PHP警告:未知:输入变量超过1000 [英] PHP Warning: Unknown: Input variables exceeded 1000
问题描述
我收到一个新的php警告,当POST数据从我的页面上的表单到我的服务器。警告如下:
I am getting a new php warning when a POST data from a form on my page to my server. The warning is as follows:
PHP警告:未知:输入变量超过1000.要增加php.ini中的最大更改max_input_vars。在未知的第0行,referer: https://mywebsite.com/index.php
事情是,我的表单没有接近1000个输入变量,所以我很困惑为什么会出现。作为一个旁注,我没有这个问题,直到最近,我怀疑当我运行 yum更新更改/安装的是导致这种情况。
The thing is that my form does not have near 1000 input variables, so I am baffled as to why this is appearing. As a side note, I have not had this problem until recently and I suspect that when I ran yum update something changed/was installed that is causing this. Any advice or answers are appreciated.
编辑1:
所以我做了 var_dump($ _ REQUEST)并得到〜1000个单字符串。数组中的前几个项目是他们应该的,但是一堆我不需要提交的东西被分解成单个字符串。想法欢迎。
EDIT 1:
So I did var_dump($_REQUEST) and got ~1000 single character strings. The first couple items in the array are what they should be, but then a bunch of stuff that I don't need submitted is broken down into single character strings. Thoughts welcome.
array(1001) {
["action"]=> string(10) "step1_show"
["submit"]=> string(6) "Step 1"
[0]=> string(1) "a"
[1]=> string(1) "c"
[2]=> string(1) "t"
[3]=> string(1) "i"
[4]=> string(1) "o"
[5]=> string(1) "n"
[6]=> string(1) "="
[7]=> string(1) "l"
[8]=> string(1) "o"
[9]=> string(1) "g"
[10]=> string(1) "o"
[11]=> string(1) "u"
[12]=> string(1) "t"
[13]=> string(1) "&"
[14]=> string(1) "p"
[15]=> string(1) "r"
[16]=> string(1) "o"
[17]=> string(1) "p"
[18]=> string(1) "e"
[19]=> string(1) "r"
[20]=> string(1) "t"
[21]=> string(1) "y"
[22]=> string(1) "="
[23]=> string(1) "3"
[24]=> string(1) "7"
[25]=> .....
ANSWER :结果是我的提交处理程序。感谢所有输入。
ANSWER: It ended up being a problem with my submit handler. Thanks all for your input.
推荐答案
这是PHP中的一项新设置/值(与安全更新相关脚本),所以你得到这个更新后(PHP 5.3.9之前没有设置/可用, suhosin 用户有一个类似的东西自老)。
That's a new setting / value in PHP (related to a security update to prevent attacks to PHP scripts), so you get this after the update (before PHP 5.3.9 not set/available, suhosin users have a similar thing since ages).
输入值是不同的类型,数组成员也计数。因此,计数表单字段还不够,还需要查看URL和其他与输入相关的地方( $ _ GET , $ _ POST , $ _ SERVER , $ _ ENV , $ _ FILES , $ _ COOKIE ...)。
Input values are of different kinds and array members count as well. So it's not enough to count form fields but also to take a look into the URL and other places related to input ($_GET, $_POST, $_SERVER, $_ENV, $_FILES, $_COOKIE ...).
请参阅 max_input_vars :
有多少输入变量可能被接受。使用此指令减轻了使用哈希冲突的拒绝服务攻击的可能性。如果有比此指令指定的更多的输入变量,则会发出
E_WARNING,并且从请求中截取更多的输入变量。此限制仅适用于多维输入数组的每个嵌套级别。
How many input variables may be accepted. Use of this directive mitigates the possibility of denial of service attacks which use hash collisions. If there are more input variables than specified by this directive, an
E_WARNINGis issued, and further input variables are truncated from the request. This limit applies only to each nesting level of a multi-dimensional input array.
这篇关于PHP警告:未知:输入变量超过1000的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
