��ʱ��

��Щ��Ϊ�� php.ini �е��Ӱ�졣

**�Ự��ѡ��**
��	Ĭ��	��޸ķ�Χ	��־
session.save_path	""	PHP_INI_ALL
session.name	"PHPSESSID"	PHP_INI_ALL
session.save_handler	"files"	PHP_INI_ALL
session.auto_start	"0"	PHP_INI_PERDIR
session.gc_probability	"1"	PHP_INI_ALL
session.gc_divisor	"100"	PHP_INI_ALL	�� PHP 4.3.2 ��á�
session.gc_maxlifetime	"1440"	PHP_INI_ALL
session.serialize_handler	"php"	PHP_INI_ALL
session.cookie_lifetime	"0"	PHP_INI_ALL
session.cookie_path	"/"	PHP_INI_ALL
session.cookie_domain	""	PHP_INI_ALL
session.cookie_secure	""	PHP_INI_ALL	�� PHP 4.0.4 ��Ч��
session.cookie_httponly	""	PHP_INI_ALL	�� PHP 5.2.0. ��Ч
session.use_strict_mode	"0"	PHP_INI_ALL	�� PHP 5.5.2. ��Ч
session.use_cookies	"1"	PHP_INI_ALL
session.use_only_cookies	"1"	PHP_INI_ALL	�� PHP 4.3.0 ��á�
session.referer_check	""	PHP_INI_ALL
session.entropy_file	""	PHP_INI_ALL
session.entropy_length	"0"	PHP_INI_ALL
session.cache_limiter	"nocache"	PHP_INI_ALL
session.cache_expire	"180"	PHP_INI_ALL
session.use_trans_sid	"0"	PHP_INI_ALL	�� PHP <= 4.2.3 �� PHP_INI_ALL�� PHP < 5 �� PHP_INI_PERDIR�� PHP 4.0.3 ��á�
session.bug_compat_42	"1"	PHP_INI_ALL	�� PHP 4.3.0 ��á�
session.bug_compat_warn	"1"	PHP_INI_ALL	�� PHP 4.3.0 ��á�
session.hash_function	"0"	PHP_INI_ALL	�� PHP 5.0.0 ��á�
session.hash_bits_per_character	"4"	PHP_INI_ALL	�� PHP 5.0.0 ��á�
url_rewriter.tags	"a=href,area=href,frame=src,form=,fieldset="	PHP_INI_ALL	�� PHP 4.0.4 ��á�
session.upload_progress.enabled	"1"	PHP_INI_PERDIR	Available since PHP 5.4.0.
session.upload_progress.cleanup	"1"	PHP_INI_PERDIR	Available since PHP 5.4.0.
session.upload_progress.prefix	"upload_progress_"	PHP_INI_PERDIR	Available since PHP 5.4.0.
session.upload_progress.name	"PHP_SESSION_UPLOAD_PROGRESS"	PHP_INI_PERDIR	Available since PHP 5.4.0.
session.upload_progress.freq	"1%"	PHP_INI_PERDIR	Available since PHP 5.4.0.
session.upload_progress.min_freq	"1"	PHP_INI_PERDIR	Available since PHP 5.4.0.
session.lazy_write	"1"	PHP_INI_ALL	Available since PHP 7.0.0.

�й� PHP_INI_* ��ʽ�ĸ��붨�壬�� ÿɱ��趨��Χ��

�Ự��ϵͳ֧��ѡ���Լ�� php.ini �ļ��趨��ֻ�Ǹ��̵ĸ��

session.save_handler string

session.save_handler ��洢�ͻ�ȡ��Ự��ݵĴ��֡�Ĭ��Ϊ files��Note that individual extensions may register their own save_handlers; registered handlers can be obtained on a per-installation basis by referring to phpinfo(). �μ� session_set_save_handler()��

session.save_path string

session.save_path ��˴��ݸ��洢��Ĳ��ѡ��Ĭ�ϵ� files �ļ��ֵ�Ǵ��ļ��·��Ĭ��Ϊ /tmp��μ� session_save_path()��

��ָ���һ��ѡ�� N ��Ự�ļ��ֲ��Ŀ¼��ȡ��磬�趨Ϊ '5;/tmp' ��ʹ��ĻỰ�ļ��·�� /tmp/4/b/1/e/3/sess_4b1e384ad74619bd212e236e52a5a174If��Ҫʹ�� N ��ʹ��ǰ�ȴ��ЩĿ¼�� ext/session Ŀ¼��и�С�� shell �ű�� mod_files.sh��windows �汾�� mod_files.bat ��¡��ע��ʹ�� N ��Ҵ�� 0��ô��ִ��Զ��գ��Ϣ�� php.ini�� N ��Ҫȷ�� session.save_path ��ֵ��˫�� "quotes" ��Ϊ�ָ��ֺţ� ;�� php.ini ��Ҳ��ע�ͷ��š�

�ļ��ģ��Ĭ��ʹ�� mode 600 ��ļ��ͨ�� ޸Ŀ�ѡ�� MODE ��ı��Ĭ��Ϊ�� N;MODE;/path �� MODE �� mode �İ˽��Ʊ�ʾ�� MODE ��ò�Ӱ��̵��(umask)��

Warning

��趨Ϊһ��ȫ�ֿɶ��Ŀ¼�� /tmp��Ĭ��ֵ��ϵ��û��п��ͨ��Ŀ¼��ļ��б��ƽ�Ự��

Caution

ʹ��Ŀ�ѡĿ¼�㼶�� N ʱ��ע�⣬��ھ��վ�㣬��1��2��ֵ�᲻̫��——��Ϊ��Ҫ��Ŀ¼��磬ֵ��Ϊ 3 ��Ҫ��ļ�ϵͳ�ϴ�� 64^3 ��Ŀ¼��˷Ѻܶ�ռ�� inode��

��ھ��Կ϶�վ��㹻��ʱ��ſ�� N ��2��

Note: �� PHP 4.3.6 ֮ǰ��Windows �û��޸Ĵ�ѡ��ʹ�� PHP �ĻỰ��ָ��һ��Ϸ�·��磺c:/temp��

session.name string

session.name ָ��Ự�� cookie ��֡�ֻ��ĸ��ɣ�Ĭ��Ϊ PHPSESSID��μ� session_name()��

session.auto_start boolean

session.auto_start ָ��Ựģ��Ƿ��ʼʱ�Զ��һ��Ự��Ĭ��Ϊ 0��

session.serialize_handler string

session.serialize_handler ��л��л��Ĵ��֡� ��ǰ֧�� PHP ��л��ʽ (��Ϊ php_serialize)�� PHP PHP �ڲ��ʽ (��Ϊ php �� php_binary) �� WDDX (��Ϊ wddx)�� PHP ��ʱ�� WDDX ֧��ֻ�� WDDX�� PHP 5.5.4 ��ʹ�� php_serialize�� php_serialize ��ڲ��򵥵�ֱ��ʹ�� serialize/unserialize ��Ҳ�� php �� php_binary ��е��ơ� ʹ�ýϾɵ��л�� $_SESSION ��Ȳ��Ҳ��ܰ��ַ�(| and !) �� ʹ�� php_serialize ��ű��˳�ʱ��ּ��ַ��³�� Ĭ��ʹ�� php��

session.gc_probability integer

session.gc_probability �� session.gc_divisor �� gc��garbage collection ��գ��ĸ��ʡ�Ĭ��Ϊ 1�� session.gc_divisor��

session.gc_divisor integer

session.gc_divisor �� session.gc_probability ��ÿ��Ự��ʼ��ʱ�� gc��garbage collection ��գ��̵ĸ��ʡ��˸�� gc_probability/gc_divisor �� 1/100 ��ζ��ÿ�� 1% �ĸ�� gc ��̡�session.gc_divisor Ĭ��Ϊ 100��

session.gc_maxlifetime integer

session.gc_maxlifetime ָ��˶��֮��ݾͻᱻ��Ϊ"��"�� Ѽ��ܻ�� session ��ʱ��ʼ�� ȡ��session.gc_probability �� session.gc_divisor��

Note:
��ͬ�Ľű��в�ͬ�� session.gc_maxlifetime ��ֵ��ǹ��ͬһ��ط��洢�Ự��ݣ��С��ֵ�Ľű��ݡ��£�� session.save_path һ��ʹ�ñ�ָ�

session.referer_check string

session.referer_check ��ÿ�� HTTP Referer ��Ӵ��ͻ��˷�� Referer ��Ϣ��в�δ�ҵ��Ӵ��Ƕ��ĻỰ ID �ᱻ��Ϊ��Ч��Ĭ��Ϊ��ַ��

session.entropy_file string

session.entropy_file ��һ��ⲿ��Դ��ļ��·��Դ��ڻỰ ID ��б��ӵ��ֵ��Դ�� Unix ϵͳ�¶�� /dev/random �� /dev/urandom�� Windows �� PHP 5.3.3 ��˴˹��ܡ� �� session.entropy_length Ϊ��ֵ��ʹ PHP ʹ�� Windows Random API ��Ϊ��ֵԴ��

Note: �� PHP 5.4.0 ��Ĭ��£� session.entropy_file �� /dev/urandom �� /dev/arandom ��õ�ʱ��ʹ��ǡ� �� PHP 5.3.0 �д�ָ��Ĭ��ա�

session.entropy_length integer

session.entropy_length ָ��˴��ļ��ж�ȡ��ֽ��Ĭ��Ϊ 0��ã��

session.use_strict_mode boolean

session.use_strict_mode specifies whether the module will use strict session id mode. If this mode is enabled, the module does not accept uninitialized session ID. If uninitialized session ID is sent from browser, new session ID is sent to browser. Applications are protected from session fixation via session adoption with strict mode. Defaults to 0 (disabled).

session.use_cookies boolean

session.use_cookies ָ��Ƿ��ڿͻ�� cookie ��ŻỰ ID��Ĭ��Ϊ 1��ã��

session.use_only_cookies boolean

session.use_only_cookies ָ��Ƿ��ڿͻ����ʹ�� cookie ��ŻỰ ID��ô��趨��Է�ֹ�й�ͨ�� URL ��ݻỰ ID �Ĺ��趨�� PHP 4.3.0 ��ӵġ��PHP 5.3.0��ʼ��Ĭ��ֵ��Ϊ1��ã�

session.cookie_lifetime integer

session.cookie_lifetime ��ָ��˷��͵�� cookie ��ڡ�ֵΪ 0 ��ʾ"ֱ��ر��"��Ĭ��Ϊ 0��μ� session_get_cookie_params() �� session_set_cookie_params()��

Note:
The expiration timestamp is set relative to the server time, which is not necessarily the same as the time in the client's browser.

session.cookie_path string

session.cookie_path ָ��Ҫ�趨�Ự cookie ��·��Ĭ��Ϊ /��μ� session_get_cookie_params() �� session_set_cookie_params()��

session.cookie_domain string

session.cookie_domain ָ��Ҫ�趨�Ự cookie ��Ĭ��Ϊ�ޣ��ʾ�� cookie �淶�� cookie ��μ� session_get_cookie_params() �� session_set_cookie_params()��

session.cookie_secure boolean

session.cookie_secure ָ��Ƿ��ͨ��ȫ��ӷ�� cookie��Ĭ��Ϊ off��趨�� PHP 4.0.4 ��ӵġ��μ� session_get_cookie_params() �� session_set_cookie_params()��

session.cookie_httponly boolean

Marks the cookie as accessible only through the HTTP protocol. This means that the cookie won't be accessible by scripting languages, such as JavaScript. This setting can effectively help to reduce identity theft through XSS attacks (although it is not supported by all browsers).

session.cache_limiter string

session.cache_limiter ָ��Ựҳ��ʹ�õĻ��Ʒ��none/nocache/private/private_no_expire/public��Ĭ��Ϊ nocache��μ� session_cache_limiter()��

session.cache_expire integer

session.cache_expire �Է��ָ��ĻỰҳ��Ĵ��ڣ��趨�� nocache ��Ʒ��Ч��Ĭ��Ϊ 180��μ� session_cache_expire()��

session.use_trans_sid boolean

session.use_trans_sid ָ��Ƿ��͸�� SID ֧�֡�Ĭ��Ϊ 0��ã��

Note: �� URL �ĻỰ��Ȼ�� cookie �ĻỰ��и��లȫ��ա��û��п��ͨ�� email ��һ��Ч�ĻỰ ID �� URL ��ѣ��û��п��ղؼ��д��һ��Ự ID �� URL ��ͬ��ĻỰ ID ȥ��վ�㡣

session.trans_sid_tags string

session.trans_sid_tags specifies which HTML tags are rewritten to include session id when transparent sid support is enabled. Defaults to a=href,area=href,frame=src,input=src,form= form is special tag. <input hidden="session_id" name="session_name"> is added as form variable.

Note: Before PHP 7.1.0, url_rewriter.tags was used for this purpose. Since PHP 7.1.0, fieldset is no longer considered as special tag.

session.trans_sid_hosts string

session.trans_sid_hosts specifies which hosts are rewritten to include session id when transparent sid support is enabled. Defaults to $_SERVER['HTTP_HOST'] Multiple hosts can be specified by ",", no space is allowed between hosts. e.g. php.net,wiki.php.net,bugs.php.net

session.bug_compat_42 boolean

PHP 4.2.3 �Լ��Ͱ汾��һ��δ��ԣ��û�� register_globals ��õ��ȫ�ַ�Χ�ڳ�ʼ��һ��Ự��PHP 4.3.0 ��߰汾��ʹ�ô��ʱ�� session.bug_compat_warn ʱ��档��ԣ��ͨ��رմ�ѡ��á�

session.bug_compat_warn boolean

PHP 4.2.3 �Լ��Ͱ汾��һ��δ��ԣ��û�� register_globals ��õ��ȫ�ַ�Χ�ڳ�ʼ��һ��Ự��PHP 4.3.0 ��߰汾��ʹ�ô��ʱ��ͬʱ�� session.bug_compat_42 �� session.bug_compat_warn ʱ��档

session.sid_length integer

session.sid_length allows you to specify the length of session ID string. Session ID length can be between 22 to 256. The default is 32. If you need compatibility you may specify 32, 40, etc. Longer session ID is harder to guess. At least 32 chars is recommended.

Compatibility Note: Use 32 for session.hash_func=0 (MD5) and session.hash_bits_per_character=4, session.hash_func=1 (SHA1) and session.hash_bits_per_character=6. Use 26 for session.hash_func=0 (MD5) and session.hash_bits_per_character=5. Use 22 for session.hash_func=0 (MD5) and session.hash_bits_per_character=6. You must configure INI values to have at least 128 bits in session ID. Do not forget set appropriate value to session.sid_bits_per_character, otherwise you will have weaker session ID.

Note: This setting is introduced in PHP 7.1.0.

session.sid_bits_per_character integer

session.sid_per_character allows you to specify the number of bits in encoded session ID character. The possible values are '4' (0-9, a-f), '5' (0-9, a-v), and '6' (0-9, a-z, A-Z, "-", ","). The default is 4. The more bits results in stronger session ID. 5 is recommended value for most environments.

Note: This setting is introduced in PHP 7.1.0.

session.hash_function mixed

session.hash_function ��û�ָ��ɻỰ ID ��ɢ��㷨��'0' ��ʾ MD5��128 λ��'1' ��ʾ SHA-1��160 λ��

Since PHP 5.3.0 it is also possible to specify any of the algorithms provided by the hash extension (if it is available), like sha512 or whirlpool. A complete list of supported algorithms can be obtained with the hash_algos() function.

Note:
�� PHP 5 ��ġ�

session.hash_bits_per_character integer

session.hash_bits_per_character ��û��彫��ɢ��ת��Ϊ�ɶ��ĸ�ʽʱÿ��ַ��Ŷ��ٸ��ء��ֵΪ '4'��0-9��a-f��'5'��0-9��a-v��Լ� '6'��0-9��a-z��A-Z��"-"��","��

Note:
�� PHP 5 ��ġ�

url_rewriter.tags string

url_rewriter.tags ָ��ʹ��͸�� SID ֧��ʱ��Щ HTML ��ǻᱻ�޸��Լ��Ự ID��Ĭ��Ϊ a=href,area=href,frame=src,input=src,form=fakeentry,fieldset=��

Note: ��Ҫ�� XHTML��ȥ�� form ��ڱ��ֶ�ǰ�� <fieldset> ��ǡ�

session.upload_progress.enabled boolean

Enables upload progress tracking, populating the $_SESSION variable. Defaults to 1, enabled.

session.upload_progress.cleanup boolean

Cleanup the progress information as soon as all POST data has been read (i.e. upload completed). Defaults to 1, enabled.

Note: It is highly recommended to keep this feature enabled.

session.upload_progress.prefix string

A prefix used for the upload progress key in the $_SESSION. This key will be concatenated with the value of $_POST[ini_get("session.upload_progress.name")] to provide a unique index. Defaults to "upload_progress_".

session.upload_progress.name string

The name of the key to be used in $_SESSION storing the progress information. See also session.upload_progress.prefix. If $_POST[ini_get("session.upload_progress.name")] is not passed or available, upload progressing will not be recorded. Defaults to "PHP_SESSION_UPLOAD_PROGRESS".

session.upload_progress.freq mixed

Defines how often the upload progress information should be updated. This can be defined in bytes (i.e. "update progress information after every 100 bytes"), or in percentages (i.e. "update progress information after receiving every 1% of the whole filesize"). Defaults to "1%".

session.upload_progress.min_freq integer

The minimum delay between updates, in seconds. Defaults to "1" (one second).

session.lazy_write boolean

session.lazy_write, when set to 1, means that session data is only rewritten if it changes. Defaults to 1, enabled.

register_globals ��ѡ��Ӱ�쵽�Ự��洢�ͻָ��ġ�

Upload progress will not be registered unless session.upload_progress.enabled is enabled, and the $_POST[ini_get("session.upload_progress.name")] variable is set. See Session Upload Progress for mor details on this functionality.

����ʱ����

��ʱ��