I have multiple system running on PHP 5.3 that are 15-10 years old, I can't go on those and change anything.
Problem is: some of those system are using PHP register_globals = on that is depreciate on PHP 5.3 and doesn't even exist in PHP 5.4 (http://php.net/manual/en/security.globals.php).
I am developing a new system and would like to turn PHP register_globals = off But I can't because all those old system that NEEDS it.
So I thought about dynamically changing the register_globals to off in my script using string ini_set ( string $varname , string $newvalue ) but the documentation (http://php.net/manual/en/function.ini-set.php) baffles me a bit:
Sets the value of the given configuration option. The configuration option will keep this new value during the script's execution, and will be restored at the script's ending.
Does that mean that if I have two script running at the same time lets say... One of my old system that really needs register_globals = on and my new system that use ini_set() to register_globals = off that the old script will be running with the newly changed setting? Or will it keep the setting in my PHP.ini file and the new system will run on the ini_set() configuration?
--EDIT--
After some test (see code below) #Jacob was right and it seems PHP create a context for each script and that ini_set() only change the configuration of the script its in.
TestWithIni_Set.php
<?php
ini_set('register_globals', '0');
$i = 0;
while(true)
{
if($i == 0)
{
phpinfo();
}
$i++;
}
?>
TestWithoutIni_Set.php
<?php
phpinfo();
?>
So I ran TestWithIni_Set.php first, then will TestWithIni_Set.php was executing (the infinite while loop) I ran TestWithoutIni_Set.php.
Unfortunatly, it seams like I can't change register_globals value with ini_set(). I tried the following:
//Knowing that ini_set() parameters are strings I tried those anyway.
ini_set('register_globals', '0');
ini_set('register_globals', 0);
ini_set('register_globals', 'off');
ini_set('register_globals', 'Off');
ini_set('register_globals', false);
ini_set('register_globals', 'false');
Then to make sure I didn't had something wrong in my code I tried:
ini_set('log_errors', '0');
Just to see if it would work and it did. Then value of log_errors for the script with ini_set() was off and the value of log_errors for the script without ini_set() was on.
But now I have a different problem.
How can I change the value of register_globals for only the running script if I can't change it using ini_set()?
I added a .user.ini file to my new system dir with the only line being register_globals=off.
I also went and uncomment the following line in my PHP.ini file:
user_ini.filename = ".user.ini"
I also made sure only a local user had the rights to make changes to that dir. So somebody couldn't go and upload a new user define .ini file for my server within this dir.
For exemple: IIS user can only read the file in this dir and can't add/modify/remove any file.
Related
I migrated my server and have several php script using set_time_limit.
I don't want to set a global time limit in the php.ini but set_time_limit doesn't work anymore.
I read somewhere that it doesn't work with safe_mode so I checked and it is not enabled. What can I do ?
I have changed php.ini's some value in php.ini file and also through php script like,
ini_set('upload_max_filesize', '10M');
ini_set('POST_MAX_SIZE', '10MB');
but when I am running phpinfo() it doesn't shows the updated value.
It shows
upload_max_filesize = 2M
I am wondering how it is possible??
Do you have access to your Apache configuration ?
Maybe theses parameters are overridden in the virtual host of the Apache configuration via php_admin_value. If this is the case, then you won't be able to change this value in the php script itself.
Also, check the following post : Changing upload_max_filesize on PHP
Good luck with that.
Firstly, it is very common for your environment to contain several php.ini files, where the one you're editing is not actually being used. Check php_info() output for the path to the loaded configuration file to double check.
If it's definitely correct, restart your web server and double-check it's still not loading.
If you still got no luck, have a look at the return values for ini_set():
if(ini_set('upload_max_filesize', '10M') === FALSE ||
ini_set('POST_MAX_SIZE', '10MB') === FALSE)
{
echo "Failed to set a configuration parameter.";
} else {
// These functions returned strings containing the old value.
}
Let us know what the above returns for you.
<?php
session_start();
if(isset($_SESSION["counter"])){
echo session_id()." ".$_SESSION["counter"];
$_SESSION["counter"]++;
}
else{
$_SESSION["counter"]=0;
echo "start counter";
}
?>
It's just a basic example code for session. It working find of my PC using XAMPP. But it doesn't work at all when I put it in to my vps webserver. The out put only include"start counter" and never changed whatever I refresh the page. I checked php.ini both on XAMPP and vps. variables_order = "GPCS" request_order = "GP" register_globals = Off session.save_handler = files Above configurations are same on XAMPP and vps.
It can be due to the reason that your session expires too fast on another server. Start by making sure you're setting the session variable correctly. It's possible that sessions either aren't enabled or aren't configured correctly in the php.ini file on your server.
You can try putting this in front of the file to see any errors. When you see the error you can figure out where you have gone wrong.
error_reporting(E_ALL);
ini_set('display_errors', 1);
I've tried everything to change the max_execution_time of a php crawler script so that it can run an infinite amount of time.
I have changed the php.ini file setting max_execution_time to 0 or 100000000 but with no change
I've also tried setting it from the php script itself by using ini_set('max_execution_time', 0);
All php scripts throw the same error Fatal error: Maximum execution time of 3000 seconds exceeded, what could I be missing and how can I make sure there is no max execution time limit?
php script
<?php
ini_set('MAX_EXECUTION_TIME', -1);
error_reporting(E_ALL); // turn on all errors, warnings and notices for easier debugging
//ini_set('max_execution_time', 123456);
ini_set('max_input_time', -1);
ini_set('memory_limit', '512M');
set_time_limit(0);
date_default_timezone_set('Europe/London');
/*code which scrapes websites*/
?>
phpinfo()
max_execution_time 0 0
max_input_time -1 -1
Try turning off safe mode in php and then try the below code
if( !ini_get('safe_mode') ){
set_time_limit(0); //this won't work if safe_mode is enabled.
}
This should allow you to run the script for infinite time.
In Apache you can change maximum execution time by .htaccess with this line
php_value max_execution_time 200
set_time_limit() php manual ref.
You shouldn't let your crawler run under apache, it's better to run it stand-alone via cli as part of a Gearman setup.
That way it won't hog your web server and it can run as long as you want. You can find many bindings for Gearman that you can use, including PHP of course.
use
set_time_limit(0);
at the top of the script
In WAMP there is three PHP.ini files so you might find 3 in xampp also, so just search for it with find and replace max_execution_time to what you are setting. But you must keep something small not too large as for speedy the app you running.
You could also try setting ignore_user_abort(TRUE); in your script as it might be the browser timing out rather than the script.
From the php.net manual
<?php
// Ignore user aborts and allow the script
// to run forever
ignore_user_abort(true);
set_time_limit(0);
See here for more info
http://www.php.net/manual/en/function.ignore-user-abort.php
If you are on windows, and this is a CLI run script maybe read this.
check phpinfo() from a temp script and search for max_execution_time. make sure that it has same value what you are setting. default should be 30 seconds. try to change it to a couple of different values and restart apache then check the value in phpinfo() to confirm.
if when you change the value it is reflected properly in the phpinfo() it means that there is some code in your script which is changing this value. search for two things in your code:
search your code for ini_set() and check if it is change max_execution_time
search for set_time_limit()
these functions can change maximum time limit of execution from script. otherwise you should check .htaccess from where this value may be set. but this will effect phpinfo() also.
I found the following in the xampp documentation. Maybe you are trying to edit the wrong php.ini file?
Why have changes in my php.ini no effect?
Since XAMPP 1.7.1 the "php.ini" is only in the directory "\xampp\php". Till XAMPP 1.7.0 is was in the directory "\xampp\apache\bin".
If a change in the "php.ini" have no effect, it's possible PHP is still using an other one. You can verify this with phpinfo(). Go to the URI localhost/xampp/phpinfo.php and search for "Loaded Configuration File". This value shows you the "php.ini" PHP is really using.
Info:
After changing the "php.ini" you have to restart Apache, thus Apache/PHP can read the new settings.
what you are doing is just setting the max_execution_time to whatever inside your page.
you can't change this using ini_set. you can change the memory_limit only.
see more details here...
from the php official site.
if you want them to be changed, change in php.ini.
You have to change both of these in you php.ini ( and check if that's the right php.ini by finding the location in phpinfo(); output! )
max_execution_time = 0
max_input_time = 0
And after that check if some php file is not overwriting those variables locally.
open php.ini notepad file and search or find upload_max_filesize = 1000M and you should change on Post_max_filesize = 1000M then restart your xampp and refresh the local phpmyadmin..
I want to do the equivalent to the following line in file php.ini, but from PHP.
short_open_tag = On
Is it possible?
I tried this:
<?php
if (!ini_get('short_open_tag')) {
ini_set('short_open_tag', 'On');
}
$a = 1;
?>
<?=$a;?>
which outputs <?=$a;?>, so it's not working.
Yes, ini_set() is what you want.
An example:
if (!ini_get('short_open_tag')) {
ini_set('short_open_tag', 'on');
}
If you are using PHP 5.3, short_open_tag is no longer an option.
Description of core php.ini directives
Short tags have been deprecated as of PHP 5.3 and may be removed in PHP 6.0.
If you want to change it during a session and forget about it later, use ini_get() and ini_set(). If you want to actually modify php.ini programmatically, you can parse the ini file using parse_ini_file(), change your options and rewrite back to disk. See here for more.
Or you can write your own string replacement routine using the normal opening of a file, preg_replace(), etc.
Although you can use ini_set, be careful (quoted from the PHP documentation):
Not all the available options can be changed using ini_set(). There is a list of all available options in the appendix.
If you are changing options, like magic_quotes and short_open_tags, that's OK. But if you are going to change safe_mode, enable_dl, etc., the function will fail silently.
Many of the options specified above as examples are obsolete/removed security options in former versions of PHP. Consult the documentation if the behavior of ini_set is unexpected (e.g., does not work)
Please edit the php.ini file (just remove the ; and restart your Apache server):
Replace
;short_open_tag = On
with
short_open_tag = On
Now it will work.