anyone knows if is it possible to enable php parse_ini_file() function overriding php.ini settings into .htaccess? If yes how it can be done?
Thank you all for help
If it was disabled using disable_functions, you can't reactivate it using a .htaccess php_value directive. See http://php.net/manual/en/ini.core.php
As far as I know, parse_ini_file() is a core function built into PHP, thus it can't really be enabled. I'll guess that you are facing one of these situations:
Your host has disabled it for security reasons (:-?) using the disable_functions directive.
You are providing a URL in the $filename parameter and your host has disabled loading or remote files with the allow_url_fopen directive.
You are reading an *.ini file you don't have access to.
In general, all three cases imply that you are just not allowed to do so. Even if you manage to find a hack and override the restriction, you might be violating your host's terms of use. Whatever, it's possible that you are just trying to do the wrong thing:
Local files can be read from disc, there is not need to use HTTP.
You should be able to read your own files, given that they're given the appropriate permissions.
I added a copy of php.ini under the folder where application wants to call parse_ini_file() and it helped, but my hosting provider "honors" php.ini file per directory, so each app can use different settings.
In this case the app was complaining PHP function parse_ini_file is not available not because the method was disabled, but because it could not find php.ini to parse.
Related
I am trying to use PHP's built-in function get_browser(). I followed the instructions in this useful post, but I'm still getting the error
browscap ini directive not set.
I downloaded the php_browscap.ini file and moved it into the same directory as my .htaccess file, so that its location is home/hostname/subdomain/php_browscap.ini Since I do not have access to my php.ini file, I am trying to edit the browscap property using .htaccess. This is what I entered:
php_value browscap home/hostname/subdomain/php_browscap.ini
I don't know if it matters, but below that there's some Rewrite Engine code.
As forementioned, I am still getting the error above. What did I do wrong?
Thanks.
The browscap PHP value has a changeable mode of PHP_INI_SYSTEM meaning it can only be set in php.ini or httpd.conf (not .htaccess).
Do a phpinfo() to understand your PHP runtime config. If your system is configure as "CGI/FastCGI" then it is probably running suPHP as the PHP initiator. In this case you can specify your own php.ini file. By default suPHP looks in the script directory but you can override this by the following directive in your .htaccess file:
suPHP_ConfigPath (expects a path name)
This option tells mod_suphp which path to pass on to the PHP-interpreter (by setting the PHPRC environment variable). Do NOT refer to a file but to the directory the file resists in.
E.g.: If you want to use "/path/to/server/config/php.ini", use "suPHP_Config/path/to/server/config".
If you don't use this option, PHP will use its compiled in default path.
Also you must use a properly formed path in your browsercap directive e.g.
browscap="/home/hostname/subdomain/php_browscap.ini"
(Note the leading /)
Addendum
I've just check and the Dreamhost shared hosting plan uses suEXEC. With suEXEC you can normally override the php.ini patch by copying the system php.ini (phpinfo() tells you where to find this) into a private directory, say _private as well as the browsercap.ini then adding
SetEnv PHPRC /home/hostname/_private
to your .htaccess file. If this doesn't work then the issue is specific to Dreamhost's suEXEC config and you need to ask this Q on http://discussion.dreamhost.com/
There are two potential problems here.
Perhaps your host does not allow you to override ini settings in the .htaccess file.
Maybe browscap does not like the path you have provided. Try:
php_value browscap /home/hostname/subdomain/php_browscap.ini
And ensure that permissions on that file allow the web user to read it.
If you are on a shared hosting and do not have access to the system php.ini then you can use the following standalone replacement of php's native "get_browser()" implementation.
https://github.com/garetjax/phpbrowscap
How do I edit php.ini when my host doesn't give me access to the core file? Is there a way to create a "sub" php.ini? If so, how would I make my apps pick up the subsequent file and use that instead of the master file (that I don't have access to edit)? It's a typical shared web host if that matters.
http://www.php.net/manual/en/configuration.changes.php
If your host allows it, you can use an Apache directive in an .htaccess file to override the INI path. (Most shared hosts, however, don't allow this.)
You might also be able to change certain individual settings via the ini_set() function in your script - again, if your host allows it.
Try to use the built-in function ini_set().
PHP configuration can be made in a number of different places:
php.ini
httpd.conf
.htaccess
within a php script via ini_set()
any more?
Some configuration settings can only be set in certain places and there's certain Apache and PHP settings that would prevent you from doing any PHP config changes in .htaccess or with your PHP script. But assuming that a given PHP setting can be set in all of the above places, in what order is this configuration read? In other words what overrides what? (I'm assuming that ini_set() overrides any of the previous settings).
There's compile-time settings before php.ini. The rest of the stages aren't really "configuration". They're more of a way to override settings established in a previous stage. PHP will quite happily run without any other config directives in php.ini/http.conf/.htaccess. php.ini does list (almost?) all the configuration settings available, but that's just a courtesy so you don't have to dig around in the docs to find the one setting you do want to override.
You named them in the correct order.
I don't recommend setting configuration in any other place than a php.ini though.
There are also per-directory php.ini configurations and I don't know which comes first, .htaccess or the directory php.ini but I would guess the .htaccess first and php.ini after.
Apache loads PHP, so Apache's config is read first. .htaccess is also handled by the webserver, so I'm guessing that will be second. Thirdly PHP is loaded. It checks for PHP.ini's in several locations. Also see here. Finally the ini_set is checked runtime.
First, You can use a user.ini file.
I think PHP will read it from the bigger to the smaller, I mean from httpd.conf -> php.ini (and then user.ini if set) -> .htacess -> ini_set()
I'm just curious if there's a way to disable things like shell_exec() using the .htaccess file or something, not globally, but only for specific subdomains or directories (possibly disable fopen() on files above the subdir). It occurred to me that on one of my shared hosts where I'm sharing subdomain space with a friend he could use PHP to get a look at directories outside his own.
Perhaps I could use mod_rewrite and send any hit anywhere through a PHP script that disables certain things before forwarding the request to where it was going? Would this work, and would it incur a significant performance penalty?
You can do it programmatically:
ini_set('disable_functions', 'fopen,shell_exec');
or in .htaccess:
php_value disable_functions fopen,shell_exec
There shouldn't be any performance degradation. I doubt you'll be changing the settings repeatedly inside a for(), while() or foreach() loop.
You can do this with a .htaccess file:
http://www.askapache.com/php/custom-phpini-tips-and-tricks.html#m0-askapache12
I believe those things need to be changed in the php.ini file. Some host allow you to have multiple php.ini files within the files structure. If you are on a shared hosting environment then you probably will have one php.ini file for all shared accounts. Host realize this is a problem so they allow you to have your own within your home directory for sub directory... check with your host.
I need to turn allow_url_include On. How can I do this? I have access to .htaccess as well as php.ini.
I'm using PHP version 5.2.9
I've tried adding
php_value allow_url_include On
in .htaccess and
allow_url_include = On
in php.ini.
Both files are at the root of my website.
Is there a way to use the curl/get page function as a workaround?
Are you sure you're grabbing the right php.ini file?
If you're on a linux box, you might be grabbing the wrong one. I've seen that happen in the past. If you are indeed using Linux, open the terminal and type
which httpd
which php
Then you'll know if your pointing to the right locations.
Depending on what you are trying to use as a file to include you will need to enable both url_fopen and url_include.
The relevant php documentation entry is available here:
http://www.php.net/manual/en/filesystem.configuration.php