My host has register_globals ON. In order to turn them off, they've told me to create and put a php.ini file (setting it to OFF) "in the directory (subfolder) containing your PHP applications". But almost every directory contains PHP files, or do they mean just in the folders where PHP handles GET/POST/COOKIE data (still, that's lots of folders)?

On a related note, perhaps it is erroneous of me to have such code all over my site. Should the form/database related code be separate from the live pages and saved all in one folder somewhere (perhaps outside the webroot??) and inserted as includes instead?

Normally you cannot put a php.ini file any old place you want. However if on Apache you can do so with a .htaccess file. It affects the directory you put it in as well as any sub-directories under that directory.

I've not worked in an environment that allows more that one php.ini file. That does not mean there can't be one, just that I don't know anything about it. If such an environment exists (and it's not to hard to imagine if you are set up to run in CGI mode instead of as an Apache module), I would have expected it to still only look for one specific php.ini file within your domain.

You could certainly try a quick test by creating a php.ini file in your root web directory, make the recommended change; then make a php script in a subdirectory that does a [man]phpinfo()[/man] and see if it reflects the new setting.