On 03/14/2012 07:34 PM, Tjerk Anne Meesters wrote: > On Thu, Mar 15, 2012 at 7:38 AM, Rasmus Lerdorf <ras...@lerdorf.com> wrote: >> >> Yes, it would need a zend_alter_ini_entry_ex() call there. The patch >> wasn't complete, just a quick hack. But it would still have an >> out-of-context error message when you exceed it. At least with a >> userspace ini_set() the error would make sense. >> > > As mentioned on IRC, a function signature of "array > parse_urlencoded(string $s)" would be useful too; the separated logic > would allow for avoiding max_input_vars altogether and not having to > worry about parameter name mangling (variable name rules). The nasty > part is that much of the treat_data code would have to be duplicated > (I think). > > Besides that, applying the hash randomisation patch to only userland > arrays would make the max_input_vars less critical and at the same > time avoid breaking opcode caches and other low-level dependencies.
Sure, but this is a longer-term fix. Right now I am more concerned about the fact that we broke code that worked fine in PHP 5.3.8 without any way to make it work safely. -Rasmus -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
