[nycphp-talk] PHP Form Validation
Hans Zaunere
lists at zaunere.com
Sun Sep 4 19:04:33 EDT 2005
Billy Pilgrim wrote on Saturday, September 03, 2005 4:28 PM:
> On 9/3/05, Peter Sawczynec <ps at pswebcode.com> wrote:
> > "For advanced: The fully-locked down php.ini, a freshened standard in
> > scripting language security",
>
> http://us3.php.net/manual/en/install.unix.php
>
> 13. Setup your php.ini file:
>
> cp php.ini-dist /usr/local/lib/php.ini
>
> You may edit your .ini file to set PHP options. If you prefer your
> php.ini in another location, use --with-config-file-path=/some/path in
> step 10.
>
> If you instead choose php.ini-recommended, be certain to read the list
> of changes within, as they affect how PHP behaves.
php.ini-recommended does change behavior, but it's the correct behavior. Code should be written to work under the settings contained within php.ini-recommended. In fact, the first thing I do on all PHP installs is to cp php.ini-recommended to php.ini in the proper directory.
Using php.ini-recommended provides for better security, performance, and eliminates many of the idiosyncrasies that PHP has seen over the years.
H
More information about the talk
mailing list