Re: [PHP] 1000+ character POSTed strings get mangled

2004-10-11 Thread Jonny Roller 
Thanks for the info!  Based on the "Apache2" reference and dug into the 
problem a little more.  Bug 18648 (http://bugs.php.net/bug.php?id=18648) 
contains a long thread from folks with similar problems.  It seems that 
the Apache2 setup creates a conf.d/php.conf file with this in it:


SetOutputFilter PHP
SetInputFilter PHP
LimitRequestBody 524288

I got rid of that code, restarted Apache and now all is well!
John Holmes wrote:
Jonny Roller wrote:
If I POST a string greater than 1000 character through a form, the 
resulting string gets mangled.  What I get back is the first 1000 
characters of the string, then the name of the form variable, an equal 
sign (=) and then the entire string again.  If I change the form to a 
GET, this problem does not occur.
[snip]
I'm running PHP 4.3.8 with Apache 2.0.50 on Linux but it also occurred 
with PHP 4.3.9 on Apache 2.0.52.  However, a similarly configured (but 
not identical) server running the same versions of PHP and Apache does 
not exhibit this behavior.

I remember an Apache2/PHP bug that caused issues like this with any 
request variables, but I couldn't find it on bugs.php.net. Have you 
reported this there, yet?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] 1000+ character POSTed strings get mangled

2004-10-08 Thread Jonny Roller 
If I POST a string greater than 1000 character through a form, the 
resulting string gets mangled.  What I get back is the first 1000 
characters of the string, then the name of the form variable, an equal 
sign (=) and then the entire string again.  If I change the form to a 
GET, this problem does not occur.

If I add a phpinfo() call to the same page, I see that $_REQUEST and 
$_POST variables are indeed mangled.  However, 
$_SERVER["CONTENT_LENGTH"] reports the correct string length.

I did not compile PHP with the hardened flag... adding 
"varfilter.max_value_length = 5000" to the php.ini file had no effect.

I recreated this form with a Perl CGI and could not recreate the problem 
in that environment.

I'm running PHP 4.3.8 with Apache 2.0.50 on Linux but it also occurred 
with PHP 4.3.9 on Apache 2.0.52.  However, a similarly configured (but 
not identical) server running the same versions of PHP and Apache does 
not exhibit this behavior.

Any assistance that can be provided would be greatly appreciated.
- Jonny Roller
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php