Thank you very much, Jim --- On Wed, Apr 24, 2013 at 5:34 PM, Jim Lucas <lists@xxxxxxxxx> wrote: > On 04/24/2013 03:24 PM, Ken Kixmoeller wrote: > >> Thanks, Jim --- >> >> Is this different from the "max_input_vars" discussion above? (from David >> OBrien) >> > > yes. For example... > > php.ini:[suhosin] > php.ini:;suhosin.log.syslog = > php.ini:;suhosin.log.syslog.**facility = > php.ini:;suhosin.log.syslog.**priority = > php.ini:;suhosin.log.sapi = > php.ini:;suhosin.log.script = > php.ini:;suhosin.log.phpscript = 0 > php.ini:;suhosin.log.script.**name <http://suhosin.log.script.name> = > php.ini:; variables registered in the current scope: SUHOSIN_ERRORCLASS and > php.ini:; SUHOSIN_ERROR. The first one is the alert class and the second > variable is > php.ini:;suhosin.log.**phpscript.name <http://suhosin.log.phpscript.name>= > php.ini:;suhosin.log.**phpscript.is_safe = Off > php.ini:;suhosin.log.use-x-**forwarded-for = Off > php.ini:;suhosin.executor.max_**depth = 0 > php.ini:;suhosin.executor.**include.max_traversal = 0 > php.ini:;suhosin.executor.**include.whitelist = > php.ini:;suhosin.executor.**include.blacklist = > php.ini:;suhosin.executor.**func.whitelist = > php.ini:;suhosin.executor.**func.blacklist = > php.ini:;suhosin.executor.**eval.whitelist = > php.ini:;suhosin.executor.**eval.blacklist = > php.ini:;suhosin.executor.**disable_eval = Off > php.ini:;suhosin.executor.**disable_emodifier = Off > php.ini:; by default in Suhosin >= 0.9.6. Allowing symlink() while > open_basedir is used > php.ini:;suhosin.executor.**allow_symlink = Off > php.ini:; If you fear that Suhosin breaks your application, you can > activate Suhosin's > php.ini:; simulation mode with this flag. When Suhosin runs in simulation > mode, > php.ini:;suhosin.simulation = Off > php.ini:; first. It always uses resource slot 0. If Suhosin got this slot > assigned APC > php.ini:; will overwrite the information Suhosin stores in this slot. When > this flag is > php.ini:; set Suhosin will request 2 Slots and use the second one. This > allows working > php.ini:;suhosin.apc_bug_**workaround = Off > php.ini:;suhosin.sql.bailout_**on_error = Off > php.ini:;suhosin.sql.user_**prefix = > php.ini:;suhosin.sql.user_**postfix = > php.ini:;suhosin.multiheader = Off > php.ini:suhosin.mail.protect = 1 > php.ini:; memory_limit to whatever value they want. Suhosin changes this > fact and > php.ini:; that Suhosin will disallows scripts setting the memory_limit to > a value above > php.ini:;suhosin.memory_limit = 0 > php.ini:suhosin.session.**encrypt = Off > php.ini:;suhosin.session.**cryptkey = > php.ini:;suhosin.session.**cryptua = On > php.ini:;suhosin.session.**cryptdocroot = On > php.ini:;suhosin.session.**cryptraddr = 0 > php.ini:; session. The difference to suhosin.session.cryptaddr is, that > the IP is not > php.ini:;suhosin.session.**checkraddr = 0 > php.ini:;suhosin.cookie.**encrypt = 0 > php.ini:;suhosin.cookie.**cryptkey = > php.ini:;suhosin.cookie.**cryptua = On > php.ini:;suhosin.cookie.**cryptdocroot = On > php.ini:;suhosin.cookie.**cryptraddr = 0 > php.ini:; cookie. The difference to suhosin.cookie.cryptaddr is, that the > IP is not > php.ini:;suhosin.cookie.**checkraddr = 0 > php.ini:;suhosin.cookie.**cryptlist = > php.ini:;suhosin.cookie.**plainlist = > php.ini:; Defines the reaction of Suhosin on a filter violation. > php.ini:;suhosin.filter.action = > php.ini:;suhosin.cookie.max_**array_depth = 50 > php.ini:;suhosin.cookie.max_**array_index_length = 64 > php.ini:;suhosin.cookie.max_**name_length = 64 > php.ini:;suhosin.cookie.max_**totalname_length = 256 > php.ini:;suhosin.cookie.max_**value_length = 10000 > php.ini:;suhosin.cookie.max_**vars = 100 > php.ini:;suhosin.cookie.**disallow_nul = 1 > php.ini:;suhosin.get.max_**array_depth = 50 > php.ini:;suhosin.get.max_**array_index_length = 64 > php.ini:;suhosin.get.max_name_**length = 64 > php.ini:;suhosin.get.max_**totalname_length = 256 > php.ini:;suhosin.get.max_**value_length = 512 > php.ini:;suhosin.get.max_vars = 100 > php.ini:;suhosin.get.disallow_**nul = 1 > php.ini:;suhosin.post.max_**array_depth = 50 > php.ini:;suhosin.post.max_**array_index_length = 64 > php.ini:;suhosin.post.max_**name_length = 64 > php.ini:;suhosin.post.max_**totalname_length = 256 > php.ini:suhosin.post.max_**value_length = 2048000 > php.ini:suhosin.post.max_vars = 500 > php.ini:;suhosin.post.**disallow_nul = 1 > php.ini:;suhosin.request.max_**array_depth = 50 > php.ini:;suhosin.request.max_**array_index_length = 64 > php.ini:;suhosin.request.max_**totalname_length = 256 > php.ini:suhosin.request.max_**value_length = 2048000 > php.ini:;suhosin.request.max_**vars = 200 > php.ini:;suhosin.request.max_**varname_length = 64 > php.ini:;suhosin.request.**disallow_nul = 1 > php.ini:;suhosin.upload.max_**uploads = 25 > php.ini:;suhosin.upload.**disallow_elf = 1 > php.ini:;suhosin.upload.**disallow_binary = 0 > php.ini:;suhosin.upload.**remove_binary = 0 > php.ini:;suhosin.upload.**verification_script = > php.ini:;suhosin.session.max_**id_length = 128 > php.ini:; Undocumented: Controls if suhosin coredumps when the optional > suhosin patch > php.ini:;suhosin.coredump = Off > php.ini:;suhosin.protectkey = 1 > php.ini:; Controls if suhosin loads in stealth mode when it is not the only > php.ini:;suhosin.stealth = 1 > php.ini:; Controls if suhosin's ini directives are changeable per directory > php.ini:;suhosin.perdir = "0" > > > > >> Ken >> >> >> On Wed, Apr 24, 2013 at 5:06 PM, Jim Lucas <lists@xxxxxxxxx> wrote: >> >> On 04/24/2013 02:40 PM, Ken Kixmoeller wrote: >>> >>> Thanks so much. Yes, we found that because PHP threw an error that said >>>> that explicitly. A bit of research led us to add a line to php.ini to >>>> set >>>> the "max_input_vars" to a higher level. >>>> >>>> At first, that appeared to fix it (on the development machine). The >>>> appearance is wrong; it is still broken. No errors are being thrown. We >>>> are >>>> baffled. >>>> >>>> Ken >>>> >>>> >>> If you have the Suhosin patch installed, it also introduces other limits >>> to GET and POST variable counts within PHP. >>> >>> -- >>> Jim Lucas >>> >>> http://www.cmsws.com/ >>> http://www.cmsws.com/examples/ >>> >>> >> > > -- > Jim Lucas > > http://www.cmsws.com/ > http://www.cmsws.com/examples/ >
