New INI Configuration Directives

New php.ini directives introduced in PHP 5.2.0:

allow_url_include

This useful option makes it possible to differentiate between standard file operations on remote files, and the inclusion of remote files. While the former is usually desirable, the latter can be a security risk if used naively. Starting with PHP 5.2.0, you can allow remote file operations while disallowing the inclusion of remote files in local scripts. In fact, this is the default configuration.
pcre.backtrack_limit

PCRE's backtracking limit.
pcre.recursion_limit

PCRE's recursion limit. Please note that if you set this value to a high number you may consume all the available process stack and eventually crash PHP (due to reaching the stack size limit imposed by the Operating System).
session.cookie_httponly

Marks the cookie as accessible only through the HTTP protocol. This means that the cookie won't be accessible by scripting languages, such as JavaScript. This setting can effectively help to reduce identity theft through XSS attacks (although it is not supported by all browsers).

New directives in PHP 5.2.2:

max_input_nesting_level

Limits how deep input variables can be nested, default is 64.

Lors de l'Ã©volution de nos serveurs de PHP 5.1.2 vers 5.2.4, nous nous sommes rendus compte que le paramÃ¨tre memory_limit Ã©tait pris en compte en natif dans la derniÃ¨re version alors que ce n'Ã©tait pas le cas prÃ©cÃ©demment. C'est l'Ã©xÃ©cution et la comparaison de phpinfo() sur les 2 serveurs qui a permis de mettre en valeur la diffÃ©rence. Nous avons donc changÃ© la valeur en 128MB comme recommandÃ© dans ce document : http://fr.php.net/manual/fr/ini.core.php

New INI Configuration Directives

Code Examples / Notes » migration52.newconf

Change Language