On 04/24/2013 03:24 PM, Ken Kixmoeller wrote:
Thanks, Jim ---
Is this different from the "max_input_vars" discussion above? (from David
OBrien)
yes. For example...
php.ini:[suhosin]
php.ini:;suhosin.log.syslog =
php.ini:;suhosin.log.syslog.facility =
php.ini:;suhosin.log.syslog.priority =
php.ini:;suhosin.log.sapi =
php.ini:;suhosin.log.script =
php.ini:;suhosin.log.phpscript = 0
php.ini:;suhosin.log.script.name =
php.ini:; variables registered in the current scope: SUHOSIN_ERRORCLASS and
php.ini:; SUHOSIN_ERROR. The first one is the alert class and the second
variable is
php.ini:;suhosin.log.phpscript.name =
php.ini:;suhosin.log.phpscript.is_safe = Off
php.ini:;suhosin.log.use-x-forwarded-for = Off
php.ini:;suhosin.executor.max_depth = 0
php.ini:;suhosin.executor.include.max_traversal = 0
php.ini:;suhosin.executor.include.whitelist =
php.ini:;suhosin.executor.include.blacklist =
php.ini:;suhosin.executor.func.whitelist =
php.ini:;suhosin.executor.func.blacklist =
php.ini:;suhosin.executor.eval.whitelist =
php.ini:;suhosin.executor.eval.blacklist =
php.ini:;suhosin.executor.disable_eval = Off
php.ini:;suhosin.executor.disable_emodifier = Off
php.ini:; by default in Suhosin >= 0.9.6. Allowing symlink() while
open_basedir is used
php.ini:;suhosin.executor.allow_symlink = Off
php.ini:; If you fear that Suhosin breaks your application, you can
activate Suhosin's
php.ini:; simulation mode with this flag. When Suhosin runs in
simulation mode,
php.ini:;suhosin.simulation = Off
php.ini:; first. It always uses resource slot 0. If Suhosin got this
slot assigned APC
php.ini:; will overwrite the information Suhosin stores in this slot.
When this flag is
php.ini:; set Suhosin will request 2 Slots and use the second one. This
allows working
php.ini:;suhosin.apc_bug_workaround = Off
php.ini:;suhosin.sql.bailout_on_error = Off
php.ini:;suhosin.sql.user_prefix =
php.ini:;suhosin.sql.user_postfix =
php.ini:;suhosin.multiheader = Off
php.ini:suhosin.mail.protect = 1
php.ini:; memory_limit to whatever value they want. Suhosin changes this
fact and
php.ini:; that Suhosin will disallows scripts setting the memory_limit
to a value above
php.ini:;suhosin.memory_limit = 0
php.ini:suhosin.session.encrypt = Off
php.ini:;suhosin.session.cryptkey =
php.ini:;suhosin.session.cryptua = On
php.ini:;suhosin.session.cryptdocroot = On
php.ini:;suhosin.session.cryptraddr = 0
php.ini:; session. The difference to suhosin.session.cryptaddr is, that
the IP is not
php.ini:;suhosin.session.checkraddr = 0
php.ini:;suhosin.cookie.encrypt = 0
php.ini:;suhosin.cookie.cryptkey =
php.ini:;suhosin.cookie.cryptua = On
php.ini:;suhosin.cookie.cryptdocroot = On
php.ini:;suhosin.cookie.cryptraddr = 0
php.ini:; cookie. The difference to suhosin.cookie.cryptaddr is, that
the IP is not
php.ini:;suhosin.cookie.checkraddr = 0
php.ini:;suhosin.cookie.cryptlist =
php.ini:;suhosin.cookie.plainlist =
php.ini:; Defines the reaction of Suhosin on a filter violation.
php.ini:;suhosin.filter.action =
php.ini:;suhosin.cookie.max_array_depth = 50
php.ini:;suhosin.cookie.max_array_index_length = 64
php.ini:;suhosin.cookie.max_name_length = 64
php.ini:;suhosin.cookie.max_totalname_length = 256
php.ini:;suhosin.cookie.max_value_length = 10000
php.ini:;suhosin.cookie.max_vars = 100
php.ini:;suhosin.cookie.disallow_nul = 1
php.ini:;suhosin.get.max_array_depth = 50
php.ini:;suhosin.get.max_array_index_length = 64
php.ini:;suhosin.get.max_name_length = 64
php.ini:;suhosin.get.max_totalname_length = 256
php.ini:;suhosin.get.max_value_length = 512
php.ini:;suhosin.get.max_vars = 100
php.ini:;suhosin.get.disallow_nul = 1
php.ini:;suhosin.post.max_array_depth = 50
php.ini:;suhosin.post.max_array_index_length = 64
php.ini:;suhosin.post.max_name_length = 64
php.ini:;suhosin.post.max_totalname_length = 256
php.ini:suhosin.post.max_value_length = 2048000
php.ini:suhosin.post.max_vars = 500
php.ini:;suhosin.post.disallow_nul = 1
php.ini:;suhosin.request.max_array_depth = 50
php.ini:;suhosin.request.max_array_index_length = 64
php.ini:;suhosin.request.max_totalname_length = 256
php.ini:suhosin.request.max_value_length = 2048000
php.ini:;suhosin.request.max_vars = 200
php.ini:;suhosin.request.max_varname_length = 64
php.ini:;suhosin.request.disallow_nul = 1
php.ini:;suhosin.upload.max_uploads = 25
php.ini:;suhosin.upload.disallow_elf = 1
php.ini:;suhosin.upload.disallow_binary = 0
php.ini:;suhosin.upload.remove_binary = 0
php.ini:;suhosin.upload.verification_script =
php.ini:;suhosin.session.max_id_length = 128
php.ini:; Undocumented: Controls if suhosin coredumps when the optional
suhosin patch
php.ini:;suhosin.coredump = Off
php.ini:;suhosin.protectkey = 1
php.ini:; Controls if suhosin loads in stealth mode when it is not the only
php.ini:;suhosin.stealth = 1
php.ini:; Controls if suhosin's ini directives are changeable per directory
php.ini:;suhosin.perdir = "0"
Ken
On Wed, Apr 24, 2013 at 5:06 PM, Jim Lucas <lists@xxxxxxxxx> wrote:
On 04/24/2013 02:40 PM, Ken Kixmoeller wrote:
Thanks so much. Yes, we found that because PHP threw an error that said
that explicitly. A bit of research led us to add a line to php.ini to set
the "max_input_vars" to a higher level.
At first, that appeared to fix it (on the development machine). The
appearance is wrong; it is still broken. No errors are being thrown. We
are
baffled.
Ken
If you have the Suhosin patch installed, it also introduces other limits
to GET and POST variable counts within PHP.
--
Jim Lucas
http://www.cmsws.com/
http://www.cmsws.com/examples/
--
Jim Lucas
http://www.cmsws.com/
http://www.cmsws.com/examples/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
