I got these php.ini settings on the web application folder.
magic_quotes_gpc = Off;
register_globals = Off;
default_charset = "UTF-8";
memory_limit = 64M;
max_execution_time = 3600;
upload_max_filesize = 10M;
sql.safe_mode = Off;
mysql.connect_timeout = 20;
allow_url_fopen = Off;
session.auto_start = Off;
session.use_only_cookies = On;
session.use_cookies = On;
session.use_trans_sid = Off;
session.cookie_httponly = On;
session.gc_maxlifetime = 3600;
session.cookie_secure =On;
session.entropy_file = "/dev/urandom";
To check whether these settings are enforced, I saved these codes to a file checksettings.php
<?php
if(get_magic_quotes_gpc())
echo "Magic quotes are enabled";
else
echo "Magic quotes are disabled";
echo '<br>';
echo 'Register Globals = ' . ini_get('register_globals');
echo '<br>';
echo 'Default Charset = ' . ini_get('default_charset');
echo '<br>';
echo 'Memory Limt = ' . ini_get('memory_limit');
echo '<br>';
echo 'Max Execution Time = ' . ini_get('max_execution_time');
echo '<br>';
echo 'Upload Max File Size = ' . ini_get('upload_max_filesize');
echo '<br>';
echo 'Sql Safe Mode = ' . ini_get('sql.safe_mode');
echo '<br>';
echo 'MySQL connect Timeout = ' . ini_get('mysql.connect_timeout');
echo '<br>';
echo 'Allow url fOpen = ' . ini_get('allow_url_fopen');
echo '<br>';
On loading the checksettings.php on my web browser I get these output
Magic quotes are disabled
Magic Quotes =
Register Globals =
Default Charset = UTF-8
Memory Limt = 128M
Max Execution Time = 30
Upload Max File Size = 2M
Sql Safe Mode =
MySQL connect Timeout =
Allow url fOpen = 1
Now, as far as I understand, the blanks (Register Globals = , Sql Safe Mode = etc.) are due to (I believe) syntax error (which I will look into) but a few values are not as I set them to be.
The Memory Limit which was set to 64M is 128M, Max Execution time which was set to 3600 is 30s, Upload Max File Size which is set to 10M is 2M and Allow url fopen which was set 0 or Off is 1/on.
What am I doing wrong?
