P粉3203612012023-08-28 22:34:33
Explicit comments from Mike 'Pomax' Kamermans explaining how this should be done. However the PHP manual documentation can be a bit off-putting.
Also some clarifications on other answers:
Using PHP parser files (as described in Lajos Arpad) adds some security risks and a bunch of encoding, syntax, and some processing overhead that really aren't needed.
.htaccess It is indeed possible to set custom ini directives for certain PHP installations, but if you are using "FastCGI" or "CGI" (and possibly suPHP) ) PHP installation will actually cause your site to crash with a 500 error, so use a local .user.ini file as described here. How do I find my SAPI?
Only If you are running PHP as an Apache module (such as mod_php), use .htaccess. How do I find my SAPI?
PHP suPHP/FastCGI/CGI SAPI
So, how should your wish be fulfilled?
1) Find Core PHP.ini details.
Read the PHP.ini file of the current PHP version.
At line 180 (for PHP 8.1), it should look like this:
Make a note of the value, I recommend customizing the value (as shown in this example). This value is the file name of a file that will be located in each unique account on the server that holds the account-specific "local" settings of the global PHP.ini file.
This file is usually located in the public_html folder, so it should start with . so that it is hidden by default (more on this later). If this file does not exist, the account's core PHP settings will not be changed.
2) Remember/set file name and create new rule
So you now know/have set the name of your custom PHP file; now generate the file in your account and then you can set the PHP.ini settings that you want to customize individually for this account.
For example;
will contain the following sample information:
;
; Some optional comment text here for human consumption
;
session.cookie_secure=1
session.save_path=/home/sitea.com_account/sessions
session.name=session-sitea
error_log=/home/sitea.com_account/errors/PHP_errors.log
upload_max_filesize=50M
This information is parsed by PHP and overrides any corresponding value in core PHP.ini, but only for that account.
3) Customize as needed for each account
For example, for your siteb.com php user ini file, it would look more like this:
will contain the following sample information:
;
; Some optional comment text here for human consumption
;
session.cookie_secure=1
session.save_path=/home/siteb.com_account/session_b
session.name=site-b-UniqueSession
error_log=/home/siteb.com_account/errors/PHP_errors.log
upload_max_filesize=5M
You can then check that these account settings are set correctly by exploring phpinfo() on each account and noting the local and core differences shown.
4) Test and confirm
The core user.ini file in the
/public_html/ path should be all that is needed for every sub-file/folder to be processed on that account (this sometimes depends on your exact LAMP server setup and your PHP handler).
As I said, once you have the test ini file set up, you should run phpinfo() to check if its values are implemented.
If you don't want to use phpinfo() then you can easily use [ini_get](https://www.php.net/manual/en/function .ini-get) Dump sensitive data to the error log instead of the browser.
<?php
error_log("ini data for this account: ".ini_get('upload_max_filesize'));
exit;
5) Security
user.ini files usually start with . characters to hide it in the directory, but that doesn't mean browser agents can't access it, so it's a good idea to add a few lines to your .htaccess to deny access to this file.
<Files .account-php81.ini>
Require all denied
</Files>
Some final thoughts:
Core PHP.ini values do change in new versions of PHP, so the best practice is to use different local .ini files for different PHP versions (.account-php80.ini , <代码>.account-php81.ini, etc.). Note that each php.ini core needs to explicitly call its respective local user.ini file, as described in step 1 above.
The above principles are summarized in the PHP manual, you must pay attention to:
reply
0