How to Gracefully Handle Files That Exceed PHP'S 'Post_Max_Size'

  • Home
  • Languages
  • PHP
  • How to Gracefully Handle Files That Exceed PHP'S 'Post_Max_Size'

How to gracefully handle files that exceed PHP's `post_max_size`?

From the documentation :

If the size of post data is greater
than post_max_size, the $_POST and
$_FILES superglobals are empty. This
can be tracked in various ways, e.g.
by passing the $_GET variable to the
script processing the data, i.e. <form
action="edit.php?processed=1">, and
then checking if $_GET['processed'] is
set.

So unfortunately, it doesn't look like PHP sends an error. And since it sends am empty $_POST array, that is why your script is going back to the blank form - it doesn't think it is a POST. (Quite a poor design decision IMHO)

This commenter also has an interesting idea.

It seems that a more elegant way is
comparison between post_max_size and
$_SERVER['CONTENT_LENGTH']. Please
note that the latter includes not only
size of uploaded file plus post data
but also multipart sequences.

CakePHP blackholes file uploads when post_max_size is exceeded

Ok, just found the solution myself.

I added the following to my AppController::beforeFilter():

if (
   ($this->request->isPost() || $this->request->isPut()) &&
   empty($_POST) && empty($_FILES)
) {
    $this->Security->csrfCheck = false;
}

Maybe this is of use to someone else.

Detect if uploaded file is too large

You could check the $_SERVER['CONTENT_LENGTH']:

// check that post_max_size has not been reached
// convert_to_bytes is the function turn `5M` to bytes because $_SERVER['CONTENT_LENGTH'] is in bytes.
if (isset($_SERVER['CONTENT_LENGTH']) 
    && (int) $_SERVER['CONTENT_LENGTH'] > convert_to_bytes(ini_get('post_max_size'))) 
{
  // ... with your logic
  throw new Exception('File too large!');
}

How to detect if a user uploaded a file larger than post_max_size?

For a simple fix that would require no server side changes, I would use the HTML5 File API to check the size of the file before uploading. If it exceeds the known limit, then cancel the upload. I believe something like this would work:

function on_submit()
{
  if (document.getElementById("upload").files[0].size > 666)
  {
    alert("File is too big.");
    return false;
  }

  return true;
}

<form onsubmit="return on_submit()">
<input id="upload" type="file" />
</form>

Obviously it's just a skeleton of an example, and not every browser supports this. But it wouldn't hurt to use this, as it could be implemented in such a way that it gracefully degrades into nothing for older browsers.

Of course this doesn't solve the issue, but it will at least keep a number of your users happy with minimal effort required. (And they won't even have to wait for the upload to fail.)

--

As an aside, checking $_SERVER['CONTENT_LENGTH'] vs the size of the post and file data might help detect if something failed. I think it when there is an error it will be non zero, while the $_POST and $_FILES would both be empty.

PHP Only allow user to submit a file less than php ini upload max

I think this will help you find your answer.

How to gracefully handle files that exceed PHP's `post_max_size`?

"If the size of post data is greater than post_max_size, the $_POST and $_FILES superglobals are empty. This can be tracked in various ways, e.g. by passing the $_GET variable to the script processing the data, i.e. , and then checking if $_GET['processed'] is set."

put this at beginning of your script after you start the session.

    if(empty($_FILES) && empty($_POST) && isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){ //catch file overload error...
        $postMax = ini_get('post_max_size'); //grab the size limits...
        echo "<p style=\"color: #F00;\">\nPlease note files larger than {$postMax} will result in this error!<br>Please be advised this is not a limitation in the CMS, This is a limitation of the hosting server.<br>For various reasons they limit the max size of uploaded files, if you have access to the php ini file you can fix this by changing the post_max_size setting.<br> If you can't then please ask your host to increase the size limits, or use the FTP uploaded form</p>"; // echo out error and solutions...
        return $postMax
    }

Related Topics

How to Remove All Non Printable Characters in a String

Get Specific Columns Using "With()" Function in Laravel Eloquent

PHP: Convert Any String to Utf-8 Without Knowing the Original Character Set, or At Least Try

Login to Remote Site With PHP Curl

"Connect Failed: Access Denied For User 'Root'@'Localhost' (Using Password: Yes)" from PHP Function

How to Solve "Fatal Error: Class 'MySQLi' Not Found"

Why Is the Hash Part of the Url Not Available on the Server Side

How to Get Count of Rows in MySQL Table Using PHP

PHP - How to Create a Newline Character

Are PHP Variables Passed by Value or by Reference

PHP Function Overloading

How to Extend a Class Using More Than 1 Class in PHP

How to Catch Curl Errors in PHP

Preserve Line Breaks from Textarea

Binding Multiple Values in Pdo

Difference Between PHP Echo and PHP Return in Plain English

Null Vs. False Vs. 0 in PHP

PHP - Send File to User


Leave a reply



Submit