Re: [PHP] MAX_FILE_SIZE not working with file uploads

---

• From: ray@xxxxxxxxxxxxx (Ray)
• Date: Sat, 22 Sep 2007 19:25:25 -0600

---

On Saturday 22 September 2007 7:44:55 pm Jeff Cohan wrote:

Dan Parry wrote:

I might be wrong but this would be classed as
'exploitable'... Webservers should not be allowed
to read from or write to clients... Of course there
is ActiveX...

I think we're off the point.

My script is simply interrogating the value of the
$_FILES[userfile][size] array element. It's coming up as ZERO if it
exceeds the MAX_FILE_SIZE.

Exactly, no valid file was uploaded. The size of the valid file is therefore
zero.

That seems odd to me.
But maybe that's
the way it's SUPPOSED to work. That's why I started this thread out
with "What am I missing?".

Said another way:

It seems that the server had to know the size of the file in order
to know it exceeded MAX_FILE_SIZE. So how can my script find out the
size?

Can you use Javascript to check file size client side, send data via AJAX then
issue warnings? (Remember the php mantra: "PHP is a server side language" )

As noted in the php.net documentation you quoted, and as mentioned previously,
MAX_FILE_SIZE is a _hint_ to the browser. some browsers just don't take
hints.
Ray
.

---

• Follow-Ups:
  • RE: [PHP] MAX_FILE_SIZE not working with file uploads
    • From: "Dan Parry"

• References:
  • MAX_FILE_SIZE not working with file uploads
    • From: Jeff Cohan
  • RE: [PHP] MAX_FILE_SIZE not working with file uploads
    • From: "Dan Parry"
  • Re: [PHP] MAX_FILE_SIZE not working with file uploads
    • From: Jeff Cohan

• Prev by Date: Re: [PHP] str_replace oddity
• Next by Date: RE: [PHP] MAX_FILE_SIZE not working with file uploads
• Previous by thread: RE: [PHP] MAX_FILE_SIZE not working with file uploads
• Next by thread: RE: [PHP] MAX_FILE_SIZE not working with file uploads
• Index(es):
  • Date
  • Thread

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)