PEAK XOOPS - php5 and php.ini 
php5 and php.ini
- You cannot open a new topic into this forum
- Guests cannot post into this forum
dave0616
Posts: 4
Posts: 4
My web host has moved to php5 and during this move my site at some point was hacked, hopefully I have removed what damage was done but I wont know for a while if I have plugged all the holes I can. But since my host moved to php5 I now have to use my own php.ini file.
Which directories should I place the php.ini file into? (if I place it in my main folder it does not work its way to the subfolders) Or do I have to place it in all my folders?
Which directories should I place the php.ini file into? (if I place it in my main folder it does not work its way to the subfolders) Or do I have to place it in all my folders?
Votes:82
Average:4.88
avtx30
Posts: 36
Posts: 36
You definitely cannot use your own php.ini!
You might use .htacess instead. Put it under your XOOPS_ROOT_PATH. (You have to make sure if the hosting company let you use .htaccess)
Here is an example of .htaccess
You might use .htacess instead. Put it under your XOOPS_ROOT_PATH. (You have to make sure if the hosting company let you use .htaccess)
Here is an example of .htaccess
php_value default_charset UTF-8
php_flag magic_quotes_gpc Off
php_flag allow_url_fopen Off
php_flag allow_url_include Off
php_value session.use_only_cookies 1
php_flag output_buffering On
php_value memory_limit 64M
php_flag register_globals Off
php_flag register_long_arrays Off
Votes:80
Average:4.75
dave0616
Posts: 4
Posts: 4
I dont think you understand the question
I MUST use my own php.ini, php5 has been installed on the servers, you can find some info on it here
http://midphasehelp.com/support/questions.php?questionid=527
now if I put a php.ini file in a folder that folder is affected by it but not the subfolders, so when i turn off something like register globals its only going to be off in that folder so I get warnings from protector that its still on, and it is on in any folder that doesnt have my php.ini file in it
I MUST use my own php.ini, php5 has been installed on the servers, you can find some info on it here
http://midphasehelp.com/support/questions.php?questionid=527
now if I put a php.ini file in a folder that folder is affected by it but not the subfolders, so when i turn off something like register globals its only going to be off in that folder so I get warnings from protector that its still on, and it is on in any folder that doesnt have my php.ini file in it
Votes:77
Average:4.94
Dave_L
From: Virginia, USA
Posts: 35
From: Virginia, USA
Posts: 35
Quote:
It's phpSuexec, not PHP5, that requires the use of php.ini files to set PHP parameters. .htaccess files can still be used to change Apache settings, but the .htaccess files cannot use the php_value or php_flag directives.
Unlike an .htaccess file, a php.ini file does not apply to subdirectories. Each subdirectory must have its own php.ini file. The only alternative is to convince your host to make the change globally via the system php.ini.
As many of you know we have recently updated many of our shared hosting servers to php 5 with phpSuExec enabled.
It's phpSuexec, not PHP5, that requires the use of php.ini files to set PHP parameters. .htaccess files can still be used to change Apache settings, but the .htaccess files cannot use the php_value or php_flag directives.
Unlike an .htaccess file, a php.ini file does not apply to subdirectories. Each subdirectory must have its own php.ini file. The only alternative is to convince your host to make the change globally via the system php.ini.
Votes:80
Average:5.13
dave0616
Posts: 4
Posts: 4
I know it doesnt apply to subdirectories, thats the problem. Which dir do I need to turn off register_globals or other items, thats what I need to know
Votes:88
Average:4.66
vaughan
Posts: 37
Posts: 37
Quote:
any directory that contains executable scripts that can be called directly from the url... such as root folder, modules/<module>/
and the admin folders.
you can add php.ini files to all folders automatically, by using .htaccess
then you only need to create 1 php.ini and store it in that location. the htaccess will take care of the rest.
remember to chmod the php.ini file to 600 afterwards.
Which dir do I need to turn off register_globals or other items, thats what I need to know
any directory that contains executable scripts that can be called directly from the url... such as root folder, modules/<module>/
and the admin folders.
you can add php.ini files to all folders automatically, by using .htaccess
SetEnv PHPRC /path to your custom php.ini/
then you only need to create 1 php.ini and store it in that location. the htaccess will take care of the rest.
remember to chmod the php.ini file to 600 afterwards.
Votes:76
Average:5.00
dave0616
Posts: 4
Posts: 4
Thank you this is what I needed to know!
Sorry it took so long to reply didnt know :(
Sorry it took so long to reply didnt know :(
Votes:65
Average:5.54
edudelta
Posts: 3
Posts: 3
hi!
i can disable allow_url_fopen with .htaccess?
the "php_flag allow_url_fopen Off" don
i can disable allow_url_fopen with .htaccess?
the "php_flag allow_url_fopen Off" don
Votes:4
Average:10.00
Previous post
-
Next post
|
Parent
-
No child
|
Posted on 2009/4/3 11:58
GIJOE
Posts: 4110
Posts: 4110
hi edudelta.
Quote:
Perhaps, you cannot do that.
Try to claim it the admin of the server, add a line
inside your <VirtualHost> section of httpd.conf
I don't know whethere the admin do it or not...
Quote:
i can disable allow_url_fopen with .htaccess?
the "php_flag allow_url_fopen Off" don? work.
Perhaps, you cannot do that.
Try to claim it the admin of the server, add a line
php_admin_flag allow_url_fopen off
I don't know whethere the admin do it or not...
Votes:7
Average:8.57
Login