--- embedaddon/php/php.ini-development 2012/02/21 23:47:52 1.1 +++ embedaddon/php/php.ini-development 2013/07/22 01:31:37 1.1.1.3 @@ -19,7 +19,7 @@ ; See the PHP docs for more specific information. ; http://php.net/configuration.file -; The syntax of the file is extremely simple. Whitespace and Lines +; The syntax of the file is extremely simple. Whitespace and lines ; beginning with a semicolon are silently ignored (as you probably guessed). ; Section headers (e.g. [Foo]) are also silently ignored, even though ; they might mean something in the future. @@ -91,11 +91,6 @@ ; Please see the actual settings later in the document for more details as to why ; we recommend these changes in PHP's behavior. -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - ; display_errors ; Default Value: On ; Development Value: On @@ -107,25 +102,20 @@ ; Production Value: Off ; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT ; html_errors ; Default Value: On ; Development Value: On -; Production value: Off +; Production value: On ; log_errors ; Default Value: Off ; Development Value: On ; Production Value: On -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - ; max_input_time ; Default Value: -1 (Unlimited) ; Development Value: 60 (60 seconds) @@ -141,11 +131,6 @@ ; Development Value: Off ; Production Value: Off -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - ; request_order ; Default Value: None ; Development Value: "GP" @@ -233,10 +218,6 @@ asp_tags = Off ; http://php.net/precision precision = 14 -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - ; Output buffering is a mechanism for controlling how much output data ; (excluding headers and cookies) PHP should keep internally before pushing that ; data to the client. If your application's output exceeds this setting, PHP @@ -319,67 +300,6 @@ unserialize_callback_func = ; are decoded with unserialize, the data will remain the same. serialize_precision = 17 -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -; -; SECURITY NOTE: The FreeBSD Security Officer strongly recommend that -; the PHP Safe Mode feature not be relied upon for security, since the -; issues Safe Mode tries to handle cannot properly be handled in PHP -; (primarily due to PHP's use of external libraries). While many bugs -; in Safe Mode has been fixed it's very likely that more issues exist -; which allows a user to bypass Safe Mode restrictions. -; For increased security we always recommend to install the Suhosin -; extension. -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - ; open_basedir, if set, limits all file operations to the defined directory ; and below. This directive makes most sense if used in a per-directory ; or per-virtualhost web server configuration file. This directive is @@ -405,7 +325,6 @@ disable_classes = ;highlight.string = #DD0000 ;highlight.comment = #FF9900 ;highlight.keyword = #007700 -;highlight.bg = #FFFFFF ;highlight.default = #0000BB ;highlight.html = #000000 @@ -432,6 +351,18 @@ disable_classes = ; http://php.net/zend.enable-gc zend.enable_gc = On +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + ;;;;;;;;;;;;;;;;; ; Miscellaneous ; ;;;;;;;;;;;;;;;;; @@ -488,12 +419,12 @@ memory_limit = 128M ; recommend error reporting setting. Your production server shouldn't be wasting ; resources complaining about best practices and coding standards. That's what ; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This +; Note: The php.ini-development file has this setting as E_ALL. This ; means it pretty much reports everything which is exactly what you want during ; development and early testing. ; ; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) ; E_ERROR - fatal run-time errors ; E_RECOVERABLE_ERROR - almost fatal run-time errors ; E_WARNING - run-time warnings (non-fatal errors) @@ -519,15 +450,15 @@ memory_limit = 128M ; E_USER_DEPRECATED - user-generated deprecation warnings ; ; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) ; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT ; http://php.net/error-reporting -error_reporting = E_ALL | E_STRICT +error_reporting = E_ALL ; This directive controls whether or not and where PHP will output errors, ; notices and warnings too. Error output is very useful during development, but @@ -608,23 +539,24 @@ track_errors = On ; An XML-RPC faultCode ;xmlrpc_error_number = 0 -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. ; Note: This directive is hardcoded to Off for the CLI SAPI ; Default Value: On ; Development Value: On -; Production value: Off +; Production value: On ; http://php.net/html-errors html_errors = On -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. ; You can download a copy of the PHP manual from http://php.net/docs ; and change docref_root to the base URL of your local copy including the ; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. ; Note: Never use this feature for production boxes. ; http://php.net/docref-root ; Examples @@ -676,13 +608,12 @@ html_errors = On ;arg_separator.input = ";&" ; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. ; Default Value: "EGPCS" ; Development Value: "GPCS" ; Production Value: "GPCS"; @@ -702,25 +633,6 @@ variables_order = "GPCS" ; http://php.net/request-order request_order = "GP" -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - ; This directive determines whether PHP registers $argv & $argc each time it ; runs. $argv contains an array of all the arguments passed to PHP when a script ; is invoked. $argc contains an integer representing the number of arguments @@ -736,42 +648,29 @@ register_long_arrays = Off ; http://php.net/register-argc-argv register_argc_argv = Off -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. ; http://php.net/auto-globals-jit auto_globals_jit = On +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + ; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. ; http://php.net/post-max-size post_max_size = 8M -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - ; Automatically add files before PHP document. ; http://php.net/auto-prepend-file auto_prepend_file = @@ -790,10 +689,11 @@ default_mimetype = "text/html" ; PHP's default character set is set to empty. ; http://php.net/default-charset -;default_charset = "iso-8859-1" +;default_charset = "UTF-8" ; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. +; to disable this feature. If post reading is disabled through +; enable_post_data_reading, $HTTP_RAW_POST_DATA is *NOT* populated. ; http://php.net/always-populate-raw-post-data ;always_populate_raw_post_data = On @@ -851,7 +751,7 @@ enable_dl = Off ; will look for to know it is OK to continue execution. Setting this variable MAY ; cause security issues, KNOW WHAT YOU ARE DOING FIRST. ; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; +;cgi.redirect_status_env = ; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's ; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok @@ -868,7 +768,7 @@ enable_dl = Off ; does not currently support this feature (03/17/2002) ; Set to 1 if running under IIS. Default is zero. ; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; +;fastcgi.impersonate = 1 ; Disable logging through FastCGI connection. PHP's default behavior is to enable ; this feature. @@ -983,7 +883,6 @@ default_socket_timeout = 60 ;extension=php_oci8_11g.dll ; Use with Oracle 11gR2 Instant Client ;extension=php_openssl.dll ;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll ;extension=php_pdo_mysql.dll ;extension=php_pdo_oci.dll ;extension=php_pdo_odbc.dll @@ -999,7 +898,6 @@ default_socket_timeout = 60 ;extension=php_soap.dll ;extension=php_sockets.dll -;extension=php_sqlite.dll ;extension=php_sqlite3.dll ;extension=php_sybase_ct.dll ;extension=php_tidy.dll @@ -1011,6 +909,10 @@ default_socket_timeout = 60 ; Module Settings ; ;;;;;;;;;;;;;;;;;;; +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + [Date] ; Defines the default timezone used by the date functions ; http://php.net/date.timezone @@ -1092,13 +994,6 @@ pdo_mysql.default_socket= ;phar.cache_list = -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - [mail function] ; For Win32 only. ; http://php.net/smtp @@ -1125,6 +1020,8 @@ mail.add_x_header = On ; The path to a log file that will log all mail() calls. Log entries include ; the full path of the script, line number, To address and headers. ;mail.log = +; Log mail to syslog (Event Log on NT, not valid in Windows 95). +;mail.log = syslog [SQL] ; http://php.net/sql.safe-mode @@ -1506,7 +1403,7 @@ session.use_cookies = 1 ;session.cookie_secure = ; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting +; the session id. We encourage this operation as it's very helpful in combating ; session hijacking when not specifying and managing your own session id. It is ; not the end all be all of session hijacking defense, but it's a good start. ; http://php.net/session.use-only-cookies @@ -1580,8 +1477,8 @@ session.gc_maxlifetime = 1440 ; find /path/to/sessions -cmin +24 | xargs rm ; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; to initialize a session variable in the global scope. +; PHP 4.3 and later will warn you, if this feature is used. ; You can disable the feature and the warning separately. At this time, ; the warning is only displayed, if bug_compat_42 is enabled. This feature ; introduces some serious security problems if not handled correctly. It's @@ -1612,12 +1509,14 @@ session.referer_check = ; How many bytes to read from the file. ; http://php.net/session.entropy-length -session.entropy_length = 0 +;session.entropy_length = 32 ; Specified here to create the session id. ; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the +; Defaults to /dev/urandom +; On systems that don't have /dev/urandom but do have /dev/arandom, this will default to /dev/arandom +; If neither are found at compile time, the default is no entropy file. +; On windows, setting the entropy_length setting will activate the ; Windows random source (using the CryptoAPI) ;session.entropy_file = /dev/urandom @@ -1636,7 +1535,7 @@ session.cache_expire = 180 ; - User may send URL contains active session ID ; to other person via. email/irc/etc. ; - URL that contains active session ID may be stored -; in publically accessible computer. +; in publicly accessible computer. ; - User may access your site with the same session ID ; always using URL stored in browser's history or bookmarks. ; http://php.net/session.use-trans-sid @@ -1675,6 +1574,51 @@ session.hash_bits_per_character = 5 ; http://php.net/url-rewriter.tags url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + [MSSQL] ; Allow or prevent persistent links. mssql.allow_persistent = On @@ -1831,10 +1775,6 @@ mssql.secure_connection = Off ; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) ;mbstring.http_output_conv_mimetype= -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - [gd] ; Tell the jpeg decode to ignore warnings and try to create ; a gd image. The warning will then be displayed as notices @@ -1915,12 +1855,6 @@ ldap.max_links = -1 [dba] ;dba.default_handler= - -[xsl] -; Write operations from within XSLT are disabled by default. -; XSL_SECPREF_CREATE_DIRECTORY | XSL_SECPREF_WRITE_NETWORK |Â XSL_SECPREF_WRITE_FILE = 44 -; Set it to 0 to allow all operations -;xsl.security_prefs = 44 ; Local Variables: ; tab-width: 4