Le Sun, 10 May 2020 13:34:12 +0100,
Craig Duncan <p...@duncanc.co.uk> a écrit :
> Although not particularly elegant, and it does require you to
> reject
> requests that hit but don't exceed the limit, I've used this approach
> before:
>
> $max = ini_get("max_input_vars") - 1;
> $check = count($_REQUEST);
> if ($check > $max) {
> throw new RequestException("Request is too large, only {$max}
> input variables are permitted");
> }
This is not even correct if I’m not mistaken, as max_input_vars applies
independently to GET, POST and COOKIE as I understand it. Here with
max_input_vars/2 in GET and POST your exception would throw while the
limit was not hit.
I know this is a corner case, but it’s just to illustrate it’s hard to
detect whether this limit was hit and it would be better in my opinion
to have a clean way in core.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
