Joomla! Discussion Forums

I read alot about global register_off being important for security reasons.

I asked my host site5.com and they directed me to this information. I hope it helps.


Also, i just wanted some to verify for me, if i added the right info

http://tips-scripts.com/?tip=php_ini#tip




- - Start Script Here - -
// Put all the php.ini parameters you want to change below. One per line.
// Follow the example format $parm[] = "parameter = value";
$parm[] = "register_globals = Off";
$parm[] = "session.use_trans_sid = 0";
// full unix path - location of the default php.ini file at your host
// you can determine the location of the default file using phpinfo()
$defaultPath = '/usr/local/lib/php.ini'; 
// full unix path - location where you want your custom php.ini file
$customPath = "/home/user/public_html/php.ini"; <-- change "user" to mine
$parm[] = "upload_max_filesize = 4M";   <-- i added these lines regarding max upload and post max
// user specified max file upload size
$parm[] = "post_max_size = 10M";   
// user specified post max size
// nothing should change below this line.
if (file_exists($defaultPath)) {
  $contents = file_get_contents($defaultPath); 
  $contents .= "\n\n; USER MODIFIED PARAMETERS FOLLOW\n\n";   
  foreach ($parm as $value) $contents .= $value . " \n";
  $handle = fopen($customPath, 'w'); 
  if (fwrite($handle, $contents)) { 
    fclose($handle);
    if (chmod($customPath,0600)) $message = "The php.ini file has been modified and copied";
      else $message = "Processing error - php.ini chmod failed";
  } else {
    $message = "Processing error - php.ini write failed";
  }
} else {
  $message = "Processing error - php.ini file not found";
}
echo $message;
?> 
- - End Script Here - -

You will really need to check this with your host as many (if not the majority) of hosts do not allow you to override these settings

1) I only changed 1 setting, and that was for the dir path.

2) I added the max upload and post max size.

It was my hosting company that gave me this info.

Cheers!

Looks good to me. I've used the same scripts for several sites at a different host. Worked perfectly every time.

Do this:
1. Check your global configurations to see that register_globals is ON.
2. In your script, change the setting register_globals to OFF (which in this case you've already done).
3. Run the script that creates your "custom" ini file. That's the one that should be created in the root directory of your Web site.
4. Run the script that copies your custom ini to all sub-directories.
5. Check your Global Configurations again. register_globals should now be OFF.
6. If it worked, start modifying other settings and and rerunning the scripts.
7. If something goes wrong, it's easy to back out by running the script for deleting ini files.
8. If you decide to keep the scripts on the site, I'd add a little security, such as placing them in a directory protected with .htaccess.

I checked my error log, and i am getting this error,

Can someone advise:

PHP:  Error parsing /home/xxxxxx/public_html/php.ini on line 8

Guessing here - Should that line read $customPath = "/home/xxxxxx/public_html/";

Regards

Dave

Is there a way to modify the executeable path so that my custom bin that contains the modules my host didn't provide doesn't have to be hard coded but would be found in the search?
Thanks
W

i follow the instructions
made one file installphpini.php



typed mysite.com/installphpini.php
and only get the code


what am i doing wrong