Administrator's Guide

The Dom extension enables to parse XML documents. PrestaShop uses for

various functionalities, like the Store Locator. It is also used by some

modules, as well as the pear_xml_parse library.

The allow_url_fopen directive enables modules to access remote files,

which is an essential part of the payment process, among others things. It

is therefore imperative to have it set to ON.

In short, it is imperative to have the following directives set to the

indicated values:

extension = php_mysql.dll

extension = php_gd2.dll

allow_url_fopen = On

Recommended settings

Your PHP installation should feature the following settings and libraries, for

best experience:

 GZIP support.

 Mcrypt library.

 register_globals disabled.

 magic_quotes disabled.

 allow_url_include disabled

Having GZip support enables the web server to pack web pages, images

and scripts before sending them to the browser. This makes navigating

the shop faster, and therefore a more agreeable experience.

The Mcrypt provides PHP with a hardened security layer, enable the use of

more hashing and cryptography algorithm.

The register_globals directive, when enabled, defines all environment

variables (GET, POST, COOKIE, SERVER...) as global variables. It is

unsafe to use unset variables, because a user could easily set a value

into this variable by using the GET method, for example. It is therefore

imperative to set register_globals to OFF.

The magic_quotes directive automatically escapes (or "adds slashes") to all

special character sequences (', ", \, NULL) for all environment variables

(GET, POST, COOKIE, SERVER...). This option must be set to OFF because

it will addslash each variable even if it does not need to be addslashed.

Moreover, some Web applications overlook this option, so some variables

could be addslashed twice, resulting in corrupted data.