New limit in php: 1000 fields per POST. Does anyone know if this number can affect?

Question

New limit in php: 1000 fields per POST. Does anyone know if this number can affect?

In new PHP versions, the number of input requests for the formula (POST) will be limited to 1000 (unverified information). This means that this limit is already set in some builds of 5.2. This causes a lot of problems in our online store.

Does anyone know more about this, and parameters or Vars can influence this limit. I just found max_input_vars, but it looks like this is a complete new var 5.4.RC4. And I'm not sure if this var will be one of the POST methods.

+43

post php

Peter Jan 03 2018-12-12T00:

source share

8 answers

Slavic · Answer 1 · 2012-01-03 09:43

max_input_vars

- an attempt by PHP to solve some security problems, and when it is installed, it limits the amount of input data (thus the fields in your forms). Also beware

 max_input_nesting_level

And yes - they are customizable. Just edit your php.ini or htaccess values.

Onyx · Answer 2 · 2012-01-18 03:09

I also ran into this problem while working on a localized installation of my code, and Debian Sid updated to 5.4 RC4 PHP. A form of more than 7000 lines with flags (!) Suddenly processed only 1001 of them in $ _POST data ... the head is scratched for several hours.

Made a change to / etc / php 5 / apache2 / php.ini:

 max_input_vars = 5000

save and restart apache, and now everything is fine.

Ruben Benjamin · Answer 3 · 2016-05-23 16:04

If you can not / do not want to increase the server limit, here is another solution

 <!-- 10000 checkboxes outside the FORM. You do not want to post this --> <input class="cbox" type="checkbox" value="1" id="id-1" checked name="id[]"> .... <input class="cbox" type="checkbox" value="10000" id="id-10000" checked name="id[]"> <form method="POST" action="postpage.php"> <input type="hidden" id="cboxes" name="cboxes" class="cboxes" value="" /> <input type="submit" onclick="return clicked();"> </form>

then using jquery

 <script> function clicked() { var cb = $('.cbox:checked').map(function() {return this.value;}).get().join(','); $('#cboxes').val(cb); return true; } </script>

Using POST, I tested the publication of 10,000 entries.

On server

 $cboxes = $_POST['cboxes']; $cbox_exp =(explode(',', $cboxes)); print_r(count($cbox_exp)); //gives me 10000

Chris · Answer 4 · 2015-03-11 17:39

Just wanted to summarize and point out a few things:

1) Limitations can be PHP, as stated above.

2) The above mentioned web server may also be limitations.

3) Suhosin restrictions apply only if they are set. Settings changed in php.ini

4) Beware of browser URL length restrictions if you try to send as much data in the URL

Reboot the web server after changing the server settings.

dots-do-matter · Answer 5 · 2013-03-15 19:09

Apparently, this looks like a fix in linux environment causing this problem. If your server has this "suhosin" patch, there will probably be a problem. It is also not possible to override this at runtime, and to include it in your php.ini

 suhosin.post.max_array_depth suhosin.post.max_array_index_length suhosin.post.max_name_length suhosin.post.max_totalname_length suhosin.post.max_vars suhosin.post.max_value_length

Ashesh · Answer 6 · 2014-02-07 10:38

It is always useful to simply back up some of the data you send, instead of changing this limit in PHP. For example, if you submit material via Ajax or through a form field, simply create a field that causes the problem.

The limit is in the "number" field, not the "length" field, if that makes sense.

Álvaro González · Answer 7 · 2012-01-03 09:54

These changes are generally well documented. Are you sure it was sent back to 5.2? Where did you read this? It seems more likely that you are pushing some other limit like post_max_size or Apache LimitRequestFields , or even a PHP security modem like Suhosin .

(Also, PHP 5.2 is no longer supported, so I doubt it will receive such an update.)

harpej · Answer 8 · 2014-01-18 11:43

If you do not use several or more than 1000 input fields, you can concatenate several inputs with any special character, for example @

 <input type='text' name='hs1' id='hs1'> <input type='text' name='hs2' id='hs2'> <input type='text' name='hs3' id='hs3'> <input type='text' name='hs4' id='hs4'> <input type='text' name='hs5' id='hs5'> <input type='hidden' name='hd' id='hd'>

using any script (JavaScript or JScript)

 document.getElementById("hd").value = document.getElementById("hs1").value+"@"+document.getElementById("hs2").value+"@"+document.getElementById("hs3").value+"@"+document.getElementById("hs4").value+"@"+document.getElementById("hs5").value

with this concept you get around the max_input_vars problem. If you increase the max_input_vars in php.ini , which is harmful to the server. Because they use more server cache, and sometimes they will crash the server.

New limit in php: 1000 fields per POST. Does anyone know if this number can affect?

More articles: