- keep the short_open_tag on

[packages/php.git] / php-ini.patch

--- mod/php.ini 2008-08-10 21:51:30.527603438 +0000
+++ php5.3-200904152030/php.ini 2009-04-24 01:26:05.434886222 +0300
@@ -1,26 +1,21 @@
 [PHP]
 
-;;;;;;;;;;;
-; WARNING ;
-;;;;;;;;;;;
-; This is the default settings file for new PHP installations.
-; By default, PHP installs itself with a configuration suitable for
-; development purposes, and *NOT* for production purposes.
-; For several security-oriented considerations that should be taken
-; before going online with your site, please consult php.ini-recommended
-; and http://php.net/manual/en/security.php.
-
-
 ;;;;;;;;;;;;;;;;;;;
 ; About php.ini   ;
 ;;;;;;;;;;;;;;;;;;;
-; This file controls many aspects of PHP's behavior.  In order for PHP to
-; read it, it must be named 'php.ini'.  PHP looks for it in the current
-; working directory, in the path designated by the environment variable
-; PHPRC, and in the path that was defined in compile time (in that order).
-; Under Windows, the compile-time path is the Windows directory.  The
-; path in which the php.ini file is looked for can be overridden using
-; the -c argument in command line mode.
+; This file controls many aspects of PHP's behavior.
+;
+; Please note, that in PLD installations /etc/php/php.ini file
+; contains global settings for all SAPIs (cgi, cli, apache...),
+; and after reading this file, SAPI-specific file (/etc/php/php-cgi.ini,
+; /etc/php/php-cli.ini, /etc/php/php-apache.ini...) is INCLUDED
+; (so you don't have to duplicate whole large file to override only
+; few options)
+;
+; This is the default settings file for new PHP installations from
+; PLD Linux Distribution. It's based mainly on php.ini-dist, but with some
+; changes made with security in mind (see below, consult also
+; http://php.net/manual/en/security.php).
 ;
 ; The syntax of the file is extremely simple.  Whitespace and Lines
 ; beginning with a semicolon are silently ignored (as you probably guessed).
@@ -94,7 +89,7 @@
 asp_tags = Off
 
 ; The number of significant digits displayed in floating point numbers.
-precision    =  12
+precision    =  14
 
 ; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
 y2k_compliance = On
@@ -228,7 +223,7 @@
 ; Development Value: Off
 ; Production Value: Off
 ; http://php.net/short-open-tag
-short_open_tag = Off
+short_open_tag = On
 
 ; Allow ASP-style <% %> tags.
 ; http://php.net/asp-tags
@@ -253,7 +248,7 @@
 ; (e.g. by adding its signature to the Web server header).  It is no security
 ; threat in any way, but it makes it possible to determine whether you use PHP
 ; on your server or not.
-expose_php = On
+expose_php = Off
 
 
 ;;;;;;;;;;;;;;;;;;;
@@ -313,7 +308,9 @@
 ;
 ;   - Show all errors except for notices and coding standards warnings
 ;
-error_reporting  =  E_ALL & ~E_NOTICE
+;error_reporting  =  E_ALL & ~E_NOTICE
+
+error_reporting  =  E_ALL
 
 ; Print out errors (as a part of the output).  For production web sites,
 ; you're strongly encouraged to turn this feature off, and use error logging
@@ -330,7 +327,7 @@
 ;
 ; stdout (On) - Display errors to STDOUT
 ;
-display_errors = On
+display_errors = Off
 
 ; Even when display_errors is on, errors that occur during PHP's startup
 ; sequence are not displayed.  It's strongly recommended to keep
@@ -340,7 +337,7 @@
 ; Log errors into a log file (server-specific log, stderr, or error_log (below))
 ; As stated above, you're strongly advised to use error logging in place of
 ; error displaying on production web sites.
-log_errors = Off
+log_errors = On
 
 ; Set maximum length of log_errors. In error_log information about the source is
 ; added. The default is 1024 and 0 allows to not apply any maximum length at all.
@@ -367,7 +364,7 @@
 
 ; Disable the inclusion of HTML tags in error messages.
 ; Note: Never use this feature for production boxes.
-;html_errors = Off
+html_errors = Off
 
 ; If html_errors is set On PHP produces clickable error messages that direct
 ; to a page describing the error or function causing the error in detail.
@@ -411,7 +408,7 @@
 ; Environment and Built-in variables (G, P, C, E & S respectively, often
 ; referred to as EGPCS or GPC).  Registration is done from left to right, newer
 ; values override older values.
-variables_order = "EGPCS"
+variables_order = "GPCS"
 
 ; This directive describes the order in which PHP registers GET, POST and Cookie
 ; variables into the _REQUEST array. Registration is done from left to right, 
@@ -433,12 +430,12 @@
 ; Whether or not to register the old-style input arrays, HTTP_GET_VARS
 ; and friends.  If you're not using them, it's recommended to turn them off,
 ; for performance reasons.
-register_long_arrays = On
+register_long_arrays = Off
 
 ; This directive tells PHP whether to declare the argv&argc variables (that
 ; would contain the GET information).  If you don't use these variables, you
 ; should turn it off for increased performance.
-register_argc_argv = On
+register_argc_argv = Off
 
 ; When enabled, the SERVER and ENV variables are created when they're first
 ; used (Just In Time) instead of when the script starts. If these variables
@@ -454,7 +451,7 @@
 ;
 
 ; Magic quotes for incoming GET/POST/Cookie data.
-magic_quotes_gpc = On
+magic_quotes_gpc = Off
 
 ; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
 magic_quotes_runtime = Off
@@ -500,55 +497,13 @@
 user_dir =
 
 ; Directory in which the loadable extensions (modules) reside.
-extension_dir = "./"
+extension_dir = "/usr/lib/php"
 
 ; Whether or not to enable the dl() function.  The dl() function does NOT work
 ; properly in multithreaded servers, such as IIS or Zeus, and is automatically
 ; disabled on them.
 enable_dl = On
 
-; cgi.force_redirect is necessary to provide security running PHP as a CGI under
-; most web servers.  Left undefined, PHP turns this on by default.  You can
-; turn it off here AT YOUR OWN RISK
-; **You CAN safely turn this off for IIS, in fact, you MUST.**
-; cgi.force_redirect = 1
-
-; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
-; every request.
-; cgi.nph = 1
-
-; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
-; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
-; will look for to know it is OK to continue execution.  Setting this variable MAY
-; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
-; cgi.redirect_status_env = ;
-
-; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
-; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
-; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
-; this to 1 will cause PHP CGI to fix it's paths to conform to the spec.  A setting
-; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
-; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
-; cgi.fix_pathinfo=0
-
-; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
-; security tokens of the calling client.  This allows IIS to define the
-; security context that the request runs under.  mod_fastcgi under Apache
-; does not currently support this feature (03/17/2002)
-; Set to 1 if running under IIS.  Default is zero.
-; fastcgi.impersonate = 1;
-
-; Disable logging through FastCGI connection
-; fastcgi.logging = 0
-
-; cgi.rfc2616_headers configuration option tells PHP what type of headers to
-; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
-; is supported by Apache. When this option is set to 1 PHP will send
-; RFC2616 compliant header.
-; Default is zero.
-;cgi.rfc2616_headers = 0
-
-
 ;;;;;;;;;;;;;;;;
 ; File Uploads ;
 ;;;;;;;;;;;;;;;;
@@ -612,63 +567,6 @@
 ; needs to go here.  Specify the location of the extension with the
 ; extension_dir directive above.
 
-
-; Windows Extensions
-; Note that ODBC support is built in, so no dll is needed for it.
-; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5)
-; extension folders as well as the separate PECL DLL download (PHP 5).
-; Be sure to appropriately set the extension_dir directive.
-
-;extension=php_bz2.dll
-;extension=php_curl.dll
-;extension=php_dba.dll
-;extension=php_dbase.dll
-;extension=php_exif.dll
-;extension=php_fileinfo.dll
-;extension=php_fdf.dll
-;extension=php_gd2.dll
-;extension=php_gettext.dll
-;extension=php_gmp.dll
-;extension=php_ifx.dll
-;extension=php_intl.dll
-;extension=php_imap.dll
-;extension=php_interbase.dll
-;extension=php_ldap.dll
-;extension=php_mbstring.dll
-;extension=php_mcrypt.dll
-;extension=php_mhash.dll
-;extension=php_mime_magic.dll
-;extension=php_ming.dll
-;extension=php_msql.dll
-;extension=php_mssql.dll
-;extension=php_mysql.dll
-;extension=php_mysqli.dll
-;extension=php_oci8.dll
-;extension=php_openssl.dll
-;extension=php_pdo.dll
-;extension=php_pdo_firebird.dll
-;extension=php_pdo_mssql.dll
-;extension=php_pdo_mysql.dll
-;extension=php_pdo_oci.dll
-;extension=php_pdo_oci8.dll
-;extension=php_pdo_odbc.dll
-;extension=php_pdo_pgsql.dll
-;extension=php_pdo_sqlite.dll
-;extension=php_pgsql.dll
-;extension=php_phar.dll
-;extension=php_pspell.dll
-;extension=php_shmop.dll
-;extension=php_snmp.dll
-;extension=php_soap.dll
-;extension=php_sockets.dll
-;extension=php_sqlite.dll
-;extension=php_sqlite3.dll
-;extension=php_sybase_ct.dll
-;extension=php_tidy.dll
-;extension=php_xmlrpc.dll
-;extension=php_xsl.dll
-;extension=php_zip.dll
-
 ;;;;;;;;;;;;;;;;;;;
 ; Module Settings ;
 ;;;;;;;;;;;;;;;;;;;
@@ -966,7 +864,7 @@
 bcmath.scale = 0
 
 [browscap]
-;browscap = extra/browscap.ini
+browscap = /etc/php/browscap.ini
 
 [Informix]
 ; Default host for ifx_connect() (doesn't apply in safe mode).
@@ -1319,7 +1217,7 @@
 ; Enables or disables WSDL caching feature.
 soap.wsdl_cache_enabled=1
 ; Sets the directory name where SOAP extension will put cache files.
-soap.wsdl_cache_dir="/tmp"
+soap.wsdl_cache_dir="/var/run/php"
 ; (time to live) Sets the number of second while cached file will be used 
 ; instead of original one.
 soap.wsdl_cache_ttl=86400