We help IT Professionals succeed at work.

max file upload size

DJ_AM_Juicebox
on
364 Views
Last Modified: 2013-11-05
Hi,
Just read this php doc about limiting a posted file's size in the form. It says to do this:

    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="30000" />

Now does 'name' have to be 'MAX_FILE_SIZE'?

Also I have two file input fields - so can there only be one size limit - or can I have two hitten limit fields, one for each file input field with specific different sizes?

Thanks
Comment
Watch Question

This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
i.g. you cannot limit the file size in the form, the client (browser) can always change or ignore it. Never trust client data.
The web server is the only true place for such a limitation, even PHP is behind that.

Author

Commented:
that is really sad, ideally there would be a way to control the file size limit per file field. Now I guess the only thing I can do is the following:

1) Set one global max file upload size via php.
2) Let the user upload whatever size file they want, so long as it doesn't violate #1.
3) Check individual uploaded files after they're already on my server to see if they violated individual file size limits I've set.

it just doesn't look nice, but that's all we have right?

Thanks
Well even if you could specify upload limits in your HTML the third step you listed there is essential anyway. A user can always take your HTML and edit it to change the contents of a form, be it upload limits or field lengths. You should never trust input from a form to match what you are expecting, it always needs to be checked that it matches the type of infomation and any sensible bounds before being acted on.

Unfortunately without additional plugins the HTTP file uploads are a bit primitive, they weren't really designed with the modern internet in mind, you can't do very much to a file input with javascript as browsers nowadays disallow programmatic access to them to prevent people having files stolen.

You might want to take a look at SWFUpload, a flash based file uploader

http://swfupload.mammon.se/index.php

and JUpload and Java based file uploader

http://www.jupload.biz/

although these may be overkill.
the only reliable choice is 3)

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.