Is there a limit on checked checkboxes in PHP form POST?

Question

I've come across a problem, which I can't seem to fix. I have a form (method="post" enctype="multipart/form-data") in which the user can choose some options. They have the possibility to 'check all'. If they 'check all', they are checking about 2000+ boxes. To check if my form actually gets posted, I have the following (not so complex) code:

<?php

if(isset($_POST['bijwerken'])) {

echo "YIPPEE!!";

}

?>

Now, if I check all the boxes, I don't get any feedback. If I only select like 20 boxes, I do actually get feedback. What am I missing? The checkboxes are also generated by a script, with an echo :

echo "&nbsp;&nbsp;<input type=\"checkbox\" name=\"productsoorten[]\" value='" . $rowproductsoorten1[productsoort1] . "'>&nbsp;  " . $rowproductsoorten1[productsoort1] . "<br />"; 

Would love the hear some good ideas!

Answer 1

Yes, there's actually a max_input_vars setting. The default value is 1000 and your post inputs won't work if the number of input fields are more than that.

Edit your php.ini file (usually at /etc/php5/apache2/php.ini if you're on a Unix system) and increase the limit:

max_input_vars = 5000

If you can't modify the php.ini file, you can add this to .htaccess:

php_value max_input_vars 5000 

Answer 2

I'm sure most people would choose simplicity over better design and I'm not going to explain every detail on how I'd handle this. If you don't understand what I'm talking or don't want to make the extra effort to write this pseudo-code out then this solution probably isn't for you.

I'd compress this data before you POST. First take the checkboxes out of your form tag so they don't get posted (we'll be giving it out own data).

Second, when the user submits the form (now with just a button) run some JS which traverses your DOM and gathers all of your check data. It will need to create a long array and then it'll need to use a separate long to shift the active bit if the checkbox is selected only (start at 1 and double the value for each checkbox until it reaches >2147483647). I would stop at 31bits per group (even though JS uses 64bit longs; the shift ops don't work above 32; also, JS doesn't have unsigned variables so unless you want to deal with flipping the - sign while all of this is going on then that's out too).

Third, post that to the server in a hidden text field and on the server end you get to reverse all of this.

Fourth, decode this on the server.

Fifth: Do this all again in reverse if you need the checks to begin correctly setup.

Advantages of This: - MUCH less data travels between client and server - No need to modify php.ini or even .htaccess - This is able to grow and shrink dynamically (no need to reconfigure anything if you add another 2000 checks) - Some browsers have limits on the number of bytes\fields you can post so simply increasing the number of fields won't always help. - IE has limits on the length of a URL so forget about GET with the other solution. MAYBE, you can do it with this.

Disadvantages: - Much more difficult to implement (nearly everything will need to be done 2 times for client and server as well) - Users may not have JS enabled - JS needs a lot of help when it comes to bit shifting - Uses more CPU time

--

If you want to take this up a notch then you'll want to work out a fix for the JS bit shift operator problem (this will nearly halve your data length): Converting javascript Integer to Byte array and back

This improved version will also require a 64bit PHP installation on the server (or a BigInt class which is WAY out of scope for this question).