├── README.md ├── class03 ├── 1.php ├── 2.php ├── 3.php └── 4.php ├── class04 ├── 1.php ├── 2.php ├── 3.php ├── 4.php ├── 5.php └── 6.php ├── class05 └── 1.php ├── class06 └── index.php ├── class07 ├── 1.php ├── 2.php └── 3.php ├── class08 ├── 1.php ├── 2.php ├── 3.php └── 4.php ├── class09 ├── 1.php └── 2.php ├── class10 ├── 1.php ├── 2.php ├── 3.php ├── 4.php ├── 5.php ├── 6.php └── 7.php ├── class11 └── 1.php ├── class12 └── 1.php ├── class13 ├── 1.php └── flag.php ├── class14 └── 1.php ├── class15 └── 1.php ├── class16 ├── 1.php └── flag.php ├── class17 ├── 1.php └── flag.php ├── class18 ├── 1.php └── flag.php ├── class19 ├── 1.php └── flag.php ├── class20 ├── 1.php ├── 2.php ├── 3.php ├── save.php └── vul.php ├── class21 ├── flag.php ├── hint.php └── index.php ├── class22 ├── index.php └── phar.php ├── class23 ├── flag.php ├── index.php ├── upload.php └── upload │ └── poc.png ├── index.html ├── info.php └── php.ini /README.md: -------------------------------------------------------------------------------- 1 | # php_ser_Class 2 | php反序列化靶场课程,基于课程制作的靶场,单独去看代码没有什么太大的意义 3 | 4 | 可以直接去bilibili.com上搜索橙子科技工作室的反序列化视频,对照视频进行学习 5 | https://space.bilibili.com/271803648 6 | 7 | 也可以直接通过docker部署,建议通过docker,不然部分php环境匹配不对会导致实验结果不正常 8 | 9 | docker pull mcc0624/ser:1.8 10 | 11 | docker run -p 8002:80 -d mcc0624/ser:1.8 12 | 13 | 将端口直接映射到8002,直接访问http://127.0.0.1:8002即可打开靶场 14 | -------------------------------------------------------------------------------- /class03/1.php: -------------------------------------------------------------------------------- 1 | name; 8 | echo $var1; 9 | } 10 | } 11 | ?> 12 | -------------------------------------------------------------------------------- /class03/2.php: -------------------------------------------------------------------------------- 1 | name."
"; 8 | echo $var1."
"; 9 | } 10 | } 11 | $cyj= new hero(); 12 | $cyj->name='chengyaojin'; 13 | $cyj->sex='man'; 14 | $cyj->jineng('zuofan'); 15 | print_r($cyj); 16 | ?> 17 | -------------------------------------------------------------------------------- /class03/3.php: -------------------------------------------------------------------------------- 1 | name; 9 | echo $var1; 10 | } 11 | } 12 | $cyj= new hero(); 13 | echo $cyj->name."
"; 14 | echo $cyj->sex."
"; 15 | echo $cyj->shengao."
"; 16 | ?> 17 | 18 | -------------------------------------------------------------------------------- /class03/4.php: -------------------------------------------------------------------------------- 1 | name; 9 | echo $var1; 10 | } 11 | } 12 | class hero2 extends hero{ 13 | function test(){ 14 | echo $this->name."
"; 15 | echo $this->sex."
"; 16 | echo $this->shengao."
"; 17 | } 18 | } 19 | $cyj= new hero(); 20 | $cyj2=new hero2(); 21 | echo $cyj->name."
"; 22 | echo $cyj2->test(); 23 | ?> 24 | -------------------------------------------------------------------------------- /class04/1.php: -------------------------------------------------------------------------------- 1 | data = $data; 11 | $this->pass = $pass; 12 | } 13 | } 14 | $number = 34; 15 | $str = 'user'; 16 | $bool = true; 17 | $null = NULL; 18 | $arr = array('a' => 10, 'b' => 200); 19 | $test = new TEST('uu', true); 20 | $test2 = new TEST('uu', true); 21 | $test2->data = &$test2->data2; 22 | echo serialize($number)."
"; 23 | echo serialize($str)."
"; 24 | echo serialize($bool)."
"; 25 | echo serialize($null)."
"; 26 | echo serialize($arr)."
"; 27 | echo serialize($test)."
"; 28 | echo serialize($test2)."
"; 29 | ?> 30 | 31 | -------------------------------------------------------------------------------- /class04/2.php: -------------------------------------------------------------------------------- 1 | 7 | -------------------------------------------------------------------------------- /class04/3.php: -------------------------------------------------------------------------------- 1 | pub; 7 | } 8 | } 9 | $a = new test(); 10 | echo serialize($a); 11 | ?> 12 | -------------------------------------------------------------------------------- /class04/4.php: -------------------------------------------------------------------------------- 1 | pub; 7 | } 8 | } 9 | $a = new test(); 10 | echo serialize($a); 11 | ?> 12 | -------------------------------------------------------------------------------- /class04/5.php: -------------------------------------------------------------------------------- 1 | pub; 7 | } 8 | } 9 | $a = new test(); 10 | echo serialize($a); 11 | ?> 12 | -------------------------------------------------------------------------------- /class04/6.php: -------------------------------------------------------------------------------- 1 | pub; 7 | } 8 | } 9 | class test2{ 10 | var $ben; 11 | function __construct(){ 12 | $this->ben=new test(); 13 | } 14 | } 15 | $a = new test2(); 16 | echo serialize($a); 17 | ?> 18 | -------------------------------------------------------------------------------- /class05/1.php: -------------------------------------------------------------------------------- 1 | a; 9 | } 10 | } 11 | $d = new test(); 12 | $d = serialize($d); 13 | echo $d."
"; 14 | echo urlencode($d)."
"; 15 | $a = urlencode($d); 16 | $b = unserialize(urldecode($a)); 17 | var_dump($b); 18 | 19 | ?> 20 | -------------------------------------------------------------------------------- /class06/index.php: -------------------------------------------------------------------------------- 1 | a); 8 | } 9 | } 10 | 11 | $get = $_GET["benben"]; 12 | $b = unserialize($get); 13 | $b->displayVar() ; 14 | 15 | ?> 16 | -------------------------------------------------------------------------------- /class07/1.php: -------------------------------------------------------------------------------- 1 | username = $username; 7 | echo "触发了构造函数1次" ; 8 | } 9 | } 10 | $test = new User("benben"); 11 | $ser = serialize($test); 12 | unserialize($ser); 13 | 14 | ?> 15 | 16 | -------------------------------------------------------------------------------- /class07/2.php: -------------------------------------------------------------------------------- 1 | " ; 7 | } 8 | } 9 | $test = new User("benben"); 10 | $ser = serialize($test); 11 | unserialize($ser); 12 | 13 | ?> 14 | -------------------------------------------------------------------------------- /class07/3.php: -------------------------------------------------------------------------------- 1 | cmd); 9 | } 10 | } 11 | $ser = $_GET["benben"]; 12 | unserialize($ser); 13 | 14 | ?> 15 | -------------------------------------------------------------------------------- /class08/1.php: -------------------------------------------------------------------------------- 1 | username = $username; 10 | $this->nickname = $nickname; 11 | $this->password = $password; 12 | } 13 | public function __sleep() { 14 | return array('username', 'nickname'); 15 | } 16 | } 17 | $user = new User('a', 'b', 'c'); 18 | echo serialize($user); 19 | ?> 20 | 21 | -------------------------------------------------------------------------------- /class08/2.php: -------------------------------------------------------------------------------- 1 | username = $username; 11 | $this->nickname = $nickname; 12 | $this->password = $password; 13 | } 14 | public function __sleep() { 15 | system($this->username); 16 | } 17 | } 18 | $cmd = $_GET['benben']; 19 | $user = new User($cmd, 'b', 'c'); 20 | echo serialize($user); 21 | ?> 22 | -------------------------------------------------------------------------------- /class08/3.php: -------------------------------------------------------------------------------- 1 | password = $this->username; 12 | } 13 | } 14 | $user_ser = 'O:4:"User":2:{s:8:"username";s:1:"a";s:8:"nickname";s:1:"b";}'; 15 | var_dump(unserialize($user_ser)); 16 | ?> 17 | -------------------------------------------------------------------------------- /class08/4.php: -------------------------------------------------------------------------------- 1 | username); 12 | } 13 | } 14 | $user_ser = $_GET['benben']; 15 | unserialize($user_ser); 16 | ?> 17 | -------------------------------------------------------------------------------- /class09/1.php: -------------------------------------------------------------------------------- 1 | "; 14 | echo $test; 15 | ?> 16 | -------------------------------------------------------------------------------- /class09/2.php: -------------------------------------------------------------------------------- 1 | benben; 13 | echo "
"; 14 | echo $test() ->benben; 15 | ?> 16 | -------------------------------------------------------------------------------- /class10/1.php: -------------------------------------------------------------------------------- 1 | callxxx('a'); 12 | ?> 13 | 14 | -------------------------------------------------------------------------------- /class10/2.php: -------------------------------------------------------------------------------- 1 | 13 | 14 | -------------------------------------------------------------------------------- /class10/3.php: -------------------------------------------------------------------------------- 1 | var2; 13 | ?> 14 | 15 | -------------------------------------------------------------------------------- /class10/4.php: -------------------------------------------------------------------------------- 1 | var2=1; 13 | ?> 14 | 15 | -------------------------------------------------------------------------------- /class10/5.php: -------------------------------------------------------------------------------- 1 | var); 13 | ?> 14 | 15 | -------------------------------------------------------------------------------- /class10/6.php: -------------------------------------------------------------------------------- 1 | var); 13 | ?> 14 | 15 | -------------------------------------------------------------------------------- /class10/7.php: -------------------------------------------------------------------------------- 1 | 14 | -------------------------------------------------------------------------------- /class11/1.php: -------------------------------------------------------------------------------- 1 | test = new normal(); 8 | } 9 | public function __destruct(){ 10 | $this->test->action(); 11 | } 12 | } 13 | class normal { 14 | public function action(){ 15 | echo "please attack me"; 16 | } 17 | } 18 | class evil { 19 | var $test2; 20 | public function action(){ 21 | eval($this->test2); 22 | } 23 | } 24 | unserialize($_GET['test']); 25 | ?> 26 | -------------------------------------------------------------------------------- /class12/1.php: -------------------------------------------------------------------------------- 1 | source; 9 | } 10 | } 11 | class sec { 12 | var $benben; 13 | public function __tostring(){ 14 | echo "tostring is here!!"; 15 | } 16 | } 17 | $b = $_GET['benben']; 18 | unserialize($b); 19 | ?> 20 | -------------------------------------------------------------------------------- /class13/1.php: -------------------------------------------------------------------------------- 1 | append($this->var); 14 | } 15 | } 16 | 17 | class Show{ 18 | public $source; 19 | public $str; 20 | public function __toString(){ 21 | return $this->str->source; 22 | } 23 | public function __wakeup(){ 24 | echo $this->source; 25 | } 26 | } 27 | 28 | class Test{ 29 | public $p; 30 | public function __construct(){ 31 | $this->p = array(); 32 | } 33 | 34 | public function __get($key){ 35 | $function = $this->p; 36 | return $function(); 37 | } 38 | } 39 | 40 | if(isset($_GET['pop'])){ 41 | unserialize($_GET['pop']); 42 | } 43 | ?> -------------------------------------------------------------------------------- /class13/flag.php: -------------------------------------------------------------------------------- 1 | v1 = $arga; 10 | $this->v2 = $argc; 11 | } 12 | } 13 | $a = $_GET['v1']; 14 | $b = $_GET['v2']; 15 | $data = serialize(new A($a,$b)); 16 | $data = str_replace("system()","",$data); 17 | var_dump(unserialize($data)); 18 | ?> 19 | 20 | -------------------------------------------------------------------------------- /class15/1.php: -------------------------------------------------------------------------------- 1 | v1 = $arga; 10 | $this->v2 = $argc; 11 | } 12 | } 13 | $a = $_GET['v1']; 14 | $b = $_GET['v2']; 15 | $data = serialize(new A($a,$b)); 16 | $data = str_replace("ls","pwd",$data); 17 | 18 | var_dump(unserialize($data)); 19 | -------------------------------------------------------------------------------- /class16/1.php: -------------------------------------------------------------------------------- 1 | user=$user; 14 | } 15 | } 16 | $param=$_GET['param']; 17 | $param=serialize(new test($param)); 18 | $profile=unserialize(filter($param)); 19 | 20 | if ($profile->pass=='escaping'){ 21 | echo file_get_contents("flag.php"); 22 | } 23 | ?> 24 | -------------------------------------------------------------------------------- /class16/flag.php: -------------------------------------------------------------------------------- 1 | user=$user; 15 | $this->pass=$pass; 16 | } 17 | } 18 | $param=$_GET['user']; 19 | $pass=$_GET['pass']; 20 | $param=serialize(new test($param,$pass)); 21 | $profile=unserialize(filter($param)); 22 | 23 | if ($profile->vip){ 24 | echo file_get_contents("flag.php"); 25 | } 26 | ?> 27 | -------------------------------------------------------------------------------- /class17/flag.php: -------------------------------------------------------------------------------- 1 | file=$file; 8 | } 9 | 10 | function __destruct(){ 11 | include_once($this->file); 12 | echo $flag; 13 | } 14 | 15 | function __wakeup(){ 16 | $this->file='index.php'; 17 | } 18 | } 19 | $cmd=$_GET['cmd']; 20 | if (!isset($cmd)){ 21 | highlight_file(__FILE__); 22 | } 23 | else{ 24 | if (preg_match('/[oc]:\d+:/i',$cmd)){ 25 | echo "Are you daydreaming?"; 26 | } 27 | else{ 28 | unserialize($cmd); 29 | } 30 | } 31 | //sercet in flag.php 32 | ?> 33 | -------------------------------------------------------------------------------- /class18/flag.php: -------------------------------------------------------------------------------- 1 | secret = "*"; 19 | if ($o->secret === $o->enter) 20 | echo "Congratulation! Here is my secret: ".$flag; 21 | else 22 | echo "Oh no... You can't fool me"; 23 | } 24 | else echo "are you trolling?"; 25 | ?> 26 | -------------------------------------------------------------------------------- /class19/flag.php: -------------------------------------------------------------------------------- 1 | 7 | -------------------------------------------------------------------------------- /class20/2.php: -------------------------------------------------------------------------------- 1 | 9 | -------------------------------------------------------------------------------- /class20/3.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /class20/save.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /class20/vul.php: -------------------------------------------------------------------------------- 1 | a); 12 | } 13 | } 14 | ?> -------------------------------------------------------------------------------- /class21/flag.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /class21/index.php: -------------------------------------------------------------------------------- 1 | her=md5(rand(1, 10000)); 10 | if ($this->name===$this->her){ 11 | include('flag.php'); 12 | echo $flag; 13 | } 14 | } 15 | } 16 | ?> -------------------------------------------------------------------------------- /class22/index.php: -------------------------------------------------------------------------------- 1 | output); 10 | } 11 | } 12 | if(isset($_GET['filename'])) 13 | { 14 | $filename=$_GET['filename']; 15 | var_dump(file_exists($filename)); 16 | } 17 | ?> -------------------------------------------------------------------------------- /class22/phar.php: -------------------------------------------------------------------------------- 1 | startBuffering(); //开始写文件 11 | $phar->setStub(''); //写入stub 12 | $o=new Testobj(); 13 | $o->output='eval($_GET["a"]);'; 14 | $phar->setMetadata($o);//写入meta-data 15 | $phar->addFromString("test.txt","test"); //添加要压缩的文件 16 | $phar->stopBuffering(); 17 | ?> 18 | -------------------------------------------------------------------------------- /class23/flag.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /class23/upload.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 上传图片文件 5 | 6 | 7 |
8 | 9 | 10 | 11 |
12 | 13 | 14 | 0){ 28 | echo "错误:".$_FILES["file"]["error"]."
"; 29 | } 30 | else{ 31 | move_uploaded_file($_FILES["file"]["tmp_name"],"upload/".$_FILES["file"]["name"]); 32 | echo "文件储存在"."upload/".$_FILES["file"]["name"]; 33 | } 34 | } 35 | else{ 36 | echo "mybe hack?"; 37 | } 38 | -------------------------------------------------------------------------------- /class23/upload/poc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mcc0624/php_ser_Class/ced0d40aa904fd5b368aa3ad303c0d3da9f358fb/class23/upload/poc.png -------------------------------------------------------------------------------- /index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 重庆橙子科技php反序列化靶场 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 705 | 706 | 707 | 713 |
714 |
715 |

716 | 717 | 718 | 重庆橙子科技 719 | 720 |

721 | 722 | 729 | 730 | 732 |
733 |
734 |
735 | 736 |
737 |
738 |

目录

739 |
740 | 766 |
767 | 768 |
769 |
770 | 771 | 772 | 773 | 774 | 775 | 776 | 777 | 778 | 779 | 780 | 781 | 782 | 783 | 784 | 785 | 786 | 787 | 788 | 789 |
790 |
791 |
792 |
793 | 0x03 类与对象 794 |
795 | 796 |
797 |
798 | 799 |
类的演示
800 |
类:定义类名、定义成员变量(属性)、定义成员函数(方法)
801 | 802 |
803 |
804 | 805 |
实例化和赋值
806 |
实例化和赋值,演示代码!
807 | 808 |
809 |
810 | 811 |
权限修饰符
812 |
PHP访问权限修饰符有三种:1、Public,2、Protected,3、private
813 | 814 |
815 |
816 | 817 |
权限修饰符2
818 |
protected,表示受保护的、继承的,只能类本身和类的内部成员可以访问
819 | 820 |
821 |
822 |
823 |
824 |
825 | 826 |
827 |
828 |
829 |
830 | 0x04 序列化基础知识 831 |
832 | 833 |
834 |
835 | 836 |
序列化演示
837 |
不通数据类型序列化之后对的格式展示
838 | 839 |
840 |
841 | 842 |
数组序列化
843 |
学的不仅是技术,更是梦想!该站提供了很全的编程技术基础教程,适合入门学习
844 | 845 |
846 |
847 | 848 |
对象序列化
849 |
提供了对象序列化示例
850 | 851 |
852 |
853 | 854 |
私有修饰符
855 |
私有属性在序列化之后的格式
856 | 857 |
858 |
859 | 860 |
保护修饰符
861 |
保护属性修饰符在序列化之后的格式
862 | 863 |
864 |
865 | 866 |
成员属性调用对象
867 |
演示成员属性调用对象过程,及序列化之后格式解释
868 | 869 |
870 |
871 |
872 |
873 |
874 |
875 |
876 |
877 |
878 | 0x05 反序列化知识 879 |
880 | 881 |
882 |
883 | 884 |
反序列化
885 |
反序列化之后的内容为一个对象
886 | 887 |
888 |
889 |
890 |
891 |
892 |
893 |
894 |
895 |
896 | 0x06 反序列化漏洞 897 |
898 | 899 |
900 |
901 | 902 |
反序列化漏洞例题
903 |
反序列化漏洞的成因:反序列化过程中,unserialize()接收的值(字符串)可控;
904 | 905 |
906 |
907 |
908 |
909 |
910 |
911 |
912 |
913 |
914 | 0x07 魔术方法介绍,构造和析构 915 |
916 | 917 |
918 |
919 | 920 |
__construct()
921 |
构造函数,在实例化一个对象的时候,首先会去自动执行的一个方法;
922 | 923 |
924 |
925 | 926 |
__destruct()
927 |
析构函数,在对象的所有引用被删除或者当对象被显式销毁时执行的魔术方法。
928 | 929 |
930 |
931 | 932 |
析构函数例题
933 |
析构函数漏洞利用例题展示
934 | 935 |
936 |
937 |
938 |
939 |
940 | 941 |
942 |
943 |
944 |
945 | 0x08 weakup和sleep魔术方法 946 |
947 | 948 |
949 |
950 | 951 |
__sleep()
952 |
此功能可以用于清理对象,并返回一个包含对象中所有应被序列化的变量名称的数组。
953 | 954 |
955 |
956 | 957 |
__sleep()例题
958 |
sleep例题演示
959 | 960 |
961 |
962 | 963 |
__wakeup()
964 |
预先准备对象资源,返回void,常用于反序列化操作中重新建立数据库连接或执行其他初始化操作。
965 | 966 |
967 |
968 | 969 |
__wakeup()例题
970 |
__wakeup()例题演示
971 | 972 |
973 |
974 |
975 |
976 |
977 | 978 |
979 |
980 |
981 |
982 | 0x09 Tostring和invoke魔术方法 983 |
984 | 985 |
986 |
987 | 988 |
__toString()
989 |
echo或者print只能调用字符串的方式去调用对象,即把对象当成字符串使用,此时自动触发toString()
990 | 991 |
992 |
993 | 994 |
__invoke()
995 |
把test当成函数test()来调用,此时触发invoke()
996 | 997 |
998 |
999 |
1000 |
1001 |
1002 | 1003 |
1004 |
1005 |
1006 |
1007 | 0x10 错误调用魔术方法 1008 |
1009 | 1010 |
1011 |
1012 | 1013 |
__call()
1014 |
调用的不存在的方法的名称和参数
1015 | 1016 |
1017 |
1018 | 1019 |
__callStatic()
1020 |
静态调用或调用成员常量时使用的方法不存在
1021 | 1022 |
1023 |
1024 | 1025 |
__get()
1026 |
调用的成员属性不存在
1027 | 1028 |
1029 |
1030 | 1031 |
__set()
1032 |
给不存在的成员属性赋值
1033 | 1034 |
1035 |
1036 | 1037 |
__isset()
1038 |
对不可访问属性使用 isset() 或 empty() 时,__isset() 会被调用。
1039 | 1040 |
1041 |
1042 | 1043 |
__unset()
1044 |
对不可访问属性使用 unset()时
1045 | 1046 |
1047 |
1048 | 1049 |
__clone()
1050 |
当使用 clone 关键字拷贝完成一个对象后,新对象会自动调用定义的魔术方法 __clone()
1051 | 1052 |
1053 |
1054 |
1055 |
1056 |
1057 | 1058 |
1059 |
1060 |
1061 |
1062 | 0x11 POP链基础前置知识1 1063 |
1064 | 1065 |
1066 |
1067 | 1068 |
了解调用链
1069 |
pop链前置知识,进一步了解魔术方法触发规则
1070 | 1071 |
1072 |
1073 |
1074 |
1075 |
1076 | 1077 |
1078 |
1079 |
1080 |
1081 | 0x12 pop链构造前置知识2 1082 |
1083 | 1084 |
1085 |
1086 | 1087 |
了解魔术方法
1088 |
pop链前置知识,进一步了解魔术方法触发规则
1089 | 1090 |
1091 |
1092 |
1093 |
1094 |
1095 | 1096 |
1097 |
1098 |
1099 |
1100 | 0x13 POP链构造及POC构造 1101 |
1102 | 1103 |
1104 |
1105 | 1106 |
POP链例题
1107 |
一个标准的pop链构造例题
1108 | 1109 |
1110 |
1111 |
1112 |
1113 |
1114 | 1115 |
1116 |
1117 |
1118 |
1119 | 0x14 php反序列化字符串逃减少 1120 |
1121 | 1122 |
1123 |
1124 | 1125 |
逃逸减少演示代码
1126 |
字符串逃逸演示用代码
1127 | 1128 | 1129 |
1130 |
1131 |
1132 |
1133 | 1134 |
1135 |
1136 |
1137 |
1138 | 0x15 PHP反序列化字符串逃逸增加 1139 |
1140 | 1141 |
1142 |
1143 | 1144 |
逃逸增加演示代码
1145 |
字符串逃逸演示用代码
1146 | 1147 |
1148 |
1149 |
1150 |
1151 |
1152 | 1153 |
1154 |
1155 |
1156 |
1157 | 0x16 字符串逃逸增加例题 1158 |
1159 | 1160 |
1161 |
1162 | 1163 |
字符串逃逸_增加
1164 |
字符串逃逸增加
1165 | 1166 |
1167 |
1168 |
1169 |
1170 |
1171 | 1172 |
1173 |
1174 |
1175 |
1176 | 0x17 字符串逃逸例题减少 1177 |
1178 | 1179 |
1180 |
1181 | 1182 |
字符串逃逸_减少
1183 |
字符串逃逸减少例题
1184 | 1185 |
1186 |
1187 |
1188 |
1189 |
1190 | 1191 |
1192 |
1193 |
1194 |
1195 | 0x18 weakup绕过 1196 |
1197 | 1198 |
1199 |
1200 | 1201 |
weakup绕过
1202 |
关于CVE-2016-7124漏洞利用
1203 | 1204 |
1205 |
1206 |
1207 |
1208 |
1209 | 1210 |
1211 |
1212 |
1213 |
1214 | 0x19 序列化引用介绍 1215 |
1216 | 1217 |
1218 |
1219 | 1220 |
引用例题
1221 |
序列化过程中引用起到的作用
1222 | 1223 |
1224 |
1225 |
1226 |
1227 |
1228 | 1229 |
1230 |
1231 |
1232 |
1233 | 0x20 Session反序列化 1234 |
1235 | 1236 |
1237 |
1238 | 1239 |
session_PHP
1240 |
键名 + 竖线 + 经过 serialize() 函数序列处理的值
1241 | 1242 |
1243 |
1244 | 1245 |
php_serialize
1246 |
经过 serialize() 函数反序列处理的数组
1247 | 1248 |
1249 |
1250 | 1251 |
php_binary
1252 |
键名的长度对应的 ASCII 字符 + 键名 + 经过 serialize() 函数反序列处理的值
1253 | 1254 |
1255 |
1256 | 1257 |
提交session值
1258 |
该页面使用php_serialize方式保存session
1259 | 1260 |
1261 |
1262 | 1263 |
漏洞页面
1264 |
能够触发session内反序列化漏洞页面
1265 | 1266 |
1267 |
1268 |
1269 |
1270 |
1271 | 1272 |
1273 |
1274 |
1275 |
1276 | 0x21 session反序列化例题 1277 |
1278 | 1279 |
1280 |
1281 | 1282 |
session反序列化例题
1283 |
基础例题用以测试是否了解session反序列化技术
1284 | 1285 |
1286 |
1287 |
1288 |
1289 |
1290 | 1291 |
1292 |
1293 |
1294 |
1295 | 0x22 Phar反序列化介绍 1296 |
1297 | 1298 |
1299 |
1300 | 1301 |
生成phar文件
1302 |
该页面可以生成一个phar文件,该文件能mata-data写入序列化转字符串
1303 | 1304 |
1305 |
1306 | 1307 |
漏洞页面
1308 |
通过phar伪协议,访问另一个页面生成phar文件导致命令执行漏洞
1309 | 1310 |
1311 |
1312 |
1313 |
1314 |
1315 | 1316 |
1317 |
1318 |
1319 |
1320 | 0x23 Phar反序列化例题 1321 |
1322 | 1323 |
1324 |
1325 | 1326 |
phar反序列化例题
1327 |
使用phar反序列化漏洞获取flag
1328 | 1329 |
1330 |
1331 |
1332 |
1333 |
1334 | 1335 |
1336 |
1337 |
1338 |
1339 |

1340 | 代码如果有问题,请联系重庆橙子科技,短信联系:15702390228 1341 |

1342 | 1343 |

1344 | Copyright © 2014-2022 重庆橙子科技有限公司 All Rights Reserved 1345 |

1346 |
1347 |
1348 |
1349 |
1350 |
1351 | 1352 |
1353 |
1354 | 1355 |
1356 | 1357 | 1358 | 1359 | 1360 | 1486 |
1487 | 1488 | -------------------------------------------------------------------------------- /info.php: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /php.ini: -------------------------------------------------------------------------------- 1 | [PHP] 2 | 3 | ;;;;;;;;;;;;;;;;;;; 4 | ; About php.ini ; 5 | ;;;;;;;;;;;;;;;;;;; 6 | ; PHP's initialization file, generally called php.ini, is responsible for 7 | ; configuring many of the aspects of PHP's behavior. 8 | 9 | ; PHP attempts to find and load this configuration from a number of locations. 10 | ; The following is a summary of its search order: 11 | ; 1. SAPI module specific location. 12 | ; 2. The PHPRC environment variable. (As of PHP 5.2.0) 13 | ; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) 14 | ; 4. Current working directory (except CLI) 15 | ; 5. The web server's directory (for SAPI modules), or directory of PHP 16 | ; (otherwise in Windows) 17 | ; 6. The directory from the --with-config-file-path compile time option, or the 18 | ; Windows directory (C:\windows or C:\winnt) 19 | ; See the PHP docs for more specific information. 20 | ; http://php.net/configuration.file 21 | 22 | ; The syntax of the file is extremely simple. Whitespace and lines 23 | ; beginning with a semicolon are silently ignored (as you probably guessed). 24 | ; Section headers (e.g. [Foo]) are also silently ignored, even though 25 | ; they might mean something in the future. 26 | 27 | ; Directives following the section heading [PATH=/www/mysite] only 28 | ; apply to PHP files in the /www/mysite directory. Directives 29 | ; following the section heading [HOST=www.example.com] only apply to 30 | ; PHP files served from www.example.com. Directives set in these 31 | ; special sections cannot be overridden by user-defined INI files or 32 | ; at runtime. Currently, [PATH=] and [HOST=] sections only work under 33 | ; CGI/FastCGI. 34 | ; http://php.net/ini.sections 35 | 36 | ; Directives are specified using the following syntax: 37 | ; directive = value 38 | ; Directive names are *case sensitive* - foo=bar is different from FOO=bar. 39 | ; Directives are variables used to configure PHP or PHP extensions. 40 | ; There is no name validation. If PHP can't find an expected 41 | ; directive because it is not set or is mistyped, a default value will be used. 42 | 43 | ; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one 44 | ; of the INI constants (On, Off, True, False, Yes, No and None) or an expression 45 | ; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a 46 | ; previously set variable or directive (e.g. ${foo}) 47 | 48 | ; Expressions in the INI file are limited to bitwise operators and parentheses: 49 | ; | bitwise OR 50 | ; ^ bitwise XOR 51 | ; & bitwise AND 52 | ; ~ bitwise NOT 53 | ; ! boolean NOT 54 | 55 | ; Boolean flags can be turned on using the values 1, On, True or Yes. 56 | ; They can be turned off using the values 0, Off, False or No. 57 | 58 | ; An empty string can be denoted by simply not writing anything after the equal 59 | ; sign, or by using the None keyword: 60 | 61 | ; foo = ; sets foo to an empty string 62 | ; foo = None ; sets foo to an empty string 63 | ; foo = "None" ; sets foo to the string 'None' 64 | 65 | ; If you use constants in your value, and these constants belong to a 66 | ; dynamically loaded extension (either a PHP extension or a Zend extension), 67 | ; you may only use these constants *after* the line that loads the extension. 68 | 69 | ;;;;;;;;;;;;;;;;;;; 70 | ; About this file ; 71 | ;;;;;;;;;;;;;;;;;;; 72 | ; PHP comes packaged with two INI files. One that is recommended to be used 73 | ; in production environments and one that is recommended to be used in 74 | ; development environments. 75 | 76 | ; php.ini-production contains settings which hold security, performance and 77 | ; best practices at its core. But please be aware, these settings may break 78 | ; compatibility with older or less security conscience applications. We 79 | ; recommending using the production ini in production and testing environments. 80 | 81 | ; php.ini-development is very similar to its production variant, except it is 82 | ; much more verbose when it comes to errors. We recommend using the 83 | ; development version only in development environments, as errors shown to 84 | ; application users can inadvertently leak otherwise secure information. 85 | 86 | ; This is php.ini-development INI file. 87 | 88 | ;;;;;;;;;;;;;;;;;;; 89 | ; Quick Reference ; 90 | ;;;;;;;;;;;;;;;;;;; 91 | ; The following are all the settings which are different in either the production 92 | ; or development versions of the INIs with respect to PHP's default behavior. 93 | ; Please see the actual settings later in the document for more details as to why 94 | ; we recommend these changes in PHP's behavior. 95 | 96 | ; display_errors 97 | ; Default Value: On 98 | ; Development Value: On 99 | ; Production Value: Off 100 | 101 | ; display_startup_errors 102 | ; Default Value: Off 103 | ; Development Value: On 104 | ; Production Value: Off 105 | 106 | ; error_reporting 107 | ; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED 108 | ; Development Value: E_ALL 109 | ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT 110 | 111 | ; html_errors 112 | ; Default Value: On 113 | ; Development Value: On 114 | ; Production value: On 115 | 116 | ; log_errors 117 | ; Default Value: Off 118 | ; Development Value: On 119 | ; Production Value: On 120 | 121 | ; max_input_time 122 | ; Default Value: -1 (Unlimited) 123 | ; Development Value: 60 (60 seconds) 124 | ; Production Value: 60 (60 seconds) 125 | 126 | ; output_buffering 127 | ; Default Value: Off 128 | ; Development Value: 4096 129 | ; Production Value: 4096 130 | 131 | ; register_argc_argv 132 | ; Default Value: On 133 | ; Development Value: Off 134 | ; Production Value: Off 135 | 136 | ; request_order 137 | ; Default Value: None 138 | ; Development Value: "GP" 139 | ; Production Value: "GP" 140 | 141 | ; session.gc_divisor 142 | ; Default Value: 100 143 | ; Development Value: 1000 144 | ; Production Value: 1000 145 | 146 | ; session.hash_bits_per_character 147 | ; Default Value: 4 148 | ; Development Value: 5 149 | ; Production Value: 5 150 | 151 | ; short_open_tag 152 | ; Default Value: On 153 | ; Development Value: Off 154 | ; Production Value: Off 155 | 156 | ; track_errors 157 | ; Default Value: Off 158 | ; Development Value: On 159 | ; Production Value: Off 160 | 161 | ; url_rewriter.tags 162 | ; Default Value: "a=href,area=href,frame=src,form=,fieldset=" 163 | ; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" 164 | ; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" 165 | 166 | ; variables_order 167 | ; Default Value: "EGPCS" 168 | ; Development Value: "GPCS" 169 | ; Production Value: "GPCS" 170 | 171 | ;;;;;;;;;;;;;;;;;;;; 172 | ; php.ini Options ; 173 | ;;;;;;;;;;;;;;;;;;;; 174 | ; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" 175 | ;user_ini.filename = ".user.ini" 176 | 177 | ; To disable this feature set this option to empty value 178 | ;user_ini.filename = 179 | 180 | ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) 181 | ;user_ini.cache_ttl = 300 182 | 183 | ;;;;;;;;;;;;;;;;;;;; 184 | ; Language Options ; 185 | ;;;;;;;;;;;;;;;;;;;; 186 | 187 | ; Enable the PHP scripting language engine under Apache. 188 | ; http://php.net/engine 189 | engine = On 190 | 191 | ; This directive determines whether or not PHP will recognize code between 192 | ; tags as PHP source which should be processed as such. It is 193 | ; generally recommended that should be used and that this feature 194 | ; should be disabled, as enabling it may result in issues when generating XML 195 | ; documents, however this remains supported for backward compatibility reasons. 196 | ; Note that this directive does not control the would work. 308 | ; http://php.net/syntax-highlighting 309 | ;highlight.string = #DD0000 310 | ;highlight.comment = #FF9900 311 | ;highlight.keyword = #007700 312 | ;highlight.default = #0000BB 313 | ;highlight.html = #000000 314 | 315 | ; If enabled, the request will be allowed to complete even if the user aborts 316 | ; the request. Consider enabling it if executing long requests, which may end up 317 | ; being interrupted by the user or a browser timing out. PHP's default behavior 318 | ; is to disable this feature. 319 | ; http://php.net/ignore-user-abort 320 | ;ignore_user_abort = On 321 | 322 | ; Determines the size of the realpath cache to be used by PHP. This value should 323 | ; be increased on systems where PHP opens many files to reflect the quantity of 324 | ; the file operations performed. 325 | ; http://php.net/realpath-cache-size 326 | ;realpath_cache_size = 16k 327 | 328 | ; Duration of time, in seconds for which to cache realpath information for a given 329 | ; file or directory. For systems with rarely changing files, consider increasing this 330 | ; value. 331 | ; http://php.net/realpath-cache-ttl 332 | ;realpath_cache_ttl = 120 333 | 334 | ; Enables or disables the circular reference collector. 335 | ; http://php.net/zend.enable-gc 336 | zend.enable_gc = On 337 | 338 | ; If enabled, scripts may be written in encodings that are incompatible with 339 | ; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such 340 | ; encodings. To use this feature, mbstring extension must be enabled. 341 | ; Default: Off 342 | ;zend.multibyte = Off 343 | 344 | ; Allows to set the default encoding for the scripts. This value will be used 345 | ; unless "declare(encoding=...)" directive appears at the top of the script. 346 | ; Only affects if zend.multibyte is set. 347 | ; Default: "" 348 | ;zend.script_encoding = 349 | 350 | ;;;;;;;;;;;;;;;;; 351 | ; Miscellaneous ; 352 | ;;;;;;;;;;;;;;;;; 353 | 354 | ; Decides whether PHP may expose the fact that it is installed on the server 355 | ; (e.g. by adding its signature to the Web server header). It is no security 356 | ; threat in any way, but it makes it possible to determine whether you use PHP 357 | ; on your server or not. 358 | ; http://php.net/expose-php 359 | expose_php = On 360 | 361 | ;;;;;;;;;;;;;;;;;;; 362 | ; Resource Limits ; 363 | ;;;;;;;;;;;;;;;;;;; 364 | 365 | ; Maximum execution time of each script, in seconds 366 | ; http://php.net/max-execution-time 367 | ; Note: This directive is hardcoded to 0 for the CLI SAPI 368 | max_execution_time = 30 369 | 370 | ; Maximum amount of time each script may spend parsing request data. It's a good 371 | ; idea to limit this time on productions servers in order to eliminate unexpectedly 372 | ; long running scripts. 373 | ; Note: This directive is hardcoded to -1 for the CLI SAPI 374 | ; Default Value: -1 (Unlimited) 375 | ; Development Value: 60 (60 seconds) 376 | ; Production Value: 60 (60 seconds) 377 | ; http://php.net/max-input-time 378 | max_input_time = 60 379 | 380 | ; Maximum input variable nesting level 381 | ; http://php.net/max-input-nesting-level 382 | ;max_input_nesting_level = 64 383 | 384 | ; How many GET/POST/COOKIE input variables may be accepted 385 | ; max_input_vars = 1000 386 | 387 | ; Maximum amount of memory a script may consume (128MB) 388 | ; http://php.net/memory-limit 389 | memory_limit = 128M 390 | 391 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 392 | ; Error handling and logging ; 393 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 394 | 395 | ; This directive informs PHP of which errors, warnings and notices you would like 396 | ; it to take action for. The recommended way of setting values for this 397 | ; directive is through the use of the error level constants and bitwise 398 | ; operators. The error level constants are below here for convenience as well as 399 | ; some common settings and their meanings. 400 | ; By default, PHP is set to take action on all errors, notices and warnings EXCEPT 401 | ; those related to E_NOTICE and E_STRICT, which together cover best practices and 402 | ; recommended coding standards in PHP. For performance reasons, this is the 403 | ; recommend error reporting setting. Your production server shouldn't be wasting 404 | ; resources complaining about best practices and coding standards. That's what 405 | ; development servers and development settings are for. 406 | ; Note: The php.ini-development file has this setting as E_ALL. This 407 | ; means it pretty much reports everything which is exactly what you want during 408 | ; development and early testing. 409 | ; 410 | ; Error Level Constants: 411 | ; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) 412 | ; E_ERROR - fatal run-time errors 413 | ; E_RECOVERABLE_ERROR - almost fatal run-time errors 414 | ; E_WARNING - run-time warnings (non-fatal errors) 415 | ; E_PARSE - compile-time parse errors 416 | ; E_NOTICE - run-time notices (these are warnings which often result 417 | ; from a bug in your code, but it's possible that it was 418 | ; intentional (e.g., using an uninitialized variable and 419 | ; relying on the fact it is automatically initialized to an 420 | ; empty string) 421 | ; E_STRICT - run-time notices, enable to have PHP suggest changes 422 | ; to your code which will ensure the best interoperability 423 | ; and forward compatibility of your code 424 | ; E_CORE_ERROR - fatal errors that occur during PHP's initial startup 425 | ; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's 426 | ; initial startup 427 | ; E_COMPILE_ERROR - fatal compile-time errors 428 | ; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) 429 | ; E_USER_ERROR - user-generated error message 430 | ; E_USER_WARNING - user-generated warning message 431 | ; E_USER_NOTICE - user-generated notice message 432 | ; E_DEPRECATED - warn about code that will not work in future versions 433 | ; of PHP 434 | ; E_USER_DEPRECATED - user-generated deprecation warnings 435 | ; 436 | ; Common Values: 437 | ; E_ALL (Show all errors, warnings and notices including coding standards.) 438 | ; E_ALL & ~E_NOTICE (Show all errors, except for notices) 439 | ; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) 440 | ; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) 441 | ; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED 442 | ; Development Value: E_ALL 443 | ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT 444 | ; http://php.net/error-reporting 445 | error_reporting = E_ALL 446 | 447 | ; This directive controls whether or not and where PHP will output errors, 448 | ; notices and warnings too. Error output is very useful during development, but 449 | ; it could be very dangerous in production environments. Depending on the code 450 | ; which is triggering the error, sensitive information could potentially leak 451 | ; out of your application such as database usernames and passwords or worse. 452 | ; For production environments, we recommend logging errors rather than 453 | ; sending them to STDOUT. 454 | ; Possible Values: 455 | ; Off = Do not display any errors 456 | ; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) 457 | ; On or stdout = Display errors to STDOUT 458 | ; Default Value: On 459 | ; Development Value: On 460 | ; Production Value: Off 461 | ; http://php.net/display-errors 462 | display_errors = On 463 | 464 | ; The display of errors which occur during PHP's startup sequence are handled 465 | ; separately from display_errors. PHP's default behavior is to suppress those 466 | ; errors from clients. Turning the display of startup errors on can be useful in 467 | ; debugging configuration problems. We strongly recommend you 468 | ; set this to 'off' for production servers. 469 | ; Default Value: Off 470 | ; Development Value: On 471 | ; Production Value: Off 472 | ; http://php.net/display-startup-errors 473 | display_startup_errors = On 474 | 475 | ; Besides displaying errors, PHP can also log errors to locations such as a 476 | ; server-specific log, STDERR, or a location specified by the error_log 477 | ; directive found below. While errors should not be displayed on productions 478 | ; servers they should still be monitored and logging is a great way to do that. 479 | ; Default Value: Off 480 | ; Development Value: On 481 | ; Production Value: On 482 | ; http://php.net/log-errors 483 | log_errors = On 484 | 485 | ; Set maximum length of log_errors. In error_log information about the source is 486 | ; added. The default is 1024 and 0 allows to not apply any maximum length at all. 487 | ; http://php.net/log-errors-max-len 488 | log_errors_max_len = 1024 489 | 490 | ; Do not log repeated messages. Repeated errors must occur in same file on same 491 | ; line unless ignore_repeated_source is set true. 492 | ; http://php.net/ignore-repeated-errors 493 | ignore_repeated_errors = Off 494 | 495 | ; Ignore source of message when ignoring repeated messages. When this setting 496 | ; is On you will not log errors with repeated messages from different files or 497 | ; source lines. 498 | ; http://php.net/ignore-repeated-source 499 | ignore_repeated_source = Off 500 | 501 | ; If this parameter is set to Off, then memory leaks will not be shown (on 502 | ; stdout or in the log). This has only effect in a debug compile, and if 503 | ; error reporting includes E_WARNING in the allowed list 504 | ; http://php.net/report-memleaks 505 | report_memleaks = On 506 | 507 | ; This setting is on by default. 508 | ;report_zend_debug = 0 509 | 510 | ; Store the last error/warning message in $php_errormsg (boolean). Setting this value 511 | ; to On can assist in debugging and is appropriate for development servers. It should 512 | ; however be disabled on production servers. 513 | ; Default Value: Off 514 | ; Development Value: On 515 | ; Production Value: Off 516 | ; http://php.net/track-errors 517 | track_errors = On 518 | 519 | ; Turn off normal error reporting and emit XML-RPC error XML 520 | ; http://php.net/xmlrpc-errors 521 | ;xmlrpc_errors = 0 522 | 523 | ; An XML-RPC faultCode 524 | ;xmlrpc_error_number = 0 525 | 526 | ; When PHP displays or logs an error, it has the capability of formatting the 527 | ; error message as HTML for easier reading. This directive controls whether 528 | ; the error message is formatted as HTML or not. 529 | ; Note: This directive is hardcoded to Off for the CLI SAPI 530 | ; Default Value: On 531 | ; Development Value: On 532 | ; Production value: On 533 | ; http://php.net/html-errors 534 | html_errors = On 535 | 536 | ; If html_errors is set to On *and* docref_root is not empty, then PHP 537 | ; produces clickable error messages that direct to a page describing the error 538 | ; or function causing the error in detail. 539 | ; You can download a copy of the PHP manual from http://php.net/docs 540 | ; and change docref_root to the base URL of your local copy including the 541 | ; leading '/'. You must also specify the file extension being used including 542 | ; the dot. PHP's default behavior is to leave these settings empty, in which 543 | ; case no links to documentation are generated. 544 | ; Note: Never use this feature for production boxes. 545 | ; http://php.net/docref-root 546 | ; Examples 547 | ;docref_root = "/phpmanual/" 548 | 549 | ; http://php.net/docref-ext 550 | ;docref_ext = .html 551 | 552 | ; String to output before an error message. PHP's default behavior is to leave 553 | ; this setting blank. 554 | ; http://php.net/error-prepend-string 555 | ; Example: 556 | ;error_prepend_string = "" 557 | 558 | ; String to output after an error message. PHP's default behavior is to leave 559 | ; this setting blank. 560 | ; http://php.net/error-append-string 561 | ; Example: 562 | ;error_append_string = "" 563 | 564 | ; Log errors to specified file. PHP's default behavior is to leave this value 565 | ; empty. 566 | ; http://php.net/error-log 567 | ; Example: 568 | ;error_log = php_errors.log 569 | ; Log errors to syslog (Event Log on Windows). 570 | ;error_log = syslog 571 | 572 | ;windows.show_crt_warning 573 | ; Default value: 0 574 | ; Development value: 0 575 | ; Production value: 0 576 | 577 | ;;;;;;;;;;;;;;;;; 578 | ; Data Handling ; 579 | ;;;;;;;;;;;;;;;;; 580 | 581 | ; The separator used in PHP generated URLs to separate arguments. 582 | ; PHP's default setting is "&". 583 | ; http://php.net/arg-separator.output 584 | ; Example: 585 | ;arg_separator.output = "&" 586 | 587 | ; List of separator(s) used by PHP to parse input URLs into variables. 588 | ; PHP's default setting is "&". 589 | ; NOTE: Every character in this directive is considered as separator! 590 | ; http://php.net/arg-separator.input 591 | ; Example: 592 | ;arg_separator.input = ";&" 593 | 594 | ; This directive determines which super global arrays are registered when PHP 595 | ; starts up. G,P,C,E & S are abbreviations for the following respective super 596 | ; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty 597 | ; paid for the registration of these arrays and because ENV is not as commonly 598 | ; used as the others, ENV is not recommended on productions servers. You 599 | ; can still get access to the environment variables through getenv() should you 600 | ; need to. 601 | ; Default Value: "EGPCS" 602 | ; Development Value: "GPCS" 603 | ; Production Value: "GPCS"; 604 | ; http://php.net/variables-order 605 | variables_order = "GPCS" 606 | 607 | ; This directive determines which super global data (G,P & C) should be 608 | ; registered into the super global array REQUEST. If so, it also determines 609 | ; the order in which that data is registered. The values for this directive 610 | ; are specified in the same manner as the variables_order directive, 611 | ; EXCEPT one. Leaving this value empty will cause PHP to use the value set 612 | ; in the variables_order directive. It does not mean it will leave the super 613 | ; globals array REQUEST empty. 614 | ; Default Value: None 615 | ; Development Value: "GP" 616 | ; Production Value: "GP" 617 | ; http://php.net/request-order 618 | request_order = "GP" 619 | 620 | ; This directive determines whether PHP registers $argv & $argc each time it 621 | ; runs. $argv contains an array of all the arguments passed to PHP when a script 622 | ; is invoked. $argc contains an integer representing the number of arguments 623 | ; that were passed when the script was invoked. These arrays are extremely 624 | ; useful when running scripts from the command line. When this directive is 625 | ; enabled, registering these variables consumes CPU cycles and memory each time 626 | ; a script is executed. For performance reasons, this feature should be disabled 627 | ; on production servers. 628 | ; Note: This directive is hardcoded to On for the CLI SAPI 629 | ; Default Value: On 630 | ; Development Value: Off 631 | ; Production Value: Off 632 | ; http://php.net/register-argc-argv 633 | register_argc_argv = Off 634 | 635 | ; When enabled, the ENV, REQUEST and SERVER variables are created when they're 636 | ; first used (Just In Time) instead of when the script starts. If these 637 | ; variables are not used within a script, having this directive on will result 638 | ; in a performance gain. The PHP directive register_argc_argv must be disabled 639 | ; for this directive to have any affect. 640 | ; http://php.net/auto-globals-jit 641 | auto_globals_jit = On 642 | 643 | ; Whether PHP will read the POST data. 644 | ; This option is enabled by default. 645 | ; Most likely, you won't want to disable this option globally. It causes $_POST 646 | ; and $_FILES to always be empty; the only way you will be able to read the 647 | ; POST data will be through the php://input stream wrapper. This can be useful 648 | ; to proxy requests or to process the POST data in a memory efficient fashion. 649 | ; http://php.net/enable-post-data-reading 650 | ;enable_post_data_reading = Off 651 | 652 | ; Maximum size of POST data that PHP will accept. 653 | ; Its value may be 0 to disable the limit. It is ignored if POST data reading 654 | ; is disabled through enable_post_data_reading. 655 | ; http://php.net/post-max-size 656 | post_max_size = 8M 657 | 658 | ; Automatically add files before PHP document. 659 | ; http://php.net/auto-prepend-file 660 | auto_prepend_file = 661 | 662 | ; Automatically add files after PHP document. 663 | ; http://php.net/auto-append-file 664 | auto_append_file = 665 | 666 | ; By default, PHP will output a media type using the Content-Type header. To 667 | ; disable this, simply set it to be empty. 668 | ; 669 | ; PHP's built-in default media type is set to text/html. 670 | ; http://php.net/default-mimetype 671 | default_mimetype = "text/html" 672 | 673 | ; PHP's default character set is set to UTF-8. 674 | ; http://php.net/default-charset 675 | default_charset = "UTF-8" 676 | 677 | ; PHP internal character encoding is set to empty. 678 | ; If empty, default_charset is used. 679 | ; http://php.net/internal-encoding 680 | ;internal_encoding = 681 | 682 | ; PHP input character encoding is set to empty. 683 | ; If empty, default_charset is used. 684 | ; http://php.net/input-encoding 685 | ;input_encoding = 686 | 687 | ; PHP output character encoding is set to empty. 688 | ; If empty, default_charset is used. 689 | ; mbstring or iconv output handler is used. 690 | ; See also output_buffer. 691 | ; http://php.net/output-encoding 692 | ;output_encoding = 693 | 694 | ;;;;;;;;;;;;;;;;;;;;;;;;; 695 | ; Paths and Directories ; 696 | ;;;;;;;;;;;;;;;;;;;;;;;;; 697 | 698 | ; UNIX: "/path1:/path2" 699 | ;include_path = ".:/php/includes" 700 | ; 701 | ; Windows: "\path1;\path2" 702 | ;include_path = ".;c:\php\includes" 703 | ; 704 | ; PHP's default setting for include_path is ".;/path/to/php/pear" 705 | ; http://php.net/include-path 706 | 707 | ; The root of the PHP pages, used only if nonempty. 708 | ; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root 709 | ; if you are running php as a CGI under any web server (other than IIS) 710 | ; see documentation for security issues. The alternate is to use the 711 | ; cgi.force_redirect configuration below 712 | ; http://php.net/doc-root 713 | doc_root = 714 | 715 | ; The directory under which PHP opens the script using /~username used only 716 | ; if nonempty. 717 | ; http://php.net/user-dir 718 | user_dir = 719 | 720 | ; Directory in which the loadable extensions (modules) reside. 721 | ; http://php.net/extension-dir 722 | ; extension_dir = "./" 723 | ; On windows: 724 | ; extension_dir = "ext" 725 | 726 | ; Directory where the temporary files should be placed. 727 | ; Defaults to the system default (see sys_get_temp_dir) 728 | ; sys_temp_dir = "/tmp" 729 | 730 | ; Whether or not to enable the dl() function. The dl() function does NOT work 731 | ; properly in multithreaded servers, such as IIS or Zeus, and is automatically 732 | ; disabled on them. 733 | ; http://php.net/enable-dl 734 | enable_dl = Off 735 | 736 | ; cgi.force_redirect is necessary to provide security running PHP as a CGI under 737 | ; most web servers. Left undefined, PHP turns this on by default. You can 738 | ; turn it off here AT YOUR OWN RISK 739 | ; **You CAN safely turn this off for IIS, in fact, you MUST.** 740 | ; http://php.net/cgi.force-redirect 741 | ;cgi.force_redirect = 1 742 | 743 | ; if cgi.nph is enabled it will force cgi to always sent Status: 200 with 744 | ; every request. PHP's default behavior is to disable this feature. 745 | ;cgi.nph = 1 746 | 747 | ; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape 748 | ; (iPlanet) web servers, you MAY need to set an environment variable name that PHP 749 | ; will look for to know it is OK to continue execution. Setting this variable MAY 750 | ; cause security issues, KNOW WHAT YOU ARE DOING FIRST. 751 | ; http://php.net/cgi.redirect-status-env 752 | ;cgi.redirect_status_env = 753 | 754 | ; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's 755 | ; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok 756 | ; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting 757 | ; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting 758 | ; of zero causes PHP to behave as before. Default is 1. You should fix your scripts 759 | ; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. 760 | ; http://php.net/cgi.fix-pathinfo 761 | ;cgi.fix_pathinfo=1 762 | 763 | ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate 764 | ; security tokens of the calling client. This allows IIS to define the 765 | ; security context that the request runs under. mod_fastcgi under Apache 766 | ; does not currently support this feature (03/17/2002) 767 | ; Set to 1 if running under IIS. Default is zero. 768 | ; http://php.net/fastcgi.impersonate 769 | ;fastcgi.impersonate = 1 770 | 771 | ; Disable logging through FastCGI connection. PHP's default behavior is to enable 772 | ; this feature. 773 | ;fastcgi.logging = 0 774 | 775 | ; cgi.rfc2616_headers configuration option tells PHP what type of headers to 776 | ; use when sending HTTP response code. If set to 0, PHP sends Status: header that 777 | ; is supported by Apache. When this option is set to 1, PHP will send 778 | ; RFC2616 compliant header. 779 | ; Default is zero. 780 | ; http://php.net/cgi.rfc2616-headers 781 | ;cgi.rfc2616_headers = 0 782 | 783 | ;;;;;;;;;;;;;;;; 784 | ; File Uploads ; 785 | ;;;;;;;;;;;;;;;; 786 | 787 | ; Whether to allow HTTP file uploads. 788 | ; http://php.net/file-uploads 789 | file_uploads = On 790 | 791 | ; Temporary directory for HTTP uploaded files (will use system default if not 792 | ; specified). 793 | ; http://php.net/upload-tmp-dir 794 | ;upload_tmp_dir = 795 | 796 | ; Maximum allowed size for uploaded files. 797 | ; http://php.net/upload-max-filesize 798 | upload_max_filesize = 2M 799 | 800 | ; Maximum number of files that can be uploaded via a single request 801 | max_file_uploads = 20 802 | 803 | ;;;;;;;;;;;;;;;;;; 804 | ; Fopen wrappers ; 805 | ;;;;;;;;;;;;;;;;;; 806 | 807 | ; Whether to allow the treatment of URLs (like http:// or ftp://) as files. 808 | ; http://php.net/allow-url-fopen 809 | allow_url_fopen = On 810 | 811 | ; Whether to allow include/require to open URLs (like http:// or ftp://) as files. 812 | ; http://php.net/allow-url-include 813 | allow_url_include = Off 814 | 815 | ; Define the anonymous ftp password (your email address). PHP's default setting 816 | ; for this is empty. 817 | ; http://php.net/from 818 | ;from="john@doe.com" 819 | 820 | ; Define the User-Agent string. PHP's default setting for this is empty. 821 | ; http://php.net/user-agent 822 | ;user_agent="PHP" 823 | 824 | ; Default timeout for socket based streams (seconds) 825 | ; http://php.net/default-socket-timeout 826 | default_socket_timeout = 60 827 | 828 | ; If your scripts have to deal with files from Macintosh systems, 829 | ; or you are running on a Mac and need to deal with files from 830 | ; unix or win32 systems, setting this flag will cause PHP to 831 | ; automatically detect the EOL character in those files so that 832 | ; fgets() and file() will work regardless of the source of the file. 833 | ; http://php.net/auto-detect-line-endings 834 | ;auto_detect_line_endings = Off 835 | 836 | ;;;;;;;;;;;;;;;;;;;;;; 837 | ; Dynamic Extensions ; 838 | ;;;;;;;;;;;;;;;;;;;;;; 839 | 840 | ; If you wish to have an extension loaded automatically, use the following 841 | ; syntax: 842 | ; 843 | ; extension=modulename.extension 844 | ; 845 | ; For example, on Windows: 846 | ; 847 | ; extension=msql.dll 848 | ; 849 | ; ... or under UNIX: 850 | ; 851 | ; extension=msql.so 852 | ; 853 | ; ... or with a path: 854 | ; 855 | ; extension=/path/to/extension/msql.so 856 | ; 857 | ; If you only provide the name of the extension, PHP will look for it in its 858 | ; default extension directory. 859 | ; 860 | ; Windows Extensions 861 | ; Note that ODBC support is built in, so no dll is needed for it. 862 | ; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) 863 | ; extension folders as well as the separate PECL DLL download (PHP 5+). 864 | ; Be sure to appropriately set the extension_dir directive. 865 | ; 866 | ;extension=php_bz2.dll 867 | ;extension=php_curl.dll 868 | ;extension=php_fileinfo.dll 869 | ;extension=php_gd2.dll 870 | ;extension=php_gettext.dll 871 | ;extension=php_gmp.dll 872 | ;extension=php_intl.dll 873 | ;extension=php_imap.dll 874 | ;extension=php_interbase.dll 875 | ;extension=php_ldap.dll 876 | ;extension=php_mbstring.dll 877 | ;extension=php_exif.dll ; Must be after mbstring as it depends on it 878 | ;extension=php_mysqli.dll 879 | ;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client 880 | ;extension=php_openssl.dll 881 | ;extension=php_pdo_firebird.dll 882 | ;extension=php_pdo_mysql.dll 883 | ;extension=php_pdo_oci.dll 884 | ;extension=php_pdo_odbc.dll 885 | ;extension=php_pdo_pgsql.dll 886 | ;extension=php_pdo_sqlite.dll 887 | ;extension=php_pgsql.dll 888 | ;extension=php_shmop.dll 889 | 890 | ; The MIBS data available in the PHP distribution must be installed. 891 | ; See http://www.php.net/manual/en/snmp.installation.php 892 | ;extension=php_snmp.dll 893 | 894 | ;extension=php_soap.dll 895 | ;extension=php_sockets.dll 896 | ;extension=php_sqlite3.dll 897 | ;extension=php_tidy.dll 898 | ;extension=php_xmlrpc.dll 899 | ;extension=php_xsl.dll 900 | 901 | ;;;;;;;;;;;;;;;;;;; 902 | ; Module Settings ; 903 | ;;;;;;;;;;;;;;;;;;; 904 | 905 | [CLI Server] 906 | ; Whether the CLI web server uses ANSI color coding in its terminal output. 907 | cli_server.color = On 908 | 909 | [Date] 910 | ; Defines the default timezone used by the date functions 911 | ; http://php.net/date.timezone 912 | ;date.timezone = 913 | 914 | ; http://php.net/date.default-latitude 915 | ;date.default_latitude = 31.7667 916 | 917 | ; http://php.net/date.default-longitude 918 | ;date.default_longitude = 35.2333 919 | 920 | ; http://php.net/date.sunrise-zenith 921 | ;date.sunrise_zenith = 90.583333 922 | 923 | ; http://php.net/date.sunset-zenith 924 | ;date.sunset_zenith = 90.583333 925 | 926 | [filter] 927 | ; http://php.net/filter.default 928 | ;filter.default = unsafe_raw 929 | 930 | ; http://php.net/filter.default-flags 931 | ;filter.default_flags = 932 | 933 | [iconv] 934 | ; Use of this INI entry is deprecated, use global input_encoding instead. 935 | ; If empty, default_charset or input_encoding or iconv.input_encoding is used. 936 | ; The precedence is: default_charset < intput_encoding < iconv.input_encoding 937 | ;iconv.input_encoding = 938 | 939 | ; Use of this INI entry is deprecated, use global internal_encoding instead. 940 | ; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. 941 | ; The precedence is: default_charset < internal_encoding < iconv.internal_encoding 942 | ;iconv.internal_encoding = 943 | 944 | ; Use of this INI entry is deprecated, use global output_encoding instead. 945 | ; If empty, default_charset or output_encoding or iconv.output_encoding is used. 946 | ; The precedence is: default_charset < output_encoding < iconv.output_encoding 947 | ; To use an output encoding conversion, iconv's output handler must be set 948 | ; otherwise output encoding conversion cannot be performed. 949 | ;iconv.output_encoding = 950 | 951 | [intl] 952 | ;intl.default_locale = 953 | ; This directive allows you to produce PHP errors when some error 954 | ; happens within intl functions. The value is the level of the error produced. 955 | ; Default is 0, which does not produce any errors. 956 | ;intl.error_level = E_WARNING 957 | ;intl.use_exceptions = 0 958 | 959 | [sqlite3] 960 | ;sqlite3.extension_dir = 961 | 962 | [Pcre] 963 | ;PCRE library backtracking limit. 964 | ; http://php.net/pcre.backtrack-limit 965 | ;pcre.backtrack_limit=100000 966 | 967 | ;PCRE library recursion limit. 968 | ;Please note that if you set this value to a high number you may consume all 969 | ;the available process stack and eventually crash PHP (due to reaching the 970 | ;stack size limit imposed by the Operating System). 971 | ; http://php.net/pcre.recursion-limit 972 | ;pcre.recursion_limit=100000 973 | 974 | ;Enables or disables JIT compilation of patterns. This requires the PCRE 975 | ;library to be compiled with JIT support. 976 | ;pcre.jit=1 977 | 978 | [Pdo] 979 | ; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" 980 | ; http://php.net/pdo-odbc.connection-pooling 981 | ;pdo_odbc.connection_pooling=strict 982 | 983 | ;pdo_odbc.db2_instance_name 984 | 985 | [Pdo_mysql] 986 | ; If mysqlnd is used: Number of cache slots for the internal result set cache 987 | ; http://php.net/pdo_mysql.cache_size 988 | pdo_mysql.cache_size = 2000 989 | 990 | ; Default socket name for local MySQL connects. If empty, uses the built-in 991 | ; MySQL defaults. 992 | ; http://php.net/pdo_mysql.default-socket 993 | pdo_mysql.default_socket= 994 | 995 | [Phar] 996 | ; http://php.net/phar.readonly 997 | phar.readonly = Off 998 | 999 | ; http://php.net/phar.require-hash 1000 | ;phar.require_hash = On 1001 | 1002 | ;phar.cache_list = 1003 | 1004 | [mail function] 1005 | ; For Win32 only. 1006 | ; http://php.net/smtp 1007 | SMTP = localhost 1008 | ; http://php.net/smtp-port 1009 | smtp_port = 25 1010 | 1011 | ; For Win32 only. 1012 | ; http://php.net/sendmail-from 1013 | ;sendmail_from = me@example.com 1014 | 1015 | ; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). 1016 | ; http://php.net/sendmail-path 1017 | ;sendmail_path = 1018 | 1019 | ; Force the addition of the specified parameters to be passed as extra parameters 1020 | ; to the sendmail binary. These parameters will always replace the value of 1021 | ; the 5th parameter to mail(). 1022 | ;mail.force_extra_parameters = 1023 | 1024 | ; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename 1025 | mail.add_x_header = On 1026 | 1027 | ; The path to a log file that will log all mail() calls. Log entries include 1028 | ; the full path of the script, line number, To address and headers. 1029 | ;mail.log = 1030 | ; Log mail to syslog (Event Log on Windows). 1031 | ;mail.log = syslog 1032 | 1033 | [SQL] 1034 | ; http://php.net/sql.safe-mode 1035 | sql.safe_mode = Off 1036 | 1037 | [ODBC] 1038 | ; http://php.net/odbc.default-db 1039 | ;odbc.default_db = Not yet implemented 1040 | 1041 | ; http://php.net/odbc.default-user 1042 | ;odbc.default_user = Not yet implemented 1043 | 1044 | ; http://php.net/odbc.default-pw 1045 | ;odbc.default_pw = Not yet implemented 1046 | 1047 | ; Controls the ODBC cursor model. 1048 | ; Default: SQL_CURSOR_STATIC (default). 1049 | ;odbc.default_cursortype 1050 | 1051 | ; Allow or prevent persistent links. 1052 | ; http://php.net/odbc.allow-persistent 1053 | odbc.allow_persistent = On 1054 | 1055 | ; Check that a connection is still valid before reuse. 1056 | ; http://php.net/odbc.check-persistent 1057 | odbc.check_persistent = On 1058 | 1059 | ; Maximum number of persistent links. -1 means no limit. 1060 | ; http://php.net/odbc.max-persistent 1061 | odbc.max_persistent = -1 1062 | 1063 | ; Maximum number of links (persistent + non-persistent). -1 means no limit. 1064 | ; http://php.net/odbc.max-links 1065 | odbc.max_links = -1 1066 | 1067 | ; Handling of LONG fields. Returns number of bytes to variables. 0 means 1068 | ; passthru. 1069 | ; http://php.net/odbc.defaultlrl 1070 | odbc.defaultlrl = 4096 1071 | 1072 | ; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. 1073 | ; See the documentation on odbc_binmode and odbc_longreadlen for an explanation 1074 | ; of odbc.defaultlrl and odbc.defaultbinmode 1075 | ; http://php.net/odbc.defaultbinmode 1076 | odbc.defaultbinmode = 1 1077 | 1078 | ;birdstep.max_links = -1 1079 | 1080 | [Interbase] 1081 | ; Allow or prevent persistent links. 1082 | ibase.allow_persistent = 1 1083 | 1084 | ; Maximum number of persistent links. -1 means no limit. 1085 | ibase.max_persistent = -1 1086 | 1087 | ; Maximum number of links (persistent + non-persistent). -1 means no limit. 1088 | ibase.max_links = -1 1089 | 1090 | ; Default database name for ibase_connect(). 1091 | ;ibase.default_db = 1092 | 1093 | ; Default username for ibase_connect(). 1094 | ;ibase.default_user = 1095 | 1096 | ; Default password for ibase_connect(). 1097 | ;ibase.default_password = 1098 | 1099 | ; Default charset for ibase_connect(). 1100 | ;ibase.default_charset = 1101 | 1102 | ; Default timestamp format. 1103 | ibase.timestampformat = "%Y-%m-%d %H:%M:%S" 1104 | 1105 | ; Default date format. 1106 | ibase.dateformat = "%Y-%m-%d" 1107 | 1108 | ; Default time format. 1109 | ibase.timeformat = "%H:%M:%S" 1110 | 1111 | [MySQLi] 1112 | 1113 | ; Maximum number of persistent links. -1 means no limit. 1114 | ; http://php.net/mysqli.max-persistent 1115 | mysqli.max_persistent = -1 1116 | 1117 | ; Allow accessing, from PHP's perspective, local files with LOAD DATA statements 1118 | ; http://php.net/mysqli.allow_local_infile 1119 | ;mysqli.allow_local_infile = On 1120 | 1121 | ; Allow or prevent persistent links. 1122 | ; http://php.net/mysqli.allow-persistent 1123 | mysqli.allow_persistent = On 1124 | 1125 | ; Maximum number of links. -1 means no limit. 1126 | ; http://php.net/mysqli.max-links 1127 | mysqli.max_links = -1 1128 | 1129 | ; If mysqlnd is used: Number of cache slots for the internal result set cache 1130 | ; http://php.net/mysqli.cache_size 1131 | mysqli.cache_size = 2000 1132 | 1133 | ; Default port number for mysqli_connect(). If unset, mysqli_connect() will use 1134 | ; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the 1135 | ; compile-time value defined MYSQL_PORT (in that order). Win32 will only look 1136 | ; at MYSQL_PORT. 1137 | ; http://php.net/mysqli.default-port 1138 | mysqli.default_port = 3306 1139 | 1140 | ; Default socket name for local MySQL connects. If empty, uses the built-in 1141 | ; MySQL defaults. 1142 | ; http://php.net/mysqli.default-socket 1143 | mysqli.default_socket = 1144 | 1145 | ; Default host for mysql_connect() (doesn't apply in safe mode). 1146 | ; http://php.net/mysqli.default-host 1147 | mysqli.default_host = 1148 | 1149 | ; Default user for mysql_connect() (doesn't apply in safe mode). 1150 | ; http://php.net/mysqli.default-user 1151 | mysqli.default_user = 1152 | 1153 | ; Default password for mysqli_connect() (doesn't apply in safe mode). 1154 | ; Note that this is generally a *bad* idea to store passwords in this file. 1155 | ; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") 1156 | ; and reveal this password! And of course, any users with read access to this 1157 | ; file will be able to reveal the password as well. 1158 | ; http://php.net/mysqli.default-pw 1159 | mysqli.default_pw = 1160 | 1161 | ; Allow or prevent reconnect 1162 | mysqli.reconnect = Off 1163 | 1164 | [mysqlnd] 1165 | ; Enable / Disable collection of general statistics by mysqlnd which can be 1166 | ; used to tune and monitor MySQL operations. 1167 | ; http://php.net/mysqlnd.collect_statistics 1168 | mysqlnd.collect_statistics = On 1169 | 1170 | ; Enable / Disable collection of memory usage statistics by mysqlnd which can be 1171 | ; used to tune and monitor MySQL operations. 1172 | ; http://php.net/mysqlnd.collect_memory_statistics 1173 | mysqlnd.collect_memory_statistics = On 1174 | 1175 | ; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. 1176 | ; http://php.net/mysqlnd.net_cmd_buffer_size 1177 | ;mysqlnd.net_cmd_buffer_size = 2048 1178 | 1179 | ; Size of a pre-allocated buffer used for reading data sent by the server in 1180 | ; bytes. 1181 | ; http://php.net/mysqlnd.net_read_buffer_size 1182 | ;mysqlnd.net_read_buffer_size = 32768 1183 | 1184 | [OCI8] 1185 | 1186 | ; Connection: Enables privileged connections using external 1187 | ; credentials (OCI_SYSOPER, OCI_SYSDBA) 1188 | ; http://php.net/oci8.privileged-connect 1189 | ;oci8.privileged_connect = Off 1190 | 1191 | ; Connection: The maximum number of persistent OCI8 connections per 1192 | ; process. Using -1 means no limit. 1193 | ; http://php.net/oci8.max-persistent 1194 | ;oci8.max_persistent = -1 1195 | 1196 | ; Connection: The maximum number of seconds a process is allowed to 1197 | ; maintain an idle persistent connection. Using -1 means idle 1198 | ; persistent connections will be maintained forever. 1199 | ; http://php.net/oci8.persistent-timeout 1200 | ;oci8.persistent_timeout = -1 1201 | 1202 | ; Connection: The number of seconds that must pass before issuing a 1203 | ; ping during oci_pconnect() to check the connection validity. When 1204 | ; set to 0, each oci_pconnect() will cause a ping. Using -1 disables 1205 | ; pings completely. 1206 | ; http://php.net/oci8.ping-interval 1207 | ;oci8.ping_interval = 60 1208 | 1209 | ; Connection: Set this to a user chosen connection class to be used 1210 | ; for all pooled server requests with Oracle 11g Database Resident 1211 | ; Connection Pooling (DRCP). To use DRCP, this value should be set to 1212 | ; the same string for all web servers running the same application, 1213 | ; the database pool must be configured, and the connection string must 1214 | ; specify to use a pooled server. 1215 | ;oci8.connection_class = 1216 | 1217 | ; High Availability: Using On lets PHP receive Fast Application 1218 | ; Notification (FAN) events generated when a database node fails. The 1219 | ; database must also be configured to post FAN events. 1220 | ;oci8.events = Off 1221 | 1222 | ; Tuning: This option enables statement caching, and specifies how 1223 | ; many statements to cache. Using 0 disables statement caching. 1224 | ; http://php.net/oci8.statement-cache-size 1225 | ;oci8.statement_cache_size = 20 1226 | 1227 | ; Tuning: Enables statement prefetching and sets the default number of 1228 | ; rows that will be fetched automatically after statement execution. 1229 | ; http://php.net/oci8.default-prefetch 1230 | ;oci8.default_prefetch = 100 1231 | 1232 | ; Compatibility. Using On means oci_close() will not close 1233 | ; oci_connect() and oci_new_connect() connections. 1234 | ; http://php.net/oci8.old-oci-close-semantics 1235 | ;oci8.old_oci_close_semantics = Off 1236 | 1237 | [PostgreSQL] 1238 | ; Allow or prevent persistent links. 1239 | ; http://php.net/pgsql.allow-persistent 1240 | pgsql.allow_persistent = On 1241 | 1242 | ; Detect broken persistent links always with pg_pconnect(). 1243 | ; Auto reset feature requires a little overheads. 1244 | ; http://php.net/pgsql.auto-reset-persistent 1245 | pgsql.auto_reset_persistent = Off 1246 | 1247 | ; Maximum number of persistent links. -1 means no limit. 1248 | ; http://php.net/pgsql.max-persistent 1249 | pgsql.max_persistent = -1 1250 | 1251 | ; Maximum number of links (persistent+non persistent). -1 means no limit. 1252 | ; http://php.net/pgsql.max-links 1253 | pgsql.max_links = -1 1254 | 1255 | ; Ignore PostgreSQL backends Notice message or not. 1256 | ; Notice message logging require a little overheads. 1257 | ; http://php.net/pgsql.ignore-notice 1258 | pgsql.ignore_notice = 0 1259 | 1260 | ; Log PostgreSQL backends Notice message or not. 1261 | ; Unless pgsql.ignore_notice=0, module cannot log notice message. 1262 | ; http://php.net/pgsql.log-notice 1263 | pgsql.log_notice = 0 1264 | 1265 | [bcmath] 1266 | ; Number of decimal digits for all bcmath functions. 1267 | ; http://php.net/bcmath.scale 1268 | bcmath.scale = 0 1269 | 1270 | [browscap] 1271 | ; http://php.net/browscap 1272 | ;browscap = extra/browscap.ini 1273 | 1274 | [Session] 1275 | ; Handler used to store/retrieve data. 1276 | ; http://php.net/session.save-handler 1277 | session.save_handler = files 1278 | 1279 | ; Argument passed to save_handler. In the case of files, this is the path 1280 | ; where data files are stored. Note: Windows users have to change this 1281 | ; variable in order to use PHP's session functions. 1282 | ; 1283 | ; The path can be defined as: 1284 | ; 1285 | ; session.save_path = "N;/path" 1286 | ; 1287 | ; where N is an integer. Instead of storing all the session files in 1288 | ; /path, what this will do is use subdirectories N-levels deep, and 1289 | ; store the session data in those directories. This is useful if 1290 | ; your OS has problems with many files in one directory, and is 1291 | ; a more efficient layout for servers that handle many sessions. 1292 | ; 1293 | ; NOTE 1: PHP will not create this directory structure automatically. 1294 | ; You can use the script in the ext/session dir for that purpose. 1295 | ; NOTE 2: See the section on garbage collection below if you choose to 1296 | ; use subdirectories for session storage 1297 | ; 1298 | ; The file storage module creates files using mode 600 by default. 1299 | ; You can change that by using 1300 | ; 1301 | ; session.save_path = "N;MODE;/path" 1302 | ; 1303 | ; where MODE is the octal representation of the mode. Note that this 1304 | ; does not overwrite the process's umask. 1305 | ; http://php.net/session.save-path 1306 | session.save_path = "/var/www/html/tmp" 1307 | 1308 | ; Whether to use strict session mode. 1309 | ; Strict session mode does not accept uninitialized session ID and regenerate 1310 | ; session ID if browser sends uninitialized session ID. Strict mode protects 1311 | ; applications from session fixation via session adoption vulnerability. It is 1312 | ; disabled by default for maximum compatibility, but enabling it is encouraged. 1313 | ; https://wiki.php.net/rfc/strict_sessions 1314 | session.use_strict_mode = 0 1315 | 1316 | ; Whether to use cookies. 1317 | ; http://php.net/session.use-cookies 1318 | session.use_cookies = 1 1319 | 1320 | ; http://php.net/session.cookie-secure 1321 | ;session.cookie_secure = 1322 | 1323 | ; This option forces PHP to fetch and use a cookie for storing and maintaining 1324 | ; the session id. We encourage this operation as it's very helpful in combating 1325 | ; session hijacking when not specifying and managing your own session id. It is 1326 | ; not the be-all and end-all of session hijacking defense, but it's a good start. 1327 | ; http://php.net/session.use-only-cookies 1328 | session.use_only_cookies = 1 1329 | 1330 | ; Name of the session (used as cookie name). 1331 | ; http://php.net/session.name 1332 | session.name = PHPSESSID 1333 | 1334 | ; Initialize session on request startup. 1335 | ; http://php.net/session.auto-start 1336 | session.auto_start = 0 1337 | 1338 | ; Lifetime in seconds of cookie or, if 0, until browser is restarted. 1339 | ; http://php.net/session.cookie-lifetime 1340 | session.cookie_lifetime = 0 1341 | 1342 | ; The path for which the cookie is valid. 1343 | ; http://php.net/session.cookie-path 1344 | session.cookie_path = / 1345 | 1346 | ; The domain for which the cookie is valid. 1347 | ; http://php.net/session.cookie-domain 1348 | session.cookie_domain = 1349 | 1350 | ; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. 1351 | ; http://php.net/session.cookie-httponly 1352 | session.cookie_httponly = 1353 | 1354 | ; Handler used to serialize data. php is the standard serializer of PHP. 1355 | ; http://php.net/session.serialize-handler 1356 | session.serialize_handler = php 1357 | 1358 | ; Defines the probability that the 'garbage collection' process is started 1359 | ; on every session initialization. The probability is calculated by using 1360 | ; gc_probability/gc_divisor. Where session.gc_probability is the numerator 1361 | ; and gc_divisor is the denominator in the equation. Setting this value to 1 1362 | ; when the session.gc_divisor value is 100 will give you approximately a 1% chance 1363 | ; the gc will run on any give request. 1364 | ; Default Value: 1 1365 | ; Development Value: 1 1366 | ; Production Value: 1 1367 | ; http://php.net/session.gc-probability 1368 | session.gc_probability = 1 1369 | 1370 | ; Defines the probability that the 'garbage collection' process is started on every 1371 | ; session initialization. The probability is calculated by using the following equation: 1372 | ; gc_probability/gc_divisor. Where session.gc_probability is the numerator and 1373 | ; session.gc_divisor is the denominator in the equation. Setting this value to 1 1374 | ; when the session.gc_divisor value is 100 will give you approximately a 1% chance 1375 | ; the gc will run on any give request. Increasing this value to 1000 will give you 1376 | ; a 0.1% chance the gc will run on any give request. For high volume production servers, 1377 | ; this is a more efficient approach. 1378 | ; Default Value: 100 1379 | ; Development Value: 1000 1380 | ; Production Value: 1000 1381 | ; http://php.net/session.gc-divisor 1382 | session.gc_divisor = 1000 1383 | 1384 | ; After this number of seconds, stored data will be seen as 'garbage' and 1385 | ; cleaned up by the garbage collection process. 1386 | ; http://php.net/session.gc-maxlifetime 1387 | session.gc_maxlifetime = 1440 1388 | 1389 | ; NOTE: If you are using the subdirectory option for storing session files 1390 | ; (see session.save_path above), then garbage collection does *not* 1391 | ; happen automatically. You will need to do your own garbage 1392 | ; collection through a shell script, cron entry, or some other method. 1393 | ; For example, the following script would is the equivalent of 1394 | ; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): 1395 | ; find /path/to/sessions -cmin +24 -type f | xargs rm 1396 | 1397 | ; Check HTTP Referer to invalidate externally stored URLs containing ids. 1398 | ; HTTP_REFERER has to contain this substring for the session to be 1399 | ; considered as valid. 1400 | ; http://php.net/session.referer-check 1401 | session.referer_check = 1402 | 1403 | ; How many bytes to read from the file. 1404 | ; http://php.net/session.entropy-length 1405 | ;session.entropy_length = 32 1406 | 1407 | ; Specified here to create the session id. 1408 | ; http://php.net/session.entropy-file 1409 | ; Defaults to /dev/urandom 1410 | ; On systems that don't have /dev/urandom but do have /dev/arandom, this will default to /dev/arandom 1411 | ; If neither are found at compile time, the default is no entropy file. 1412 | ; On windows, setting the entropy_length setting will activate the 1413 | ; Windows random source (using the CryptoAPI) 1414 | ;session.entropy_file = /dev/urandom 1415 | 1416 | ; Set to {nocache,private,public,} to determine HTTP caching aspects 1417 | ; or leave this empty to avoid sending anti-caching headers. 1418 | ; http://php.net/session.cache-limiter 1419 | session.cache_limiter = nocache 1420 | 1421 | ; Document expires after n minutes. 1422 | ; http://php.net/session.cache-expire 1423 | session.cache_expire = 180 1424 | 1425 | ; trans sid support is disabled by default. 1426 | ; Use of trans sid may risk your users' security. 1427 | ; Use this option with caution. 1428 | ; - User may send URL contains active session ID 1429 | ; to other person via. email/irc/etc. 1430 | ; - URL that contains active session ID may be stored 1431 | ; in publicly accessible computer. 1432 | ; - User may access your site with the same session ID 1433 | ; always using URL stored in browser's history or bookmarks. 1434 | ; http://php.net/session.use-trans-sid 1435 | session.use_trans_sid = 0 1436 | 1437 | ; Select a hash function for use in generating session ids. 1438 | ; Possible Values 1439 | ; 0 (MD5 128 bits) 1440 | ; 1 (SHA-1 160 bits) 1441 | ; This option may also be set to the name of any hash function supported by 1442 | ; the hash extension. A list of available hashes is returned by the hash_algos() 1443 | ; function. 1444 | ; http://php.net/session.hash-function 1445 | session.hash_function = 0 1446 | 1447 | ; Define how many bits are stored in each character when converting 1448 | ; the binary hash data to something readable. 1449 | ; Possible values: 1450 | ; 4 (4 bits: 0-9, a-f) 1451 | ; 5 (5 bits: 0-9, a-v) 1452 | ; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") 1453 | ; Default Value: 4 1454 | ; Development Value: 5 1455 | ; Production Value: 5 1456 | ; http://php.net/session.hash-bits-per-character 1457 | session.hash_bits_per_character = 5 1458 | 1459 | ; The URL rewriter will look for URLs in a defined set of HTML tags. 1460 | ; form/fieldset are special; if you include them here, the rewriter will 1461 | ; add a hidden field with the info which is otherwise appended 1462 | ; to URLs. If you want XHTML conformity, remove the form entry. 1463 | ; Note that all valid entries require a "=", even if no value follows. 1464 | ; Default Value: "a=href,area=href,frame=src,form=,fieldset=" 1465 | ; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" 1466 | ; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" 1467 | ; http://php.net/url-rewriter.tags 1468 | url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" 1469 | 1470 | ; Enable upload progress tracking in $_SESSION 1471 | ; Default Value: On 1472 | ; Development Value: On 1473 | ; Production Value: On 1474 | ; http://php.net/session.upload-progress.enabled 1475 | ;session.upload_progress.enabled = On 1476 | 1477 | ; Cleanup the progress information as soon as all POST data has been read 1478 | ; (i.e. upload completed). 1479 | ; Default Value: On 1480 | ; Development Value: On 1481 | ; Production Value: On 1482 | ; http://php.net/session.upload-progress.cleanup 1483 | ;session.upload_progress.cleanup = On 1484 | 1485 | ; A prefix used for the upload progress key in $_SESSION 1486 | ; Default Value: "upload_progress_" 1487 | ; Development Value: "upload_progress_" 1488 | ; Production Value: "upload_progress_" 1489 | ; http://php.net/session.upload-progress.prefix 1490 | ;session.upload_progress.prefix = "upload_progress_" 1491 | 1492 | ; The index name (concatenated with the prefix) in $_SESSION 1493 | ; containing the upload progress information 1494 | ; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" 1495 | ; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" 1496 | ; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" 1497 | ; http://php.net/session.upload-progress.name 1498 | ;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" 1499 | 1500 | ; How frequently the upload progress should be updated. 1501 | ; Given either in percentages (per-file), or in bytes 1502 | ; Default Value: "1%" 1503 | ; Development Value: "1%" 1504 | ; Production Value: "1%" 1505 | ; http://php.net/session.upload-progress.freq 1506 | ;session.upload_progress.freq = "1%" 1507 | 1508 | ; The minimum delay between updates, in seconds 1509 | ; Default Value: 1 1510 | ; Development Value: 1 1511 | ; Production Value: 1 1512 | ; http://php.net/session.upload-progress.min-freq 1513 | ;session.upload_progress.min_freq = "1" 1514 | 1515 | ; Only write session data when session data is changed. Enabled by default. 1516 | ; http://php.net/session.lazy-write 1517 | ;session.lazy_write = On 1518 | 1519 | [Assertion] 1520 | ; Switch whether to compile assertions at all (to have no overhead at run-time) 1521 | ; -1: Do not compile at all 1522 | ; 0: Jump over assertion at run-time 1523 | ; 1: Execute assertions 1524 | ; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) 1525 | ; Default Value: 1 1526 | ; Development Value: 1 1527 | ; Production Value: -1 1528 | ; http://php.net/zend.assertions 1529 | zend.assertions = 1 1530 | 1531 | ; Assert(expr); active by default. 1532 | ; http://php.net/assert.active 1533 | ;assert.active = On 1534 | 1535 | ; Throw an AssertationException on failed assertions 1536 | ; http://php.net/assert.exception 1537 | ;assert.exception = On 1538 | 1539 | ; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) 1540 | ; http://php.net/assert.warning 1541 | ;assert.warning = On 1542 | 1543 | ; Don't bail out by default. 1544 | ; http://php.net/assert.bail 1545 | ;assert.bail = Off 1546 | 1547 | ; User-function to be called if an assertion fails. 1548 | ; http://php.net/assert.callback 1549 | ;assert.callback = 0 1550 | 1551 | ; Eval the expression with current error_reporting(). Set to true if you want 1552 | ; error_reporting(0) around the eval(). 1553 | ; http://php.net/assert.quiet-eval 1554 | ;assert.quiet_eval = 0 1555 | 1556 | [COM] 1557 | ; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs 1558 | ; http://php.net/com.typelib-file 1559 | ;com.typelib_file = 1560 | 1561 | ; allow Distributed-COM calls 1562 | ; http://php.net/com.allow-dcom 1563 | ;com.allow_dcom = true 1564 | 1565 | ; autoregister constants of a components typlib on com_load() 1566 | ; http://php.net/com.autoregister-typelib 1567 | ;com.autoregister_typelib = true 1568 | 1569 | ; register constants casesensitive 1570 | ; http://php.net/com.autoregister-casesensitive 1571 | ;com.autoregister_casesensitive = false 1572 | 1573 | ; show warnings on duplicate constant registrations 1574 | ; http://php.net/com.autoregister-verbose 1575 | ;com.autoregister_verbose = true 1576 | 1577 | ; The default character set code-page to use when passing strings to and from COM objects. 1578 | ; Default: system ANSI code page 1579 | ;com.code_page= 1580 | 1581 | [mbstring] 1582 | ; language for internal character representation. 1583 | ; This affects mb_send_mail() and mbstring.detect_order. 1584 | ; http://php.net/mbstring.language 1585 | ;mbstring.language = Japanese 1586 | 1587 | ; Use of this INI entry is deprecated, use global internal_encoding instead. 1588 | ; internal/script encoding. 1589 | ; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) 1590 | ; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. 1591 | ; The precedence is: default_charset < internal_encoding < iconv.internal_encoding 1592 | ;mbstring.internal_encoding = 1593 | 1594 | ; Use of this INI entry is deprecated, use global input_encoding instead. 1595 | ; http input encoding. 1596 | ; mbstring.encoding_traslation = On is needed to use this setting. 1597 | ; If empty, default_charset or input_encoding or mbstring.input is used. 1598 | ; The precedence is: default_charset < intput_encoding < mbsting.http_input 1599 | ; http://php.net/mbstring.http-input 1600 | ;mbstring.http_input = 1601 | 1602 | ; Use of this INI entry is deprecated, use global output_encoding instead. 1603 | ; http output encoding. 1604 | ; mb_output_handler must be registered as output buffer to function. 1605 | ; If empty, default_charset or output_encoding or mbstring.http_output is used. 1606 | ; The precedence is: default_charset < output_encoding < mbstring.http_output 1607 | ; To use an output encoding conversion, mbstring's output handler must be set 1608 | ; otherwise output encoding conversion cannot be performed. 1609 | ; http://php.net/mbstring.http-output 1610 | ;mbstring.http_output = 1611 | 1612 | ; enable automatic encoding translation according to 1613 | ; mbstring.internal_encoding setting. Input chars are 1614 | ; converted to internal encoding by setting this to On. 1615 | ; Note: Do _not_ use automatic encoding translation for 1616 | ; portable libs/applications. 1617 | ; http://php.net/mbstring.encoding-translation 1618 | ;mbstring.encoding_translation = Off 1619 | 1620 | ; automatic encoding detection order. 1621 | ; "auto" detect order is changed according to mbstring.language 1622 | ; http://php.net/mbstring.detect-order 1623 | ;mbstring.detect_order = auto 1624 | 1625 | ; substitute_character used when character cannot be converted 1626 | ; one from another 1627 | ; http://php.net/mbstring.substitute-character 1628 | ;mbstring.substitute_character = none 1629 | 1630 | ; overload(replace) single byte functions by mbstring functions. 1631 | ; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), 1632 | ; etc. Possible values are 0,1,2,4 or combination of them. 1633 | ; For example, 7 for overload everything. 1634 | ; 0: No overload 1635 | ; 1: Overload mail() function 1636 | ; 2: Overload str*() functions 1637 | ; 4: Overload ereg*() functions 1638 | ; http://php.net/mbstring.func-overload 1639 | ;mbstring.func_overload = 0 1640 | 1641 | ; enable strict encoding detection. 1642 | ; Default: Off 1643 | ;mbstring.strict_detection = On 1644 | 1645 | ; This directive specifies the regex pattern of content types for which mb_output_handler() 1646 | ; is activated. 1647 | ; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) 1648 | ;mbstring.http_output_conv_mimetype= 1649 | 1650 | [gd] 1651 | ; Tell the jpeg decode to ignore warnings and try to create 1652 | ; a gd image. The warning will then be displayed as notices 1653 | ; disabled by default 1654 | ; http://php.net/gd.jpeg-ignore-warning 1655 | ;gd.jpeg_ignore_warning = 0 1656 | 1657 | [exif] 1658 | ; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. 1659 | ; With mbstring support this will automatically be converted into the encoding 1660 | ; given by corresponding encode setting. When empty mbstring.internal_encoding 1661 | ; is used. For the decode settings you can distinguish between motorola and 1662 | ; intel byte order. A decode setting cannot be empty. 1663 | ; http://php.net/exif.encode-unicode 1664 | ;exif.encode_unicode = ISO-8859-15 1665 | 1666 | ; http://php.net/exif.decode-unicode-motorola 1667 | ;exif.decode_unicode_motorola = UCS-2BE 1668 | 1669 | ; http://php.net/exif.decode-unicode-intel 1670 | ;exif.decode_unicode_intel = UCS-2LE 1671 | 1672 | ; http://php.net/exif.encode-jis 1673 | ;exif.encode_jis = 1674 | 1675 | ; http://php.net/exif.decode-jis-motorola 1676 | ;exif.decode_jis_motorola = JIS 1677 | 1678 | ; http://php.net/exif.decode-jis-intel 1679 | ;exif.decode_jis_intel = JIS 1680 | 1681 | [Tidy] 1682 | ; The path to a default tidy configuration file to use when using tidy 1683 | ; http://php.net/tidy.default-config 1684 | ;tidy.default_config = /usr/local/lib/php/default.tcfg 1685 | 1686 | ; Should tidy clean and repair output automatically? 1687 | ; WARNING: Do not use this option if you are generating non-html content 1688 | ; such as dynamic images 1689 | ; http://php.net/tidy.clean-output 1690 | tidy.clean_output = Off 1691 | 1692 | [soap] 1693 | ; Enables or disables WSDL caching feature. 1694 | ; http://php.net/soap.wsdl-cache-enabled 1695 | soap.wsdl_cache_enabled=1 1696 | 1697 | ; Sets the directory name where SOAP extension will put cache files. 1698 | ; http://php.net/soap.wsdl-cache-dir 1699 | soap.wsdl_cache_dir="/tmp" 1700 | 1701 | ; (time to live) Sets the number of second while cached file will be used 1702 | ; instead of original one. 1703 | ; http://php.net/soap.wsdl-cache-ttl 1704 | soap.wsdl_cache_ttl=86400 1705 | 1706 | ; Sets the size of the cache limit. (Max. number of WSDL files to cache) 1707 | soap.wsdl_cache_limit = 5 1708 | 1709 | [sysvshm] 1710 | ; A default size of the shared memory segment 1711 | ;sysvshm.init_mem = 10000 1712 | 1713 | [ldap] 1714 | ; Sets the maximum number of open links or -1 for unlimited. 1715 | ldap.max_links = -1 1716 | 1717 | [mcrypt] 1718 | ; For more information about mcrypt settings see http://php.net/mcrypt-module-open 1719 | 1720 | ; Directory where to load mcrypt algorithms 1721 | ; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) 1722 | ;mcrypt.algorithms_dir= 1723 | 1724 | ; Directory where to load mcrypt modes 1725 | ; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) 1726 | ;mcrypt.modes_dir= 1727 | 1728 | [dba] 1729 | ;dba.default_handler= 1730 | 1731 | [opcache] 1732 | ; Determines if Zend OPCache is enabled 1733 | ;opcache.enable=0 1734 | 1735 | ; Determines if Zend OPCache is enabled for the CLI version of PHP 1736 | ;opcache.enable_cli=0 1737 | 1738 | ; The OPcache shared memory storage size. 1739 | ;opcache.memory_consumption=64 1740 | 1741 | ; The amount of memory for interned strings in Mbytes. 1742 | ;opcache.interned_strings_buffer=4 1743 | 1744 | ; The maximum number of keys (scripts) in the OPcache hash table. 1745 | ; Only numbers between 200 and 100000 are allowed. 1746 | ;opcache.max_accelerated_files=2000 1747 | 1748 | ; The maximum percentage of "wasted" memory until a restart is scheduled. 1749 | ;opcache.max_wasted_percentage=5 1750 | 1751 | ; When this directive is enabled, the OPcache appends the current working 1752 | ; directory to the script key, thus eliminating possible collisions between 1753 | ; files with the same name (basename). Disabling the directive improves 1754 | ; performance, but may break existing applications. 1755 | ;opcache.use_cwd=1 1756 | 1757 | ; When disabled, you must reset the OPcache manually or restart the 1758 | ; webserver for changes to the filesystem to take effect. 1759 | ;opcache.validate_timestamps=1 1760 | 1761 | ; How often (in seconds) to check file timestamps for changes to the shared 1762 | ; memory storage allocation. ("1" means validate once per second, but only 1763 | ; once per request. "0" means always validate) 1764 | ;opcache.revalidate_freq=2 1765 | 1766 | ; Enables or disables file search in include_path optimization 1767 | ;opcache.revalidate_path=0 1768 | 1769 | ; If disabled, all PHPDoc comments are dropped from the code to reduce the 1770 | ; size of the optimized code. 1771 | ;opcache.save_comments=1 1772 | 1773 | ; If enabled, a fast shutdown sequence is used for the accelerated code 1774 | ;opcache.fast_shutdown=0 1775 | 1776 | ; Allow file existence override (file_exists, etc.) performance feature. 1777 | ;opcache.enable_file_override=0 1778 | 1779 | ; A bitmask, where each bit enables or disables the appropriate OPcache 1780 | ; passes 1781 | ;opcache.optimization_level=0xffffffff 1782 | 1783 | ;opcache.inherited_hack=1 1784 | ;opcache.dups_fix=0 1785 | 1786 | ; The location of the OPcache blacklist file (wildcards allowed). 1787 | ; Each OPcache blacklist file is a text file that holds the names of files 1788 | ; that should not be accelerated. The file format is to add each filename 1789 | ; to a new line. The filename may be a full path or just a file prefix 1790 | ; (i.e., /var/www/x blacklists all the files and directories in /var/www 1791 | ; that start with 'x'). Line starting with a ; are ignored (comments). 1792 | ;opcache.blacklist_filename= 1793 | 1794 | ; Allows exclusion of large files from being cached. By default all files 1795 | ; are cached. 1796 | ;opcache.max_file_size=0 1797 | 1798 | ; Check the cache checksum each N requests. 1799 | ; The default value of "0" means that the checks are disabled. 1800 | ;opcache.consistency_checks=0 1801 | 1802 | ; How long to wait (in seconds) for a scheduled restart to begin if the cache 1803 | ; is not being accessed. 1804 | ;opcache.force_restart_timeout=180 1805 | 1806 | ; OPcache error_log file name. Empty string assumes "stderr". 1807 | ;opcache.error_log= 1808 | 1809 | ; All OPcache errors go to the Web server log. 1810 | ; By default, only fatal errors (level 0) or errors (level 1) are logged. 1811 | ; You can also enable warnings (level 2), info messages (level 3) or 1812 | ; debug messages (level 4). 1813 | ;opcache.log_verbosity_level=1 1814 | 1815 | ; Preferred Shared Memory back-end. Leave empty and let the system decide. 1816 | ;opcache.preferred_memory_model= 1817 | 1818 | ; Protect the shared memory from unexpected writing during script execution. 1819 | ; Useful for internal debugging only. 1820 | ;opcache.protect_memory=0 1821 | 1822 | ; Allows calling OPcache API functions only from PHP scripts which path is 1823 | ; started from specified string. The default "" means no restriction 1824 | ;opcache.restrict_api= 1825 | 1826 | ; Mapping base of shared memory segments (for Windows only). All the PHP 1827 | ; processes have to map shared memory into the same address space. This 1828 | ; directive allows to manually fix the "Unable to reattach to base address" 1829 | ; errors. 1830 | ;opcache.mmap_base= 1831 | 1832 | ; Enables and sets the second level cache directory. 1833 | ; It should improve performance when SHM memory is full, at server restart or 1834 | ; SHM reset. The default "" disables file based caching. 1835 | ;opcache.file_cache= 1836 | 1837 | ; Enables or disables opcode caching in shared memory. 1838 | ;opcache.file_cache_only=0 1839 | 1840 | ; Enables or disables checksum validation when script loaded from file cache. 1841 | ;opcache.file_cache_consistency_checks=1 1842 | 1843 | ; Enables or disables copying of PHP code (text segment) into HUGE PAGES. 1844 | ; This should improve performance, but requires appropriate OS configuration. 1845 | ;opcache.huge_code_pages=0 1846 | 1847 | [curl] 1848 | ; A default value for the CURLOPT_CAINFO option. This is required to be an 1849 | ; absolute path. 1850 | ;curl.cainfo = 1851 | 1852 | [openssl] 1853 | ; The location of a Certificate Authority (CA) file on the local filesystem 1854 | ; to use when verifying the identity of SSL/TLS peers. Most users should 1855 | ; not specify a value for this directive as PHP will attempt to use the 1856 | ; OS-managed cert stores in its absence. If specified, this value may still 1857 | ; be overridden on a per-stream basis via the "cafile" SSL stream context 1858 | ; option. 1859 | ;openssl.cafile= 1860 | 1861 | ; If openssl.cafile is not specified or if the CA file is not found, the 1862 | ; directory pointed to by openssl.capath is searched for a suitable 1863 | ; certificate. This value must be a correctly hashed certificate directory. 1864 | ; Most users should not specify a value for this directive as PHP will 1865 | ; attempt to use the OS-managed cert stores in its absence. If specified, 1866 | ; this value may still be overridden on a per-stream basis via the "capath" 1867 | ; SSL stream context option. 1868 | ;openssl.capath= 1869 | 1870 | ; Local Variables: 1871 | ; tab-width: 4 1872 | ; End: 1873 | --------------------------------------------------------------------------------