Thread

Hello
Hope some PHP guru can help me on this one - I’ve some AJAX scripts based on Mootools that pass some variables to PHP - in PHP I read those variables by using e.g. $_REQUEST[‘varname’] or $_GET[‘varname’] - no, all the sudden, my PHP functions don’t work anymore - my hosting company is telling me that they have installed some SUHOSIN patch because their Joomla sites got hacked all the time.

I’m completely lost - how do I get my scripts to work again - is there a workaround?

Thank you in advance for your input.

From the docs: (http://www.hardened-php.net/suhosin/a_feature_list.html)

Allows enforcing limits on REQUEST variables or separated by type (GET, POST, COOKIE)o
Supports a number of variables per request limit
Supports a maximum length of variable names [with and without indicies]
Supports a maximum length of array indicies
Supports a maximum length of variable values
Supports a maximum depth of arrays

Suhosin by default sets the maximum number of get vars at 100, which could be too low for your app. You can change it in your .ini.

See also: http://www.hardened-php.net/suhosin/configuration.html#suhosin.get.max_vars

Thank you Jamie

I only pass a handful variables like 5 from my javascript code to PHP so I think even with the default setting of 100 I should be fine - what I discovered when comparing phpinfo locally and on the server, that for instance locally I have $_REQUEST[‘varname’] in my phpinfo - on the server this doesn’t show up at all?

Hi mmjaeger,

Don’t forget to check the other limits: the length of your variable names and array indices are restricted too. You may need to speak to your host see what the settings are.

I don’t know what my hosting company has changed, but I can not even the following to work anymore:

<?php

$shoutcast_url = 'http://rs3.radiostreamer.com:9330/played.html';

ini_set('user_agent', 'Mozilla');
header('Content-type: text/plain; charset=utf-8');

$html = file_get_contents($shoutcast_url);
echo $html;

?>