How to override suhosin max value?

2019-06-04 06:39发布

An important GET param is being filtered by suhosin. How do I override suhosin when the following does not work?

public_html/php.ini :

[suhosin]
suhosin.get.max_value_length = 2048

Sets suhosin.get.max_value_length among others to NULL and crashes user session.

public_html/.htaccess :

<IfModule mod_php5.c>
    php_value suhosin.get.max_value_length 2048
</IfModule>

No effect

(System default is set to:)

suhosin.get.max_value_length = 512
suhosin.get.max_value_length = 100000

The GET parameter being filtered is 576 chars long.

标签： php suhosin

2条回答

一纸荒年 Trace。

2楼-- · 2019-06-04 07:23

We can bypass suhosin by re-building the $_GET

// Override suhosin $_GET limitation
  $_GET = array();
  $params = explode('&', $_SERVER['QUERY_STRING']);
  foreach ($params as $pair) {
    list($key, $value) = explode('=', $pair);
    $_GET[urldecode($key)] = urldecode($value);
  }

0人赞添加讨论(0) 举报

一夜七次

3楼-- · 2019-06-04 07:23

On Debian|Ubuntu systems you can set the suhosin parameters globally in:

/etc/php5/conf.d/suhosin.ini

0人赞添加讨论(0) 举报

How to override suhosin max value?

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间