Thanks so much. Yes, we found that because PHP threw an error that said that explicitly. A bit of research led us to add a line to php.ini to set the "max_input_vars" to a higher level. At first, that appeared to fix it (on the development machine). The appearance is wrong; it is still broken. No errors are being thrown. We are baffled. Ken On Wed, Apr 24, 2013 at 4:23 PM, David OBrien <dgobrien@xxxxxxxxx> wrote: > On Wed, Apr 24, 2013 at 5:14 PM, David OBrien <dgobrien@xxxxxxxxx> wrote: > >> On Wed, Apr 24, 2013 at 5:09 PM, Ken Kixmoeller <phphelp@xxxxxxxxxxx>wrote: >> >>> Hey - -- >>> >>> I have a huge screen -- to make it simple for the user, it does 100s of >>> calls to MySQL and has 1,000s (literally) of POST variables. >>> >>> We have done extensive research and see that upgrading from php 5.1.6-27 >>> to >>> 5.1.6-39 is the thing that caused it to break. All other issues (Apache, >>> PHP and MySQL configuration and Versions) have been methodically ruled >>> out. >>> >>> >>> Anybody experience this? Heard of it? Suggest a repair (other than >>> changing >>> my screen)? >>> >>> *** Please don't tell me to redesign the screen -- this may come, but now >>> is an urgent situation.*** >>> >>> Worked fine in prior versions for the last 3 years. >>> >>> Thanks, >>> >>> Ken >>> >> >> Looks like they fixed the bug that allowed that to work... >> php-common-5.1.6-32.el5.x86_64<http://linuxsoft.cern.ch/cern/slc5X/x86_64/yum/updates/php-common-5.1.6-32.el5.x86_64.rpm> >> [153 KiB] *Changelog* by Joe Orton (2012-02-02): - add security fix for >> CVE-2012-0830 (#786756) >> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 >> >> >> > > *I looked around google some more and found there is a hard limit of 1000 > post variables in 5.1.6* > > After weeks of using it, a problem was reported about just one function of > the app that would sometimes return a blank screen. It took me hours of > debugging (read: echo) to figure out what's going on, digging through some > old PHP code (fun!): It appeared that only 1000 post variables arrived on > the server. (Well, 1006 actually, but 2 were added by PHP, and that sounded > like a PHP-style limitation of 1000.) A quick google lookup revealed that > PHP introduced a new feature where it would limit the number of post > variables. For safety reasons. > > The variable is called "max_input_vars" with a default of 1000. PHP states > that this feature was introduced in 5.3.9, but I'm running 5.1.6 and the > limit is enforced. > > Because the server is for production, it was running with on-screen > warnings turned off. PHP says that it "prints a warning and cuts". For me, > that's a real WTF. A post request should be processed as all-or-nothing. > It should instead refuse the request completely. But for a technology > named "personal home page" the priorities are different. > > >
