From 8a3d8d125a847a9861f77ba3696f47667ed07962 Mon Sep 17 00:00:00 2001 From: Justin Martin Date: Sat, 21 Jan 2012 23:09:07 +0000 Subject: [PATCH] Rewrote max_input_vars directive description for clarity, and indicated that this limit applies only to each nesting level of a multidimensional input array. Closes bug #60728. git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@322553 c90b9560-bf6c-de11-be94-00142212c4b1 --- reference/info/ini.xml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/reference/info/ini.xml b/reference/info/ini.xml index 390408563b..f1ff7ce169 100644 --- a/reference/info/ini.xml +++ b/reference/info/ini.xml @@ -261,11 +261,12 @@ How many input - variables may be accepted. Available mainly for security reasons - to avoid hash collisions attacks. If there would be more variables in - any of $_GET, $_POST, ... arrays - then E_WARNING is issued and extra variables are - ignored. + variables may be accepted. Use of this directive mitigates + the possibility of denial of service attacks which use hash collisions. + If there are more input variables than specified by this directive, + an E_WARNING is issued, and further input + variables are truncated from the request. This limit applies only + to each nesting level of a multi-dimensional input array.