Sometimes your query string can get veeeeery long due to having a big number of $_GET parameters in it. And what you might have noticed that sometimes your long query strings get cut off so not all the $_GET parameters that you put in it appear in the browser’s address bar. “What’s up with that ?” … you may think.

There could be a number of reasons and one of them is the topic of this post. Suhosin - an Apache module that put all sorts of checks and traps into your server functionality to catch nasty attempts to exploit the site. Sometimes, though, it may cause unwanted effects like the one described in the subject. If you are experiencing the symptoms described in the first paragraph check your server installation and, specifically, Suhosin module. By default, Suhosin is set to only allow query strings with no more than 200 parameters. So, if it is longer, it will get shortened to that set length. If you require longer than that query strings, you can change Suhosin’s settings in your php.ini. Look for the following lines:


suhosin.post.max_vars = 200
suhosin.request.max_vars = 200


… and change the numbers to higher ones. Easy.

Just a little notice though: make sure that you are using $_GET for getting, not for posting. Instead, maybe your better solution would be to use $_POST instead of $_GET.

Ok! There can be many reason for this but here is one not so obvious one: you might have a mod_security2 installed on your server and hooked up to the apache installation, which causes troubles. So try disabling it by adding:



SecRuleEngine Off



to your /etc/httd/conf/httpd.conf file (restart the server after this of course).

If you are running under CPanel/WHM, you might want to change apache template /var/cpanel/templates/apache2/vhost.default - this will make sure that when a new virtual host is added to the server it will inherit the settings above and allow TinyMCE to work without having to change /etc/httd/conf/httpd.conf file again.

This will be useful for you if you are still using Windows XP and don’t like it how sometimes after installing an update the system tells you to restart now or later. If you choose later, it will keep reminding you to restart by showing “nice” popups in the bottom right corner of your desktop. And if you happen to be typing up an important document that you unfortunately forgot to save, chances are that you accidently activate the restart procedure by pressing a Spacebar or an Enter key (when the “Restart Now” popup comes up) are pretty possible. What will you end up with ? Correct…losing your document and probably getting really angry followed by a pretty strong urge to scream (and maybe later cry).

What you can do to temporarily avoid the possibility of losing your stuff is disable the nag screen.

There is not much to it - it’s just a one line command that you need to execute from the Start / Run window:

sc stop wuauserv


This essentially stops a “Windows Update / AutoUpdate”. Part of its responsibility is to remind you to restart the computer upon successful system update.

You can of course place this command into a batch file and place it on your desktop to simplify the usage. Of course recommendation to restart after update is there for a reason and you should always restart when the system demands it. However, there will be some days when you would not want to restart and this is when the script (shown above) will kick some bearings!

Recently, we deployed a project that was using a multiple file uploader Flash component (that we used before for other projects successfully). To our surprise, it behaved abnormally and, in brief, it could be described as the following:

Every time a flash component was used to upload files it would drop the session (in IE 6 & 7) and consequently log out an already logged in user.

After making sure that all session related code was OK we started digging further - server configuration. Eventually, we narrowed down the cause of the problem and without hesitation annihilated the bugger.

It was Suhosin PHP module that dedicated servers with CPanel usually have installed for maintaining their security. Since it was the first project on this server to use flash uploader (and other servers have different configuration) it was the first time when we experienced the session issue.

Now…to cut story short and to give you what you actually want from the article…

The fix that did the trick was as follows:

1. disable suhosin.session.cryptua setting in php.ini

   suhosin.session.cryptua = Off

2. Add the following (if not there already) to php.ini

   suhosin.session.encrypt = Off

3. Restart apache

   We use CentOS: service httpd restart