How to gracefully handle files that exceed PHP's `post_max_size`?
From the documentation :
If the size of post data is greater
than post_max_size, the $_POST and
$_FILES superglobals are empty. This
can be tracked in various ways, e.g.
by passing the $_GET variable to the
script processing the data, i.e. <form
action="edit.php?processed=1">, and
then checking if $_GET['processed'] is
set.
So unfortunately, it doesn't look like PHP sends an error. And since it sends am empty $_POST array, that is why your script is going back to the blank form - it doesn't think it is a POST. (Quite a poor design decision IMHO)
This commenter also has an interesting idea.
It seems that a more elegant way is
comparison between post_max_size and
$_SERVER['CONTENT_LENGTH']. Please
note that the latter includes not only
size of uploaded file plus post data
but also multipart sequences.
CakePHP blackholes file uploads when post_max_size is exceeded
Ok, just found the solution myself.
I added the following to my AppController::beforeFilter()
:
if (
($this->request->isPost() || $this->request->isPut()) &&
empty($_POST) && empty($_FILES)
) {
$this->Security->csrfCheck = false;
}
Maybe this is of use to someone else.
Detect if uploaded file is too large
You could check the $_SERVER['CONTENT_LENGTH']
:
// check that post_max_size has not been reached
// convert_to_bytes is the function turn `5M` to bytes because $_SERVER['CONTENT_LENGTH'] is in bytes.
if (isset($_SERVER['CONTENT_LENGTH'])
&& (int) $_SERVER['CONTENT_LENGTH'] > convert_to_bytes(ini_get('post_max_size')))
{
// ... with your logic
throw new Exception('File too large!');
}
How to detect if a user uploaded a file larger than post_max_size?
For a simple fix that would require no server side changes, I would use the HTML5 File API to check the size of the file before uploading. If it exceeds the known limit, then cancel the upload. I believe something like this would work:
function on_submit()
{
if (document.getElementById("upload").files[0].size > 666)
{
alert("File is too big.");
return false;
}
return true;
}
<form onsubmit="return on_submit()">
<input id="upload" type="file" />
</form>
Obviously it's just a skeleton of an example, and not every browser supports this. But it wouldn't hurt to use this, as it could be implemented in such a way that it gracefully degrades into nothing for older browsers.
Of course this doesn't solve the issue, but it will at least keep a number of your users happy with minimal effort required. (And they won't even have to wait for the upload to fail.)
--
As an aside, checking $_SERVER['CONTENT_LENGTH']
vs the size of the post and file data might help detect if something failed. I think it when there is an error it will be non zero, while the $_POST
and $_FILES
would both be empty.
PHP Only allow user to submit a file less than php ini upload max
I think this will help you find your answer.
How to gracefully handle files that exceed PHP's `post_max_size`?
"If the size of post data is greater than post_max_size, the $_POST and $_FILES superglobals are empty. This can be tracked in various ways, e.g. by passing the $_GET variable to the script processing the data, i.e. , and then checking if $_GET['processed'] is set."
put this at beginning of your script after you start the session.
if(empty($_FILES) && empty($_POST) && isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){ //catch file overload error...
$postMax = ini_get('post_max_size'); //grab the size limits...
echo "<p style=\"color: #F00;\">\nPlease note files larger than {$postMax} will result in this error!<br>Please be advised this is not a limitation in the CMS, This is a limitation of the hosting server.<br>For various reasons they limit the max size of uploaded files, if you have access to the php ini file you can fix this by changing the post_max_size setting.<br> If you can't then please ask your host to increase the size limits, or use the FTP uploaded form</p>"; // echo out error and solutions...
return $postMax
}
Related Topics
How to Remove All Non Printable Characters in a String
Get Specific Columns Using "With()" Function in Laravel Eloquent
PHP: Convert Any String to Utf-8 Without Knowing the Original Character Set, or At Least Try
Login to Remote Site With PHP Curl
"Connect Failed: Access Denied For User 'Root'@'Localhost' (Using Password: Yes)" from PHP Function
How to Solve "Fatal Error: Class 'MySQLi' Not Found"
Why Is the Hash Part of the Url Not Available on the Server Side
How to Get Count of Rows in MySQL Table Using PHP
PHP - How to Create a Newline Character
Are PHP Variables Passed by Value or by Reference
How to Extend a Class Using More Than 1 Class in PHP
How to Catch Curl Errors in PHP
Preserve Line Breaks from Textarea
Binding Multiple Values in Pdo