How to Override PHP Configuration Options

By | March 4, 2010 | Programming

7

configure PHPConfiguring PHP is easy. You can change almost any aspect of the interpreter within the php.ini configuration file, e.g. modify error handling, increase memory usage, etc.

Unfortunately, problems can occur when you move your application to a live hosting environment or are distributing the code to customers. ISPs usually lock down the php.ini configuration file — especially on shared hosting. This could cause your application to fail.

Fortunately, it’s not necessary to upgrade to an expensive dedicated server. The two methods below allow you to override PHP settings within your application.

Apache Module Directives

The majority of ISPs provide Apache web server hosting on Linux or Unix platforms. Hopefully, they’ve also granted “AllowOverride Options” or “AllowOverride All” privileges in Apache’s httpd.conf configuration. This allows you to create an .htaccess file within your application’s root folder overrides the default Apache and PHP configuration.

Two PHP directives are permitted within .htaccess:

  • php_flag <boolean-flag-name> on|off
  • php_value <flag-name> <flag-value>

php_flag should be used for on/off values, whereas php_value can be used for any others. For example, the following .htaccess file will disable globals, set the maximum file upload size to 20MB, and allow PHP scripts to run for 10 minutes (600 seconds):


php_flag register_globals off
php_value upload_max_filesize 20M
php_value max_execution_time 600

However, the solution will not work in all Apache installations or other web servers such as IIS.

PHP Runtime Configuration

A more portable, server-agnostic solution is PHP’s ini_set function. — it allows you to change a setting within your application at runtime. The function accepts two arguments: ini_set(flag-name, flag-value), e.g.


<?php
ini_set('register_globals', 0);
ini_set('upload_max_filesize', '20M');
ini_set('max_execution_time', 600);
?>

Booleans, numbers and strings can be used interchangeably — PHP will attempt to cast the value to an appropriate type.

Several related functions are available:

ini_get(flag-name)
Returns the configuration value. I’d recommend checking your configuration change and taking appropriate action. Don’t assume ini_get() will always work.

ini_get_all([extension])
Returns all configuration values as an associative array. The optional extension parameter returns options specific to that extension, e.g. ‘allow_url_fopen’.

get_cfg_var(flag-name)
Returns the original configuration value from php.ini (not any overrides set in .htaccess or by ini_set).

ini_restore(flag-name)
Returns a configuration option to its original value.

Coming soon: How to Handle Unloaded PHP Extensions.

Has PHP configuration ever caused you problems when porting an application to another server?

Learn Responsive Web Design

Join Learnable $29 Includes all SitePoint books

Craig Buckler

Craig is a Director of OptimalWorks, a UK consultancy dedicated to building award-winning websites implementing standards, accessibility, SEO, and best-practice techniques.

More Posts - Website

Tagged as: apache, configuration, PHP

{ 7 comments }

djn March 5, 2010 at 4:45 am

Putting PHP directives into a .htaccess only works if PHP is running as an Apache module – otherwise you can expect a 500 error.
Phpsuexec and suphp both require PHP running as CGI – and that’s the reason the vast maiority of shared servers has it running as CGI.

kira8080 March 5, 2010 at 3:56 am

seems too good to be true…?

Sheena Rai March 5, 2010 at 1:58 am

Thankx This php Configuration Really Helped Me.. I Had A Tough Time With THis
This would surely enhance my web development skills
Sheena Rai Technetto

RavenWebServices March 4, 2010 at 11:56 pm

You should also note that if you run PHP with phpsuexec or suphp then you cannot use .htaccess to override the global php.ini file. You must use a local version of php.ini

biswa March 4, 2010 at 11:27 pm

I love the article,very helpful for new Guy.

robo47 March 4, 2010 at 9:52 pm

Changing things at runtime is often not working/helping, the examples above are bad and you should check ini_set’s return-values!

Setting upload/post-sizes/register_globals IN the script can’t work because post/upload/register_globals-processing takes place before the php-script itself runs.

That’s why those values are PHP_INI_PERDIR and not PHP_INI_USER or PHP_INI_ALL.

In fact the articles misses the most important point, you have have to check the manual

http://www.php.net/manual/en/ini.list.php

which variables are settable where, some will be only in php.ini, some in vhosts, some in .htaccess.
The explanations for what stands for what:
http://www.php.net/manual/en/configuration.changes.modes.php

Max values can be limited too by for example security-extensions like suhosin, resulting in warnings/errors.

Troels Knak-Nielsen March 4, 2010 at 8:52 pm

You should note php_admin_value and php_admin_flag, which acts like php_value and php_flag, except that they can’t be overridden later on. If an ini setting is set with these in the main Apache config file, it can lead to some head-scratching.

Comments on this entry are closed.