Settings
Preamble
PHP offers the ability to configure many things about its configuration file php.ini. Some settings will help in the development, other settings should be set in order to prevent problems for the user in advance, where this adjustment was possibly set by Hoster.
Useful PHP settings
register_globals = off
This setting will cause the passed parameters are not directly available as variables, but only via the array $ _ GET or $ _ POST can be addressed. Normally, this variable should already be set to off. Starting with PHP6 this setting in not longer available.
error_reporting = E_ALL
In most cases this is already set and you need only to remove the addition & ~ E_NOTICE. This means that now also warnings are issued if, for example a variable is used, which had not been previously defined. Thus, this leads to a clean programming style and can draw attention to potential security problems.
log_errors = On
This setting effect that all errors are logged in a log file. For the development environment, this setting is highly recommended, as you here also afterwards can view all hints and error. Even if you have already left the site.
display_errors = On
In addition to the logging of error messages in the log file, the error/notice is issued directly to the page by the setting. In the development environment, this setting should be set so that errors are noticed faster.
error_log = "/Applications/MAMP/logs/php_error.log"
In conjunction with the upper setting here the path and filename of the log file is specified. It is important that the Apache in this directory has write permissions. If the Admidio setting $ gDebug = 1, all SQL statements and page views are logged in the file.
allow_url_fopen = Off
This setting causes one in functions that work with path information (eg, fopen to open files) may not use any more URLs, but only direct server paths. Since URLs pose a security risk and therefore disabled by many hosters, we should do so that there are no problems with the users.
allow_url_include = Off
Since PHP 5.2, this option is for include and require commands and works analogous to allow_url_fopen. Also this option we should set regarding the above-mentioned reasons.
Admidio-Debug-Flag
With version 2.0, it is possible to set a debug flag in the config.php.
The following entry will activate the debug mode:
$gDebug = 1;
- Now, the program no longer checks if the adm install folder was actually deleted.
- In addition, now all SQL statements are written in the PHP log file, if it is set up. So you can better understand the event of errors or crashes, which has already been executed in the script and how the SQL statements actually looked.
- All script views with the respective passed parameters are also written in the PHP log file