views:

257

answers:

1

A strange bug has popped up on a server running a fairly active site.

  • Server: Apache/2.2.3 (CentOS)
  • PHP: 5.2.6
  • eAccelerator 0.9.5.3

While using multipart forms, occasionally data sent from a textarea will be missing in the $_POST

We know the data was sent because content_length shows a reasonable size over 1K

All other input fields in the form are properly received.

It is NOT browser specific and happens on IE/Firefox/Chrome.

Works nearly 99% of the time, only fails 1 or 2 times on average for every hundred posts made.

On very rare occasion we've been able to reproduce it ourselves so we know data is being sent, just not processed by either apache/php

All of these settings have been checked and are reasonable in php.ini:

memory_limit
max_input_time
upload_max_file_size
post_max_filesize

in httpd.conf

LimitRequestBody
TimeOut

Would love to hear other ideas what this might be. I cannot find any known related bug for PHP.

+2  A: 

Hi,

Not sure this is the problem (not an easy to guess question ^^ ), but if you have the suhoshin security patch/extension, did you try de-activating it ?
(I don't know if it's activated by default on CentOS, but it might be, considering it is on Ubuntu, which is "less entreprise oriented")

I'm suggesting this because of this bug report, in which there are a couple of notes which say, for instance :

[30 Oct 2007 11:02am UTC] sbauer at gjl-network dot net

While experiencing this issue, too we found that the cause of this problem was the suhosin patch, wich was - by default - configured to have a max limit for the length of cookie, request, post, get and session vars. E.g. for POST this looks like:

suhosin.post.max_array_depth 100 100 suhosin.post.max_array_index_length 64 64 suhosin.post.max_name_length 64 64 suhosin.post.max_totalname_length
256 256 suhosin.post.max_value_length 65000 65000 suhosin.post.max_vars
200 200

Those derivatives needs to be set to a adequate higher number. E.g. in our case, the problem was, that our POST data was too long (as this seems to be the case for a lot of you here).

So I suggest to check your php.ini or (according to your distribution there often is a suhosin.ini) and correct the above values or set them to 0 to disable it. If those derivatives are not set, default values will be used. You need to check / add: suhosin.post.max_.... suhosin.request.max_... suhosin.get.max_... suhosin.session.max_... suhosin.cookie.max_...

Refer to your phpinfo() where these values should be listed!

And / or :

[13 Nov 2008 4:58pm UTC] keith at tdrnetworks dot com

Regarding the enctype="multipart/form-data" not populating the $_POST vars I found my solution was to disable the Suhosin security module.

Have a go!

There is also a note which says :

[5 Feb 6:49pm UTC] neal dot pressley at yahoo dot com

I was facing the same problem. I had a html form with php scripts in which I was submitting radio buttons or checkboxes. When I post the form, PHP was not finding any post parameters. it was random, some time it was working and some time not. Even I tried with Get, it worked some time and some time not. Then I change ENCTYPE from uppercase to lowercase and it started working prefectly

Is your form / page HTML-valid ? Maybe, in some rare cases, it's not ?


Maybe this'll help... If not, I'm curious to know the reason of this problem !

Pascal MARTIN
+1 - even if this doesn't turn out to be the answer, it's still a very interesting possibility to delve into. I'll have to remember that the Suhoshin patch has this kind of issues.
zombat
Thank you for the ideas.- suhosin hardening is not being used, at all.- "enctype" is in lower case.- the page is not completely html validated but remember the short input fields are definitely getting to the server, including content_length
_ck_