Don E Posted May 31, 2012 Share Posted May 31, 2012 Hello everyone, Is the following the correct way to have one page of your site be allowed to upload a file that's say only 2MB in size and another page be allowed 8MB for example?I believe in the php.ini 2MB is the max? What would be suggested... set the php.ini max to say 8MB because of 8MB is the max that will be allowed for the whole site and then for individual pages where it will be less than 8MB, just do a check on the file being upload and if it's over 2MB, not allow it? Thanks. Link to comment Share on other sites More sharing options...
justsomeguy Posted May 31, 2012 Share Posted May 31, 2012 Yeah, that's one way to do it. You may be able to target particular files with different settings using htaccess, but I haven't done that before. Link to comment Share on other sites More sharing options...
boen_robot Posted May 31, 2012 Share Posted May 31, 2012 Since PHP 5.3.0, if you're using (F)CGI, you can use .user.ini files OR (if you want things to work regardless of SAPI) in the main php.ini file, you could use a PATH section.If you want to support earlier PHP versions and make things work regardless of SAPI, you can only do so with the method in your first post. Link to comment Share on other sites More sharing options...
Don E Posted May 31, 2012 Author Share Posted May 31, 2012 Thanks for the replies.One more thing... I noticed some people sometimes in their form have a hidden input field that has the name attribute named like this for example: MAX_FILE_SIZE and the value a certain number of bytes.. Is this necessary or just personal preference on how some people take care of checking file size when uploading? Because why not just check the file size in the process script like so: if($_FILES['file']['size'] > 2097152 ) //2mb echo 'File over 2MB'; Link to comment Share on other sites More sharing options...
boen_robot Posted May 31, 2012 Share Posted May 31, 2012 Yeah, it's next to useless... PHP will automatically eliminate files above the size specified there, but since this is part of the HTTP request, you must do a check "manually" anyway. Otherwise, someone could fake this value, and thus upload files up to the php.ini value. Link to comment Share on other sites More sharing options...
Guest So Called Posted May 31, 2012 Share Posted May 31, 2012 Hello everyone, Is the following the correct way to have one page of your site be allowed to upload a file that's say only 2MB in size and another page be allowed 8MB for example? I believe in the php.ini 2MB is the max? What would be suggested... set the php.ini max to say 8MB because of 8MB is the max that will be allowed for the whole site and then for individual pages where it will be less than 8MB, just do a check on the file being upload and if it's over 2MB, not allow it? What do you think about using PHP ini_set() function? ini_set("upload_max_filesize", "2M"); http://php.net/manual/en/function.ini-set.phphttp://www.php.net/manual/en/ini.core.php#ini.upload-max-filesizehttp://www.php.net/manual/en/faq.using.php#faq.using.shorthandbytes Link to comment Share on other sites More sharing options...
justsomeguy Posted May 31, 2012 Share Posted May 31, 2012 It doesn't work for upload_max_filesize, by the time PHP executes the ini_set instruction that option has already taken effect, the file has already been processed and put into the $_FILES array. Link to comment Share on other sites More sharing options...
Don E Posted May 31, 2012 Author Share Posted May 31, 2012 (edited) So Called, Great suggestion. Will definitely consider/remember this. Thanks. JSG, Even if ini_set("upload_max_filesize", "2M"); is placed at the top of that particular PHP file/script? Edited May 31, 2012 by Don E Link to comment Share on other sites More sharing options...
justsomeguy Posted May 31, 2012 Share Posted May 31, 2012 Even if ini_set("upload_max_filesize", "2M"); is placed at the top of that particular PHP file/script?Like I said, by the time PHP starts executing any code at all, all of the pre-processing has already been done, including populating the $_POST, $_GET, $_SERVER, and $_FILES arrays. Using ini_set will change the value of that option, but it doesn't matter because PHP has already done the only thing that uses that option. There's not a way to set options and then have PHP re-process the request, it doesn't save the request data. Link to comment Share on other sites More sharing options...
Guest So Called Posted May 31, 2012 Share Posted May 31, 2012 Don, one thing I know for sure is that ini_set() does NOT work in all cases. The docco says that. In my case I got tired of my phpMyAdmin timing out so I added this code: "ini_set("session.gc_maxlifetime","10800");" and it worked perfectly. But of course this is a different INI setting. I couldn't find any appendix that tells which works for what. Also, not sure if it'll help you, but if your scripts are in different directories you might be able to use a local php.ini file, which I believe would set the value for any scripts that execute in that directory. Again, some things can be changed, some cant. I wasn't able to change my gc_lifetime value from local php.ini. I'm not any kind of expert. Sometimes I have to go at a problem several ways until I find one solution that works. Link to comment Share on other sites More sharing options...
justsomeguy Posted May 31, 2012 Share Posted May 31, 2012 Here's the list of options: http://www.php.net/manual/en/ini.list.php The "changeable" column lists where you can change each option. upload_max_filesize is set to PHP_INI_PERDIR in recent versions, meaning you can change it in php.ini, .htaccess, or httpd.conf. Link to comment Share on other sites More sharing options...
Don E Posted May 31, 2012 Author Share Posted May 31, 2012 Thanks JSG, So Called and boen. After analyzing all my options, best if I just go with my intended option which is in post 1. Link to comment Share on other sites More sharing options...
Guest So Called Posted June 1, 2012 Share Posted June 1, 2012 One thing that has always amazed me about programming is that there's so many different ways to solve problems. Link to comment Share on other sites More sharing options...
Don E Posted June 1, 2012 Author Share Posted June 1, 2012 And many ways to go about how to accomplish your objective, but some of those ways can be considered bad practices or not the route to take(referring to coding something). Depends I guess. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now