SUEXEC and PHP - a question.

**Ihost** · 03-26-2004, 05:58 PM

I was testing a request for a client, and noticed a problem with this configuration.
I understand that we can't use php_value flags in the .htaccess file because PHP is running as CGI rather than ISAPI. It is also said that you can use a php.ini file in each of the directories that php scripts use, if you need a different user configuration.

Our client has a blog site, and keeps getting randomly logged out. It appears that the sessions are timing out. The default set up says that a session should last 24 minutes and there is a 1% chance of garbage collection running for each php pageload. They wanted to experiment with extending the timeout setting.

I tried putting a php.ini file in my public_html directory and some sub directories, and it broke the site. Several database errors. Even when all of the content was removed from the php.ini file, the site still had errors. Deleting the php.ini file fixed the problem (on my site).

I have read reports of the random session expiry on other hosts and they seemed to be because of PHP 4.3.3 . However on our server I see that we are running PHP 4.3.4, which is supposed to fix that bug.

Does anyone have any thoughts on either the random session expiry, or why an empty php.ini file would cause errors on a site?

**-Oz-** · 03-26-2004, 06:06 PM

An empty php.ini file would cause issues because it will still use that over the default one, and that means there are no configuration settings, get rid of it completely. No idea for the other issues though.

**Ihost** · 03-26-2004, 06:19 PM

OK, so if it overrides the system one, then what minimum set of flags need to be set to make it work. Can I just take the default one from a PHP install and use that, modifying the settings required?

Surely there would be some settings that the system config, would not permit to be changed I would think. Eg. if safe_mode is Off on the server, surely the local php.ini could not set safe_mode to On.

Does anyone have any links that provides info on what can or can't be done in the user php.ini file?

**Thyme** · 03-28-2004, 09:14 AM

I would try the default one and making modifications, but you may be better off getting the system php.ini that Dathorn has on your server and modifying that.

**Detonator** · 03-28-2004, 04:27 PM

Dathorn's config is not much different from the php.ini-recommended, some ~8 options or so are different.. Just take the output from a phpinfo() on the dathorn-server and check which options are different, takes 5 mins. Then make the necessary changes.

**Josh** · 03-28-2004, 06:09 PM

The server should actually be using the values in the global php.ini unless you override each one in your own php.ini file. So if creating your own php.ini you don't need to specify everything, only things you would like to override. I'm not sure what settings cannot be overridden with your own file.

Josh

**Ihost** · 03-29-2004, 03:13 AM

Originally Posted by Josh

The server should actually be using the values in the global php.ini unless you override each one in your own php.ini file. So if creating your own php.ini you don't need to specify everything, only things you would like to override. I'm not sure what settings cannot be overridden with your own file.

Josh

I'm not sure that is right. If only the items specified overrode the system php.ini file then an empty php.ini file would override nothing and the system ones would default which means that a site should not break with an empty php.ini file in the home directory .... but it does.

I would therefore think that if a php.ini is found in the user directory then it would need to have most of the settings required. There maye a subset of compulsory settings and if so this is the information that I am seeking.

Also no-one has yet commented on whether they (or your clients) have reported random session logouts. This information would help in replying to my client.

So while I can test a default php.ini in my home directory and play with session timeout settings, I fear that there is still something else afoot because the sessions are reported to be closing a lot sooner than the default 24 minutes.

**Detonator** · 03-29-2004, 06:24 AM

PHP keeps track of sessions in the /tmp directory by default, one file for each session. The space on /tmp is limited, and there have been occassions on my dathorn-server where /tmp was just full so everything broke down.. Perhaps Andrew now deletes the contents of /tmp every now and then, which effectively kills all PHP sessions as a sideeffect.

**Dan** · 03-29-2004, 08:15 AM

I have seen the same problems with my own install of Squirrelmail too.

Also saw posts from others using the CPanel webmail programs before the forums went down so this is something that has been happening for a while now.

This all started happening well after PHP Suexec was enabled so I unless changes were made to it approximately 1-1.5 months ago I do not think that php.ini is the culprit.

**Josh** · 03-29-2004, 01:44 PM

Originally Posted by Ihost

I'm not sure that is right. If only the items specified overrode the system php.ini file then an empty php.ini file would override nothing and the system ones would default which means that a site should not break with an empty php.ini file in the home directory .... but it does.

I would therefore think that if a php.ini is found in the user directory then it would need to have most of the settings required. There maye a subset of compulsory settings and if so this is the information that I am seeking.

I have actually used a php.ini file to override one setting such as magic_quotes_gpc = Off or to append a file. Maybe Andrew will come across this thread and comment.

Josh

Thread: SUEXEC and PHP - a question.

Thread Tools

Display

SUEXEC and PHP - a question.

Email as well

Thread Information

Users Browsing this Thread

Posting Permissions