Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Stock count entry hitting php's default max post parameters limit
07-05-2015, 05:38 PM,
#1
Stock count entry hitting php's default max post parameters limit
We discovered on our installation that when pressing the "Enter Above Counts" button on webERP's stock count entry page, no items were submitted for categories that have more than 331 items in them with the default settings for php.

What seems to be happening is that php doesn't accept more than 1000 POST parameters (332 items at 3 params each is 996 params + 5 extra params for other misc tasks totals 1001 parameters), thus it's cutting off the last couple of parameters (including the EnterCounts parameter which prevents webERP from seeing that items have been submitted).

As a stop gap solution, it is fairly trivial to increase the number of accepted parameters by setting max_input_vars to something arbitrarily large in /etc/php.ini, but I'm assuming this setting is defaulted to 1000 for a reason, thus there could be security (and other) implications with increasing this limit.

I'm not sure if this is the best way to proceed, but perhaps a good solution is to limit the number of possible POST parameters by having a multi-page view, like with the "Customers" and "Suppliers" pages.
Reply
07-05-2015, 07:39 PM,
#2
RE: Stock count entry hitting php's default max post parameters limit
Hi Alastair, this limit is set in your version of PHP. The limit was put in place to prevent the possibility of denial of service attacks. Raising it to a sensible limit is fine, setting it to an arbitrarily high value could potentially be bad if your installation is web facing. Smarter people than me seem to disagree about how real this threat is but I wouldn't see any problems setting it to (say) 10,000.

Tim
Reply
07-05-2015, 09:25 PM,
#3
RE: Stock count entry hitting php's default max post parameters limit
Hi Tim,
Thanks for the clarification regarding security, and coincidentally that ended up being the same arbitrary value we chose Smile
As it stands, I hope this thread ends up helpful to others who might happen across the same issue (or similar).
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)