Write For Us
php

MAX_FILE_SIZE in PHP - what's the point?

Viewed   46 times

I was trying to make a file upload form and checked the PHP documentation to refresh my memory on the subject. Here is a link to the relevant article. All of a sudden I noticed this message:

The MAX_FILE_SIZE hidden field (measured in bytes) must precede the file input field, and its value is the maximum filesize accepted by PHP. This form element should always be used as it saves users the trouble of waiting for a big file being transferred only to find that it was too large and the transfer failed. Keep in mind: fooling this setting on the browser side is quite easy, so never rely on files with a greater size being blocked by this feature. It is merely a convenience feature for users on the client side of the application. The PHP settings (on the server side) for maximum-size, however, cannot be fooled.

OK... Say what? First it tells that it must precede the file upload field. Then it tells us that it is merely for convenience. And besides - it's on client side anyway so anyone can mess with it. After googling around I also found information that there are no known browsers that support it.

WTF? Why is it said that it must precede the file upload field if it seems to be (for all intents and purposes) absolutely pointless? Should I bother putting it in my HTML at all?

 Answers

3

At the moment there are no browsers that actually care about the MAX_FILE_SIZE directive so it is pretty pointless. I suppose it does give you more granular control over max sizes on upload (as the poster above stated) rather than going with php.ini's, but personally I just ignore it, and you probably should too. It will certainly not stop a user uploading a larger than required file - the manual is fairly misleading in this regard.

Sunday, December 4, 2022
 
kumrpride-5df9f49de3d5
 
kumrpride-5df9f49de3d5
5

The serve command is just a shortcut for the PHP Built-in Webserver, something PHP has out of the box, so the point of using it is to start testing your application as fast as you could, you just need to install PHP, Composer and your application is up (if you don't need anything else, of course). But if you already have Nginx installed, there is no point at all, just use it.

It's not wise to use the Builtin Webserver in production.

Wednesday, October 12, 2022
 
sir._egole
 
sir._egole
5

Here's what worked best for me when trying to script this (in case anyone else comes across this like I did):

$ pecl -d php_suffix=5.6 install <package>
$ pecl uninstall -r <package>

$ pecl -d php_suffix=7.0 install <package>
$ pecl uninstall -r <package>

$ pecl -d php_suffix=7.1 install <package>
$ pecl uninstall -r <package>

The -d php_suffix=<version> piece allows you to set config values at run time vs pre-setting them with pecl config-set. The uninstall -r bit does not actually uninstall it (from the docs):

vagrant@homestead:~$ pecl help uninstall
pecl uninstall [options] [channel/]<package> ...
Uninstalls one or more PEAR packages.  More than one package may be
specified at once.  Prefix with channel name to uninstall from a
channel not in your default channel (pecl.php.net)

Options:
  ...
  -r, --register-only
        do not remove files, only register the packages as not installed
  ...

The uninstall line is necessary otherwise installing it will remove any previously installed version, even if it was for a different PHP version (ex: Installing an extension for PHP 7.0 would remove the 5.6 version if the package was still registered as installed).

Monday, December 12, 2022
 
shankar_damodaran
 
shankar_damodaran
3

Check your php.ini for post_max_size. This is typically about 8mb by default, but if you're on shared-hosting, it could definitely vary.

; Maximum size of POST data that PHP will accept.
post_max_size = 8M

You'll have to use $_POST if you wish to send large amounts of data to the server. For further study, I'd suggest checking out POST Method Uploads in the documentation.

Saturday, October 1, 2022
 
subhajit_halder
 
subhajit_halder
4

Never used any of those, but they look interesting..

Take a look at Gearman as well.. more overhead in systems like these but you get other cool stuff :) Guess it depends on your needs ..

Friday, November 11, 2022
 
the_falvert
 
the_falvert
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :
php
 
Share
Related Answers
76
 checking if a number is float in PHP
69
 How to pause a script just for a fraction of a second in PHP using the SLEEP() function?
119
 Whats the point of running Laravel with the command 'php artisan serve'?
91
 How to truncate a string in PHP to the sentence closest to a certain number of characters?
46
 regular expression in php: take the shortest match
51
 Sites to help me create tag in PHP (like the tags on this site)
61
 RegEx in PHP: find the first matching string
47
 How to fix this problem in PHP?
69
 PHP Ambiguous Floating point issue
67
 JSON Key Value Pairs within an Array in PHP using the json_encode() Function
Top Answers Related To

php

93
 where can I find the php.ini for php-cli
130
 Change PHP version on server using either .htaccess or php.ini
81
 PHP - Application config file stored as - ini,php,sql,cached,php class,JSON,php array?
220
 How to enable extensions for oci8 (Oracle) in php.ini - PHP Warning: PHP Startup: in Unknown on line 0
204
 PHP - converting XML to array in PHP - parsing a soap xml in php and storing it in database
167
 PHP Fatal error: Class 'MyApp\Chat' not found in /MyApp/chat-server.php
79
 how to write PHP module in C
77
 Linking a PHP Extension Written in C
104
 Compiling a php extension with Visual Studio 2008, MODULE ID don't match with php
77
 Prevent PHP from parsing non-PHP files such as someFile.php.txt
Write For Us · Blog · Privacy · Faqs · Terms of Use · Contact us ·