php.ini

[PHP]

;; This document is optimized for Apache/Mod_php on Linux (windows settings, among others, are removed or ignored)

;;;;; Basic settings ;;;;;
	;; turn PHP parsing on
	engine = On
	;; allow <? in addition to <?php
	short_open_tag = Off
	;; turn off <% %>
	;asp_tags = Off - Removed in PHP 7.0
	;; floating point precision
	precision = 14
	;; shouldn't everything be y2k_compliant by now?
	;y2k_compliance = On - Removed in PHP 5.4.0
	;; output compression is handled by Apache. you might change this if your primary method of consumption isn't the browser
	zlib.output_compression = Off
	;zlib.output_compression_level = -1
	;zlib.output_handler =
	;; add extra precision for floating points when the values are serialized, so we don't lose info when we unserialize
	serialize_precision = -1
	;; add PHP acknowledgement to server string
	expose_php = Off
	;; if no mimetype is specified, default to text/html
	default_mimetype = "text/html"
	;; set the default charset header to send UTF-8
	default_charset = "UTF-8"
	;; enable the circular reference collector
	zend.enable_gc = On
	;; do not enable incompatible script encodings
	;zend.multibyte = Off
	;zend.script_encoding =
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;;; Error Reporting ;;;;;
	;; generate warnings and errors for all possible scenarios
	;;;PRODUCTION - error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
	error_reporting = E_ALL | E_STRICT
	;; the errors that are generated are displayed
	;;;PRODUCTION - display_errors = Off
	display_errors = On
	;; any errors generated during PHPs startup process are displayed
	;;;PRODUCTION - display_startup_errors = Off
	display_startup_errors = On
	;; log errors to an error log
	log_errors = On
	;; the maximum length of each error log line
	log_errors_max_len = 1024
	;; skip errors that occur in the same run of a script on the same line
	ignore_repeated_errors = On
	;; watch the script source when ignoring repeated errors, basically unless the repeated error happens in a single run of a script, log it
	ignore_repeated_source = Off
	;; in debug mode, report memory leaks as an error
	report_memleaks = On
	;; descriptive bug messages - this setting is on by default.
	;report_zend_debug = 0
	;; cache last error or warning in $php_errormsg
	track_errors = Off
	;; mark up displayed errors in XMLRPC error-response format
	;xmlrpc_errors = 0
	;; An XML-RPC faultCode
	;xmlrpc_error_number = 0
	;; when displaying an error, use HTML
	html_errors = On
	;; change the location for error links if you've downloaded the docs locally
	;docref_root = "/phpmanual/"
	;; specify the extension if you've downloaded the docs locally
	;docref_ext = .html
	;; Prepend error output with this string
	;error_prepend_string = "<font color=#ff0000>"
	;; Append error output with this string, companion to above
	;error_append_string = "</font>"
	;; log errors to this file
	error_log = /www/sites/[domain]/logs/php.errors.log
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;;; Performance/Resource Settings ;;;;;
	;; buffer and send in chunks of this size (bytes)
	output_buffering = 4096
	;; reduce relative filesystem queries
	;realpath_cache_size = 16k
	;; how long to retain the cache for
	;realpath_cache_ttl = 120
	;; default timeout on the script is set to 30 seconds, will likely be overridden per script if the script warrants (most won't)
	max_execution_time = 30
	;; default timeout on parsing user input... in most cases, it will be much less than this
	max_input_time = 60
	;; how deep will we support sub-arrays in user input
	;max_input_nesting_level = 64
	;; max memory each process can consume, will likely be overridden per script if the script warrants (most won't)
	memory_limit = 128M
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;;; Security Limitations ;;;;;
	;; only allows file operations under the specified directory
	;open_basedir =
	;; comma delimited list of functions that are not allowed
	disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
	;; same, but for classes
	disable_classes =
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;;; Should be set in App ;;;;;
	;; send all output through a defined function - if we need this, we need to specify that in our app
	;output_handler =
	;; this basically overrides output_buffering by implicitly calling flush() after each output call - for debugging purposes only, should be turned on as needed in script
	implicit_flush = Off
	;; if a serialized value contains an undefined class, this defines a function to handle it - should be specified in app, and in most cases should be handled by an autoloader
	unserialize_callback_func =
	;; if the call for the page is aborted, keep processing
	;ignore_user_abort = On
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;;; Data Handling ;;;;;
	;; Argument separator used in PHP generated URLs, &amp; is better than just &, but generally PHP isn't going to be generating URLs
	arg_separator.output = "&amp;"
	;; Argument separator used to parse input URLs, generally just &, we might could do some interesting things with others
	;arg_separator.input = ";&"
	;; Which super globals are registered: G[ET] P[OST] C[OOKIE] S[ERVER] & E[NV] (E generally not needed)
	variables_order = "GPCS"
	;; Which super globals populate the REQUEST super global, & the later ones supersede the earlier ones
	request_order = "GP"
	;; Whether to register the argc and argv arrays with inputs on every script run.  They're
	;; only useful for command line runs, for which they're already turned on regardless
	register_argc_argv = Off
	;; don't register SERVER (or ENV, if we enable it) until it's used... slight performance gain
	auto_globals_jit = On
	;; max size of POST data, if it goes beyond this we get issues and lost data
	post_max_size = 8M
	;; whether to populate $HTTP_RAW_POST_DATA, there are better ways to get at it, default OFF
	;always_populate_raw_post_data = On
	;; don't turn off auto-population of POST superglobal
	;enable_post_data_reading = Off
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;;; Path/File & remote connection Handling ;;;;;
	;; basically, the PHP PATH environment variable, if we want to use a library from a default include, it'll have to be here
	;; defaults to .:/path/to/php/pear (current directory, and PEAR)
	;; more efficient to omit current directory and explicitly use it in includes, I'll have to start doing that
	;include_path = ".:/usr/share/php"
	;; in certain circumstances, this is beneficial to set, but not apache/mod_php
	doc_root =
	;; companion to doc_root, the name of the directory in a user's home directory for PHP files :P
	user_dir =
	;; directory for dynamically loadable extensions (default "/path/to/php")
	;extension_dir = "./"
	;; whether to enable extensions to be loaded dynamically at runtime (the dl() function).  We should ensure any needed ones are enabled at startup
	enable_dl = Off
	;; cgi stuff - not useful for apache/mod_php
	;cgi.force_redirect = 1
	;cgi.nph = 1
	;cgi.redirect_status_env = ;
	;cgi.fix_pathinfo=1
	;fastcgi.impersonate = 1;
	;fastcgi.logging = 0
	;cgi.rfc2616_headers = 0
	;; Allow file uploads over HTTP
	file_uploads = On
	;; PHP tmp directory for uploads, or system default
	;upload_tmp_dir =
	;; Max allowed filesize for uploads - will be changed in script if needed
	upload_max_filesize = 2M
	;; Maximum number of files that can be uploaded via a single request
	max_file_uploads = 20
	;; allow treating URLs like local files for file manipulation purposes
	allow_url_fopen = On
	;; disallow treating URLs like local files for direct inclusion and execution purposes
	allow_url_include = Off
	;; the FROM header for anonymous FTP connections - no default
	;from="john@doe.com"
	;; the User-Agent header to provide with remote connections - no default
	;user_agent="PHP"
	;; Default timeout for socket based streams (seconds)
	default_socket_timeout = 60
	;; auto-detect line endings sourced from different OSes... might be a performance improvement to turn this off, but in general we probably need it
	auto_detect_line_endings = On
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;;; Best Practice settings - shouldn't be changed except under duress ;;;;;
	;; deprecated - generates a warning if turned on
	;allow_call_time_pass_reference = Off - Removed in PHP 5.4.0
	;; deprecated - safe mode is removed in recent versions
	;safe_mode = Off
	;safe_mode_gid = Off
	;safe_mode_include_dir =
	;safe_mode_exec_dir =
	;safe_mode_allowed_env_vars = PHP_
	;safe_mode_protected_env_vars = LD_LIBRARY_PATH
	;; syntax highlight mode shouldn't be used except under specific circumstances - syntax highlighting colors
	;highlight.string  = #DD0000
	;highlight.comment = #FF9900
	;highlight.keyword = #007700
	;highlight.bg      = #FFFFFF
	;highlight.default = #0000BB
	;highlight.html    = #000000
	;; register variables in super globals as globals themselves - BAD NEWS DO NOT TURN IT ON
	;register_globals = Off
	;; whether to register the deprecated $HTTP_*_VARS
	;register_long_arrays = Off
	;; PHP attempts to escape the super globals values for e.g. database use - NOT RELIABLE DO NOT TURN IT ON
	;magic_quotes_gpc = Off
	;; PHP attempts to escape other data generated at runtime - not a better idea than above
	;magic_quotes_runtime = Off
	;; More magic quotes foolishness
	;magic_quotes_sybase = Off
	;; auto prepend? seriously? why on earth this should be done UNIVERSALLY in php.ini vs. using 
	;; require() in-script since scripts might, you know, actually do different things, is beyond me
	;auto_prepend_file =
	;; ditto auto append file
	;auto_append_file =
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;------------------------------------------------------
;; Extensions ;;
;; load extensions dynamically, optionally in PATH or with full specified path
;extension=apc.so

[CLI Server]
	;; use ANSI color coding in the CLI web server terminal output.
	cli_server.color = On

[Date]
	;; Defines the default timezone used by the date functions - usually set for location of server
	date.timezone = "America/New_York"
	;; Default Latitude/Longitude for date functions
	;date.default_latitude = 31.7667
	;date.default_longitude = 35.2333
	;; Sunrise/Sunset Zenith for date functions
	;date.sunrise_zenith = 90.583333
	;date.sunset_zenith = 90.583333

[filter]
	;; filter the superglobals with built in filters
	;filter.default = unsafe_raw
	;filter.default_flags =

[iconv]
	;; converting strings between character sets
	;iconv.input_encoding = ISO-8859-1
	;iconv.internal_encoding = ISO-8859-1
	;iconv.output_encoding = ISO-8859-1

[intl]
	;; handle internationalization
	;intl.default_locale =
	;intl.error_level = E_WARNING

[sqlite]
	;; use mixed case or, for compatibility, force upper or lower case- old sqlite, shouldn't use
	;sqlite.assoc_case = 0

[sqlite3]
	;; sqlite3 is loaded from the get go
	;sqlite3.extension_dir =

[Pcre]
	;; PCRE - Perl-Compatible Regular Expressions library
	;; PCRE backtracking limit.
	pcre.backtrack_limit=100000000
	;; PCRE recursion limit.
	pcre.recursion_limit=1000000

[Pdo]
	;; PDO is a data source access abstraction layer
	;; ODBC - Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off"
	;pdo_odbc.connection_pooling=strict

[Pdo_mysql]
	;; If mysqlnd is used: Number of cache slots for the internal result set cache
	pdo_mysql.cache_size = 2000
	;; Default socket name for local MySQL connects. If empty, uses the built-in MySQL defaults.
	pdo_mysql.default_socket=

[Phar]
	;; PHP archive - compressed pages that can be opened and run
	;; disable archive creation
	;phar.readonly = On
	;; require a hash signature to process the phar file
	;phar.require_hash = On
	;; list of archives to pre-parse at PHP startup
	;phar.cache_list =

[Syslog]
	;; Do not pre-define the various syslog variables (e.g. $LOG_PID, $LOG_CRON, etc.).
	define_syslog_variables  = Off

[mail function]
	;; You may supply arguments as well (default: "sendmail -t -i").
	;sendmail_path = "/usr/bin/msmtp -C /etc/msmtp/msmtp.conf -t"
	;; Force the addition of the specified parameters to be passed as extra parameters
	;mail.force_extra_parameters =
	;; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename
	mail.add_x_header = Off
	;; The path to a log file that will log all mail() calls. Log entries include
	mail.log = /www/sites/[domain]/logs/php.mail.log

[SQL]
	sql.safe_mode = Off

[ODBC]
	;; Default ODBC connection details
	;odbc.default_db    =  Not yet implemented
	;odbc.default_user  =  Not yet implemented
	;odbc.default_pw    =  Not yet implemented
	;; Controls the ODBC cursor model.
	;odbc.default_cursortype
	;; Allow or prevent persistent links.
	odbc.allow_persistent = On
	;; Check that a connection is still valid before reuse.
	odbc.check_persistent = On
	;; Maximum number of persistent links.  -1 means no limit.
	odbc.max_persistent = -1
	;; Maximum number of links (persistent + non-persistent).  -1 means no limit.
	odbc.max_links = -1
	;; Handling of LONG fields.  Returns number of bytes to variables.  0 means passthru.
	odbc.defaultlrl = 4096
	;; Handling of binary data.  0 means passthru, 1 return as is, 2 convert to char.
	odbc.defaultbinmode = 1

[MySQL]
	;; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
	mysql.allow_local_infile = On
	;; Allow or prevent persistent links.
	mysql.allow_persistent = On
	;; If mysqlnd is used: Number of cache slots for the internal result set cache
	mysql.cache_size = 2000
	;; Maximum number of persistent links.  -1 means no limit.
	mysql.max_persistent = -1
	;; Maximum number of links (persistent + non-persistent).  -1 means no limit.
	mysql.max_links = -1
	;; Default connection details for mysql_connect()
	mysql.default_port =
	mysql.default_socket =
	mysql.default_host =
	mysql.default_user =
	mysql.default_password =
	;; Maximum time (in seconds) for connect timeout. -1 means no limit
	mysql.connect_timeout = 60
	;; Trace mode. When trace_mode is active (=On), warnings for table/index scans and SQL-Errors will be displayed.
	mysql.trace_mode = Off

[MySQLi]
	;; Maximum number of persistent links.  -1 means no limit.
	mysqli.max_persistent = -1
	;; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
	;mysqli.allow_local_infile = On
	;; Allow or prevent persistent links.
	mysqli.allow_persistent = On
	;; Maximum number of links.  -1 means no limit.
	mysqli.max_links = -1
	;; If mysqlnd is used: Number of cache slots for the internal result set cache
	mysqli.cache_size = 2000
	;; Default connection details for mysqli_connect()
	mysqli.default_port = 3306
	mysqli.default_socket =
	mysqli.default_host =
	mysqli.default_user =
	mysqli.default_pw =
	;; Allow or prevent reconnect
	mysqli.reconnect = Off

[mysqlnd]
	;; Enable / Disable collection of general statstics by mysqlnd which can be used to tune and monitor MySQL operations.
	mysqlnd.collect_statistics = On
	;; Enable / Disable collection of memory usage statstics by mysqlnd which can be used to tune and monitor MySQL operations.
	mysqlnd.collect_memory_statistics = Off
	;; Size of a pre-allocated buffer used when sending commands to MySQL in bytes.
	;mysqlnd.net_cmd_buffer_size = 2048
	;; Size of a pre-allocated buffer used for reading data sent by the server in bytes.
	;mysqlnd.net_read_buffer_size = 32768

[PostgresSQL]
	;; Allow or prevent persistent links.
	pgsql.allow_persistent = On
	;; Detect broken persistent links always with pg_pconnect(). Auto reset feature requires a little overheads.
	pgsql.auto_reset_persistent = Off
	;; Maximum number of persistent links.  -1 means no limit.
	pgsql.max_persistent = -1
	;; Maximum number of links (persistent+non persistent).  -1 means no limit.
	pgsql.max_links = -1
	;; Ignore PostgreSQL backends Notice message or not. Notice message logging require a little overheads.
	pgsql.ignore_notice = 0
	;; Log PostgreSQL backends Notice message or not. Unless pgsql.ignore_notice=0, module cannot log notice message.
	pgsql.log_notice = 0

[bcmath]
	;; Number of decimal digits for all bcmath functions.
	bcmath.scale = 0

[Session]
	;; Use an SQLite database to store sessions
	session.save_handler = sqlite
	;; Where the database file is stored
	session.save_path = "/www/sites/[domain]/session/phpsession.db"
	;; Whether to use cookies.
	session.use_cookies = 1
	;; whether to set the secure flag on the session cookie
	;session.cookie_secure =
	;; Don't allow passing session IDs in query strings
	session.use_only_cookies = 1
	;; Name of the session (used as cookie name).
	session.name = session_key
	;; Don't initialize session on request startup. We may want to modify something before the session starts
	session.auto_start = 0
	;; Lifetime in seconds of cookie or, if 0, until browser is restarted.
	session.cookie_lifetime = 0
	;; If the cookie should be set for a sub-path on the site, specify it here
	session.cookie_path = /
	;; The domain for which the cookie is valid.
	session.cookie_domain =
	;; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
	session.cookie_httponly =
	;; Handler used to serialize data.  php is the standard serializer of PHP.
	session.serialize_handler = php
	;; gc_probability/gc_divisor is the chance to garbage collect on any particular session start, and
	;; lifetime is how long before the session data becomes garbage
	session.gc_probability = 1
	session.gc_divisor = 1000
	session.gc_maxlifetime = 43200
	;; turn off global scope bug & warnings for it
	session.bug_compat_42 = Off
	session.bug_compat_warn = Off
	;; since we're not accepting session IDs in URLs, we don't need to check the referer
	session.referer_check =
	;; Add entropy to the session ID creation from /dev/urandom
	session.entropy_length = 32
	session.entropy_file = /dev/urandom
	;; Let Apache handle caching and expiring
	session.cache_limiter =
	session.cache_expire =
	;; Disabled transferring Session IDs through URLs
	session.use_trans_sid = 0
	;; use the whirlpool function to generate the session hash, reducing the possibility of collisions
	session.hash_function = whirlpool
	;; Shorten the Session ID as much as possible by allowing the use of as many characters as possible
	session.hash_bits_per_character = 6
	;; Similar to adding session IDs to output, we can do the same with runtime specified variables, specifying how and where here
	url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
	;; Enable upload progress tracking in $_SESSION, clean up the tracking data after read is complete, prefix var, increment by 2% and update every 1 sec
	session.upload_progress.enabled = On
	session.upload_progress.cleanup = On
	session.upload_progress.prefix = "file_progress."
	session.upload_progress.name = "upload_percent_complete"
	session.upload_progress.freq =  "2%"
	session.upload_progress.min_freq = "1"

[Assertion]
	;; If we want to use assertion, we can set it in our script

[COM]
	;; COM is Windows only, if such a situation should arise that we'd need it, we can set it in file

[mbstring]
	;; Pretty much all of the mbstring stuff should be set in script

[gd]
	;; don't ignore warnings in decoding jpgs
	;gd.jpeg_ignore_warning = 0

[exif]
	;; exif stuff should be set in script

[Tidy]
	;; The path to a default tidy configuration file to use when using tidy
	;tidy.default_config = /usr/local/lib/php/default.tcfg
	;; Should tidy clean and repair output automatically? Not for use when generating non-html content
	tidy.clean_output = Off

[soap]
	;; Enable WSDL caching feature.
	soap.wsdl_cache_enabled=1
	;; SOAP extension will put cache files in the /tmp directory
	soap.wsdl_cache_dir="/tmp"
	;; cached file will be used for a day instead of re-querying
	soap.wsdl_cache_ttl=86400
	;; cache up to 5 files
	soap.wsdl_cache_limit = 5

[sysvshm]
	;; set a default size for a shared memory segment
	;sysvshm.init_mem = 10000

[ldap]
	;; don't limit the maximum number of open links
	ldap.max_links = -1

[mcrypt]
	;; usually the default locations for mcrypt functions & etc (libmcrypt) are what's desired

[dba]
	;; if we need this we'll know it