Hi!
The other way to solve this would be to make max_input_vars PHP_INI_ALL and then just let people ini_set() their way around the limit.
I think making it PHP_INI_ALL is OK. If you have access to a way to change INI_ALL vars, that means you can run code on that system, then DoS protection is meaningless on this stage.
-- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php