Back in 2009 there was a bug in the php_admin_value implementation before PHP 5.2.6. Since then, everything should run smoothly again. However, I find there’s still a lot of confusion on when to use php_value, php_admin_value, php_flag and php_admin_flag. So I’ll see if we can clear some of that.
php_flag#
When using the php_flag directive in Apache configurations, it’s used to set boolean values for options. So only true/false, On/Off, … kind of parameters. For example:
php_flag display_startup_errors off php_flag display_errors off ...
Those are only On/Off values with which you enable or disable the setting. You can use the** php_flag** option in Virtual Host configs, .htaccess files and the general Apache configuration. However, you can ’t change every configuration value from PHP that way. You can only change the PHP_INI_ALL and PHP_INI_PERDIR options shown on the “List of php.ini directives ” page.
php_admin_flag#
This can only be used within the Apache configuration (general config or in a Virtual Host) and can not be used in a .htaccess. You can set any kind of php configuration setting that behaves as a boolean this way. For example:
php_admin_flag safe_mode off
By using the php_admin_flag you can not overwrite the setting from within your application using ini_set()! Whatever the value is there, it will remain so during the execution of your applications.
php_value#
If php_flag is used for booleans, php_value is used for everything else. Any kind of configuration directive that takes parameters other than On/Off, you can use php_value for. For example:
php_value error_log /some/dir/to/log/php_errors.log php_value upload_max_filesize 10M ...
Just the same as the php_flag, you can not overwrite all configurations this way. Since you can use php_value everywhere (.htaccess, apache configs & virtual host), it would be unsafe. You can only change the PHP_INI_ALL and PHP_INI_PERDIR options shown on the “List of php.ini directives ” page.
If you want to clear a configuration value, use the “none” value.
php_value open_basedir none
php_admin_value#
This option can only be used in the Apache configuration, not in .htaccess files. It does allow you to overwrite any configuration value possible in PHP.
By using the php_admin_value, the value of that configuration directive cannot be overwritten in the application. That means if you were to set your include_path by using php_admin_value, the application (such as the Zend Framework bootstrap) would not be able to alter the content of that configuration directive via ini_set() or set_include_path().
Only use the php_admin_value if you explicitly want to forbid that configuration directive from being changed by your application.