On 19 July 2011 09:57, Reindl Harald <h.rei...@thelounge.net> wrote: > anybody who maintains a server should make a explicit config > and not relying on random defaults
Consider me told. Amazed that a 2 year old deprecation notice is still outstanding, but told all the same. I think, rather than having "production" and "development", we need "best practise". And these ini files only contain the things needed to alter the default settings. Currently, the production and development ini files cover ALL the settings. Consider what has been said about the shared hosters - they don't read stuff to help themselves. They simply install, choose a ini file (maybe) and they're done. Having it so that they have to read ini files, release notes, etc. ... well, fast buck === short cut somewhere. If there was an approved "best practice" INI file which only covered the changes to the defaults, this would be a fast win for PHP in that we can say that this really is all you need to know about how PHP has moved on in the defaults department. Sure, we used to use magic quotes. Now we don't. Best practice would specifically imply potential BC. Exactly because the position has changed. So, any errors due to an ini setting in the "best practice" file is a big warning straight away. As it stands : A - Some of the defaults don't get altered anywhere. The defaults work and are carried through to the INI files, making the entries in the INI files redundant and possibly dangerous if PHP then changes the defaults. B - Some of the defaults are overriden based upon environment. That's also fine but if the values are changed in both production and development, then the default is wrong and should be changed to match what is currently being used in the INI filles I suppose it is all about trying to keep the most people happy. The bleeding-edge want safe, secure and fast runtime where the defaults are right and the minimum amount of changes is needed to tune to the environment (sapi and extension mainly I'd say). The hosters want the least number of support issues - so bugger security, let's keep all those bad practices and ini settings. I think a minimal php.ini-best-practice would certainly highlight this to the hosters. -- Richard Quadling Twitter : EE : Zend : PHPDoc @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
