PHP configuration file (php.ini)

PHP is a reflective programming language originally designed for producing dynamic web pages. PHP is used mainly in server-side scripting, but can be used from a command line interface or in standalone graphical applications. PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML.Textual User Interfaces can also be created using ncurses. PHP is a recursive initialism for PHP: Hypertext Preprocessor.The most recent version of PHP is 5.2.4, released on 30 August 2007. It is considered to be free software by the Free Software Foundation.

Some of the major advantages of php are
PHP runs on differen+t platforms (Windows, Linux, Unix, etc.)
* PHP is compatible with almost all servers used today (Apache, IIS, etc.)
* PHP is FREE to download from the official PHP resource: www.php.net
* PHP is easy to learn and runs efficiently on the server side

>>One of the most powerful features of PHP is the ability to customize its behavior through a configuration file.
*This configuration file lets you alter many aspects of PHP’s behavior, including setting file paths and directories, changing session and database parameters, and activating extensions.
Variables are used for storing a values, like text strings, numbers or arrays.When a variable is set it can be used over and over again in your script

All variables in PHP start with a $ sign symbol.

The correct way of setting a variable in PHP:

Variable Naming Rules

* A variable name must start with a letter or an underscore “_”
* A variable name can only contain alpha-numeric characters and underscores (a-Z, 0-9, and _ )
* A variable name should not contain spaces. If a variable name is more than one word, it should be separated with underscore ($my_string), or with capitalization ($myString)

safe_mode:
The PHP safe mode is an attempt to solve the shared-server security problem. It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren’t very realistic, many people, especially ISP’s, use safe mode for now.

register_globals:
register_globals, when on, register_globals will inject your scripts with all sorts of variables, like request variables from HTML forms. This coupled with the fact that PHP doesn’t require variable initialization means writing insecure code is that much easier. It was a difficult decision, but the PHP community decided to disable this directive by default. When on, people use variables yet really don’t know for sure where they come from and can only assume. Internal variables that are defined in the script itself get mixed up with request data sent by users and disabling register_globals changes this. Let’s demonstrate with an example misuse of register_globals:

file_uploads:
This feature lets people upload both text and binary files. With PHP’s authentication and file manipulation functions, you have full control over who is allowed to upload and what is to be done with the file once it has been uploaded.

allow_url_fopen:
This option enables the URL-aware fopen wrappers that enable accessing URL object like files. Default wrappers are provided for the access of remote files using the ftp or http protocol, some extensions like zlib may register additional wrappers. This setting can only be set in php.ini due to security reasons.

auto_detect_line_endings boolean

When turned on, PHP will examine the data read by fgets() and file() to see if it is using Unix, MS-Dos or Macintosh line-ending conventions. This enables PHP to interoperate with Macintosh systems, but defaults to Off, as there is a very small performance penalty when detecting the EOL conventions for the first line, and also because people using carriage-returns as item separators under Unix systems would experience non-backwards-compatible behaviour.

display_errors string

This determines whether errors should be printed to the screen as part of the output or if they should be hidden from the user.

log_errors_max_len integer

Set the maximum length of log_errors in bytes. In error_log information about the source is added. The default is 1024 and 0 allows to not apply any maximum length at all. This length is applied to logged errors, displayed errors and also to $php_errormsg. When an integer is used, the value is measured in bytes.

ignore_repeated_errors boolean

Do not log repeated messages. Repeated errors must occur in the same file on the same line until ignore_repeated_source is set true.
ignore_repeated_source boolean

Ignore source of message when ignoring repeated messages. When this setting is On you will not log errors with repeated messages from different files or sourcelines.
report_memleaks boolean

If this parameter is set to Off, then memory leaks will not be shown (on stdout or in the log). This has only effect in a debug compile, and if error_reporting includes E_WARNING in the allowed list
track_errors boolean

If enabled, the last error message will always be present in the variable $php_errormsg.

html_errors boolean
Turn off HTML tags in error messages. The new format for HTML errors produces clickable messages that direct the user to a page describing the error or function in causing the error. These references are affected by docref_root and docref_ext.
docref_root string
These are some variables present in the php configuration file php.ini.

Article Authored by Sylesh

Author, Sylesh, is a Systems Engineer with SupportPRO. Sylesh specializes in Cpanel and Linux servers. SupportPRO offers 24X7 technical support services to Web hosting companies and service providers.