Viewed   169 times

I am wondering how is the hidden field named MAX_FILE_SIZE supposed to work?

<form action="" method="post" enctype="multipart/form-data">
    <!-- in byes must preceed file field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="2097152" /> 
    <input type="file" name="upload" />

    <input type="submit" name="submit" value="Submit" />

I uploaded a 4MB+ file but I got no warning from client side (I am not talking about server side). What is it MAX_FILE_SIZE supposed to do?


OK so its for PHP to impose a "soft" limit. But is there any difference between using it and checking something like $_FILES['upload']['size'] < 2000 in code?



MAX_FILE_SIZE is in KB not bytes. You were right, it is in bytes. So, for a limit of 4MB convert 4MB in bytes {1024 * (1024 * 4)} try:

<input type="hidden" name="MAX_FILE_SIZE" value="4194304" /> 

Update 1

As explained by others, you will never get a warning for this. It's there just to impose a soft limit on server side.

Update 2

To answer your sub-question. Yes, there is a difference, you NEVER trust the user input. If you want to always impose a limit, you always must check its size. Don't trust what MAX_FILE_SIZE does, because it can be changed by a user. So, yes, you should check to make sure it's always up to or above the size you want it to be.

The difference is that if you have imposed a MAX_FILE_SIZE of 2MB and the user tries to upload a 4MB file, once they reach roughly the first 2MB of upload, the transfer will terminate and the PHP will stop accepting more data for that file. It will report the error on the files array.

Friday, October 7, 2022

You have to create the directory you're trying to move the file to, it won't automatically get created by move_uploaded_file.

Use mkdir(),, to create the directory and then move the file.

Here's an alternative ending to your script, which should do

// Create directory if it does not exist
if(!is_dir("Proposals/". $_SESSION["FirstName"] ."/")) {
    mkdir("Proposals/". $_SESSION["FirstName"] ."/");

// Move the uploaded file
move_uploaded_file($_FILES["upload"]["tmp_name"], "Proposals/". $_SESSION["FirstName"] ."/". $_FILES["upload"]["name"]);

// Output location
echo "Stored in: " . "Proposals/". $_SESSION["FirstName"] ."/". $_FILES["upload"]["name"];
Wednesday, October 19, 2022

Two things:
1. Is the form set to:

<form method="POST" enctype="multipart/form-data" action="INSERT ACTION">

2. Is the folder your posting the file to, is it set to 777?

Thursday, November 3, 2022

It's an R FAQ -- you need print() around it, or a ggsave() which is particular to ggplot2.

From the FAQ:

7.22 Why do lattice/trellis graphics not work?

The most likely reason is that you forgot to tell R to display the graph. Lattice functions such as xyplot() create a graph object, but do not display it (the same is true of ggplot2 graphics, and Trellis graphics in S-Plus). The print() method for the graph object produces the actual display. When you use these functions interactively at the command line, the result is automatically printed, but in source() or inside your own functions you will need an explicit print() statement.

Wednesday, October 5, 2022

If you hit F5 you are evicting the client cache. The way client cache is supposed to work is that you have links on the site pointing to the Client action from some other views and when the user clicks on those links the cached version will get served (assuming of course he does that in the interval for which the page is cached).

Sunday, December 25, 2022
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :