|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #51595 passing ini settings via FASTCGI parameters
Submitted: 2010-04-19 01:56 UTC Modified: 2010-04-23 19:15 UTC
From: Assigned: fat (profile)
Status: Closed Package: FPM related
PHP Version: trunk OS: any
Private report: No CVE-ID: None
 [2010-04-19 01:56 UTC]
It would be cool to be able to define ini settings directly in the web server 
(nginx, lighthttpd, apache) the same way it's possible for the apache sapi 
(php_value, php_admin_value, ...)

Test script:
no test

Expected result:
nginx conf sample:

fastcgi_param PHP_VALUE sessions.save_path=/home/www/sessions/
fastcgi_param PHP_ADMIN_VALUE open_basedir=/home/www/docs

Actual result:
it doesn not exist


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-04-19 09:03 UTC]
-PHP Version: 5.3SVN-2010-04-19 (SVN) +PHP Version: trunk
 [2010-04-19 09:03 UTC]
Change version, 5.3 does not have fpm.
 [2010-04-19 09:14 UTC]
thanks for the correction
 [2010-04-23 18:06 UTC]
Automatic comment from SVN on behalf of fat
Log: Add PHP_VALUE and PHP_ADMIN_VALUE interpretation from fastcgi headers.
It works as php_value and php_admin_value from the main conf file or apache sapi.

See bug (request) #51595
 [2010-04-23 19:15 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: fat
 [2010-04-23 19:15 UTC]
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

It's been commited in revision 298383

In fastcgi headers, only unique values can be passed. So you have to concatenate 
differentes value in one and 
separate them with a new line character (\n).

For exemple in nginx, it could be done this way:

  set $php_value "pcre.backtrack_limit=424242";
  set $php_value "$php_value \n pcre.recursion_limit=99999";
  fastcgi_param  PHP_VALUE $php_value;

  fastcgi_param  PHP_ADMIN_VALUE "open_basedir=/var/www/htdocs";

In lighttpd, it seems there is no options to pass custom headers :/
 [2011-08-21 17:40 UTC] ywarnier at beeznest dot org
Hi guys, has this been sent to any stable release of PHP? I can't find it in any part of
 [2011-08-21 18:06 UTC]
Yes it's been integrated into FPM since 5.3.3 I think. In all the cases, it works 
with php 5.3.7
 [2011-10-24 14:06 UTC] info at breakdev dot com
it doesn't work with nginx anf php5-cgi spawn:

nginx version: nginx/0.7.67
PHP 5.3.8-1~dotdeb.1 with Suhosin-Patch (cli) (built: Aug 26 2011 12:46:54) 

I used this line in the nginx.conf:
fastcgi_param PHP_ADMIN_VALUE open_basedir=/home/www/docs

so there was set
 [2013-07-23 17:57 UTC] ben at indietorrent dot org
I, too, have noticed that PHP configuration directives that are defined like 
this, within an nginx "location{}" block

fastcgi_param PHP_VALUE "

are not effective. The values are propagated to the effective environment 
variables, though, as evidenced by the fact that the values appear in the 
$_SERVER["PHP_VALUE"] superglobal.

Will this ever work? Or is it simply not possible to achieve this with PHP's CGI 
executable (instead of, for example, php-fpm)?
 [2013-09-09 02:20 UTC] moswh07 at gmail dot com
I've been got the same problem, which I get 
$_SERVER["PHP_VALUE"] = '...'
 in php.ini when I use 
fastcgi_param PHP_ADMIN_VALUE ...
in nginx config.

I find the solution that spawn-cgi may not support this feature.
the newest updated of spawn is 1.6.3 which was published in 2009-09-23.
but we can see from this page that the feature was added in 2010-04-19 and only 
supported in php-fpm.
 [2013-10-30 13:54 UTC] glen at delfi dot ee
It is possible to pass variables in lighttpd 1.4:

setenv.add-environment += ( "PHP_VALUE" => "

you need to use raw newlines to separate values and of course escape quotes for lighttpd config parser
 [2013-10-30 14:01 UTC] glen at delfi dot ee
actually, no quotes are neccessary, and single quotes work too:

setenv.add-environment += ( "PHP_VALUE" => "
    user_agent=ff2 dd

parse as:
param[user_agent]: string(6) "ff2 dd"
param[user_ini.filename]: string(14) ".php.user2.ini"
param[memory_limit]: string(4) "501M"
 [2014-08-14 16:54 UTC] ethan at piliavin dot com
FYI, I was finally able to get this working on nginx by quoting and escaping the values..

fastcgi_param  PHP_ADMIN_VALUE "error_log=\"/srv/http/\"";
 [2015-06-19 12:52 UTC] bart dot tapolsky at gmail dot com
It works fine with nginx:
fastcgi_param PHP_VALUE param1=val1

But how can I set two or more php variables?

fastcgi_param PHP_VALUE param1=val1
fastcgi_param PHP_VALUE param2=val2

does not work because 2nd line replace PHP_VALUE from the 1st line
 [2016-04-29 14:56 UTC] ouroboros_17 at hotmail dot com
Some security warning should be given in the FPM documentation:
if someone can upload a .htaccess in a directory and set environment variable (PHP_ADMIN_VALUE), he can easily overwrite the PHP pool configuration. I don't know if it was intended, but you must put "AllowOverride None" in your Apache configuration.
When PHP is a module of Apache it is possible to set php_value in .htaccess, but at least it is impossible to set php_admin_value. IMHO it's a security flaw in FPM.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Jul 16 09:01:28 2024 UTC