Re: [PHP] need opinions regarding php.ini
That was my thought too, but, when I create new folder - it will automatically create php.ini inside and there is no point of deleting them. HOW insecure it is? Because, since you know there is php.ini you can easy open every of them (http://mydomain.com/gallery/images/php.ini) and look. Isn't is vulnerable point? -afan Daniel Brown wrote: On Jan 5, 2008 2:35 AM, Afan Pasalic [EMAIL PROTECTED] wrote: hi, after my host moved my account from old server (shared hosting) with php 4.4.7, mysql 4.x to new one with php 5.x and mysql 5.x. nice. they did it fast and without problems. but then I realized that every folder has it's own php.ini file?!? I talked to them (live chat) about this and they told me that is how our system is setup: ... afan [20:25]: why is now different then before? [20:25]: That is not different. That has always been the case. You may not have had a php.ini in every folder, but every folder still needed its own php.ini if you wanted to change the php settings. afan [20:27]: I don't understand why I should have php.ini in every folder? it's like having admin area for each folder? [20:28]: You don't have to if you don't want to, but that is how our system is setup, so unless you don't want to change settings for all of your folders, you'll want to leave those there. afan [20:29]: ok. in case I want to change something in php.ini, how to do it on all php.ini files? [20:29]: You would change one php.ini file, then visit the link I provided, and that will show you how to copy that to all folders. ... and I got the link with script how to change EVERY php.ini on my account (with over 10 addon domain). I still think that's not correct. I need your opinion. I'm not entirely sure why your host found it necessary to provide a php.ini file in every directory, but the fact is, it's safe to delete all of them if you want. They're just there to allow you to override certain settings (INI_PERDIR settings, for example). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] need opinions regarding php.ini
On Jan 5, 2008 2:35 AM, Afan Pasalic [EMAIL PROTECTED] wrote: hi, after my host moved my account from old server (shared hosting) with php 4.4.7, mysql 4.x to new one with php 5.x and mysql 5.x. nice. they did it fast and without problems. but then I realized that every folder has it's own php.ini file?!? I talked to them (live chat) about this and they told me that is how our system is setup: ... afan [20:25]: why is now different then before? [20:25]: That is not different. That has always been the case. You may not have had a php.ini in every folder, but every folder still needed its own php.ini if you wanted to change the php settings. afan [20:27]: I don't understand why I should have php.ini in every folder? it's like having admin area for each folder? [20:28]: You don't have to if you don't want to, but that is how our system is setup, so unless you don't want to change settings for all of your folders, you'll want to leave those there. afan [20:29]: ok. in case I want to change something in php.ini, how to do it on all php.ini files? [20:29]: You would change one php.ini file, then visit the link I provided, and that will show you how to copy that to all folders. ... and I got the link with script how to change EVERY php.ini on my account (with over 10 addon domain). I still think that's not correct. I need your opinion. I'm not entirely sure why your host found it necessary to provide a php.ini file in every directory, but the fact is, it's safe to delete all of them if you want. They're just there to allow you to override certain settings (INI_PERDIR settings, for example). -- Daniel P. Brown [Phone Numbers Go Here!] [They're Hidden From View!] If at first you don't succeed, stick to what you know best so that you can make enough money to pay someone else to do it for you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] need opinions regarding php.ini
On Jan 5, 2008 11:20 AM, Afan Pasalic [EMAIL PROTECTED] wrote: That was my thought too, but, when I create new folder - it will automatically create php.ini inside and there is no point of deleting them. HOW insecure it is? Because, since you know there is php.ini you can easy open every of them (http://mydomain.com/gallery/images/php.ini) and look. Isn't is vulnerable point? Using .htaccess you can disallow viewing of the file. If you use phpinfo(); anywhere in your site, that actually divulges more information, because that will disclose the availability and configuration of external modules, users on the server, path information, and more. -- Daniel P. Brown [Phone Numbers Go Here!] [They're Hidden From View!] If at first you don't succeed, stick to what you know best so that you can make enough money to pay someone else to do it for you. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] need opinions regarding php.ini
hi, after my host moved my account from old server (shared hosting) with php 4.4.7, mysql 4.x to new one with php 5.x and mysql 5.x. nice. they did it fast and without problems. but then I realized that every folder has it's own php.ini file?!? I talked to them (live chat) about this and they told me that is how our system is setup: ... afan [20:25]: why is now different then before? [20:25]: That is not different. That has always been the case. You may not have had a php.ini in every folder, but every folder still needed its own php.ini if you wanted to change the php settings. afan [20:27]: I don't understand why I should have php.ini in every folder? it's like having admin area for each folder? [20:28]: You don't have to if you don't want to, but that is how our system is setup, so unless you don't want to change settings for all of your folders, you'll want to leave those there. afan [20:29]: ok. in case I want to change something in php.ini, how to do it on all php.ini files? [20:29]: You would change one php.ini file, then visit the link I provided, and that will show you how to copy that to all folders. ... and I got the link with script how to change EVERY php.ini on my account (with over 10 addon domain). I still think that's not correct. I need your opinion. Thanks. -afan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php