By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
432,109 Members | 993 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 432,109 IT Pros & Developers. It's quick & easy.

Limit File Size in email form??

P: n/a
Hi all, I'm trying to limit the file size of an image submission and I keep
running into various problems. I've got most of it working, but I'm stumped
and I have a basic question as to WHY this works at all!

if ($_FILES['file']['size'] !="") {

if ($_FILES['file']['size']<=0) {
header("Location: /fileerror.php");
exit;
}
}
What I want to do is skip this function IF the user submits no file. Part
one works with the !="" condition, but two, which did work, does not when
nested. It stops checking file sizes and submits every size file.

I'm trying to modify Swanilda's tutorial: http://swanilda.com/unix2.html

And using form file's input hidden value:
Code:
<input type="hidden" name="MAX_FILE_SIZE" value="5000" border="0">

WITH this check:
if ($HTTP_POST_FILES['file']['size'] <=0)
{
print "<h2><b>Your picture was not received.</b></h2><br>";
print "The file size was larger than 5k.<br>";
print "Reduce the size and resubmit.";
}
First of all, I don't want to stop the post if the field is empty, so that
is problem 1. But I also don't understand why this code works. This code
blocks an empty file [<=0], but why or how does it check to see that the
file is not larger than that the max file size value of 5k? I don't see a
comparative function or operator here. Why shouldn't you have to write
something like:
Code:
if ($HTTP_POST_FILES['file']['size'] >5000k) or
if ($HTTP_POST_FILES['file'] ['size'] ) THEN do this?
How is the size value placing a limit on the file size? This code is
probably much simpler than I'm making it out to be, but I've been on 15
sites trying to get this right, and most of the searches are for uploading
files, which I'm not doing. I'm sending them via email.
What I eventually want to do is just prevent submissions IF the user submits
a file and it is larger than 3 megs...
Thank YOU in advance,
Jeff
_________________
----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Jul 3 '06 #1
Share this Question
Share on Google+
5 Replies


P: n/a
"Jefferis NoSpamme" <je********@hotmail.comwrote in message
news:C0***********************@hotmail.com...
Hi all, I'm trying to limit the file size of an image submission and I
keep
running into various problems. I've got most of it working, but I'm
stumped
and I have a basic question as to WHY this works at all!

if ($_FILES['file']['size'] !="") {

if ($_FILES['file']['size']<=0) {
header("Location: /fileerror.php");
exit;
}
}
What I want to do is skip this function IF the user submits no file. Part
one works with the !="" condition, but two, which did work, does not when
nested. It stops checking file sizes and submits every size file.

I'm trying to modify Swanilda's tutorial: http://swanilda.com/unix2.html

And using form file's input hidden value:
Code:
<input type="hidden" name="MAX_FILE_SIZE" value="5000" border="0">
Here's a magical line that tells user agent (browser) not to post files
larger than 5000. In this case $_FILES['file']['error'] should contain the
value of UPLOAD_ERR_FORM_SIZE .

WITH this check:
if ($HTTP_POST_FILES['file']['size'] <=0)
{
print "<h2><b>Your picture was not received.</b></h2><br>";
print "The file size was larger than 5k.<br>";
print "Reduce the size and resubmit.";
}
First of all, I don't want to stop the post if the field is empty, so that
is problem 1. But I also don't understand why this code works. This code
blocks an empty file [<=0], but why or how does it check to see that the
file is not larger than that the max file size value of 5k? I don't see a
comparative function or operator here. Why shouldn't you have to write
something like:
Code:
if ($HTTP_POST_FILES['file']['size'] >5000k) or
if ($HTTP_POST_FILES['file'] ['size'] ) THEN do this?
How is the size value placing a limit on the file size? This code is
probably much simpler than I'm making it out to be, but I've been on 15
sites trying to get this right, and most of the searches are for uploading
files, which I'm not doing. I'm sending them via email.
What I eventually want to do is just prevent submissions IF the user
submits
a file and it is larger than 3 megs...
Thank YOU in advance,
Jeff
If you want to hard limit to 3 megs, you can just adjust this:
<input type="hidden" name="MAX_FILE_SIZE" value="5000" border="0">
to
<input type="hidden" name="MAX_FILE_SIZE" value="3000" border="0">
If you wanna do really good errormessages, try something similar to what I
did with a file uploader. "liite" is the name of my file field:

switch($_FILES['liite']['error']){
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
echo "File {$_FILES['liite']['name']} upload failed because the
filesize (".number_format($_FILES['liite']['size']/1024,1)." kb) is too big.
Please contact administration.";
break;
case UPLOAD_ERR_PARTIAL:
echo "File {$_FILES['liite']['name']} upload failed because file was
only partially transmitted. Please contact administration.";
break;
case UPLOAD_ERR_NO_TMP_DIR:
case UPLOAD_ERR_CANT_WRITE:
echo "File {$_FILES['liite']['name']} upload failed because of
server error. Please contact administration.";
break;
case UPLOAD_ERR_OK:
echo "File {$_FILES['liite']['name']} upload sucessful";
break;
case UPLOAD_ERR_NO_FILE:
default:
break;
}

And do check out the manual.
http://fi.php.net/manual/en/features.file-upload.php

Jul 3 '06 #2

P: n/a
On 7/3/06 3:23 AM, in article VB******************@reader1.news.jippii.net,
"Kimmo Laine" <sp**@outolempi.netwrote:

Thank you for the help Kimmo.
>
Here's a magical line that tells user agent (browser) not to post files
larger than 5000. In this case $_FILES['file']['error'] should contain the
value of UPLOAD_ERR_FORM_SIZE .
I have read that the browser function on file size is not reliable and
works only on some browsers. I think I'm having a problem understanding how
the Max_File_Size value field is functioning and what it communicates to the
server. I looked up that reserved word on php and it isn't a php function,
but apparently is a server html function... Is the error value added by a
$var definition on the php page or is it fed to the php target by the Max
File form field???

Thanks
Jeff
>
If you want to hard limit to 3 megs, you can just adjust this:
<input type="hidden" name="MAX_FILE_SIZE" value="5000" border="0">
to
<input type="hidden" name="MAX_FILE_SIZE" value="3000" border="0">
If you wanna do really good errormessages, try something similar to what I
did with a file uploader. "liite" is the name of my file field:

switch($_FILES['liite']['error']){
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
echo "File {$_FILES['liite']['name']} upload failed because the
filesize (".number_format($_FILES['liite']['size']/1024,1)." kb) is too big.
Please contact administration.";
break;
case UPLOAD_ERR_PARTIAL:
echo "File {$_FILES['liite']['name']} upload failed because file was
only partially transmitted. Please contact administration.";
break;
case UPLOAD_ERR_NO_TMP_DIR:
case UPLOAD_ERR_CANT_WRITE:
echo "File {$_FILES['liite']['name']} upload failed because of
server error. Please contact administration.";
break;
case UPLOAD_ERR_OK:
echo "File {$_FILES['liite']['name']} upload sucessful";
break;
case UPLOAD_ERR_NO_FILE:
default:
break;
}

And do check out the manual.
http://fi.php.net/manual/en/features
~~~~~~~~~~~~
Jefferis Peterson, Pres.
Web Design and Marketing
http://www.PetersonSales.com

----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Jul 3 '06 #3

P: n/a
"Jefferis NoSpamme" <je********@hotmail.comwrote in message
news:C0***********************@hotmail.com...
On 7/3/06 3:23 AM, in article
VB******************@reader1.news.jippii.net,
"Kimmo Laine" <sp**@outolempi.netwrote:

Thank you for the help Kimmo.
>>
Here's a magical line that tells user agent (browser) not to post files
larger than 5000. In this case $_FILES['file']['error'] should contain
the
value of UPLOAD_ERR_FORM_SIZE .
I have read that the browser function on file size is not reliable and
works only on some browsers. I think I'm having a problem understanding
how
the Max_File_Size value field is functioning and what it communicates to
the
server. I looked up that reserved word on php and it isn't a php function,
but apparently is a server html function... Is the error value added by a
$var definition on the php page or is it fed to the php target by the Max
File form field???
Assuming your file field looks something like this:
<input type="file" name="myfile">
The error code is, like I explained the first time, in the $_FILES array
under $_FILES['myfile']['error'].

if( $_FILES['myfile']['error']==UPLOAD_ERR_FORM_SIZE ){
echo "too big file";
}

You also get the size of the file in $_FILES['myfile']['size'] which you can
test to see if it's too big. In your case 3 megs = 3*1024*1024 bytes =
3145728

if( $_FILES['myfile']['size'] 3145728 ){
echo "too big file";
}

--
"ohjelmoija on organismi joka muuttaa kofeiinia koodiksi" -lpk
sp**@outolempi.net | Gedoon-S @ IRCnet | rot13(xv***@bhgbyrzcv.arg)
Jul 4 '06 #4

P: n/a
On 7/4/06 2:21 AM, in article 6O*******************@reader1.news.jippii.net,
"Kimmo Laine" <sp**@outolempi.netwrote:
The error code is, like I explained the first time, in the $_FILES array
under $_FILES['myfile']['error'].

Thank you. That was the missing piece to my understanding. I didn't realize
these file's values were seen automatically as an array. I was interpreting
the $_Files['size'] as a value passed from the form Max_File_Size field's
hidden variable and not from the file itself.
~~~~~~~~~~~~
Jefferis Peterson, Pres.
Web Design and Marketing
http://www.PetersonSales.com

----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Jul 4 '06 #5

P: n/a
On 7/4/06 2:21 AM, in article 6O*******************@reader1.news.jippii.net,
"Kimmo Laine" <sp**@outolempi.netwrote:
Assuming your file field looks something like this:
<input type="file" name="myfile">
The error code is, like I explained the first time, in the $_FILES array
under $_FILES['myfile']['error'].

if( $_FILES['myfile']['error']==UPLOAD_ERR_FORM_SIZE ){
echo "too big file";
}

Thank you again Kimmo. I got it to work finally. The problem I believe is
that I was trying to use filesize($myfile) and other functions which have
to do with a file that is already uploaded to the server. When I tried to
use filesize() to the file, the error came back " no such file."

When I tried to apply your code straight, it failed on the server error:
case UPLOAD_ERR_NO_TMP_DIR:
case UPLOAD_ERR_CANT_WRITE:
echo "File {$_FILES['liite']['name']} upload failed because of
server error. Please contact administration.";

I assume the problem is that I have not given permissions for a file upload
to reside on the server, as that was not my goal. I'm not entirely sure how
this pass through function works with email, but I believe it is only a
temporary directory, and it is handled automatically by my server. So I
could not check file sizes with a lot of the functions in the uploading a
file section of php manual. It has to be done on the fly, so to speak, and
yes your code:
if( $_FILES['myfile']['error']==UPLOAD_ERR_FORM_SIZE ){
> echo "too big file";
}
Worked perfectly. Thanks again,

Jeff
~~~~~~~~~~~~
Jefferis Peterson, Pres.
Web Design and Marketing
http://www.PetersonSales.com

----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Jul 4 '06 #6

This discussion thread is closed

Replies have been disabled for this discussion.