Results 1 to 5 of 5
  1. #1
    Join Date
    Apr 2005
    Posts
    30

    Unanswered: Catching/Customising the UPLOAD_FILE_SIZE error. (*file size validation)

    Hi everyone,

    I have made a file upload form set the max_file_size to 1000000 and all is good.

    However when a user tries to upload a file larger than 1000000 I get an error

    Warning: MAX_FILE_SIZE of 1000000 bytes exceeded - file [image=xxxxxx.jpg] not saved in Unknown on line 0

    How do I customize this error?

    I have had a look into this and have got lots of snippets on set_error_handler
    and they work well.

    The problem is the above error appears before the set_error_handler("myErrorHandler"); function is called.

    ...10 mins later and having read the manual properly I see that this type of error cannot be caught.

    Any ideas on how else I can validate the size of the file to be uploaded without the user having to upload the (possibly very large) file first.

    Cheers

    Elskan.

  2. #2
    Join Date
    Mar 2007
    Location
    636f6d7075746572
    Posts
    770
    Of course this error can be caught, you just need to know what you're testing for

    Try this:
    Code:
    <?
    $uploadErrors = array(
        UPLOAD_ERR_OK => 'There is no error, the file uploaded with success.',
        UPLOAD_ERR_INI_SIZE => 'The uploaded file exceeds the upload_max_filesize directive in php.ini.',
        UPLOAD_ERR_FORM_SIZE => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.',
        UPLOAD_ERR_PARTIAL => 'The uploaded file was only partially uploaded.',
        UPLOAD_ERR_NO_FILE => 'No file was uploaded.',
        UPLOAD_ERR_NO_TMP_DIR => 'Missing a temporary folder.',
        UPLOAD_ERR_CANT_WRITE => 'Failed to write file to disk.',
        UPLOAD_ERR_EXTENSION => 'File upload stopped by extension.',
    );
    
    $errorCode = $_FILES['formfieldnamehere']['error'];
    
    // If our uploaded file is NOT ok.
    if($errorCode !== UPLOAD_ERR_OK){
      echo $uploadErrors[$errorCode];
    }
    
    ?>

  3. #3
    Join Date
    Apr 2005
    Posts
    30
    Thanks aschk.

    The problem is the user still has to upload the entire file first before being told that it is too large.

    I'm thinking there is no way for PHP to know how big the file is until it is uploaded?

    Is there a way to measure how much of the file has been uploaded?

    I could use this as a limit triggering warnings if the amount exceeds the upload max value.

    *scratches head*

    Thanks for the effort again.

  4. #4
    Join Date
    Mar 2007
    Location
    636f6d7075746572
    Posts
    770
    Unfortunately you are right in saying that "there is no way for PHP to know how big the file is until it is uploaded". Because the selection of file happens client side (i.e. in their browser) you don't know what if anything they might send to the server.

    The amount uploaded will be more than the specified "allowed size" if you get an error message , and in fact if it exceeds the size the whole file is dropped. So once it reaches the max allowed size it stops the transfer (i.e you'll never receive more than you're allowed). So if someone tries to send a 2GB file and you only allows 200MB the server side process will either do 1 of 2 things (as i'm guessing here). It'll check the size of the message sent (in Apache/PHP) and determine that it's too large and immediately reject it, OR, PHP will take the 1st 200MB of the file, realise it's too large and then stop the transfer and continue onward with other processing it needs to do.
    Therefore the script won't be slower if they attempt to upload a bigger file (if that's your concern).

    Hence, you can use the array provided in my previous post to let the user know their file it too big.
    Hope that helps

  5. #5
    Join Date
    Mar 2007
    Location
    636f6d7075746572
    Posts
    770
    I've done a little more digging around for this point (only because it happened to coincide with something I was doing) and I was curious to note that obviously you can examine the HTTP headers to see what the content-length is specified as. Theoretically if this exceeds the allowed size for the POST value set in PHP it should fail immediately (at a guess), however if it doesn't exceed the POST value but DOES exceed the UPLOAD_MAX_FILESIZE value then you have a different problem.

    I'll update with any further info i come across.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •