--- php-8.0.1/php.ini~ 2021-02-04 11:05:51.000000000 +0200 +++ php-8.0.1/php.ini 2021-02-04 11:08:35.715925882 +0200 @@ -82,8 +82,19 @@ ; much more verbose when it comes to errors. We recommend using the ; development version only in development environments, as errors shown to ; application users can inadvertently leak otherwise secure information. - -; This is the php.ini-production INI file. +; +; This is the default settings file for new PHP installations from +; PLD Linux Distribution. +; +; It's based mainly on php.ini-production, but with some changes made with +; security in mind (see below, consult also http://php.net/manual/en/security.php). +; +; Please note, that in PLD installations /etc/php/php.ini file +; contains global settings for all SAPIs (cgi, cli, apache...), +; and after reading this file, SAPI-specific file (/etc/php/php-cgi-fcgi.ini, +; /etc/php/php-cli.ini, /etc/php/php-apache.ini...) is INCLUDED +; (so you don't have to duplicate whole large file to override only +; few options) ;;;;;;;;;;;;;;;;;;; ; Quick Reference ; @@ -167,10 +181,8 @@ ; php.ini Options ; ;;;;;;;;;;;;;;;;;;;; ; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - ; To disable this feature set this option to an empty value -;user_ini.filename = +user_ini.filename = ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) ;user_ini.cache_ttl = 300 @@ -225,7 +237,7 @@ ; Development Value: Off ; Production Value: Off ; http://php.net/short-open-tag -short_open_tag = Off +short_open_tag = On ; The number of significant digits displayed in floating point numbers. ; http://php.net/precision @@ -360,7 +372,7 @@ ; threat in any way, but it makes it possible to determine whether you use PHP ; on your server or not. ; http://php.net/expose-php -expose_php = On +expose_php = Off ;;;;;;;;;;;;;;;;;;; ; Resource Limits ; @@ -744,9 +756,7 @@ ; Directory in which the loadable extensions (modules) reside. ; http://php.net/extension-dir -;extension_dir = "./" -; On windows: -;extension_dir = "ext" +;extension_dir = "/usr/lib/php" ; Directory where the temporary files should be placed. ; Defaults to the system default (see sys_get_temp_dir) @@ -758,64 +768,6 @@ ; http://php.net/enable-dl enable_dl = Off -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside -; of the web tree and people will not be able to circumvent .htaccess security. -;cgi.discard_path=1 - -; FastCGI under IIS supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1 - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If set to 0, PHP sends Status: header that -; is supported by Apache. When this option is set to 1, PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! -; (shebang) at the top of the running script. This line might be needed if the -; script support running both as stand-alone script and via PHP CGI<. PHP in CGI -; mode skips this line and ignores its content if this directive is turned on. -; http://php.net/cgi.check-shebang-line -;cgi.check_shebang_line=1 - ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; @@ -871,45 +871,7 @@ ; extension folders as well as the separate PECL DLL download (PHP 5+). ; Be sure to appropriately set the extension_dir directive. ; -;extension=bz2 -;extension=curl -;extension=ffi -;extension=ftp -;extension=fileinfo -;extension=gd -;extension=gettext -;extension=gmp -;extension=intl -;extension=imap -;extension=ldap -;extension=mbstring -;extension=exif ; Must be after mbstring as it depends on it -;extension=mysqli -;extension=oci8_12c ; Use with Oracle Database 12c Instant Client -;extension=oci8_19 ; Use with Oracle Database 19 Instant Client -;extension=odbc -;extension=openssl -;extension=pdo_firebird -;extension=pdo_mysql -;extension=pdo_oci -;extension=pdo_odbc -;extension=pdo_pgsql -;extension=pdo_sqlite -;extension=pgsql -;extension=shmop - -; The MIBS data available in the PHP distribution must be installed. -; See http://www.php.net/manual/en/snmp.installation.php -;extension=snmp - -;extension=soap -;extension=sockets -;extension=sodium -;extension=sqlite3 -;extension=tidy -;extension=xsl - -;zend_extension=opcache +; In PLD Linux you can install appropriate php80- or php80-pecl- package. ;;;;;;;;;;;;;;;;;;; ; Module Settings ; @@ -954,8 +867,9 @@ [Date] ; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = +; http://php.net/date.timezone. +; +; NOTE: In PLD Linux the /etc/php/conf.d/timezone.ini is used to set timezone ; http://php.net/date.default-latitude ;date.default_latitude = 31.7667 @@ -970,19 +884,19 @@ ; Use of this INI entry is deprecated, use global input_encoding instead. ; If empty, default_charset or input_encoding or iconv.input_encoding is used. ; The precedence is: default_charset < input_encoding < iconv.input_encoding -;iconv.input_encoding = +iconv.input_encoding = UTF-8 ; Use of this INI entry is deprecated, use global internal_encoding instead. ; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. ; The precedence is: default_charset < internal_encoding < iconv.internal_encoding -;iconv.internal_encoding = +iconv.internal_encoding = UTF-8 ; Use of this INI entry is deprecated, use global output_encoding instead. ; If empty, default_charset or output_encoding or iconv.output_encoding is used. ; The precedence is: default_charset < output_encoding < iconv.output_encoding ; To use an output encoding conversion, iconv's output handler must be set ; otherwise output encoding conversion cannot be performed. -;iconv.output_encoding = +iconv.output_encoding = UTF-8 [imap] ; rsh/ssh logins are disabled by default. Use this INI entry if you want to @@ -1360,7 +1274,7 @@ [browscap] ; http://php.net/browscap -;browscap = extra/browscap.ini +;browscap = /usr/share/browscap/php_browscap.ini [Session] ; Handler used to store/retrieve data. @@ -1747,7 +1661,7 @@ ; Sets the directory name where SOAP extension will put cache files. ; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" +soap.wsdl_cache_dir="/var/cache/php" ; (time to live) Sets the number of second while cached file will be used ; instead of original one. @@ -1674,160 +1674,6 @@ [dba] ;dba.default_handler= -[opcache] -; Determines if Zend OPCache is enabled -;opcache.enable=1 - -; Determines if Zend OPCache is enabled for the CLI version of PHP -;opcache.enable_cli=0 - -; The OPcache shared memory storage size. -;opcache.memory_consumption=128 - -; The amount of memory for interned strings in Mbytes. -;opcache.interned_strings_buffer=8 - -; The maximum number of keys (scripts) in the OPcache hash table. -; Only numbers between 200 and 1000000 are allowed. -;opcache.max_accelerated_files=10000 - -; The maximum percentage of "wasted" memory until a restart is scheduled. -;opcache.max_wasted_percentage=5 - -; When this directive is enabled, the OPcache appends the current working -; directory to the script key, thus eliminating possible collisions between -; files with the same name (basename). Disabling the directive improves -; performance, but may break existing applications. -;opcache.use_cwd=1 - -; When disabled, you must reset the OPcache manually or restart the -; webserver for changes to the filesystem to take effect. -;opcache.validate_timestamps=1 - -; How often (in seconds) to check file timestamps for changes to the shared -; memory storage allocation. ("1" means validate once per second, but only -; once per request. "0" means always validate) -;opcache.revalidate_freq=2 - -; Enables or disables file search in include_path optimization -;opcache.revalidate_path=0 - -; If disabled, all PHPDoc comments are dropped from the code to reduce the -; size of the optimized code. -;opcache.save_comments=1 - -; If enabled, compilation warnings (including notices and deprecations) will -; be recorded and replayed each time a file is included. Otherwise, compilation -; warnings will only be emitted when the file is first cached. -;opcache.record_warnings=0 - -; Allow file existence override (file_exists, etc.) performance feature. -;opcache.enable_file_override=0 - -; A bitmask, where each bit enables or disables the appropriate OPcache -; passes -;opcache.optimization_level=0x7FFFBFFF - -;opcache.dups_fix=0 - -; The location of the OPcache blacklist file (wildcards allowed). -; Each OPcache blacklist file is a text file that holds the names of files -; that should not be accelerated. The file format is to add each filename -; to a new line. The filename may be a full path or just a file prefix -; (i.e., /var/www/x blacklists all the files and directories in /var/www -; that start with 'x'). Line starting with a ; are ignored (comments). -;opcache.blacklist_filename= - -; Allows exclusion of large files from being cached. By default all files -; are cached. -;opcache.max_file_size=0 - -; Check the cache checksum each N requests. -; The default value of "0" means that the checks are disabled. -;opcache.consistency_checks=0 - -; How long to wait (in seconds) for a scheduled restart to begin if the cache -; is not being accessed. -;opcache.force_restart_timeout=180 - -; OPcache error_log file name. Empty string assumes "stderr". -;opcache.error_log= - -; All OPcache errors go to the Web server log. -; By default, only fatal errors (level 0) or errors (level 1) are logged. -; You can also enable warnings (level 2), info messages (level 3) or -; debug messages (level 4). -;opcache.log_verbosity_level=1 - -; Preferred Shared Memory back-end. Leave empty and let the system decide. -;opcache.preferred_memory_model= - -; Protect the shared memory from unexpected writing during script execution. -; Useful for internal debugging only. -;opcache.protect_memory=0 - -; Allows calling OPcache API functions only from PHP scripts which path is -; started from specified string. The default "" means no restriction -;opcache.restrict_api= - -; Mapping base of shared memory segments (for Windows only). All the PHP -; processes have to map shared memory into the same address space. This -; directive allows to manually fix the "Unable to reattach to base address" -; errors. -;opcache.mmap_base= - -; Facilitates multiple OPcache instances per user (for Windows only). All PHP -; processes with the same cache ID and user share an OPcache instance. -;opcache.cache_id= - -; Enables and sets the second level cache directory. -; It should improve performance when SHM memory is full, at server restart or -; SHM reset. The default "" disables file based caching. -;opcache.file_cache= - -; Enables or disables opcode caching in shared memory. -;opcache.file_cache_only=0 - -; Enables or disables checksum validation when script loaded from file cache. -;opcache.file_cache_consistency_checks=1 - -; Implies opcache.file_cache_only=1 for a certain process that failed to -; reattach to the shared memory (for Windows only). Explicitly enabled file -; cache is required. -;opcache.file_cache_fallback=1 - -; Enables or disables copying of PHP code (text segment) into HUGE PAGES. -; This should improve performance, but requires appropriate OS configuration. -;opcache.huge_code_pages=1 - -; Validate cached file permissions. -;opcache.validate_permission=0 - -; Prevent name collisions in chroot'ed environment. -;opcache.validate_root=0 - -; If specified, it produces opcode dumps for debugging different stages of -; optimizations. -;opcache.opt_debug_level=0 - -; Specifies a PHP script that is going to be compiled and executed at server -; start-up. -; http://php.net/opcache.preload -;opcache.preload= - -; Preloading code as root is not allowed for security reasons. This directive -; facilitates to let the preloading to be run as another user. -; http://php.net/opcache.preload_user -;opcache.preload_user= - -; Prevents caching files that are less than this number of seconds old. It -; protects from caching of incompletely updated files. In case all file updates -; on your site are atomic, you may increase performance by setting it to "0". -;opcache.file_update_protection=2 - -; Absolute path used to store shared lockfiles (for *nix only). -;opcache.lockfile_path=/tmp - [curl] ; A default value for the CURLOPT_CAINFO option. This is required to be an ; absolute path.