weird message when trying to change header

K

Kiriel

New Member
I'm trying to change the header on a skin and when I put in the img url in the header image path it comes up with this:


Required variables have gone missing and execution can not continue. Please try again.

This error can sometimes occur as a result of Suhosin / Hardened PHP being installed on your server. If you know that you have Suhosin running and you have access to the PHP configuration, try increasing the value of the following variables:

* php_value suhosin.post.max_vars
* php_value suhosin.request.max_vars

what should I do??
 
My host uses suPHP in their server. This is the common reason why php_flag or php_value doesn't work on MH servers. To change a value like "register_globals" or other you need to use a custom php.ini file put in the public_html folder. Suppose, if you want to change the value of register_globals using a custom php.ini file, just put the following inside a php.ini file created on your public_html folder:

register_globals = On

It should set your register_globals value to On, If you want to set the value to Off, use the following:

register_gloabls = Off

After you are done with setting up php.ini file, you need to set the suPHP configpath so that all other subdirectories in your public_html takes that php.ini as its default configuration file. To do this put the following line in your .htaccess:

suPHP_ConfigPath /home/username/public_html

You need to change two things to correct values from your account settings. Username set at the above configuration is your cpanel username. You also need to find what home directory you are on, if it is /home, you do not need to do any changes above, but if it is /home2 or /home3 etc, you need to change with correct values. This settings can be found in your file manager or Go to Cpanel and from the left menu find out the path to your "Root Directory" or "WWW Directory" or "Home Directory".

Then it's just a mater of going into the .htaccess and putting these lines in the php.ini File-(If there is no file in public_html then create a File)

php_value suhosin.post.max_vars 2048
php_value suhosin.request.max_vars 2048

Then upload it in your public_html with .htaccess file and you're done.

I hope this helps anyone who runs into the same problem, you can fix it yourself without having to bother your host with it.
 
Do you need the php_value if you're putting it into a php.ini file? Isn't that just for putting those statements in .htaccess?

I tried what you said above without the php_value in the .ini file and it had the effect of disabling suhosin altogether. Maybe I'll try the php_value in there then.
 
Grinderhand said:
Do you need the php_value if you're putting it into a php.ini file? Isn't that just for putting those statements in .htaccess?

I tried what you said above without the php_value in the .ini file and it had the effect of disabling suhosin altogether. Maybe I'll try the php_value in there then.
Click to expand...


I am pretty sure that "normally" (not running is CGI mode)

Code: 
php_value suhosin.post.max_vars 2048
php_value suhosin.request.max_vars 2048

is what you would put in .htaccess to change a php value on the fly (the suhosin calls in this case). If you are running in "Apache Module" mode, however, if your server is running PHP in "CGI mode" you can't use "php_value" or "php_flag" commands in .htaccess files and will get a Server 500 Error. As a matter of fact suPHP may being doing something similar to block using the PHP directives as well now that I think about it. Contrary to the other advice that was proposed, I think you DO need to "bother" your hosting provider to find out what their recommendation is so that you can run you site correctly. It is possible that they have customized their configuration of suPHP and will be able to tell you what you need to do to get around it.
 
In my case , I think my host is clueless as they said they had to make a support ticket at su and that was 3 days ago. My support ticket with them is still open. I would think that if they installed the damn thing at least they would know WTF they're doing.
 
That's a classic clueless leading the clueless ... unbelievable! They ought to turn the freaking thing off if they don't know how it works. That happened in my case. I slapped them with all the stuff I could find on suhosin configuration that THEY needed to do and the pulled it, end of problem...
 
Same here. They were telling me to include the suPHP_ConfigPath statement in my .htaccess to point to the file in my public_html. I did some digging and found out the statement should point to the path and not the file, which I told them. They have yet to respond. Idiots.
 
Oh boy, what a mess. Actually if you take another look at post #3 djchaos667 says how that is suppose to be set up though I think I wouldn't be enabling register_globals if it were my site. What he is describing is how to setup a "local" php.ini to run with suPHP.

Here is a more straight forward set of instructions that might help:

In the .htaccess file in public_html (or your webroot), add the following:

Code: 
suPHP_ConfigPath /full/path/to/public_html(or your webroot) 
<Files php.ini> 
order allow,deny 
deny from all 
</Files>

Create a php.ini (if you don't have one) under public_html add the following, or any other settings that you want to use:

Code: 
register_globals = Off 
upload_max_filesize = 80M 
post_max_size = 80M 
memory_limit = 80M 
upload_tmp_dir = 80M 
max_execution_time = 20000

HTH
 
How does that help with suhosin.post.max_vars and suhosin.request.max_vars? Or did you just forget to include that in the php.ini?
 
Grinderhand said:
How does that help with suhosin.post.max_vars and suhosin.request.max_vars? Or did you just forget to include that in the php.ini?
Click to expand...

I did, sorry. You should just need to add them to the php.ini file you created.

PHP: 
suhosin.post.max_vars = 2048
suhosin.request.max_vars = 2048

With a little luck it should work... I would add all these codes, they are the ones that vBulletin developers runs on their suhosin site configuration, though they have access to the site php.ini and I am not sure they will work in a local version but its worth a shot, I think:

PHP: 
suhosin.cookie.encrypt = Off
suhosin.memory_limit = 32M
suhosin.session.encrypt = Off
suhosin.log.sapi = 511
suhosin.get.max_value_length = 1024
suhosin.request.max_vars = 2048
suhosin.post.max_vars = 2048
suhosin.executor.eval.blacklist = "exec,system,passthru,shell_exec,fopen,file_get_contents,file_put_contents,tmpnam"
 
Damn, I had high hopes for that, but no go. Just disabled suhosin again. I was looking forward to rubbing it in my hosts nose. Ah well, I'll wait for them to get it straightened out on their end I guess.

Thanks for helping, Blue.
 
That sucks, sorry it didn't work, looked promising... maybe you need a different hosting? I'd be reaching through the phone line to choke some moron ... LOL
 
Well, at least I know how to disable it if I ever try something that throws that error up again. :D Disable, do what I need to do, enable again. Problem sorta solved, but not ideally.
 
You must log in or register to reply here.
Back
Top