Author Topic: Trying to Mobilize troops from independent settlement.  (Read 253 times)

Gustav Kuriga

  • Full Member
  • ***
  • Posts: 459
  • Karma: +22/-34
    • View Profile
Trying to Mobilize troops from independent settlement.
« on: January 28, 2017, 09:18:25 PM »
So when I try to mobilize troops from an independent (blue) settlement, this is what I get.

Ok, it only happens if you toggle selection. If you give an order without checking any of the selection boxes it works fine. I don't know.

 
Quote
Warning:  Unknown: Input variables exceeded 200. To increase the limit change max_input_vars in php.ini. in Unknown on line 0
 
 Fatal error:  Uncaught exception 'RuntimeException' with message 'Failed to start the session because headers have already been sent by "" at line 0.' in /home/maf/symfony/app/cache/prod/classes.php:118 Stack trace: #0 /home/maf/symfony/app/cache/prod/classes.php(192): Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage->start() #1 /home/maf/symfony/app/cache/prod/classes.php(492): Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage->getBag('attributes') #2 /home/maf/symfony/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/ContextListener.php(78): Symfony\Component\HttpFoundation\Session\Session->get('_security_accou...') #3 /home/maf/symfony/app/cache/prod/classes.php(3012): Symfony\Component\Security\Http\Firewall\ContextListener->handle(Object(Symfony\Component\HttpKernel\Event\GetResponseEvent)) #4 [internal function]: Symfony\Component\Security\Http\Firewall->onKernelRequest(Object(Symfony\Component\HttpKernel\Event\GetResponseEvent), 'kernel.request', Object(Symf in /home/maf/symfony/app/cache/prod/classes.php on line 5337
« Last Edit: January 28, 2017, 09:22:18 PM by Gustav Kuriga »

Demivar

  • Full Member
  • ***
  • Posts: 128
  • Karma: +1/-0
  • Purveyor of cunning plans.
    • View Profile
Re: Trying to Mobilize troops from independent settlement.
« Reply #1 on: January 28, 2017, 11:11:41 PM »
It's an 'issue' which has been in M&F for a short while now, it is assumed to be done as a failsafe as sometimes the servers came under too much pressure.


"Warning:  Unknown: Input variables exceeded 200. "

Simply put, the server will only accept 200 variables at once. As far as I'm aware, each soldier has 2 variables sent to the server when you assign an order. Because of this, it appears that you can only issue orders to 100 men at once.

I might be wrong, but by issuing orders to smaller groups the issue is avoided, and the error message's first line is fairly self-explanatory
« Last Edit: February 27, 2017, 01:23:01 AM by Demivar »
22:34 - Roran Hawkins: Radovid's like you
22:34 - Roran Hawkins: but then insane
22:34 - Roran Hawkins: Dijkstra is like you

Cipheron

  • Full Member
  • ***
  • Posts: 170
  • Karma: +7/-4
    • View Profile
Re: Trying to Mobilize troops from independent settlement.
« Reply #2 on: January 29, 2017, 08:37:40 AM »
The main purpose was actually to avoid a type of "Denial of Service" attack.

http://php.net/manual/en/info.configuration.php

Quote
max_input_vars   How many input may be accepted (limit is applied to $_GET, $_POST and $_COOKIE superglobal separately). Use of this directive mitigates the possibility of denial of service attacks which use hash collisions. If there are more input variables than specified by this directive, an E_WARNING is issued, and further input variables are truncated from the request.
My guess is that this limit was set up by whomever Tom rents server space from, because Tom & Andrew etc haven't mentioned actually setting this variable themselves which caused the problem.
There are three ways to fix this.
- add JavaScript to the client, that scans the form and breaks it into server-sized chunks, then manually sends all the blocks. This could be written by anyone. In fact, with GreaseMonkey, anyone who knows JavaScript could make this a thing.

- Migrate to the new server, which Andrew will be able to edit the settings himself. But that still leaves a potential DoS attack vector open
- Pack all the soldier information in the form into one single block of data on the client's web browser, then unpack that on the server. This is the better option, Andrew is planning to revamp the system in the future.