I have had a lot of trouble with PHP on SuSE 10 GM. It just doesn't appear to function as it supposed to. I want a working environment to learn with. Sessions, are the current problem. I have also installed Mambo CMS server in the past without any problems, but with the current version of Joomla CMS, I'm having all sorts of problems. I have tried by putting all the values in 'php.ini' and also I read on the net to put them in '.htaccess'. 1. Now where is the correct place to indicate the path for the session info to be stored. 2. What rights should be given to the 'store', for secure but unimpeded usage. snip --------------------------- php.ini---------------- [PHP] ;;;;;;;;;;; ; WARNING ; ;;;;;;;;;;; ; This is the default settings file for new PHP installations. ; By default, PHP installs itself with a configuration suitable for ; development purposes, and *NOT* for production purposes. ; For several security-oriented considerations that should be taken ; before going online with your site, please consult php.ini-recommended ; and http://php.net/manual/en/security.php. ; Enable the PHP scripting language engine under Apache. engine = On short_open_tag = On asp_tags = Off precision = 12 y2k_compliance = On output_buffering = Off ;output_handler = zlib.output_compression = Off ;zlib.output_handler = implicit_flush = Off unserialize_callback_func= serialize_precision = 100 allow_call_time_pass_reference = On safe_mode = Off safe_mode_gid = Off safe_mode_include_dir = safe_mode_exec_dir = safe_mode_allowed_env_vars = PHP_ safe_mode_protected_env_vars = LD_LIBRARY_PATH ;open_basedir = disable_functions = disable_classes = ;highlight.string = #DD0000 ;highlight.comment = #FF9900 ;highlight.keyword = #007700 ;highlight.bg = #FFFFFF ;highlight.default = #0000BB ;highlight.html = #000000 expose_php = On max_execution_time = 30 ; Maximum execution time of each script, in seconds max_input_time = 60 ; Maximum amount of time each script may spend parsing request data memory_limit = 8M ; Maximum amount of memory a script may consume (8MB) error_reporting = E_ALL & ~E_NOTICE display_errors = On display_startup_errors = Off log_errors = Off log_errors_max_len = 1024 ignore_repeated_errors = Off ignore_repeated_source = Off report_memleaks = On track_errors = Off ;html_errors = Off ;docref_root = "/phpmanual/" ;docref_ext = .html ;error_prepend_string = "<font color=ff0000>" ;error_append_string = "</font>" ;error_log = filename ;error_log = syslog ;arg_separator.input = ";&" variables_order = "EGPCS" register_globals = Off register_argc_argv = On post_max_size = 8M gpc_order = "GPC" magic_quotes_gpc = On magic_quotes_runtime = Off magic_quotes_sybase = Off auto_prepend_file = auto_append_file = default_mimetype = "text/html" ;default_charset = "iso-8859-1" ;always_populate_raw_post_data = On ; UNIX: "/path1:/path2" ;include_path = ".:/php/includes" include_path = "/usr/share/php" doc_root = user_dir = extension_dir = "./" extension_dir = /usr/lib/php/extensions enable_dl = On ; cgi.force_redirect = 1 ; cgi.nph = 1 ; cgi.redirect_status_env = ; ; cgi.fix_pathinfo=0 ; fastcgi.impersonate = 1; ; fastcgi.log = 0 ;cgi.rfc2616_headers = 0 file_uploads = On ;upload_tmp_dir = upload_max_filesize = 2M allow_url_fopen = On ;from="john@doe.com" ; user_agent="PHP" default_socket_timeout = 60 ; auto_detect_line_endings = Off [extension section] extension=zlib.so extension=unixODBC.so extension=sockets.so extension=mysql.so extension=ldap.so ; end of extension section define_syslog_variables = Off ;sendmail_path = [Java] ;java.class.path = .\php_java.jar ;java.home = c:\jdk ;java.library = c:\jdk\jre\bin\hotspot\jvm.dll ;java.library.path = .\ [SQL] sql.safe_mode = Off [ODBC] ;odbc.default_db = Not yet implemented ;odbc.default_user = Not yet implemented ;odbc.default_pw = Not yet implemented ; Allow or prevent persistent links. odbc.allow_persistent = Off ; Check that a connection is still valid before reuse. odbc.check_persistent = On ; Maximum number of persistent links. -1 means no limit. odbc.max_persistent = -1 ; Maximum number of links (persistent + non-persistent). -1 means no limit. odbc.max_links = -1 ; Handling of LONG fields. Returns number of bytes to variables. 0 means ; passthru. odbc.defaultlrl = 4096 ; Handling of binary data. odbc.defaultbinmode = 1 [MySQL] ; Allow or prevent persistent links. mysql.allow_persistent = Off ; Maximum number of persistent links. -1 means no limit. mysql.max_persistent = -1 ; Maximum number of links (persistent + non-persistent). -1 means no limit. mysql.max_links = -1 ; Default port number for mysql_connect(). If unset, mysql_connect() will use ; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the ; compile-time value defined MYSQL_PORT (in that order). Win32 will only look ; at MYSQL_PORT. mysql.default_port = ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. mysql.default_socket = ; Default host for mysql_connect() (doesn't apply in safe mode). mysql.default_host = ; Default user for mysql_connect() (doesn't apply in safe mode). mysql.default_user = ; Default password for mysql_connect() (doesn't apply in safe mode). ; Note that this is generally a *bad* idea to store passwords in this file. ; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") ; and reveal this password! And of course, any users with read access to this ; file will be able to reveal the password as well. mysql.default_password = ; Maximum time (in seconds) for connect timeout. -1 means no limit mysql.connect_timeout = 60 ; Trace mode. When trace_mode is active (=On), warnings for table/index scans and ; SQL-Errors will be displayed. mysql.trace_mode = Off [Session] ; Handler used to store/retrieve data. session.save_handler = files ;session.save_path = /tmp session.save_path = /var/lib/php ; Whether to use cookies. session.use_cookies = 1 ; This option enables administrators to make their users invulnerable to ; attacks which involve passing session ids in URLs; defaults to 0. ; session.use_only_cookies = 1 ; Name of the session (used as cookie name). session.name = PHPSESSID ; Initialize session on request startup. session.auto_start = 1 ; Lifetime in seconds of cookie or, if 0, until browser is restarted. session.cookie_lifetime = 0 ; The path for which the cookie is valid. session.cookie_path = / ; The domain for which the cookie is valid. session.cookie_domain = ; Handler used to serialize data. php is the standard serializer of PHP. session.serialize_handler = php session.gc_probability = 1 session.gc_divisor = 100 session.gc_maxlifetime = 1440 session.bug_compat_42 = 1 session.bug_compat_warn = 1 session.referer_check = ; How many bytes to read from the file. session.entropy_length = 0 ; Specified here to create the session id. session.entropy_file = ;session.entropy_length = 16 ;session.entropy_file = /dev/urandom ; Set to {nocache,private,public,} to determine HTTP caching aspects ; or leave this empty to avoid sending anti-caching headers. session.cache_limiter = nocache ; Document expires after n minutes. session.cache_expire = 180 session.use_trans_sid = 0 url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" # ---------------------------------------------------------- Could somebody help. Thanks in advance. Paul