How to Store Configuration Variables in PHP

What is the best way to store configuration variables in PHP?

I've always gone with option #2 and just ensure that no one but the owner has ANY sort of access to it. It's the most popular method among PHP applications like Joomla, vBulletin, Gallery, and numerous others.

First method is too messy to me (readability) and the third is WAY too dangerous to do. I've never thought about the Class method, so someone else can provide their input on that one. But I guess it's fine so long as the right access is used on the class' usage.

Example..

define('EXAMPLE1', "test1"); // scenario 1
$example2 = "test2"; // scenario 2

function DealWithUserInput($input)
{
   return eval($input);
}

Now this example of code is really dumb, but just an example. Consider what could be returned by the function depending on which scenario the user could try to use in their input.

Scenario 2 would only cause an issue if you made it a global within the function. Otherwise it's out of scope and unreachable.

How should i store settings variables in php?

You could use constants which are global by default:

define('APPLICATION_SETTING', true);

Otherwise you could use a Registry Singleton class in which you load the settings and store them in a class private variable.
Classic Registry class structure:

class Registry {
    private $instance = NULL;
    private $vars = array();
    private __construct() {/**/}
    public static function getInstance() {/**/}
    public function get($key) {/**/}
    public function set($key, $value) {/**/}
}

And no, I suggest you not to use Injections and stuff patterns. Just use Singleton. With Injection you get everything worse and more complicated.

Fastest way to store easily editable config data in PHP?

Serialize is a better option than JSON for storing PHP variables.

I like to use var_export for saving config file, and using include for loading config info. This makes it easy to save config data progmatically AND makes the data easy to read/write for a person as well:

config.php:

return array(
 'var1'=> 'value1',
 'var2'=> 'value2',
);

test.php:

$config = include 'config.php';
$config['var2']= 'value3';
file_put_contents('config.php', '<?php return ' . var_export($config, true) . '; ?>');

Updated config.php now contains the following data:

return array(
 'var1'=> 'value1',
 'var2'=> 'value3',
);

PHP Configuration Storage

There is no “Best Way (tm)” to store your application configurations. It really all depends on your application, the kind of configurations, how often they can/need to change, and how easy you want to make it to change them.

Some people use a full singleton (or static) Config class for their application. Which looks something like this (with varying levels of complexity):

<?php

class Config
{

    protected static $config = array();

    private function __construct() {} // make this private so we can't instanciate

    public static function set($key, $val)
    {
        self::$config[$key] = $val;
    }

    public static function get($key)
    {
        return self::$config[$key];
    }

}

This is handy because you can call it wherever you want in your application with Config::set() or Config::get(). You then have a central place that your entire application is configured, and you can make it as complex or as simple as you like. You can back things up to the database, memcached, etc, whatever.

Which brings me to the next thing. Using the database is fine for things that need to be able to be changed on the fly and don't necessarily have to have an “initial setting”. An example would be site application customization features (eg. currency, background color, header image, etc). The problem here is, you have to load that every time a page is loaded in your application. So to solve that, you can use a middle layer caching technology (like memcached if you like). That would be fast, way faster than the database, but still adds overhead because you have to load it on every page load.

The fastest way, and consequently the “hardest” to change, is to use a config.php file or the like. This file would have $_GLOBALS array key definitions, or define()'s for values that you need access to throughout your application. This is fast because it's included in the request and hard coded in PHP, so all PHP has to do is interpret the file - no network IO or any added overhead other than the minimal overhead of including a file into your script. The things you’d store in these PHP files are things like your MySQL connection credentials, web service connection credentials, etc.

For an application which has a lot of users and a lot of customizations, you’ll probably need to deploy a ‘hybrid’ of the methods, or come up with your own. For something that is just a standard application deployment, you might be able to get away with a very simple config.php type approach.

What's the best way (coding-wise) to store system configuration in a PHP application?

Why not use Zend_Config? It creates a common interface for configuration options that can be stored in a confing file or a database (with a proper adapter). And it's lightweight; you don't have to bring in the entire Zend framework to use it.

BTW, since you're building a framework, you should keep pollution of the global namespace to a minimum. Something like your 3rd option, and if you're targeting 5.3 exclusively, look at using proper namespaces.