自 PHP 5.3.0 起,PHP 支持基于每个目录的 .htaccess 风格的 INI 文件。此类文件仅被 CGI/FastCGI SAPI 处理。此功能使得 PECL 的 htscanner 扩展作废。如果使用 Apache,则用 .htaccess 文件有同样效果。
除了主 php.ini 之外,PHP 还会在每个目录下扫描 INI 文件,从被执行的 PHP 文件所在目录开始一直上升到 web 根目录($_SERVER['DOCUMENT_ROOT'] 所指定的)。如果被执行的 PHP 文件在 web 根目录之外,则只扫描该目录。
在 .user.ini 风格的 INI 文件中只有具有 PHP_INI_PERDIR
和 PHP_INI_USER 模式的 INI
设置可被识别。
两个新的 INI 指令,user_ini.filename 和 user_ini.cache_ttl 控制着用户 INI 文件的使用。
user_ini.filename 设定了 PHP 会在每个目录下搜寻的文件名;如果设定为空字符串则 PHP 不会搜寻。默认值是 .user.ini。
user_ini.cache_ttl 控制着重新读取用户 INI 文件的间隔时间。默认是 300 秒(5 分钟)。
Since the .user.ini is read from public directories, it's contents will be served to anyone requesting it and potientially show them sensitive configuration settings.
Add these lines to your .htaccess to block requests to it :
<Files ".user.ini">
Require all denied
</Files>
Be aware that PECL htscanner doesn't work (yet) on PHP7.0.
'pecl install htscanner' throws an "zend_hash_update' undeclared'" error.
"If you are using Apache, use .htaccess files for the same effect."
To clarify, this applies only to Apache module mode. If you put php directives in .htaccess on an Apache CGI/FastCGI server, this will bomb the server out with a 500 error. Thus, you unfortunately cannot create a config which caters for both types of hosting, at least not in any straightforward way.
If you have no idea what "PHP_INI_PERDIR" or "PHP_INI_USER" are or how they relate to setting a .user.ini file, take a look at the ini.list page: http://www.php.net/manual/en/ini.list.php
Basically, anything in the "Changeable" column labeled as PHP_INI_SYSTEM can't be set in the .user.ini file (so quit trying). It can ONLY be set at the main php.ini level.
This article should be made clearer.
".htaccess-style INI files" meant to me that the ini settings had to follow the syntax used in .htaccess, but this is not the case!
You have to use
register_globals=on
and not
php_flag register_globals on
Also, the changes can take a while to propagate to all processes if you have a long process time out.
Restarting php-fpm can give you an answer quicker :)