 |
 |
 |
 |
|
|
Date: 10/10/00
- Next message: Luca Perugini: "[PHP-DOC] Test"
- Previous message: Martin Kraemer: "[PHP-DOC] cvs: phpdoc /de bookinfo.xml"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
perugini Tue Oct 10 06:58:04 2000 EDT
Modified files:
/phpdoc/it/chapters security.xml install.xml config.xml
Log:
Updated from en tree.
Index: phpdoc/it/chapters/security.xml
diff -u phpdoc/it/chapters/security.xml:1.2 phpdoc/it/chapters/security.xml:1.3
--- phpdoc/it/chapters/security.xml:1.2 Thu Mar 9 18:07:48 2000
+++ phpdoc/it/chapters/security.xml Tue Oct 10 06:58:04 2000
@@ -9,8 +9,9 @@
properties make anything run on a web server insecure by default.
PHP is designed specifically to be a more secure language for
writing CGI programs than Perl or C, and with correct selection of
- compile-time and runtime configuration options it gives you
- exactly the combination of freedom and security you need.
+ compile-time and runtime configuration options, and proper coding
+ practices, it can give you exactly the combination of freedom and
+ security you need.
</simpara>
<simpara>
As there are many different ways of utilizing PHP, there are many
@@ -18,12 +19,23 @@
selection of options guarantees you can use PHP for a lot of
purposes, but it also means there are combinations of these
options and server configurations that result in an insecure
- setup. This chapter explains the different configuration option
- combinations and the situations they can be safely used.
+ setup.
</simpara>
+ The configuration flexibility of PHP is equally rivalled by the
+ code flexibility. PHP can be used to build complete server
+ applications, with all the power of a shell user, or it can be used
+ for simple server-side includes with little risk in a tightly
+ controlled environment. How you build that environment, and how
+ secure it is, is largely up to the PHP developer.
+ <simpara>
+ This chapter starts by explaining the different configuration
+ option combinations and the situations they can be safely used. It
+ then describes different considerations in coding for different
+ levels of security, and ends with some general security advice.
+ </simpara>
<sect1 id="security.cgi">
- <title>CGI binary</title>
+ <title>Installed as CGI binary</title>
<sect2>
<title>Possible attacks</title>
@@ -85,7 +97,7 @@
</simpara>
<simpara>
In PHP, compile-time configuration option <link
- linkend="enable-force-cgi-redirect">--enable-force-cgi-redirect</link>
+ linkend="install.configure.enable-force-cgi-redirect">--enable-force-cgi-redirect</link>
and runtime configuration directives <link
linkend="ini.doc-root">doc_root</link> and <link
linkend="ini.user-dir">user_dir</link> can be used to prevent
@@ -107,7 +119,7 @@
you to do redirects, or the server does not have a way to
communicate to the PHP binary that the request is a safely
redirected request, you can specify the option <link
- linkend="enable-force-cgi-redirect">--disable-force-cgi-redirect</link>
+ linkend="install.configure.enable-force-cgi-redirect">--enable-force-cgi-redirect</link>
to the configure script. You still have to make sure your PHP
scripts do not rely on one or another way of calling the script,
neither by directly <filename
@@ -233,7 +245,7 @@
To get PHP to handle <envar>PATH_INFO</envar> and
<envar>PATH_TRANSLATED</envar> information correctly with this
setup, the php parser should be compiled with the <link
- linkend="enable-discard-path">--enable-discard-path</link>
+ linkend="install.configure.enable-discard-path">--enable-discard-path</link>
configure option.
</para>
</sect2>
@@ -241,14 +253,293 @@
</sect1>
<sect1 id="security.apache">
- <title>Apache module</title>
+ <title>Installed as an Apache module</title>
<simpara>
When PHP is used as an Apache module it inherits Apache's user
- permissions (typically those of the "nobody"
- user).
+ permissions (typically those of the "nobody" user). This has several
+ impacts on security and authorization. For example, if you are using
+ PHP to access a database, unless that database has built-in access
+ control, you will have to make the database accessable to the
+ "nobody" user. This means a malicious script could access and modify
+ the databse, even without a username and password. It's entirely
+ possible that a web spider could stumble across a database
+ adminisitror's web page, and drop all of your databases. You can
+ protect against this with Apache authorization, or you can design
+ your own access model using LDAP, .htaccess files, etc. and include
+ that code as part of your PHP scripts.
+ </simpara>
+ <simpara>
+ Often, once security is established to the point where the PHP user
+ (in this case, the apache user) has very little risk, it is
+ discovered that PHP now has been prevented from writing virus files
+ to user directories. Or perhaps it has been prevented from accessing
+ or changing a non-public database. It has equally been secured from
+ writing files that it should, or entering database transactions.
+ </simpara>
+ <simpara>
+ A frequent security mistake made at this point is to allow apache
+ root permissions.
+ </simpara>
+ <simpara>
+ Escalating the Apache user's permissions to root is extremely
+ dangerous and may compromise the entire system, so sudo'ing,
+ chroot'ing ,or otherwise running as root should not be considered by
+ those who are not security professionals.
+ </simpara>
+ </sect1>
+
+ <sect1 id="security.filesystem">
+ <title>Filesystem Security</title>
+ <simpara>
+ PHP honors the security built into most server systems with respect
+ to permissions on a file and directory basis. This allows you to
+ control which files in the filesystem may be read. Care should be
+ taken with any files which are world readable to ensure that they
+ are safe for reading by all users who have access to that
+ filesystem.
+ </simpara>
+ <simpara>
+ Since PHP was designed to allow user level access to the filesystem,
+ it's entirely possible to write a PHP script that will allow you
+ to read system files such as /etc/password. This has some obvious
+ implications, in that you need to ensure that the files that you
+ read and write are the appropriate ones.
+ </simpara>
+ <simpara>
+ Consider the following script, where a user indicates that they'd
+ like to delete a file in their home directory. This assumes a
+ situation where a PHP web interface is regularly used for file
+ management, so the Apache user is allowed to delete files in
+ the user home directories.
+ </simpara>
+ <para>
+ <example>
+ <title>Poor variable checking leads to....</title>
+ <programlisting role="php">
+<?php
+// remove a file from the user's home directory
+$username = $user_submitted_name;
+$homedir = "/home/$username";
+$file_to_delete = "$userfile";
+unlink ($homedir/$userfile);
+echo "$file_to_delete has been deleted!";
+?>
+ </programlisting>
+ </example>
+ Since the username is postable from a user form, they can submit
+ a username and file belonging to someone else, and delete files.
+ In this case, you'd want to use some other form of authentication.
+ Consider what could happen if the variables submitted were
+ "../etc/" and "passwd". The code would then effectively read:
+ <example>
+ <title>... A filesystem attack</title>
+ <programlisting role="php">
+<?php
+// removes a file from anywhere on the hard drive that
+// the PHP user has access to. If PHP has root access:
+$username = "../etc/";
+$homedir = "/home/../etc/";
+$file_to_delete = "passwd";
+unlink ("/home/../etc/passwd");
+echo "/home/../etc/passwd" has been deleted!";
+?>
+ </programlisting>
+ </example>
+ There are two appropriate measures to prevent these issues.
+ <itemizedlist>
+ <listitem>
+ <simpara>
+ Only allow limited permissions to the PHP web user binary.
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ Check all file-related variables which are submitted.
+ </simpara>
+ </listitem>
+ </itemizedlist>
+ Here is an improved script:
+ <example>
+ <title>More secure file name checking</title>
+ <programlisting role="php">
+<?php
+// removes a file from the hard drive that
+// the PHP user has access to.
+$username = $HTTP_REMOTE_USER; // use an authentication mechanisim
+
+$homedir = "/home/$username";
+
+$file_to_delete = basename("$userfile"); // strip paths
+unlink ($homedir/$file_to_delete);
+
+$fp = fopen("/home/logging/filedelete.log","+a"); //log the deletion
+$logstring = "$HTTP_REMOTE_USER $homedir $file_to_delete";
+fputs ($fp, $logstring);
+fclose($fp);
+
+echo "$file_to_delete has been deleted!";
+?>
+ </programlisting>
+ </example>
+ </para>
+ </sect1>
+
+ <sect1 id="security.errors">
+ <title>Error Reporting</title>
+ <simpara>
+ A standard attack tactic involves profiling a system by feeding
+ it improper data, and checking for the kinds, and contexts, of the
+ errors which are returned. This allows the system cracker to probe
+ for information about the server, to determine possible weaknesses.
+ </simpara>
+ <simpara>
+ The PHP errors which are normally returned can be quite helpful to a
+ developer who is trying to debug a script, indicating such things
+ as the function or file that failed, the PHP file it failed in,
+ and the line number which the failure occured in. This is all
+ information that can be exploited.
+ </simpara>
+ <simpara>
+ For example, the very style of error indicates a system is running
+ PHP. If the attacker was looking at an .html page, and wanted to
+ probe for the back-end (to look for known weaknesses in the system),
+ by feeding it the wrong data they may be able to determine that a
+ system was built with PHP.
+ </simpara>
+ <simpara>
+ A function error can indicate whether a system may be running a
+ specific database engine, or give clues as to how a web page or
+ programmed or designed. This allows for deeper investigation into
+ open database ports, or to look for specific bugs or weaknesses
+ in a web page. By feeding different pieces of bad data, for example,
+ an attacker can determine the order of authentication in a script,
+ (from the line number errors) as well as probe for exploits that
+ may be exploited in different locations in the script.
+ </simpara>
+ <simpara>
+ A filesystem or general PHP error can indicate what permissions
+ the webserver has, as well as the structure and organization of
+ files on the web server.
+ </simpara>
+ <simpara>
+ There are three major solutions to this issue. The first is to
+ scrutinize all functions, and attempt to compensate for the bulk
+ of the errors. The second is to disable error reporting entirely
+ on the running code. The third is to use PHP's custom error
+ handling functions to create your own error handler. Depending
+ on your security policy, you may find all three to be applicable
+ to your situation.
+ </simpara>
+ </sect1>
+
+ <sect1 id="security.variables">
+ <title>User Submitted Data</title>
+ <para>
+ The greatest weakness in many PHP programs is not inherent in the
+ language itself, but merely an issue of code not being written with
+ security in mind. For this reason, you should always take the time
+ to consider the implications of a given piece of code, to ascertain
+ the possible damage if an unexpected variable is submitted to it.
+ <example>
+ <title>Dangerous Variable Usage</title>
+ <programlisting role="php">
+<?php
+// remove a file from the user's home directory... or maybe
+// somebody else's?
+unlink ($evil_var);
+
+// Write logging of their access... or maybe not?
+fputs ($fp, $evil_var);
+
+// Execute something trivial.. or rm -rf *?
+system ($evil_var);
+exec ($evil_var);
+
+?>
+ </programlisting>
+ </example>
+ You should always carefully examine your code to make sure that any
+ variables being submitted from a web browser are being properly
+ checked, and ask yourself the following questions:
+ <itemizedlist>
+ <listitem>
+ <simpara>
+ Will this script only affect the intended files?
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ Can unusual or undesirable data be acted upon?
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ Can this script be used in unintended ways?
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ Can this be used in conjunction with other scripts in a negative
+ manner?
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ Will any transactions be adequately logged?
+ </simpara>
+ </listitem>
+ </itemizedlist>
+ By adequately asking these questions while writing the script,
+ rather than later, you prevent an unfortunate re-write when you
+ need to increase your security. By starting out with this mindset,
+ you won't guarantee the security of your system, but you can help
+ improve it.
+ </para>
+ </sect1>
+
+ <sect1 id="security.general">
+ <title>General considerations</title>
+ <simpara>
+ A completely secure system is a virtual impossibility, so an
+ approach often used in the security profession is one of balancing
+ risk and usability. If every variable submitted by a user required
+ two forms of biometric validation (such as a retinal scan and a
+ fingerprint), you would have an extremely high level of
+ accountability. It would also take half an hour to fill out a fairly
+ complex form, which would tend to encourage users to find ways of
+ bypassing the security. The best security is often inobtrusive
+ enough to suit the requirements without the user being prevented
+ from accomplishing their work. Indeed, some security attacks are
+ merely exploits of this kind of overly built security.
+ </simpara>
+ <simpara>
+ A phrase worth remembering: A system is only as good as the weakest
+ link in a chain. If all transactions are heavily logged based on
+ time, location, transaction type, etc. but the user is only
+ verified based on a single cookie, the validity of tying the users
+ to the transaction log is severely weakened.
+ </simpara>
+ <simpara>
+ When testing, keep in mind that you will not be able to test all
+ possibilities for even the simplest of pages. The input you
+ may expect will be completely unrelated to the input given by
+ a disgruntled employee, a cracker with months of time on their
+ hands, or a housecat walking across the keyboard. This is why it's
+ best to look at the code from a logical perspective, to discern
+ where unexpected data can be introduced, and then follow how it is
+ modified, reduced, or amplified.
+ </simpara>
+ <simpara>
+ The Internet is filled with people trying to make a name for
+ themselves by breaking your code, crashing your site, posting
+ inappropriate content, and otherwise making your day interesting.
+ It doesn't matter if you have a small or large site, you are
+ a target by simply being online, by having a server that can be
+ connected to. Many cracking programs do not discern by size, they
+ simply trawl massive IP blocks looking for victims. Try not to
+ become one.
</simpara>
</sect1>
-
</chapter>
<!-- Keep this comment at the end of the file
Index: phpdoc/it/chapters/install.xml
diff -u phpdoc/it/chapters/install.xml:1.6 phpdoc/it/chapters/install.xml:1.7
--- phpdoc/it/chapters/install.xml:1.6 Thu Aug 31 08:34:41 2000
+++ phpdoc/it/chapters/install.xml Tue Oct 10 06:58:04 2000
@@ -1,7 +1,7 @@
<chapter id="installation">
<title>Installation</title>
- <sect1 id="downloading">
+ <sect1 id="install.downloading">
<title>Downloading the latest version</title>
<simpara>
The source code, and binary distributions for some platforms
@@ -10,12 +10,16 @@
</simpara>
</sect1>
- <sect1 id="install-unix">
+ <sect1 id="install.unix">
<title>Installation on UNIX systems</title>
<para>
This section will guide you through the configuration and
- installation of PHP. Prerequisite knowledge and software:
+ installation of PHP.
+ </para>
+
+ <para>
+ Prerequisite knowledge and software:
<itemizedlist>
<listitem>
@@ -37,14 +41,62 @@
</itemizedlist>
</para>
- <sect2>
- <title>
- Quick Installation Instructions (Apache Module Version)
- </title>
+ <para>
+ There are several ways to compile and configure PHP for the Unix
+ platform. The entire configuration process is controlled by the
+ use of commandline options to the <filename>configure</filename>
+ script. This page outlines the usage of the most common options,
+ but there are many others to play with. Check out the <link
+ linkend="install.configure">Complete list of configure
+ options</link> for an exhaustive rundown.
+ <itemizedlist>
+ <listitem>
+ <simpara>
+ As an <link linkend="install.unix.apache-module">Apache module</link>
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ As an <link linkend="install.unix.fhttpd">fhttpd module</link>
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ For use with <link
+ linkend="install.unix.otherhttpd">AOLServer, NSAPI,
+ phttpd, Pi3Web, Roxen, thttpd, or Zeus.</link>
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ As a <link linkend="install.unix.commandline">CGI executable</link>
+ </simpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ <sect2 id="install.unix.apache-module">
+ <title>Apache Module</title>
+
+ <para>
+ PHP can be compiled in a number of different ways as an Apache
+ module. First we show the quick instructions. Following this is
+ a list of various examples with explanations, to provide an
+ overview of how to accomplish certain things.
+ </para>
+
<para>
- <informalexample>
- <programlisting>
+ You can select arguments to add to the
+ <command>configure</command> on line 8 below from the <link
+ linkend="install.configure">Complete list of configure
+ options</link>.
+ </para>
+
+ <example id="install.unix.apache-module.quick">
+ <title>
+ Quick Installation Instructions (Apache Module Version)
+ </title>
+ <programlisting>
1. gunzip apache_1.3.x.tar.gz
2. tar xvf apache_1.3.x.tar
3. gunzip php-x.x.x.tar.gz
@@ -60,790 +112,2512 @@
for PHP 4: ./configure --activate-module=src/modules/php4/libphp4.a
13. make
14. make install
+
+ Instead of this step you may prefer to simply copy the httpd binary
+ overtop of your existing binary. Make sure you shut down your
+ server first though.
+
+15. cd ../php-x.x.x
+16. for PHP 3: cp php3.ini-dist /usr/local/lib/php3.ini
+ for PHP 4: cp php.ini-dist /usr/local/lib/php.ini
+
+ You can edit your .ini file to set PHP options. If
+ you prefer this file in another location, use
+ --with-config-file-path=/path in step 8.
+
+17. Edit your httpd.conf or srm.conf file and add:
+
+ For PHP 3: AddType application/x-httpd-php3 .php3
+ For PHP 4: AddType application/x-httpd-php .php
+
+ You can choose any extension you wish here. .php is simply the one
+ we suggest. You can even include .html .
+
+
+18. Use your normal procedure for starting the Apache server. (You must
+ stop and restart the server, not just cause the server to reload by
+ use a HUP or USR1 signal.)
+ </programlisting>
+ </example>
+
+ <para>
+ <informalexample>
+ <programlisting>
+./configure --with-apxs --with-pgsql
+ </programlisting>
+ </informalexample>
+ </para>
+ <para>
+ This will create a <filename>libphp4.so</filename> shared
+ library that is loaded into Apache using a LoadModule line in
+ Apache's <filename>httpd.conf</filename> file. The PostgreSQL
+ support is embedded into this <filename>libphp4.so</filename>
+ library.
+ </para>
+ <para>
+ <informalexample>
+ <programlisting>
+./configure --with-apxs --with-pgsql=shared
+ </programlisting>
+ </informalexample>
+ </para>
+ <para>
+ This will again create a <filename>libphp4.so</filename> shared
+ library for Apache, but it will also create a
+ <filename>pgsql.so</filename> shared library that is loaded into
+ PHP either by using the extension directive in
+ <filename>php.ini</filename> file or by loading it explicitly in
+ a script using the <function>dl</function> function.
+ </para>
+ <para>
+ <informalexample>
+ <programlisting>
+./configure --with-apache=/path/to/apache_source --with-pgsql
+ </programlisting>
+ </informalexample>
+ </para>
+ <para>
+ This will create a <filename>libmodphp4.a</filename> library, a
+ <filename>mod_php4.c</filename> and some accompanying files and
+ copy this into the <literal>src/modules/php4</literal> directory
+ in the Apache source tree. Then you compile Apache using
+ <literal>--activate-module=src/modules/php4/libphp4.a</literal>
+ and the Apache build system will create
+ <filename>libphp4.a</filename> and link it statically into the
+ <filename>httpd</filename> binary. The PostgreSQL support is
+ included directly into this <filename>httpd</filename> binary,
+ so the final result here is a single <filename>httpd</filename>
+ binary that includes all of Apache and all of PHP.
+ </para>
+ <para>
+ <informalexample>
+ <programlisting>
+./configure --with-apache=/path/to/apache_source --with-pgsql=shared
+ </programlisting>
+ </informalexample>
+ </para>
+ <para>
+ Same as before, except instead of including PostgreSQL support
+ directly into the final <filename>httpd</filename> you will get
+ a <filename>pgsql.so</filename> shared library that you can load
+ into PHP from either the <filename>php.ini</filename> file or
+ directly using <function>dl</function>.
+ </para>
+ <para>
+ When choosing to build PHP in different ways, you should consider
+ the advantages and drawbacks of each method. Building as a shared
+ object will mean that you can compile apache separately, and don't
+ have to recompile everything as you add to, or change, PHP.
+ Building PHP into apache (static method) means that PHP will
+ load and run faster. For more information, see the Apache
+ <ulink url="&url.apachedso;">webpage on DSO support</ulink>.
+ </para>
+ </sect2>
+
+ <sect2 id="install.unix.fhttpd">
+ <title>fhttpd Module</title>
+ <para>
+ To build PHP as an fhttpd module, answer "yes" to "Build as an
+ fhttpd module?" (the <option><link
+ linkend="install.configure.with-fhttpd">
+ --with-fhttpd</link>=<replaceable>DIR</replaceable></option>
+ option to configure) and specify the fhttpd source base
+ directory. The default directory is <filename
+ class="directory">/usr/local/src/fhttpd</filename>. If you are
+ running fhttpd, building PHP as a module will give better
+ performance, more control and remote execution capability.
+ </para>
+ </sect2>
+
+ <sect2 id="install.unix.otherhttpd">
+ <title>Other web servers</title>
+ <para>
+ PHP can be built to support a large number of web servers. Please
+ see <link linkend="install.configure.servers">Server-related
+ options</link> for a full list of server-related configure
+ options.
+ </para>
+ </sect2>
+
+ <sect2 id="install.unix.commandline">
+ <title>CGI/Commandline version</title>
+ <para>
+ The default is to build PHP as a CGI program. This creates a
+ commandline interpreter, which can be used for CGI processing, or
+ for non-web-related PHP scripting. If you are running a web
+ server PHP has module support for, you should generally go for
+ that solution for performance reasons. However, the CGI version
+ enables Apache users to run different PHP-enabled pages under
+ different user-ids. Please make sure you read through the <link
+ linkend="security">Security chapter</link> if you are going to
+ run PHP as a CGI.
+ </para>
+ </sect2>
+
+ <sect2 id="database-support-options">
+ <title>Database Support Options</title>
+ <para>
+ PHP has native support for a number of databases (as well as
+ ODBC). To enable support for the various databases, options are
+ given to the <filename>configure</filename> script at compile
+ time. Read the <link linkend="install.configure.databases">list
+ of all database-related options</link> for more information.
+ </para>
+
+ <para>
+ For a list of all possible options to
+ <filename>configure</filename>, please see the <link
+ linkend="install.configure">Complete list of configure
+ options</link>.
+ </para>
+ </sect2>
+
+ <sect2>
+ <title>Building</title>
+ <simpara>
+ When PHP is configured, you are ready to build the CGI executable
+ or the PHP library. The command <command>make</command> should
+ take care of this. If it fails and you can't figure out why, see
+ the <link linkend="install-problems">Problems section</link>.
+ </simpara>
+ </sect2>
+
+ <sect2>
+ <title>Testing</title>
+ <simpara>
+ If you have built PHP as a CGI program, you may test your build
+ by typing <command>make test</command>. It is always a good idea
+ to test your build. This way you may catch a problem with PHP on
+ your platform early instead of having to struggle with it later.
+ </simpara>
+ </sect2>
+
+ <sect2>
+ <title>Benchmarking</title>
+ <simpara>
+ If you have built PHP as a CGI program, you may benchmark your
+ build by typing <command>make bench</command>. Note that if safe
+ mode is on by default, the benchmark may not be able to finish if
+ it takes longer then the 30 seconds allowed. This is because the
+ <function>set_time_limit</function> can not be used in safe
+ mode. Use the <link
+ linkend="ini.max-execution-time">max_execution_time</link>
+ configuration setting to control this time for your own
+ scripts. <command>make bench</command> ignores the <link
+ linkend="configuration.file">configuration file</link>.
+ </simpara>
+ </sect2>
+
+ </sect1>
+
+ <sect1 id="install.configure">
+ <title>Complete list of configure options</title>
+
+ <note>
+ <para>
+ These are only used at compile time. If you want to alter PHP's
+ runtime configuration, please go to <link
+ linkend="configuration">Configuration</link>.
+ </para>
+ </note>
+
+ <para>
+ The following is a complete list of options supported by the PHP 3
+ and PHP 4 <filename>configure</filename> scripts, used when
+ compiling in Unix-like environments. Some are available in PHP 3,
+ some in PHP 4, and some in both, as noted. There are many options
+ the names of which have changed between PHP 3 and PHP 4, but which
+ accomplish the same things. These entries are cross-referenced to
+ each other, so if you have a problem getting your PHP 3-era
+ configuration options to work, check here to see whether the names
+ have changed.
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para>
+ <link linkend="install.configure.databases">Database</link>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="install.configure.ecommerce">Ecommerce</link>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="install.configure.graphics">Graphics</link>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="install.configure.misc">Miscellaneous</link>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="install.configure.networking">Networking</link>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="install.configure.php">PHP Behaviour</link>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="install.configure.servers">Server</link>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="install.configure.text">Text and language</link>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="install.configure.xml">XML</link>
+ </para>
+ </listitem>
+ </itemizedlist>
+
+ <sect2 id="install.configure.databases">
+ <title>Database</title>
+
+ <variablelist>
+ <varlistentry id="install.configure.with-adabas">
+ <term>
+ <parameter>--with-adabas[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Adabas D support. DIR is the Adabas base
+ install directory, defaults to /usr/local.
+ </para>
+ <para>
+ <ulink url="&url.adabas;">Adabas home page</ulink>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-dba">
+ <term>
+ <parameter>--enable-dba=shared</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Build DBA as a shared module
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-dbase">
+ <term>
+ <parameter>--enable-dbase</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available; use <link
+ linkend="install.configure.with-dbase">--with-dbase</link>
+ instead.
+ </para>
+ <para>
+ PHP 4: Enable the bundled dbase library. No external libraries
+ are required.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-dbase">
+ <term>
+ <parameter>--with-dbase</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include the bundled dbase library. No external
+ libraries are required.
+ </para>
+ <para>
+ PHP 4: Option not available; use <link
+ linkend="install.configure.enable-dbase">--enable-dbase</link>
+ instead.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-db2">
+ <term>
+ <parameter>--with-db2[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Berkeley DB2 support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-db3">
+ <term>
+ <parameter>--with-db3[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include Berkeley DB3 support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-dbm">
+ <term>
+ <parameter>--with-dbm[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include DBM support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-dbmaker">
+ <term>
+ <parameter>--with-dbmaker[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include DBMaker support. DIR is the DBMaker base install
+ directory, defaults to where the latest version of DBMaker is installed
+ (such as /home/dbmaker/3.6).
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-empress">
+ <term>
+ <parameter>--with-empress[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Empress support. DIR is the Empress base install
+ directory, defaults to $EMPRESSPATH
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-filepro">
+ <term>
+ <parameter>--enable-filepro</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available; use <link
+ linkend="install.configure.with-filepro">--with-filepro</link>
+ instead.
+ </para>
+ <para>
+ PHP 4: Enable the bundled read-only filePro support. No
+ external libraries are required.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-filepro">
+ <term>
+ <parameter>--with-filepro</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include the bundled read-only filePro support. No
+ external libraries are required.
+ </para>
+ <para>
+ PHP 4: Option not available; use <link
+ linkend="install.configure.enable-filepro">--enable-filepro</link>
+ instead.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-gdbm">
+ <term>
+ <parameter>--with-gdbm[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include GDBM support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-hyperwave">
+ <term>
+ <parameter>--with-hyperwave</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Hyperwave support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-ibm-db2">
+ <term>
+ <parameter>--with-ibm-db2[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include IBM DB2 support. DIR is the DB2 base
+ install directory, defaults to
+ <filename>/home/db2inst1/sqllib</filename>.
+ </para>
+ <para>
+ <ulink url="&url.ibmdb2;">IBM DB2 home page</ulink>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-informix">
+ <term>
+ <parameter>--with-informix[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Informix support. DIR is the Informix base install
+ directory, defaults to nothing.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-ingres">
+ <term>
+ <parameter>--with-ingres[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include Ingres II support. DIR is the Ingres base directory
+ (default /II/ingres)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-interbase">
+ <term>
+ <parameter>--with-interbase[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include InterBase support. DIR is the InterBase base
+ install directory, which defaults to <filename>/usr/interbase</filename>.
+ </para>
+ <simpara>
+ <link linkend="ref.ibase">Interbase functions</link>
+ </simpara>
+ <simpara>
+ <ulink url="&url.ibase;">Interbase home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-ldap">
+ <term>
+ <parameter>--with-ldap[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include LDAP support. DIR is the LDAP base install
+ directory. Defaults to <filename>/usr</filename> and
+ <filename>/usr/local</filename>
+ </para>
+ <para>
+ PHP 4: Include LDAP support. DIR is the LDAP base install directory.
+ </para>
+ <simpara>
+ This provides <acronym>LDAP</acronym> (Lightweight Directory Access
+ Protocol support). The parameter is the LDAP base install
+ directory, defaults to <filename
+ class="directory">/usr/local/ldap</filename>.
+ </simpara>
+ <simpara>
+ More information about LDAP can be found in <ulink
+ url="&url.rfc;rfc1777.html">RFC1777</ulink> and
+ <ulink
+ url="&url.rfc;rfc1778.html">RFC1778</ulink>.
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-msql">
+ <term>
+ <parameter>--with-msql[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Enables mSQL support. The parameter to this
+ option is the mSQL install directory and defaults to <filename
+ class="directory">/usr/local/Hughes</filename>. This is the
+ default directory of the mSQL 2.0 distribution.
+ <command>configure</command> automatically detects which mSQL
+ version you are running and PHP supports both 1.0 and 2.0, but
+ if you compile PHP with mSQL 1.0, you can only access mSQL 1.0
+ databases, and vice-versa.
+ </para>
+ <simpara>
+ See also <link linkend="ini.sect.msql">mSQL
+ Configuration</link> Directives in the <link
+ linkend="configuration.file">configuration file</link>.
+ </simpara>
+ <simpara>
+ <ulink url="&url.msql;">mSQL home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-mysql">
+ <term>
+ <parameter>--with-mysql[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include MySQL support. DIR is the MySQL base install directory,
+ defaults to searching through a number of common places for the MySQL
+ files.
+ </para>
+ <para>
+ PHP 4: Include MySQL support. DIR is the MySQL base directory. If
+ unspecified, the bundled MySQL library will be used. This
+ option is turned on by default.
+ </para>
+ <para>
+ See also <link linkend="ini.sect.mysql">MySQL
+ Configuration</link> Directives in the <link
+ linkend="configuration.file">configuration file</link>.
+ </para>
+ <para>
+ <ulink url="&url.mysql;">MySQL home page</ulink>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-ndbm">
+ <term>
+ <parameter>--with-ndbm[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include NDBM support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-oci8">
+ <term>
+ <parameter>--with-oci8[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include Oracle-oci8 support. Default DIR is ORACLE_HOME.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-oracle">
+ <term>
+ <parameter>--with-oracle[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include Oracle database support. DIR is Oracle's home directory,
+ defaults to $ORACLE_HOME.
+ </para>
+ <para>
+ PHP 4: Include Oracle-oci7 support. Default DIR is ORACLE_HOME.
+ </para>
+ <simpara>
+ Includes Oracle support. Has been tested and should be
+ working at least with Oracle versions 7.0 through 7.3. The
+ parameter is the <envar>ORACLE_HOME</envar> directory. You do
+ not have to specify this parameter if your Oracle environment
+ has been set up.
+ </simpara>
+ <simpara>
+ <ulink url="&url.oracle;">Oracle home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-pgsql">
+ <term>
+ <parameter>--with-pgsql[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include PostgresSQL support. DIR is the PostgresSQL base
+ install directory, which defaults to
+ <filename>/usr/local/pgsql</filename>.
+ </para>
+ <para>
+ PHP 4: Include PostgreSQL support. DIR is the PostgreSQL base
+ install directory, which defaults to
+ <filename>/usr/local/pgsql</filename>. Set DIR to shared to
+ build as a dl, or shared,DIR to build as a dl and still specify
+ DIR.
+ </para>
+ <simpara>
+ See also <link linkend="ini.sect.pgsql">Postgres
+ Configuration</link> Directives in the <link
+ linkend="configuration.file">configuration file</link>.
+ </simpara>
+ <simpara>
+ <ulink url="&url.pgsql;">PostgreSQL home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-solid">
+ <term>
+ <parameter>--with-solid[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Solid support. DIR is the Solid base install
+ directory, defaults to /usr/local/solid
+ </para>
+ <simpara>
+ <ulink url="&url.solid;">Solid home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-sybase-ct">
+ <term>
+ <parameter>--with-sybase-ct[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Sybase-CT support. DIR is the Sybase home
+ directory, defaults to /home/sybase.
+ </para>
+ <simpara>
+ See also <link linkend="ini.sect.sybct">Sybase-CT
+ Configuration</link> Directives in the <link
+ linkend="configuration.file">configuration
+ file</link>.
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-sybase">
+ <term>
+ <parameter>--with-sybase[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Sybase-DB support. DIR is the Sybase home
+ directory, which defaults to <filename>/home/sybase</filename>.
+ </para>
+ <simpara>
+ See also <link linkend="ini.sect.sybase">Sybase
+ Configuration</link> Directives in the <link
+ linkend="configuration.file">configuration file</link>.
+ </simpara>
+ <simpara>
+ <ulink url="&url.sybase;">Sybase home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-openlink">
+ <term>
+ <parameter>--with-openlink[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include OpenLink ODBC support. DIR is the OpenLink base
+ install directory, defaults to /usr/local/openlink.
+ </para>
+ <simpara>
+ <ulink url="&url.openlink;">OpenLink Software's home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-iodbc">
+ <term>
+ <parameter>--with-iodbc[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include iODBC support. DIR is the iODBC base install
+ directory, defaults to <filename>/usr/local</filename>.
+ </para>
+ <para>
+ This feature was first developed for iODBC Driver Manager, a
+ freely redistributable ODBC driver manager which runs under
+ many flavors of UNIX.
+ </para>
+ <simpara>
+ <ulink url="&url.freeodbc;">FreeODBC home page</ulink>
+ or <ulink url="&url.iodbc;">iODBC home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-custom-odbc">
+ <term>
+ <parameter>--with-custom-odbc[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Includes support for an arbitrary custom ODBC
+ library. The parameter is the base directory and defaults to
+ <filename class="directory">/usr/local</filename>.
+ </para>
+ <simpara>
+ This option implies that you have defined CUSTOM_ODBC_LIBS
+ when you run the configure script. You also must have a valid
+ odbc.h header somewhere in your include path. If you don't
+ have one, create it and include your specific header from
+ there. Your header may also require some extra definitions,
+ particularly when it is multiplatform. Define them in
+ CFLAGS.
+ </simpara>
+ <simpara>
+ For example, you can use Sybase SQL Anywhere on QNX as
+ following:
+ <literal>
+ CFLAGS=-DODBC_QNX LDFLAGS=-lunix CUSTOM_ODBC_LIBS="-ldblib
+ -lodbc" ./configure --with-custom-odbc=/usr/lib/sqlany50
+ </literal>
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.disable-unified-odbc">
+ <term>
+ <parameter>--disable-unified-odbc</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Disable unified ODBC support. Only applicable if iODBC, Adabas,
+ Solid, Velocis or a custom ODBC interface is enabled.
+ </para>
+ <para>
+ PHP 4: Option not available in PHP 4
+ </para>
+ <simpara>
+ The Unified ODBC module, which is a common interface to all
+ the databases with ODBC-based interfaces, such as Solid, IBM
+ DB2 and Adabas D. It also works for normal ODBC libraries.
+ Has been tested with iODBC, Solid, Adabas D, IBM DB2 and
+ Sybase SQL Anywhere. Requires that one (and only one) of these
+ modules or the Velocis module is enabled, or a custom ODBC
+ library specified. This option is only applicable if one of
+ the following options is used: <link
+ linkend="install.configure.with-iodbc">--with-iodbc</link>,
+ <link
+ linkend="install.configure.with-solid">--with-solid</link>,
+ <link
+ linkend="install.configure.with-ibm-db2">--with-ibm-db2</link>,
+ <link
+ linkend="install.configure.with-adabas">--with-adabas</link>,
+ <link
+ linkend="install.configure.with-velocis">--with-velocis</link>,
+ or <link
+ linkend="install.configure.with-custom-odbc">--with-custom-odbc</link>.
+ </simpara>
+ <simpara>
+ See also <link linkend="ini.sect.uodbc">Unified ODBC
+ Configuration</link> Directives in the <link
+ linkend="configuration.file">configuration
+ file</link>.
+ </simpara>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-unixODBC">
+ <term>
+ <parameter>--with-unixODBC[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include unixODBC support. DIR is the unixODBC base install
+ directory, defaults to /usr/local.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-velocis">
+ <term>
+ <parameter>--with-velocis[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include Velocis support. DIR is the Velocis base install
+ directory, defaults to /usr/local/velocis.
+ </para>
+ <simpara>
+ <ulink url="&url.velocis;">Velocis home page</ulink>
+ </simpara>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </sect2>
+
+ <sect2 id="install.configure.ecommerce">
+ <title>Ecommerce</title>
+
+ <variablelist>
+ <varlistentry id="install.configure.with-ccvs">
+ <term>
+ <parameter>--with-ccvs[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Compile CCVS support into PHP4. Please specify your CCVS base
+ install directory as DIR.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-mck">
+ <term>
+ <parameter>--with-mck[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include Cybercash MCK support. DIR is the cybercash mck
+ build directory, which defaults to
+ <filename>/usr/src/mck-3.2.0.3-linux</filename>. For help, look
+ in <filename>extra/cyberlib</filename>.
+ </para>
+ <para>
+ PHP 4: Option not available; use <link
+ linkend="install.configure.with-cybercash">--with-cybercash</link>
+ instead.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-cybercash">
+ <term>
+ <parameter>--with-cybercash[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available; use <link
+ linkend="install.configure.with-mck">--with-mck</link>
+ instead.
+ </para>
+ <para>
+ PHP 4: Include CyberCash support. DIR is the CyberCash MCK install
+ directory.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-pfpro">
+ <term>
+ <parameter>--with-pfpro[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include Verisign Payflow Pro support
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ </sect2>
+
+ <sect2 id="install.configure.graphics">
+ <title>Graphics</title>
+
+ <variablelist>
+ <varlistentry id="install.configure.enable-freetype-4bit-antialias-hack">
+ <term>
+ <parameter>--enable-freetype-4bit-antialias-hack</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include support for FreeType2 (experimental).
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-gd">
+ <term>
+ <parameter>--with-gd[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include GD support (DIR is GD's install dir).
+ </para>
+ <para>
+ PHP 4: Include GD support (DIR is GD's install dir). Set DIR to shared
+ to build as a dl, or shared,DIR to build as a dl and still specify DIR.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.without-gd">
+ <term>
+ <parameter>--without-gd</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Disable GD support.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-imagick">
+ <term>
+ <parameter>--with-imagick[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include ImageMagick support. DIR is the install
+ directory, and if left out, PHP will try to find it on its
+ own. [experimental]
+ </para>
+ <para>
+ PHP 4: Option not available in PHP 4
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-jpeg-dir">
+ <term>
+ <parameter>--with-jpeg-dir[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: jpeg dir for pdflib 2.0
+ </para>
+ <para>
+ PHP 4: jpeg dir for pdflib 3.x
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-png-dir">
+ <term>
+ <parameter>--with-png-dir[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: png dir for pdflib 3.x
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-t1lib">
+ <term>
+ <parameter>--enable-t1lib</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Enable t1lib support.
+ </para>
+ <para>
+ PHP 4: Option not available; use <link
+ linkend="install.configure.with-t1lib">--with-t1lib</link>
+ instead.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-t1lib">
+ <term>
+ <parameter>--with-t1lib[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available; use <link
+ linkend="install.configure.enable-t1lib">--enable-t1lib</link>
+ instead.
+ </para>
+ <para>
+ PHP 4: Include T1lib support.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-tiff-dir">
+ <term>
+ <parameter>--with-tiff-dir[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: tiff dir for pdflib 2.0
+ </para>
+ <para>
+ PHP 4: tiff dir for pdflib 3.x
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-ttf">
+ <term>
+ <parameter>--with-ttf[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include FreeType support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-xpm-dir">
+ <term>
+ <parameter>--with-xpm-dir[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: xpm dir for gd-1.8+
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </sect2>
+
+ <sect2 id="install.configure.misc">
+ <title>Miscellaneous</title>
+
+ <para>
+ These are being classified over time, where appropriate.
+ </para>
+
+ <variablelist>
+ <varlistentry id="install.configure.disable-bcmath">
+ <term>
+ <parameter>--disable-bcmath</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Compile without BC arbitrary precision math
+ functions. These functions allow you to operate with numbers
+ outside of the ranges allowed by regular integers and floats;
+ see <link linkend="ref.bc">BCMath Arbitrary Precision
+ Mathematics Functions</link> for more information.
+ </para>
+ <para>
+ PHP 4: Option not available; bcmath is not compiled in by
+ default. Use <link
+ linkend="install.configure.enable-bcmath">--enable-bcmath</link>
+ to compile it in.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.disable-display-source">
+ <term>
+ <parameter>--disable-display-source</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Compile without displaying source support
+ </para>
+ <para>
+ PHP 4: Option not available in PHP 4
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.disable-libtool-lock">
+ <term>
+ <parameter>--disable-libtool-lock</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: avoid locking (might break parallel builds)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.disable-pear">
+ <term>
+ <parameter>--disable-pear</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Do not install PEAR
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.disable-pic">
+ <term>
+ <parameter>--disable-pic</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Disable PIC for shared objects
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.disable-posix">
+ <term>
+ <parameter>--disable-posix</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3; use <link
+ linkend="install.configure.without-posix">--without-posix</link>
+ instead.
+ </para>
+ <para>
+ PHP 4: Disable POSIX-like functions
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.disable-rpath">
+ <term>
+ <parameter>--disable-rpath</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Disable passing additional runtime library search paths
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.disable-session">
+ <term>
+ <parameter>--disable-session</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Disable session support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-bcmath">
+ <term>
+ <parameter>--enable-bcmath</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3; bcmath is compiled in
+ by default. Use <link
+ linkend="install.configure.disable-bcmath">--disable-bcmath</link>
+ to disable it.
+ </para>
+ <para>
+ PHP 4: Compile with bc style precision math functions. Read
+ README-BCMATH for instructions on how to get this module
+ installed. These functions allow you to operate with numbers
+ outside of the ranges allowed by regular integers and floats;
+ see <link linkend="ref.bc">BCMath Arbitrary Precision
+ Mathematics Functions</link> for more information.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-c9x-inline">
+ <term>
+ <parameter>--enable-c9x-inline</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Enable C9x-inline semantics
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-calendar">
+ <term>
+ <parameter>--enable-calendar</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Enable support for calendar conversion
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-debug">
+ <term>
+ <parameter>--enable-debug</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Compile with debugging symbols.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-debugger">
+ <term>
+ <parameter>--enable-debugger</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Compile with remote debugging functions
+ </para>
+ <para>
+ PHP 4: Option not available in PHP 4
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-discard-path">
+ <term>
+ <parameter>--enable-discard-path</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: If this is enabled, the PHP CGI binary can safely be
+ placed outside of the web tree and people will not be able to circumvent
+ .htaccess security.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-dmalloc">
+ <term>
+ <parameter>--enable-dmalloc</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Enable dmalloc
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-exif">
+ <term>
+ <parameter>--enable-exif</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Enable exif support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-experimental-zts">
+ <term>
+ <parameter>--enable-experimental-zts</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: This will most likely break your build
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-fast-install">
+ <term>
+ <parameter>--enable-fast-install[=PKGS]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: optimize for fast installation [default=yes]
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-force-cgi-redirect">
+ <term>
+ <parameter>--enable-force-cgi-redirect</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Enable the security check for internal server redirects.
+ You should use this if you are running the CGI version with Apache.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-inline-optimization">
+ <term>
+ <parameter>--enable-inline-optimization</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: If you have much memory and are using gcc, you might try this.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-libgcc">
+ <term>
+ <parameter>--enable-libgcc</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Enable explicitly linking against libgcc
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-maintainer-mode">
+ <term>
+ <parameter>--enable-maintainer-mode</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: enable make rules and dependencies not useful (and
+ sometimes confusing) to the casual installer
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-memory-limit">
+ <term>
+ <parameter>--enable-memory-limit</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Compile with memory limit support.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-safe-mode">
+ <term>
+ <parameter>--enable-safe-mode</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Enable safe mode by default.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-satellite">
+ <term>
+ <parameter>--enable-satellite</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Enable CORBA support via Satellite (Requires ORBit)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-shared">
+ <term>
+ <parameter>--enable-shared[=PKGS]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: build shared libraries [default=yes]
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-sigchild">
+ <term>
+ <parameter>--enable-sigchild</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Enable PHP's own SIGCHLD handler.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-static">
+ <term>
+ <parameter>--enable-static[=PKGS]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: build static libraries [default=yes]
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-sysvsem">
+ <term>
+ <parameter>--enable-sysvsem</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Enable System V semaphore support.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-sysvshm">
+ <term>
+ <parameter>--enable-sysvshm</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Enable the System V shared memory support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.enable-trans-sid">
+ <term>
+ <parameter>--enable-trans-sid</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Enable transparent session id propagation
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-cdb">
+ <term>
+ <parameter>--with-cdb[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include CDB support
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-config-file-path">
+ <term>
+ <parameter>--with-config-file-path=PATH</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Sets the path in which to look for php3.ini. Defaults to
+ <filename>/usr/local/lib</filename>
+ </para>
+ <para>
+ PHP 4: Sets the path in which to look for php.ini. Defaults to
+ <filename>/usr/local/lib</filename>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-cpdflib">
+ <term>
+ <parameter>--with-cpdflib[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include ClibPDF support. DIR is the ClibPDF install directory,
+ defaults to /usr/local.
+ </para>
+ <para>
+ PHP 4: Include cpdflib support (requires cpdflib >= 2). DIR is the
+ cpdfllib install directory, defaults to /usr.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-esoob">
+ <term>
+ <parameter>--with-esoob[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include Easysoft OOB support. DIR is the OOB base install
+ directory, defaults to /usr/local/easysoft/oob/client.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-exec-dir">
+ <term>
+ <parameter>--with-exec-dir[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Only allow executables in DIR when in safe mode defaults
+ to /usr/local/php/bin
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-fdftk">
+ <term>
+ <parameter>--with-fdftk[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include fdftk support. DIR is the fdftk install directory,
+ defaults to /usr/local.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-gnu-ld">
+ <term>
+ <parameter>--with-gnu-ld</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: assume the C compiler uses GNU ld [default=no]
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-icap">
+ <term>
+ <parameter>--with-icap[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include ICAP support.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-imap">
+ <term>
+ <parameter>--with-imap[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3, PHP 4: Include IMAP support. DIR is the IMAP include and
+ c-client.a directory.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-imsp">
+ <term>
+ <parameter>--with-imsp[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Include IMSP support (DIR is IMSP's include dir and libimsp.a
+ dir).
+ </para>
+ <para>
+ PHP 4: Option not available in PHP 4
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-java">
+ <term>
+ <parameter>--with-java[=DIR]</parameter>
+ </term>
+ <listitem>
+ <para>
+ PHP 3: Option not available in PHP 3
+ </para>
+ <para>
+ PHP 4: Include Java support. DIR is the base install directory for the
+ JDK. This extension can only be built as a shared dl.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="install.configure.with-kerberos&qu