Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:58955 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 70120 invoked from network); 15 Mar 2012 11:06:37 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 15 Mar 2012 11:06:37 -0000 Authentication-Results: pb1.pair.com header.from=tjerk.meesters@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=tjerk.meesters@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.170 as permitted sender) X-PHP-List-Original-Sender: tjerk.meesters@gmail.com X-Host-Fingerprint: 209.85.213.170 mail-yx0-f170.google.com Received: from [209.85.213.170] ([209.85.213.170:52370] helo=mail-yx0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id FB/02-59029-C3DC16F4 for ; Thu, 15 Mar 2012 06:06:37 -0500 Received: by yenl5 with SMTP id l5so3339103yen.29 for ; Thu, 15 Mar 2012 04:06:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=15sHdclvEYfS5kYybfSPChVlbB1qOfbZvls9l/ereGA=; b=DO2w9q6RBsX0gUA9r2/Mx/yp4K6uAqAFHPjqEevYlSc+3Am6PMRQCwbAX1muaHSVMh aeesBDT9e6x41c/dI0hEwmtPeL+MyL+A0TKF+XqEi/4djTRYqp8Vfd2DmziaFzP9ZotD 5dLy9tc7SlnjMQL7lmcANXk7BstVLyz8tC5pC7b3Vo5KLEzl3kwR/WJ+HeUghVN6QVS5 DW0+yTc5+B/TsQvCJDwGTJJ10AwijfI/wmTekNTrXCTaEEA7YHW1cko+VnOpP3DXxOQp umGTRJt4al7MG3P4thxFKIdSxcvcGgS9xTeKOhARu3SG4jL2mQ+v+w3h27UC4YacHwVq rTzA== MIME-Version: 1.0 Received: by 10.236.161.201 with SMTP id w49mr7299358yhk.76.1331809594390; Thu, 15 Mar 2012 04:06:34 -0700 (PDT) Sender: tjerk.meesters@gmail.com Received: by 10.147.146.6 with HTTP; Thu, 15 Mar 2012 04:06:34 -0700 (PDT) In-Reply-To: <4F61BE09.3040705@rotorised.com> References: <4F60F4B1.5010407@lerdorf.com> <4F611045.8040404@rotorised.com> <4F618F30.7060209@sugarcrm.com> <4F61BE09.3040705@rotorised.com> Date: Thu, 15 Mar 2012 19:06:34 +0800 X-Google-Sender-Auth: fCPG7pWCYFWtpj7F2FFDrFjS9S8 Message-ID: To: Ryan McCue Cc: "internals@lists.php.net" Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [PHP-DEV] Let parse_str() parse more than max_input_vars args From: datibbaw@php.net (Tjerk Anne Meesters) On Thu, Mar 15, 2012 at 6:01 PM, Ryan McCue wrote: >>> That's probably going to confuse people if it doesn't change the HTTP >>> request parsing limit too, IMHO. And I'm not sure that's something we >>> necessarily want. >> >> >> Err, how you can change it after HTTP request has already been parsed? >> > > I'm not arguing that it should, I'm saying that in the INI it refers to the > HTTP arguments, while in the code (via ini_set) it would not affect this. I > think that could be confusing for users who don't realise the script is only > loaded after parsing the request. > That's something I hadn't even considered, that by turning the setting into INI_ALL the expected behaviour is in fact broken when using ini_set(); it doesn't do the same thing any more. > > I think that is definitely a documentation issue, but the extra argument is > the way to go in terms of being the least confusing option. > After looking back at my previous comment I realized that, between the two suboptimal fixes, adding the extra argument is actually the better one; I see now that it makes a clearer statement that changing this ini setting can only be done inside the more privileged code of parse_str(). I had reasoned before that by having to use ini_set() the developer would be more aware of the linkage between parse_str and max_input_vars, but a good example in the parse_str() documentation should be able to address that and the "strange" error message one would see if the limits are exceeded :)