliğiniz için yeterlidir:

 disable_functions = glob, posix_getpwuid, array_compare, array_user_key_compare, ini_restore, exec, proc_get_status, proc_nice, proc_open, allow_url_fopen, fin, pconnect, system, dl, passthruexec, shell_exec, proc_close, proc_get_status, chown, chgrp, escapeshellcmd, escapeshellarg, fileread, passthru, popen,curl_exec, shell, execute

Safe Mode Güvenlik
“Safe Mode” adından da anlaşılacağı gibi “Güvenli Mod” anlamına geliyor. “Safe Mode” genelde birçok serverda “Off” durumdadır ve bu da birçok tehlikeye davetiye çıkaran unsurlar arasında yer alır. “Güvenli Modu Açık” durumuna getirmek shellerin serverımızda istedikleri gibi dolaşmalarını, exploitlerin çalıştırılmasını ve komutların execute edilmelerini önler. Günümüzde “açık olan güvenlik modunu” kapalı duruma getiren scriptler mevcut fakat altta anlatılan önlemlerle bunun da önüne geçilebilir.

 safe_mode = on

çalışmayan script olursa httpd.conf ve .htaccess dosyasından kullanıcıya gerekli izin verilebilir. örnek aşağıdaki gibi

php_flag safe_mode Off

“register_globals” (Güvenlik ve Performans)
php.ini dosyasında bulunan “post” “get” ile gönderilen değerlere kullanıcı adlarıyla ulaşılıp ulaşılamayacağını belirtir. Session, cookie değerlerini kendi adıyla tanımlayarak birer değişken olmasına neden olur. “Off” olarak ayarlanırsa bu gibi değerlere kendi tanımladığı şekilde ulaşılamaz.

register_globals = off

çalışmayan script olursa on değerini htaccess dosyasına koyup sadece o siteye açabilirsiniz. veya httpd.conf dosyasına

php_flag register_globals on

“allow_url_fopen” (Güvenlik)
“allow_url_fopen” default olarak “açık” şeklinde gelir ve bunun “on” açık olması “file_get_contents()”, “include()”, “require()” fonksiyonlar uzaktaki dosyaları da işlemesine olanak tanır. Bunlara verilen bilgiler hiçbir kontrolden geçirilmezse kritik güvenlik açıklarını sebep olur. (eğer safe mode açıksa ve open basedir aktif ise bunun açık kalmasında hiç bir sorun yok. Kapalı kalması durumunda bir çok script çalışmaz. en basit örnek olarak php nuke çalışmaz.)

allow_url_fopen = off

“display_errors” (Güvenlik)
Bu seçenek sitenizin çalışmasında oluşacak bir hatayı tarayıcıyayansıtıp yansıtmayacağını belirler yani siteniz için diyelim bir forumveya portal kullanıyorsunuz ve bunların çalışması esnasında genelde”Fatal error: Call to undefined function get_header() in/home/ahmo/public_html/index.php on line 37″ şeklinde benzeri hatagörülür bunların gözükmesini engellemek için bu değeri kapalı durumagetirmek gerekir zira kötü niyetli kişiler sitenizin serverda bulunantam yolunu öğrenmiş olurlar.
(Eğer safe mod açık ve open basedir aktif ise bunu kapatmanıza gerekyoktur. zira bu tür hatalar ayrıca scriptinde hata neresinde olduğunugösterdiği için host kullanıcısına sitesini düzenlemesi için büyükkolaylık sağlıyor.)

display_errors = Off

“cgi.force_redirect” (Güvenlik)
Bu değer normalde “on” “1″ yani açık olarak gelir ve Windowssunucularında IIS, OmniHTTPD gibi buralarda kapatılması gerekir. Kendisunucunuz için bu durum yoksa değiştirmenize gerek yoktur.
Code:

cgi.force_redirect = 0

“magic_quotes_gpc” (Güvenlik ve Performans)
Magic Quotes işlemi GET/POST yöntemiyle gelen Cookie datasınıotomatikmen PHP script’e kaçırır. Önerilen bu değerin kapalı olmasıdır.
Code:

magic_quotes_gpc = off

“magic_quotes_runtime” (Güvenlik ve Performans)
Magic quotes çalışma sürecinde data oluşturur, SQL’den exec()’den, vb.
Önerilen:

Code:

magic_quotes_runtime = Off

“magic_quotes_sybase” (Güvenlik ve Performans)
Sybase-style magic quotes kullanır (Bunun yerine \’ ‘ bununla ” kaçırır)
Code:

 magic_quotes_sybase = Off

“session.use_trans_sid” (Güvenlik)
Bu ayarı dikkatli ayarlayın, kullanıcı emaile aktif oturum ID’si içeren URL gönderebilir
kullnıcının güvenliği için bunu kapatıyoruz.
Önerilen:
Code:

session.use_trans_sid = off

“expose_php” (Güvenlik)
“expose_php” açık ise kapalı yapılması önerilir. Aksi takdirde PHP ileyaptığınız herşeyde sunucu tarafından PHP sürümü gibi bilgilergösterilir. Hackerlar hatta Lamerlar bu bilgileri severler (ne bohanlıyorlarsa sanki). Bunları engellemek için “off” konumuna getiriniz.
Code:

expose_php = Off

“html_errors” (Güvenlik)
Bu değerin açık olması durumunda PHP tıklanabilir hata mesajlarıüretecektir. Kapalı olması güvenlik için önerilir. başında “;” işaretivarsa kaldırıyoruz ve değeri kapatıyoruz.
Code:

html_errors = off

“max_execution_time” (Güvenlik)
Scriptinizi maksimum uygulamayı yürütme zamanı mesela kullanıcı birlinke tıkladı ve bu linkin açılması belirtilen saniyeden fazla olursasayfa sitenizin serverda bulunduğu tam yolu göstererek hata verir. Buhataların gözükmesi güvenlik açısından sakıncalıdır. 300 saniye yazanyeri istediğiniz zaman ile değiştirebilirsiniz. bana kalırsa bırakınyolu görsün çok fazla sayfa beklerse extra yğunluk demektir. direkbırakın hata versin. süreyi 30 yapalım.
Code:

max_execution_time = 30

“max_input_time” (Güvenlik)
Scriptinizin aynı şekilde bir dataya ulaşmak için istek yolladığında maksimum geçen zaman 60 yapalım. fazla bile

Code:

max_input_time = 60

“allow_call_time_pass_reference” (Performans)
Fonksiyonların çağrılma zamanında yaşanan uyumsuzluklarla ilgili uyarı verir.
örneğin ilk belittiğimiz yasak komutlarda hiç bir uyarı vermeden bomboş sayfa çıkarır karşıya. böyle bir durumda scripte bakmaktansa tekrarbunu açık duruma getirirsiniz hatayı gördükten sonra tekrar kapatınfonksiyonu.
Code:

allow_call_time_pass_reference = off

“enable_dl” (Güvenlik)
Bu değerin “off” kapalı olması gerekir aksi halde kişilerin sistemdephp modüllerinde çalışma yapmasına olanak sağlar ve sistemde rahatdolaşmalarını sağlar güvenlik için kesinlikle kapalı olması gerekir.
Code:

enable_dl = off

“track_errors” (Güvenlik ve Performans)
Sürücülerde meydana gelen hatalarda yetki verildiği taktirde hata mesajı errormsg olarak değişkende gösterilir.
track_errors = Off
“file_uploads” (Güvenlik)
Eğer sunucda tek site barındırıyorsanız ve o sitede her hangi birşeysunucuya yükletilmiyorsa kapalı kalmasında yarar var. Ama çoklu sitebarındırıyorsanız. Günümüzdeki tüm siteler artık avatardır, dosya v.suploat ediyor karar sizin.
ben yine kapatın diyeyimde.
Code:

file_uploads = off

“ignore_repeated_errors” (Güvenlik ve Performans)
Kapalı olursa tekrarlanan hataları loglamaz.
ignore_repeated_errors = Off

“ignore_repeated_source” (Güvenlik ve Performans)
Tekrarlanan mesajlar engellendiğinde, mesaj kaynağını engeller Bu ayaraçık yapıldığında hataları loglamayacaktır farklı dosyalardan ya dakaynaklardan tekrarlanan mesajlarla.
ignore_repeated_source = Off

“display_startup_errors” (Güvenlik ve Performans)
“display_errors” değeri “on” açık olsa bile, Php’nin çalışma sırasındameydana gelen hatalar gözükmeyecektir. Bu değerin şiddetle “off” kapalıduruma getirilmesi önerilir.
Code:

display_startup_errors = off

“safe_mode_gid” (Güvenlik)
UID – GID kontrollerini sadece UID ile yapmasına izin verir böyleceaynı grupta dosyalar bulunsa bile göremezler yani serverda bulunandiğer clientların scriptlerini v.s görmeleri engellenir.
Code:

safe_mode_gid = Off

“output_buffering = 4096″ (Performans)
4 KB’lik bir tampon çıktısı ayarlar “output buffer”

Code:

output_buffering = 4096

“register_argc_argv” (Performans)
Kapalı olursa gereksiz ARGV ve ARGC kayıtlarını önler. PHP nin ARGV ve ARGC değişkenlerini bildirip bildirmemesini anlatır.
Code:

 register_argc_argv = Off

“php_value session.use_trans_sid – php_value session.use_only_cookies”
Bu şekilde ayarlanması URL’deki PHPSESSID bilgilerini kaldırır.
seofilan yapanlar için uygun. genlede smf, phpbb forumlarda ve sensionkoruma uyguladığınız scriptler için PHPSESSID bilgilerini url yeeklemez. başlarında ; işareti varsa kaldırın.
Code:

session.use_trans_sid = 0
session.use_only_cookies = 1

“session.auto_start”
Oturum başlatmayı başlangıçta isteme
session.auto_start = 0
“session.cookie_lifetime”
Cookie’nin zaman ayarı
session.cookie_lifetime = 0
“memory_limit”
Scriptin tükettiği maksimum hafıza miktarı
değeri istediğinizgibi verin. 8M çokfazla bir değer. sadece kendisiteniz barınıyorsa bu değer normal. ama host ile uğraşıyorsanız 512Kyapmanız daha uygun.
Code:

memory_limit = 8M

“post_max_size”
PHP’nin kabul edeceği maksimum POST data boyutu.
isteğinize bağlı 1 Mb vermek için 1M yazın
Code:

post_max_size = 256K

“upload_max_filesize“
Upload edilen dosyaların maksimum boyutu
buda sizin isteğinize bağlı isterseniz 50M yapın. o zaman kullanıcı 50 Mb’a kadar dosya upload edebilir.
Code:

upload_max_filesize = 256K

“variables_order”
(Ortam, GET, POST, Çerez, Sunucu) bunların işlenmedeki sıralarını belirler.
variables_order = “EGPCS”
Bu kadar ondan sonra ctrl x y diyip kaydediyoruz ve
service httpd restart diyoruz.
Genelde çoğu fonksiyon zaten böyle dediğim değerdedir. 3-5 tanesi hariçtabi. Yeni başlayan arkadaşlar için anlattımki hangisi ne işe yararöğrenmiş olsunlar.

/aLINTIDR/

Este es un archivo php.ini que se sube al servidor para configurar el php. Esto es muy util para el Cpanel. Si necesitan el archivo esta adjunto a este post. En mi caso lo utilice para aumentar la memoria PHP memory_limit to 96M

Espero les sirva

[PHP]

;;;;;;;;;;;
; WARNING ;
;;;;;;;;;;;
; This is the default settings file for new PHP installations.
; By default, PHP installs itself with a configuration suitable for
; development purposes, and *NOT* for production purposes.
; For several security-oriented considerations that should be taken
; before going online with your site, please consult php.ini-recommended
; and http://php.net/manual/en/security.php.

;;;;;;;;;;;;;;;;;;;
; About this file ;
;;;;;;;;;;;;;;;;;;;
; This file controls many aspects of PHP's behavior.  In order for PHP to
; read it, it must be named 'php.ini'.  PHP looks for it in the current
; working directory, in the path designated by the environment variable
; PHPRC, and in the path that was defined in compile time (in that order).
; Under Windows, the compile-time path is the Windows directory.  The
; path in which the php.ini file is looked for can be overridden using
; the -c argument in command line mode.
;
; The syntax of the file is extremely simple.  Whitespace and Lines
; beginning with a semicolon are silently ignored (as you probably guessed).
; Section headers (e.g. [Foo]) are also silently ignored, even though
; they might mean something in the future.
;
; Directives are specified using the following syntax:
; directive = value
; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
;
; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo").
;
; Expressions in the INI file are limited to bitwise operators and parentheses:
; |        bitwise OR
; &        bitwise AND
; ~        bitwise NOT
; !        boolean NOT
;
; Boolean flags can be turned on using the values 1, On, True or Yes.
; They can be turned off using the values 0, Off, False or No.
;
; An empty string can be denoted by simply not writing anything after the equal
; sign, or by using the None keyword:
;
;  foo =         ; sets foo to an empty string
;  foo = none    ; sets foo to an empty string
;  foo = "none"  ; sets foo to the string 'none'
;
; If you use constants in your value, and these constants belong to a
; dynamically loaded extension (either a PHP extension or a Zend extension),
; you may only use these constants *after* the line that loads the extension.
;
; All the values in the php.ini-dist file correspond to the builtin
; defaults (that is, if no php.ini is used, or if you delete these lines,
; the builtin defaults will be identical).

;;;;;;;;;;;;;;;;;;;;
; Language Options ;
;;;;;;;;;;;;;;;;;;;;

; Enable the PHP scripting language engine under Apache.
engine = On

; Allow the <? tag.  Otherwise, only <?php and <script> tags are recognized.
; NOTE: Using short tags should be avoided when developing applications or
; libraries that are meant for redistribution, or deployment on PHP
; servers which are not under your control, because short tags may not
; be supported on the target server. For portable, redistributable code,
; be sure not to use short tags.
short_open_tag = On

; Allow ASP-style <% %> tags.
asp_tags = Off

; The number of significant digits displayed in floating point numbers.
precision    =  12

; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
y2k_compliance = On

; Output buffering allows you to send header lines (including cookies) even
; after you send body content, at the price of slowing PHP's output layer a
; bit.  You can enable output buffering during runtime by calling the output
; buffering functions.  You can also enable output buffering for all files by
; setting this directive to On.  If you wish to limit the size of the buffer
; to a certain size - you can use a maximum number of bytes instead of 'On', as
; a value for this directive (e.g., output_buffering=4096).
output_buffering = Off

; You can redirect all of the output of your scripts to a function.  For
; example, if you set output_handler to "mb_output_handler", character
; encoding will be transparently converted to the specified encoding.
; Setting any output handler automatically turns on output buffering.
; Note: People who wrote portable scripts should not depend on this ini
;       directive. Instead, explicitly set the output handler using ob_start().
;       Using this ini directive may cause problems unless you know what script
;       is doing.
; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
;       and you cannot use both "ob_gzhandler" and "zlib.output_compression".
;output_handler =

; Transparent output compression using the zlib library
; Valid values for this option are 'off', 'on', or a specific buffer size
; to be used for compression (default is 4KB)
; Note: Resulting chunk size may vary due to nature of compression. PHP
;       outputs chunks that are few hundreds bytes each as a result of
;       compression. If you prefer a larger chunk size for better
;       performance, enable output_buffering in addition.
; Note: You need to use zlib.output_handler instead of the standard
;       output_handler, or otherwise the output will be corrupted.
zlib.output_compression = Off

; You cannot specify additional output handlers if zlib.output_compression
; is activated here. This setting does the same as output_handler but in
; a different order.
;zlib.output_handler =

; Implicit flush tells PHP to tell the output layer to flush itself
; automatically after every output block.  This is equivalent to calling the
; PHP function flush() after each and every call to print() or echo() and each
; and every HTML block.  Turning this option on has serious performance
; implications and is generally recommended for debugging purposes only.
implicit_flush = Off

; The unserialize callback function will be called (with the undefined class'
; name as parameter), if the unserializer finds an undefined class
; which should be instanciated.
; A warning appears if the specified function is not defined, or if the
; function doesn't include/implement the missing class.
; So only set this entry, if you really want to implement such a
; callback-function.
unserialize_callback_func=

; When floats & doubles are serialized store serialize_precision significant
; digits after the floating point. The default value ensures that when floats
; are decoded with unserialize, the data will remain the same.
serialize_precision = 100

; Whether to enable the ability to force arguments to be passed by reference
; at function call time.  This method is deprecated and is likely to be
; unsupported in future versions of PHP/Zend.  The encouraged method of
; specifying which arguments should be passed by reference is in the function
; declaration.  You're encouraged to try and turn this option Off and make
; sure your scripts work properly with it in order to ensure they will work
; with future versions of the language (you will receive a warning each time
; you use this feature, and the argument will be passed by value instead of by
; reference).
allow_call_time_pass_reference = On

; Safe Mode
;
safe_mode = Off

; By default, Safe Mode does a UID compare check when
; opening files. If you want to relax this to a GID compare,
; then turn on safe_mode_gid.
safe_mode_gid = Off

; When safe_mode is on, UID/GID checks are bypassed when
; including files from this directory and its subdirectories.
; (directory must also be in include_path or full path must
; be used when including)
safe_mode_include_dir =								

; When safe_mode is on, only executables located in the safe_mode_exec_dir
; will be allowed to be executed via the exec family of functions.
safe_mode_exec_dir =

; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes.  In Safe Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here.  By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
;
; Note:  If this directive is empty, PHP will let the user modify ANY
; environment variable!
safe_mode_allowed_env_vars = PHP_

; This directive contains a comma-delimited list of environment variables that
; the end user won't be able to change using putenv().  These variables will be
; protected even if safe_mode_allowed_env_vars is set to allow to change them.
safe_mode_protected_env_vars = LD_LIBRARY_PATH

; open_basedir, if set, limits all file operations to the defined directory
; and below.  This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
;open_basedir =

; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_functions =

; This directive allows you to disable certain classes for security reasons.
; It receives a comma-delimited list of class names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_classes =

; Colors for Syntax Highlighting mode.  Anything that's acceptable in
; <font color="??????"> would work.
;highlight.string  = #DD0000
;highlight.comment = #FF9900
;highlight.keyword = #007700
;highlight.bg      = #FFFFFF
;highlight.default = #0000BB
;highlight.html    = #000000

;
; Misc
;
; Decides whether PHP may expose the fact that it is installed on the server
; (e.g. by adding its signature to the Web server header).  It is no security
; threat in any way, but it makes it possible to determine whether you use PHP
; on your server or not.
expose_php = On

;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;

max_execution_time = 30     ; Maximum execution time of each script, in seconds
max_input_time = 60	; Maximum amount of time each script may spend parsing request data
memory_limit = 32M      ; Maximum amount of memory a script may consume (32MB)

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; error_reporting is a bit-field.  Or each number up to get desired error
; reporting level
; E_ALL             - All errors and warnings
; E_ERROR           - fatal run-time errors
; E_WARNING         - run-time warnings (non-fatal errors)
; E_PARSE           - compile-time parse errors
; E_NOTICE          - run-time notices (these are warnings which often result
;                     from a bug in your code, but it's possible that it was
;                     intentional (e.g., using an uninitialized variable and
;                     relying on the fact it's automatically initialized to an
;                     empty string)
; E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING    - warnings (non-fatal errors) that occur during PHP's
;                     initial startup
; E_COMPILE_ERROR   - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR      - user-generated error message
; E_USER_WARNING    - user-generated warning message
; E_USER_NOTICE     - user-generated notice message
;
; Examples:
;
;   - Show all errors, except for notices
;
;error_reporting = E_ALL & ~E_NOTICE
;
;   - Show only errors
;
;error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR
;
;   - Show all errors except for notices
;
error_reporting  =  E_ALL & ~E_NOTICE

; Print out errors (as a part of the output).  For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below).  Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
display_errors = On

; Even when display_errors is on, errors that occur during PHP's startup
; sequence are not displayed.  It's strongly recommended to keep
; display_startup_errors off, except for when debugging.
display_startup_errors = Off

; Log errors into a log file (server-specific log, stderr, or error_log (below))
; As stated above, you're strongly advised to use error logging in place of
; error displaying on production web sites.
log_errors = On                  ;

; Set maximum length of log_errors. In error_log information about the source is
; added. The default is 1024 and 0 allows to not apply any maximum length at all.
log_errors = On                  ;

; Do not log repeated messages. Repeated errors must occur in same file on same
; line until ignore_repeated_source is set true.
ignore_repeated_errors = Off

; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
; sourcelines.
ignore_repeated_source = Off

; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This has only effect in a debug compile, and if
; error reporting includes E_WARNING in the allowed list
report_memleaks = On

; Store the last error/warning message in $php_errormsg (boolean).
track_errors = Off

; Disable the inclusion of HTML tags in error messages.
;html_errors = Off

; If html_errors is set On PHP produces clickable error messages that direct
; to a page describing the error or function causing the error in detail.
; You can download a copy of the PHP manual from http://www.php.net/docs.php
; and change docref_root to the base URL of your local copy including the
; leading '/'. You must also specify the file extension being used including
; the dot.
;docref_root = "/phpmanual/"
;docref_ext = .html

; String to output before an error message.
;error_prepend_string = "<font color=ff0000>"

; String to output after an error message.
;error_append_string = "</font>"

; Log errors to specified file.
error_log = error_log                  ;

; Log errors to syslog (Event Log on NT, not valid in Windows 95).
error_log = error_log                  ;

;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;
;
; Note - track_vars is ALWAYS enabled as of PHP 4.0.3

; The separator used in PHP generated URLs to separate arguments.
; Default is "&".
;arg_separator.output = "&"

; List of separator(s) used by PHP to parse input URLs into variables.
; Default is "&".
; NOTE: Every character in this directive is considered as separator!
;arg_separator.input = ";&"

; This directive describes the order in which PHP registers GET, POST, Cookie,
; Environment and Built-in variables (G, P, C, E & S respectively, often
; referred to as EGPCS or GPC).  Registration is done from left to right, newer
; values override older values.
variables_order = "EGPCS"

; Whether or not to register the EGPCS variables as global variables.  You may
; want to turn this off if you don't want to clutter your scripts' global scope
; with user data.  This makes most sense when coupled with track_vars - in which
; case you can access all of the GPC variables through the $HTTP_*_VARS[],
; variables.
;
; You should do your best to write your scripts so that they do not require
; register_globals to be on;  Using form variables as globals can easily lead
; to possible security problems, if the code is not very well thought of.
register_globals = Off

; This directive tells PHP whether to declare the argv&argc variables (that
; would contain the GET information).  If you don't use these variables, you
; should turn it off for increased performance.
register_argc_argv = On

; Maximum size of POST data that PHP will accept.
post_max_size = 8M

; This directive is deprecated.  Use variables_order instead.
gpc_order = "GPC"

; Magic quotes
;

; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = On

; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off    

; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off

; Automatically add files before or after any PHP document.
auto_prepend_file =
auto_append_file =

; As of 4.0b4, PHP always outputs a character encoding by default in
; the Content-type: header.  To disable sending of the charset, simply
; set it to be empty.
;
; PHP's built-in default is text/html
default_mimetype = "text/html"
;default_charset = "iso-8859-1"

; Always populate the $HTTP_RAW_POST_DATA variable.
;always_populate_raw_post_data = On

;;;;;;;;;;;;;;;;;;;;;;;;;
; Paths and Directories ;
;;;;;;;;;;;;;;;;;;;;;;;;;

; UNIX: "/path1:/path2"
include_path = ".:/usr/lib/php:/usr/local/lib/php"   ;
;
; Windows: "\path1;\path2"
include_path = ".:/usr/lib/php:/usr/local/lib/php"   ;

; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
; if you are running php as a CGI under any web server (other than IIS)
; see documentation for security issues.  The alternate is to use the
; cgi.force_redirect configuration below
doc_root =

; The directory under which PHP opens the script using /~username used only
; if nonempty.
user_dir =

; Directory in which the loadable extensions (modules) reside.
extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20020429"

; Whether or not to enable the dl() function.  The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
; disabled on them.
enable_dl = On

; cgi.force_redirect is necessary to provide security running PHP as a CGI under
; most web servers.  Left undefined, PHP turns this on by default.  You can
; turn it off here AT YOUR OWN RISK
; **You CAN safely turn this off for IIS, in fact, you MUST.**
; cgi.force_redirect = 1

; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
; every request.
; cgi.nph = 1

; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
; will look for to know it is OK to continue execution.  Setting this variable MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
; cgi.redirect_status_env = ;

; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
; this to 1 will cause PHP CGI to fix it's paths to conform to the spec.  A setting
; of zero causes PHP to behave as before.  Default is zero.  You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
; cgi.fix_pathinfo=0

; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
; security tokens of the calling client.  This allows IIS to define the
; security context that the request runs under.  mod_fastcgi under Apache
; does not currently support this feature (03/17/2002)
; Set to 1 if running under IIS.  Default is zero.
; fastcgi.impersonate = 1;

; cgi.rfc2616_headers configuration option tells PHP what type of headers to
; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
; is supported by Apache. When this option is set to 1 PHP will send
; RFC2616 compliant header.
; Default is zero.
;cgi.rfc2616_headers = 0 

;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;

; Whether to allow HTTP file uploads.
file_uploads = On

; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
;upload_tmp_dir =

; Maximum allowed size for uploaded files.
upload_max_filesize = 2M

;;;;;;;;;;;;;;;;;;
; Fopen wrappers ;
;;;;;;;;;;;;;;;;;;

; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
allow_url_fopen = On

; Define the anonymous ftp password (your email address)
;from="john@doe.com"

; Define the User-Agent string
; user_agent="PHP"

; Default timeout for socket based streams (seconds)
default_socket_timeout = 60

; If your scripts have to deal with files from Macintosh systems,
; or you are running on a Mac and need to deal with files from
; unix or win32 systems, setting this flag will cause PHP to
; automatically detect the EOL character in those files so that
; fgets() and file() will work regardless of the source of the file.
; auto_detect_line_endings = Off

;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;
;
; If you wish to have an extension loaded automatically, use the following
; syntax:
;
;   extension=modulename.extension
;
; For example, on Windows:
;
;   extension=msql.dll
;
; ... or under UNIX:
;
;   extension=msql.so
;
; Note that it should be the name of the module only; no directory information
; needs to go here.  Specify the location of the extension with the
; extension_dir directive above.

;Windows Extensions
;Note that MySQL and ODBC support is now built in, so no dll is needed for it.
;
;extension=php_bz2.dll
;extension=php_cpdf.dll
;extension=php_crack.dll
;extension=php_curl.dll
;extension=php_db.dll
;extension=php_dba.dll
;extension=php_dbase.dll
;extension=php_dbx.dll
;extension=php_domxml.dll
;extension=php_exif.dll
;extension=php_fdf.dll
;extension=php_filepro.dll
;extension=php_gd2.dll
;extension=php_gettext.dll
;extension=php_hyperwave.dll
;extension=php_iconv.dll
;extension=php_ifx.dll
;extension=php_iisfunc.dll
;extension=php_imap.dll
;extension=php_interbase.dll
;extension=php_java.dll
;extension=php_ldap.dll
;extension=php_mbstring.dll
;extension=php_mcrypt.dll
;extension=php_mhash.dll
;extension=php_mime_magic.dll
;extension=php_ming.dll
;extension=php_mssql.dll
;extension=php_msql.dll
;extension=php_oci8.dll
;extension=php_openssl.dll
;extension=php_oracle.dll
;extension=php_pdf.dll
;extension=php_pgsql.dll
;extension=php_printer.dll
;extension=php_shmop.dll
;extension=php_snmp.dll
;extension=php_sockets.dll
;extension=php_sybase_ct.dll
;extension=php_w32api.dll
;extension=php_xmlrpc.dll
;extension=php_xslt.dll
;extension=php_yaz.dll
;extension=php_zip.dll

;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;

[Syslog]
; Whether or not to define the various syslog variables (e.g. $LOG_PID,
; $LOG_CRON, etc.).  Turning it off is a good idea performance-wise.  In
; runtime, you can define these variables by calling define_syslog_variables().
define_syslog_variables  = Off

[mail function]
; For Win32 only.
;SMTP = localhost                  ;
smtp_port = 25

; For Win32 only.
;sendmail_from = me@localhost.com             ;

; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
sendmail_path = /usr/sbin/sendmail -t -i              ;

[Java]
;java.class.path = .\php_java.jar
;java.home = c:\jdk
;java.library = c:\jdk\jre\bin\hotspot\jvm.dll
;java.library.path = .\

[SQL]
sql.safe_mode = Off

[ODBC]
;odbc.default_db    =  Not yet implemented
;odbc.default_user  =  Not yet implemented
;odbc.default_pw    =  Not yet implemented

; Allow or prevent persistent links.
odbc.allow_persistent = On

; Check that a connection is still valid before reuse.
odbc.check_persistent = On

; Maximum number of persistent links.  -1 means no limit.
odbc.max_persistent = -1

; Maximum number of links (persistent + non-persistent).  -1 means no limit.
odbc.max_links = -1  

; Handling of LONG fields.  Returns number of bytes to variables.  0 means
; passthru.
odbc.defaultlrl = 4096  

; Handling of binary data.  0 means passthru, 1 return as is, 2 convert to char.
; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
; of uodbc.defaultlrl and uodbc.defaultbinmode
odbc.defaultbinmode = 1  

[MySQL]
; Allow or prevent persistent links.
mysql.allow_persistent = On

; Maximum number of persistent links.  -1 means no limit.
mysql.max_persistent = -1

; Maximum number of links (persistent + non-persistent).  -1 means no limit.
mysql.max_links = -1

; Default port number for mysql_connect().  If unset, mysql_connect() will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
; at MYSQL_PORT.
mysql.default_port =

; Default socket name for local MySQL connects.  If empty, uses the built-in
; MySQL defaults.
mysql.default_socket =

; Default host for mysql_connect() (doesn't apply in safe mode).
mysql.default_host =

; Default user for mysql_connect() (doesn't apply in safe mode).
mysql.default_user =

; Default password for mysql_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
; and reveal this password!  And of course, any users with read access to this
; file will be able to reveal the password as well.
mysql.default_password =

; Maximum time (in seconds) for connect timeout. -1 means no limit
mysql.connect_timeout = 60

; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
; SQL-Errors will be displayed.
mysql.trace_mode = Off

[mSQL]
; Allow or prevent persistent links.
msql.allow_persistent = On

; Maximum number of persistent links.  -1 means no limit.
msql.max_persistent = -1

; Maximum number of links (persistent+non persistent).  -1 means no limit.
msql.max_links = -1

[PostgresSQL]
; Allow or prevent persistent links.
pgsql.allow_persistent = On

; Detect broken persistent links always with pg_pconnect(). Need a little overhead.
pgsql.auto_reset_persistent = Off 

; Maximum number of persistent links.  -1 means no limit.
pgsql.max_persistent = -1

; Maximum number of links (persistent+non persistent).  -1 means no limit.
pgsql.max_links = -1

; Ignore PostgreSQL backends Notice message or not.
pgsql.ignore_notice = 0

; Log PostgreSQL backends Noitce message or not.
; Unless pgsql.ignore_notice=0, module cannot log notice message.
pgsql.log_notice = 0

[Sybase]
; Allow or prevent persistent links.
sybase.allow_persistent = On

; Maximum number of persistent links.  -1 means no limit.
sybase.max_persistent = -1

; Maximum number of links (persistent + non-persistent).  -1 means no limit.
sybase.max_links = -1

;sybase.interface_file = "/usr/sybase/interfaces"

; Minimum error severity to display.
sybase.min_error_severity = 10

; Minimum message severity to display.
sybase.min_message_severity = 10

; Compatability mode with old versions of PHP 3.0.
; If on, this will cause PHP to automatically assign types to results according
; to their Sybase type, instead of treating them all as strings.  This
; compatibility mode will probably not stay around forever, so try applying
; whatever necessary changes to your code, and turn it off.
sybase.compatability_mode = Off

[Sybase-CT]
; Allow or prevent persistent links.
sybct.allow_persistent = On

; Maximum number of persistent links.  -1 means no limit.
sybct.max_persistent = -1

; Maximum number of links (persistent + non-persistent).  -1 means no limit.
sybct.max_links = -1

; Minimum server message severity to display.
sybct.min_server_severity = 10

; Minimum client message severity to display.
sybct.min_client_severity = 10

[dbx]
; returned column names can be converted for compatibility reasons
; possible values for dbx.colnames_case are
; "unchanged" (default, if not set)
; "lowercase"
; "uppercase"
; the recommended default is either upper- or lowercase, but
; unchanged is currently set for backwards compatibility
dbx.colnames_case = "unchanged"

[bcmath]
; Number of decimal digits for all bcmath functions.
bcmath.scale = 0

[browscap]
;browscap = extra/browscap.ini

[Informix]
; Default host for ifx_connect() (doesn't apply in safe mode).
ifx.default_host =

; Default user for ifx_connect() (doesn't apply in safe mode).
ifx.default_user =

; Default password for ifx_connect() (doesn't apply in safe mode).
ifx.default_password =

; Allow or prevent persistent links.
ifx.allow_persistent = On

; Maximum number of persistent links.  -1 means no limit.
ifx.max_persistent = -1

; Maximum number of links (persistent + non-persistent).  -1 means no limit.
ifx.max_links = -1

; If on, select statements return the contents of a text blob instead of its id.
ifx.textasvarchar = 0

; If on, select statements return the contents of a byte blob instead of its id.
ifx.byteasvarchar = 0

; Trailing blanks are stripped from fixed-length char columns.  May help the
; life of Informix SE users.
ifx.charasvarchar = 0

; If on, the contents of text and byte blobs are dumped to a file instead of
; keeping them in memory.
ifx.blobinfile = 0

; NULL's are returned as empty strings, unless this is set to 1.  In that case,
; NULL's are returned as string 'NULL'.
ifx.nullformat = 0

[Session]
; Handler used to store/retrieve data.
session.save_handler = files

; Argument passed to save_handler.  In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
; As of PHP 4.0.1, you can define the path as:
;     session.save_path = "N;/path"
; where N is an integer.  Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories.  This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
; NOTE 1: PHP will not create this directory structure automatically.
;         You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
;         use subdirectories for session storage
;session.save_path = /tmp

; Whether to use cookies.
session.use_cookies = 1

; This option enables administrators to make their users invulnerable to
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1

; Name of the session (used as cookie name).
session.name = PHPSESSID

; Initialize session on request startup.
session.auto_start = 0

; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0

; The path for which the cookie is valid.
session.cookie_path = /

; The domain for which the cookie is valid.
session.cookie_domain =

; Handler used to serialize data.  php is the standard serializer of PHP.
session.serialize_handler = php

; Define the probability that the 'garbage collection' process is started
; on every session initialization.
; The probability is calculated by using gc_probability/gc_divisor,
; e.g. 1/100 means there is a 1% chance that the GC process starts
; on each request.

session.gc_probability = 1
session.gc_divisor     = 100

; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440

; NOTE: If you are using the subdirectory option for storing session files
;       (see session.save_path above), then garbage collection does *not*
;       happen automatically.  You will need to do your own garbage
;       collection through a shell script, cron entry, or some other method.
;       For example, the following script would is the equivalent of
;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          cd /path/to/sessions; find -cmin +24 | xargs rm

; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit register_globals
; is disabled.  PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning separately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.

session.bug_compat_42 = 1
session.bug_compat_warn = 1

; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; considered as valid.
session.referer_check =

; How many bytes to read from the file.
session.entropy_length = 0

; Specified here to create the session id.
session.entropy_file =

;session.entropy_length = 16

;session.entropy_file = /dev/urandom

; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
session.cache_limiter = nocache

; Document expires after n minutes.
session.cache_expire = 180

; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
;   to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
;   in publically accessible computer.
; - User may access your site with the same session ID
;   always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0

; The URL rewriter will look for URLs in a defined set of HTML tags.
; form/fieldset are special; if you include them here, the rewriter will
; add a hidden <input> field with the info which is otherwise appended
; to URLs.  If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="

[MSSQL]
; Allow or prevent persistent links.
mssql.allow_persistent = On

; Maximum number of persistent links.  -1 means no limit.
mssql.max_persistent = -1

; Maximum number of links (persistent+non persistent).  -1 means no limit.
mssql.max_links = -1

; Minimum error severity to display.
mssql.min_error_severity = 10

; Minimum message severity to display.
mssql.min_message_severity = 10

; Compatability mode with old versions of PHP 3.0.
mssql.compatability_mode = Off

; Connect timeout
;mssql.connect_timeout = 5

; Query timeout
;mssql.timeout = 60

; Valid range 0 - 2147483647.  Default = 4096.
;mssql.textlimit = 4096

; Valid range 0 - 2147483647.  Default = 4096.
;mssql.textsize = 4096

; Limits the number of records in each batch.  0 = all records in one batch.
;mssql.batchsize = 0

; Specify how datetime and datetim4 columns are returned
; On => Returns data converted to SQL server settings
; Off => Returns values as YYYY-MM-DD hh:mm:ss
;mssql.datetimeconvert = On

; Use NT authentication when connecting to the server
mssql.secure_connection = Off

; Specify max number of processes. Default = 25
;mssql.max_procs = 25

[Assertion]
; Assert(expr); active by default.
;assert.active = On

; Issue a PHP warning for each failed assertion.
;assert.warning = On

; Don't bail out by default.
;assert.bail = Off

; User-function to be called if an assertion fails.
;assert.callback = 0

; Eval the expression with current error_reporting().  Set to true if you want
; error_reporting(0) around the eval().
;assert.quiet_eval = 0

[Ingres II]
; Allow or prevent persistent links.
ingres.allow_persistent = On

; Maximum number of persistent links.  -1 means no limit.
ingres.max_persistent = -1

; Maximum number of links, including persistents.  -1 means no limit.
ingres.max_links = -1

; Default database (format: [node_id::]dbname[/srv_class]).
ingres.default_database =

; Default user.
ingres.default_user =

; Default password.
ingres.default_password =

[Verisign Payflow Pro]
; Default Payflow Pro server.
pfpro.defaulthost = "test-payflow.verisign.com"

; Default port to connect to.
pfpro.defaultport = 443

; Default timeout in seconds.
pfpro.defaulttimeout = 30

; Default proxy IP address (if required).
;pfpro.proxyaddress =

; Default proxy port.
;pfpro.proxyport =

; Default proxy logon.
;pfpro.proxylogon =

; Default proxy password.
;pfpro.proxypassword =

[com]
; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
;com.typelib_file =
; allow Distributed-COM calls
;com.allow_dcom = true
; autoregister constants of a components typlib on com_load()
;com.autoregister_typelib = true
; register constants casesensitive
;com.autoregister_casesensitive = false
; show warnings on duplicate constat registrations
;com.autoregister_verbose = true

[Printer]
;printer.default_printer = ""

[mbstring]
; language for internal character representation.
;mbstring.language = Japanese

; internal/script encoding.
; Some encoding cannot work as internal encoding.
; (e.g. SJIS, BIG5, ISO-2022-*)
;mbstring.internal_encoding = EUC-JP

; http input encoding.
;mbstring.http_input = auto

; http output encoding. mb_output_handler must be
; registered as output buffer to function
;mbstring.http_output = SJIS

; enable automatic encoding translation accoding to
; mbstring.internal_encoding setting. Input chars are
; converted to internal encoding by setting this to On.
; Note: Do _not_ use automatic encoding translation for
;       portable libs/applications.
;mbstring.encoding_translation = Off

; automatic encoding detection order.
; auto means
;mbstring.detect_order = auto

; substitute_character used when character cannot be converted
; one from another
;mbstring.substitute_character = none;

; overload(replace) single byte functions by mbstring functions.
; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
; etc. Possible values are 0,1,2,4 or combination of them.
; For example, 7 for overload everything.
; 0: No overload
; 1: Overload mail() function
; 2: Overload str*() functions
; 4: Overload ereg*() functions
;mbstring.func_overload = 0

[FrontBase]
;fbsql.allow_persistent = On
;fbsql.autocommit = On
;fbsql.default_database =
;fbsql.default_database_password =
;fbsql.default_host =
;fbsql.default_password =
;fbsql.default_user = "_SYSTEM"
;fbsql.generate_warnings = Off
;fbsql.max_connections = 128
;fbsql.max_links = 128
;fbsql.max_persistent = -1
;fbsql.max_results = 128
;fbsql.batchSize = 1000

[Crack]
; Modify the setting below to match the directory location of the cracklib
; dictionary files.  Include the base filename, but not the file extension.
; crack.default_dictionary = "c:\php\lib\cracklib_dict"

[exif]
; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
; With mbstring support this will automatically be converted into the encoding
; given by corresponding encode setting. When empty mbstring.internal_encoding
; is used. For the decode settings you can distinguish between motorola and
; intel byte order. A decode setting cannot be empty.
;exif.encode_unicode = ISO-8859-15
;exif.decode_unicode_motorola = UCS-2BE
;exif.decode_unicode_intel    = UCS-2LE
;exif.encode_jis =
;exif.decode_jis_motorola = JIS
;exif.decode_jis_intel    = JIS

; Local Variables:
; tab-width: 4
; End:

[Zend]
zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.2.2
zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.2.2
zend_optimizer.version=3.2.2
zend_extension=/usr/local/Zend/lib/ZendExtensionManager.so
zend_extension_ts=/usr/local/Zend/lib/ZendExtensionManager_TS.so

Com o Php em modo suPHP basta criar um arquivo php.ini na árvore de diretório do cliente com o seguinte teor:

register_globals = On

Hoje não era dia de um post porém como a riqueza de um blog está na quantidade de problemas que ele cobre, resolvi postar este probleminha rápido que me tomou uns 5 minutos de minha vida.

Basicamente o problema consistia que o servidor apache instalado na minha máquina não estava guardando sessions.

Códigos como este não mostravam nada de saída

<?php

error_reporting(‘E_ALL’);

session_cache_limiter(‘public’);
session_cache_expire(0);

session_start();

if(session_is_registered(‘TESTE’)){

echo “Funcionando – “;

echo $_SESSION['TESTE'];

} else{

echo “Não está Configurado – “;

$_SESSION['TESTE'] = ‘Escreva teste na tela’;

}

?>

Com as sessions trabalhando corretamente este código deveria mostrar a String “Funcionando – Escreve teste na Tela” quando rodado pela segunda vez. A primeira ele mostrará “Não está Configurado” e então configurará a sessão então teoricamente todas as atualizações após isto deverão mostrar “Funcionando…”

Passos para encontrar o problema.:

Obs.: A cada passo efetuado reinicie seu servidor apache e então teste novamente rodando o script acima.

A primeira coisa a se fazer é descobrir a pasta em que seu php está buscando suas extensões, pasta vulgarmente conhecida como ext, porém ela pode ter qualquer nome, por isto, crie um script phpinfo como este e rode-o.

<?php

phpinfo();

?>

Após rodar o script, o mesmo lhe retornará várias informações importantes sobre o seu PHP, no próprio cabeçalho por exemplo ele já lhe retorna a versão do seu PHP.

Caso não esteja visualizando nada parecido com isto, seu PHP não está instado corretamente.

Voltando as informações listadas, faça uma busca pela variável extension_dir que lhe retornará a pasta onde suas bibliotecas PHP estão instaladas, no meu caso é /usr/lib/php/20060613/.

Estou escrevendo este tutorial no Linux como você pode ver pelo endereço da pasta, mas Computeiros do Windows não se assustem, este post seguido direitinho e com atenção funciona também.

Dirija-se a pasta das extensões e procure pela biblioteca session.so ou session.dll no caso dos janelistas.

Caso esta biblioteca exista, o que é provável pois a instalação básica do PHP já tráz esta biblioteca, de-se por feliz, caso contrário você terá que fazer a mesma coisa que eu fiz neste post.

Caso tenha alguma dificuldade com as operações acima comentem que os ajudarei feliz.

Agora que você tem certeza da existencia da biblioteca session na sua pasta de extensões vá até o seu arquivo php.ini, o qual o caminho pode ser encontrado também no script phpinfo, apenas procure por Loaded Configuration File.

Com o php.ini aberto procure pela lista onde estão sendo carregadas as suas bibliotecas, algo como isto.

extension=bcmath.so
extension=bz2.so
extension=calendar.so
extension=ctype.so
extension=curl.so
extension=dba.so
extension=dbase.so
extension=exif.so
extension=ftp.so
extension=gettext.so
extension=gd.so
extension=gmp.so
extension=iconv.so
extension=ldap.so
extension=mbstring.so
extension=mhash.so
extension=mysql.so
extension=mysqli.so

Obviamente as minhas bibliotecas vão mudar em algo se comparadas com as suas, e se comparadas ao Windows mudarão mais ainda principalmente visto que onde está so é dll.

Neste bloco de extensões, procure pela extenção session.so, algo mais parecido com isto

extension=session.so

ou

extension=session.dll

Caso você não encontre nada parecido com a string acima adicione abaixo do ultimo extension, no meu caso o mysqli.so

Após adicionar isto ao arquivo e salvar, reinicie o apache e teste o script novamente tome o cuidado de fechar e abrir o navegador para testar para que você não carregue informações do cash.

Caso tenha funcionado abandone este post, caso ainda não tenha funcionado abra o php.ini e procure pela string session.save_path em php.ini e verifique se a pasta informada neste bloco tem restrições de usuários ou algo deste tipo que impessa o PHP de criar um arquivo dentro dela.

Repita o processo de teste descrito dois parágrafos acima.

E por último caso AINDA não tenha funcionado procure por register_globals em php.ini e passe o valor do mesmo para On caso esteja Off.

Teste novamente.

Bom, creio que nenhum problema de session resista até aqui, porém caso algum problema resista comente que ficarei feliz em ajudar.

Obrigado pela atenção de todos.

کد های درون Php.ini
برای دیدن کدهای درون این فایل اینجا کلیک کنید.

در هاست شخصی معمولا این فایل بروی 2 مگ تنظیم شده که این محدودیت باعث میشه فایل های بیشتر از 2 مگ رو نتوانیم آپلود کنیم بنابراین در قسمت File uploads می تونید مقدار آپلود فایل رو از ۲مگ به ۱۵ و یا بیشتر افزایش دهید، به این ترتیب می توانید فایل بک آپ  XML وردپرس دات کام خود را به هاست شخصی انتقال دهید ،این فایل به طور معمول در دیرکتوری  وردپرس  در هاست شخصی شما  قرار دارد ، در صورتی که فایل را پیدا  نکردید  با  سرویس دهنده ی هاست خود تماس بگیرید .

To support xdebug add these entries to the extensions section. Be sure you have copied xdebug dll to the PHP ext directory.

  zend_extension_ts="c:/wamp/bin/php/php5.2.6/ext/php_xdebug-2.0.3-5.2.5.dll"
  xdebug.remote_enable=1

Note: with Apache mod_rewrite and PHP’s mod_curl extenstion enabled, xdebug crashes Wampserver (and XAMPP, too). I suspect mod_rewrite alone is enough to cause it to crash. Here is a print screen showing Netbeans IDE stopped at a breakpoint. You can see that mod_rewrite is not enable (php_curl is also disabled but not shown).

Some general ini settings I use.

post_max_size = 20m
upload_max_filesize = 20M

To support xdebug add these entries to the extensions section. Be sure you have copied xdebug dll to the PHP ext directory.

zend_extension_ts="c:/wamp/bin/php/php5.2.6/ext/php_xdebug-2.0.3-5.2.5.dll"
xdebug.remote_enable=1

Note: with Apache mod_rewrite and PHP’s curlextenstion enabled, xdebug crashes Wampserver (and XAMPP, too). I suspect mod_rewrite alone is enough to cause it to crash. Here is a print screen showing Netbeans IDE stopped at a breakpoint. You can see that mod_rewrite is not enable (php_curl is also disabled but not shown).

To support Silverstripe MVC CMS framework.

allow_call_time_pass_reference = On

To support PEAR. See this sister article for how to install PEAR

include_path=".;c:\wamp\bin\php\php5.2.6\pear"

En el procedimiento de instalación Joomla realiza una comprobación de los valores recomendados y su estado actual. Estos son:

• safe_mode
• display_errors
• file_upload
• magic_quotes_runtime
• register_globals
• output_buffering
• session.auto_start

Este fin de semana estuve haciendo pruebas con otras plataformas, y por exigencias de esta tuve que realizar algunos cambios en el php.ini.

Esta mañana he ido a entrar en el administrador de Joomla y me dice Sesión Invalida. He estado repasando todos los cambios que realicé en el php.ini, y restaurando los valores originales en todos ellos pero nada, me sigue diciendo lo de sesión inválida.

Los cambios que realicé son los siguientes:

; error_reporting = E_ALL & ~E_NOTICE
; display_errors = On
; memory_limit = 128M
; session.gc_maxlifetime = 3600
; max_execution_time = 600
; post_max_size = 60M
; upload_max_filesize = 40M
; session.hash_function = 0

En vista de que restaurando los valores originales no se soluciona el problema, he seguido revisando las operaciones que efectué en el server, y una de ellas fue instalar varios paquetes PEAR. He desinstalado directamente php-pear del sistema, pero me sigue dando error.

$ pear list

INSTALLED PACKAGES, CHANNEL PEAR.PHP.NET:
=========================================
PACKAGE                  VERSION  STATE
Archive_Tar              1.3.2    stable
Auth                     1.6.1    stable
Console_Getopt           1.2.3    stable
DB                       1.7.13   stable
HTML_Template_IT         1.2.1    stable
HTTP_Request             1.4.3    stable
MDB2                     2.4.1    stable
MDB2_Driver_mysql        1.4.1    stable
Net_Socket               1.0.9    stable
Net_URL                  1.0.15   stable
OLE                      1.0.0RC1 beta
PEAR                     1.7.1    stable
Spreadsheet_Excel_Writer 0.9.1    beta
Structures_Graph         1.0.2    stable

De momento no se que más hacer. Revisando las instrucciones de configuración que seguí para configurar el nuevo servicio ya está todo desecho.

También he probado a eliminar a restaurar el password del administrador directamente en la base de datos, aunque esto no es ya que si introduzco mal la contraseña me dice que son incorrectos, y si los introduzco de forma correcta lo de Sesión Inválida.

NOTA: Me están fallando las instalaciones de Joomla 1.0.x.
Las que tengo de la rama 1.5.x funcionan sin ningún problema.

Buscaré información referente a sesiones en php a ver si averiguo algo:

• webtaller ! Charla sobre sesiones en el canal #php_para_torpes
• joomlaspanish.org !  No puedo entrar como administrador

SOLUCIÓN

Cuando he ido a realizar una nueva instalación, en este caso de Joomla 1.5.7, en la fase de Comprobación Previa que hace el instalador de Joomla me salen valores en las variables de PHP que no se encuentran en estado recomendado.

Comprobación Previa

Revisando el php.ini me encuentro en la variable session.auto_start un comentario introducido por mí indicando que había sido cambiado por exigencias de otra plataforma, que no fue la que probé este fin de semana y yo andaba revisando, y por eso no me había dado cuenta hasta ahora.

Al cambiar el valor y reiniciar Apache observo que ya puedo entrar sin ningún problema a las instalaciones antiguas. Este valor aunque me dejaba entrar a las instalaciones de Joomla 1.5 a las de Joomla 1.0 me devolvía el mensaje de Sesión Inválida.

Como se ve en la imagen, también register_globals se encuentra en estado recomendado pero sobre esta variable ya estuve haciendo pruebas ayer, y supongo que si estaba en ese estado es por que al finalizar las pruebas se quedó así.

Moraleja: más y mejores comentarios nos pueden ayudar a solucionar imprevistos de esta clase.

There are a few shortcomings with PHP5, but not so many. One of them, though, is that memory limits are a bit tricky to handle. We don’t handle them very well in Dokeos either, so the results of experiencing a memory limit in Dokeos is this:

Yes, nothing. That’s generally what you would end up with. So if you want to make sure Dokeos can handle pretty much every kind of thing you would want it to do, you would be wise to put a memory limit of at least 8MB in your php.ini file. Yes, 8MB is a lot, and we will be working on this in the future, but at the same time current servers can afford it, even for very large configurations (it’s only a memory “limit”, it doesn’t mean you *have* to use 8MB for each user).

If you are going to play with course copies or SCORM packages import inside Dokeos, make sure you put that limit much higher. Very large SCORM packages tend to use up to 60MB of memory (I think that’s due to our use of PCLZip, but I haven’t had time to investigate this yet).

Memory limit can be changed inside your php.ini configuration file (look for “memory_limit”) or from inside your Apache VirtualHost definition, using a line like this one:

php_admin_value memory_limit 64M

Other settings you might want to change are:

• post_max_size
• upload_max_filesize
• max_execution_time
• max_input_time

These will all affect your large files uploads and long script executions (like large import/export operations).

Sering sekali pada saat kita melakukan kesalahan atau bingung pada saat konfigurasi php.ini di XAMPP. Hal ini disebabkan ada beberapa php.ini yang tersebar di beberapa folder XAMPP, mana yang digunakan ?

PHP sebagai Module PHP

Untuk melakukan pengecekan php.ini yang digunakan pada modul Apache cukup gampang, kita cukup menggunakan informasi dari fungsi php_info() dan melihat isi dari entri Loaded Configuration File.

Untuk xampp, coba jalankan server Apache dan ketik pada browser http://localhost/xampp/index.php, hasilnya terlihat seperti gambar di bawah ini (klik gambar untuk melihat ukuran sebenarnya). Pada gambar terlihat entri Loaded Configuration FIle menunjuk ke c:\xampp\apache\bin\php.ini, inilah lokasi file php.ini yang yang dikenali dan digunakan oleh Apache web server di XAMPP.

Penggunaan php.ini di Interpreter Command Line

Selain sebagai modul Apache, php tentu saja bisa digunakan sebagai interpreter di command line atau terminal. Untuk ini php.ini yang dikenali adalah yang berada pada folder yang sama dengan program php.exe.

Sebagai contoh, instalasi XAMPP di sisi saya adalah di C:\xampp\php maka php.ini yang dikenali di sini adalah c:\xampp\php\php.ini. Apabila belum ada terdapat file php.ini di folder ini, maka carilah file php.ini-dist dan diubah namanya menjadi php.ini.

Demikian tips ini saya buat, semoga bisa berguna. Untuk saran, kritik dan pertanyaan dapat diajukan melalui comment di bawah atau kirimkan email ke pintarphp@komputasiawan.com.