PHP SimpleXML、CodeIgniter 和 Apache 与 Suhosin
我正在使用 CodeIgniter 框架用 PHP5 编写一个应用程序。 我让它在 Windows(使用 Xampp)和 Ubuntu(使用标准 Apache、PHP、MySQL 堆栈)上运行。
我有一个表单,它接受 XML,解析它(使用 simpleXML)并将结果发布到数据库中。
在 Windows 上 - 没问题,按预期工作。
在 Linux 上——大问题。 它出错了。
我仔细检查了 XML,没有问题。
我去掉了大量的XML,看起来还可以。
我认为这与从表单发布的 XML 字符串的大小有关,但我不确定。 同样,在 Windows 上没问题,但在 Linux 上会出错。
表单中发布的数据大小约为 160k(是的,这是很多文本,但它是自动化的 - 最终会约为 200k)。
错误如下。
非常感谢任何帮助。
致命错误:/var/www/ci/system/application/controllers/system.php:49 中未捕获异常“异常”,消息“字符串无法解析为 XML”堆栈跟踪:#0 /var/www /ci/system/application/controllers/system.php(49): SimpleXMLElement->__construct('') #1 [内部函数]: System->add_system() #2 /var/www/ci/system/ codeigniter/CodeIgniter.php(233): call_user_func_array(Array, Array) #3 /var/www/ci/index.php(115): require_once('/var/www/ci/sys...') #4 { main} 抛出在 /var/www/ci/system/application/controllers/system.php 第 49 行
第 49 行如下所示:
$xml = new SimpleXMLElement($this->input->post('form_systemXML') );
编辑 - 已修复
发现问题。 Suhosin 安装在 Ubuntu 上。 在文件 /etc/php5/apache2/conf.d/suhosin.ini 中,我启用了 suhosin.post.max_value_length = 65000 行并将值更改为 195000。重新启动 Apache,一切正常。 谢谢各位指点。
I have an application I am writing in PHP5, using the CodeIgniter framework.
I have it running on both Windows (using Xampp) and Ubuntu (using standard Apache, PHP, MySQL stack).
I have a form, that takes XML, parses it (using simpleXML) and posts the results into a database.
On Windows - no problem, works as intended.
On Linux - big problem. It errors out.
I have double checked the XML, and it's fine.
I removed a large amount of the XML, and it seems that it is OK.
I think it's related to the size of the XML string being posted from the form, but am not sure. Again, on Windows it's OK - on Linux, it errors out.
The size of the data posted in the form is ~160k (yeah, that's a lot of text, but it's automated - AND it's gonna eventually be about 200k).
The error is below.
Any help much appreciated.
Fatal error: Uncaught exception 'Exception' with message 'String could not be parsed as XML' in /var/www/ci/system/application/controllers/system.php:49 Stack trace: #0 /var/www/ci/system/application/controllers/system.php(49): SimpleXMLElement->__construct('') #1 [internal function]: System->add_system() #2 /var/www/ci/system/codeigniter/CodeIgniter.php(233): call_user_func_array(Array, Array) #3 /var/www/ci/index.php(115): require_once('/var/www/ci/sys...') #4 {main} thrown in /var/www/ci/system/application/controllers/system.php on line 49
Line 49 looks like this:
$xml = new SimpleXMLElement($this->input->post('form_systemXML'));
EDIT - FIXED
Found the issue. Suhosin is installed on Ubuntu. in the file /etc/php5/apache2/conf.d/suhosin.ini, I enabled the line suhosin.post.max_value_length = 65000 and changed the value to 195000. Restarted Apache, and all good. Thanks for the pointers guys.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
您似乎正在运行 Suhosin PHP 扩展。
请查看配置文档:http://www.hardened-php。 net/suhosin/configuration.html。
相关选项似乎是(我从未使用过 Suhosin 扩展): suhosin.post.max_value_length 和/或 suhosin.request.max_value_length
It seems like you're running the Suhosin PHP extension.
Please have a look at the configuration documentation at: http://www.hardened-php.net/suhosin/configuration.html.
The relevant option seems to be (I've never used the Suhosin extension): suhosin.post.max_value_length and/or suhosin.request.max_value_length
请检查 Linux 机器上的 PHP 配置,并将其与 Windows 设置进行比较。 特别是以下设置:
也许您可以对发布到脚本的数据进行转储,
以查看真正进入服务器的数据。
Please check your PHP configuration on the Linux box and compare it to your Windows settings. Especially the following settings:
Perhaps you can do a dump of the data posted to the script
to see what data is really coming into the server.
您可能已经尝试过这种方法,但是您检查过行结尾吗? \r\n (DOS) 与 \n (UNIX) 相对吗? simpleXML 使用的正则表达式可能会在不同平台上被它们混淆......
You may already have tried this approach but did you check the line endings? \r\n (DOS) as opposed to \n (UNIX)? It might be that the regular expressions that simpleXML uses might be confused by them on different platforms...
更新 - 在系统日志中发现此内容
11 月 4 日 21:53:32 ubu804 suhosin[7944]:警报 - 超出配置的请求变量值长度限制 - 删除变量“form_systemXML”(攻击者“127.0.0.1”,文件“/var/www/ci” /index.php')
现在正在查看 apache 配置。
Update - found this in syslog
Nov 4 21:53:32 ubu804 suhosin[7944]: ALERT - configured request variable value length limit exceeded - dropped variable 'form_systemXML' (attacker '127.0.0.1', file '/var/www/ci/index.php')
Am looking at the apache config, now.