An important GET param is being filtered by suhosin. How do I override suhosin when the following does not work?
public_html/php.ini :
[suhosin]
suhosin.get.max_value_length = 2048
Sets suhosin.get.max_value_length among others to NULL and crashes user session.
-
public_html/.htaccess :
<IfModule mod_php5.c>
php_value suhosin.get.max_value_length 2048
</IfModule>
No effect
-
(System default is set to:)
suhosin.get.max_value_length = 512
suhosin.get.max_value_length = 100000
The GET parameter being filtered is 576 chars long.
We can bypass suhosin by re-building the $_GET
// Override suhosin $_GET limitation
$_GET = array();
$params = explode('&', $_SERVER['QUERY_STRING']);
foreach ($params as $pair) {
list($key, $value) = explode('=', $pair);
$_GET[urldecode($key)] = urldecode($value);
}