I am working on a PHP upload script and when testing my error checks, I attempted to upload a 17MB TIFF file. When I do this the $_FILES array is empty. The script works fine for what I need it to do, which is to upload JPEG files. My solution is to test if $_FILES is empty or not before continuing with the upload script.
Can anybody explain why $_FILES is empty when a TIFF is attempted to be uploaded? Is my solution, to check if $_FILES is empty or not, an okay one?
Does this have something to do with settings in php.ini?
Just to clarify
I was checking that $_FILES was empty using the following:
if(empty($_FILES))
{
die('$_FILES is empty.');
}
Yes, upload_max_filesize controls max upload size, which the TIFF file most likely exceeded. The default is 2M. You can test with:
echo ini_get("upload_max_filesize");
EDIT: Actually, the exact cause is more likely post_max_size, which is always >= upload_max_filesize: "If the size of post data is greater than post_max_size, the $_POST and $_FILES superglobals are empty."
You should check to see if $_FILES['file']['error'] is equal to 0. This indicates a "success".
If your files array is empty, it might be due to some other problem, like not including the enctype.
Try doing var_dump($_FILES) and viewing the contents...
EDIT: I know you can set the max filesize in the php.ini file, but I am not sure if that will give you an empty files array. I think you will just get an error.
As posted already, it's empty because if failed. Also check for a form element like this:
<input type="hidden" name="MAX_FILE_SIZE" value="-maxsizegoeshereinbytes-" />
To be extra sure (once you actually have an array - adding to the 'check the error key' post, btw) , you can also check the size
if( $_FILES['file']['size'] > 0 ) {
}
Related
I was trying to upload a file which is 20MB in size. Now default form upload size is 8MB. When I upload such a file i get $_POST and $_FILE variables empty. Now I want to put a check on file size. If I get both these variables empty, how can I put such a check ?? Please give me suggestions
Barring any code errors, its most likely your 20MB exceeds your upload limit.
Change this permanently from your php.ini file.
Use
ini_set("upload_max_filesize", "30M");
to set your max upload size for that session only. And for POST
Use this
ini_set("post_max_size", "30M");
To check the sizes
echo ini_get("post_max_size") . "\n";
echo ini_get("upload_max_filesize");
No idea what you actually want. But you can probe the recieved content size using:
$_SERVER["CONTENT_LENGTH"]
This should tell how big the POST request body would have been. (The number might be higher than the actual received content, in case of an aborted upload.)
Checkout php://input, the allowed 8mb part of it should be there.
For example echo file_get_contents('php://input');
You can dynamically set your max file size for upload.
write down below statement in your upload function where you are trying to upload file.
this will enhance limit up to 50 MB
ini_set("upload_max_filesize", "50M");
If you want to check file variables, you can user alternative HTTP_POST_FILES
$theFileSize = $HTTP_POST_FILES['file']['size'];
Hope this may help you.
Thanks.
Use MAX_FILE_SIZE as a hidden input field, this will stop the user waiting if the file is larger than the limit and won't execute your code so the variables won't be empty...
The MAX_FILE_SIZE hidden field (measured in bytes) must precede the
file input field, and its value is the maximum filesize accepted by
PHP. This form element should always be used as it saves users the
trouble of waiting for a big file being transferred only to find that
it was too large and the transfer failed. Keep in mind: fooling this
setting on the browser side is quite easy, so never rely on files with
a greater size being blocked by this feature. It is merely a
convenience feature for users on the client side of the application.
The PHP settings (on the server side) for maximum-size, however,
cannot be fooled.
http://www.php.net/manual/en/features.file-upload.post-method.php
Inside my form i define this file upload field:
$this->setEnctype(Zend_Form::ENCTYPE_MULTIPART);
$logo = $this->createElement('file', 'logo');
$logo->setLabel('Group logo')
->setMaxFileSize(5242880) // 5mb
->addValidator('IsImage')
->addValidator('Count', false, 1)
->addValidator('Size', false, 5242880)
->addValidator('Extension', false, array('jpg', 'jpeg', 'png', 'gif'));
However, no matter how small files I upload I get this error: File 'logo' exceeds the defined ini size.
The error message seemed pretty straight forward so I checked the php config (phpinfo() on the same exact page that handles the form)
file_uploads: On
upload_max_filesize: 2000M
memory_limit: 128M
post_max_size: 8M
While those values don't exactly make sense, they absolutely should allow me to upload files up to 8Mb but the upload always failes with the message from above. Even files smaller than 1Kb fail. I also tried removing all setters/validators but it still fails.
While searching for an answer I came across some posts that said that it was ajax' fault but this is a regular form, so now I'm stuck.
Update: I'm terribly sorry to have wasted your time, there was another unclosed form on the page which voided the multipart-declaration. Could have found that out sooner if I had tested with larger files rather than small ones :/
Add enctype="multipart/form-data" in your form. It should solve your problem.
Add
enctype="multipart/form-data"
to your <form> element. Solved my problem.
if you are using script file to render your file , you need to retrieve the enctype info that you specified in form class from your script file. <form enctype="<?php echo $this->element->getAttrib("enctype"); ?>">
Chances are that the php extension fileinfo is not activated.
Please check your php.ini file and increase upload_max_filesize. By default, it is 2M (2 MegaBytes). Also in order to be able to post file with size more than 2M you need to update value of post_max_size
It looks like you're missing the destination:
$logo->setLabel('Group logo')
->setDestination('/var/www/upload')
...
You might want to make sure that the folder is writeable by your web server.
When I commented out the following I got the same error:
->setDestination($this->_config->folder->ugc);
->addValidator(Kvadrat_Form_Element_File::VALIDATE_COUNT, true, 1);
->addValidator(Kvadrat_Form_Element_File::VALIDATE_SIZE, true, 5 * 102400);
(I commented it out as was doing the file uploads separately with FormData)
So I uncommented it and it all worked again.
Your size validator is incorrect. You should use this format:
->addValidator('Size', false, array('max' => '5242880'))
Your validator checks file's size == 5242880, NOT <= 5242880.
Is there any way to get size of POST-request body in PHP?
As simple as:
$size = (int) $_SERVER['CONTENT_LENGTH'];
Note that $_SERVER['CONTENT_LENGTH'] is only set when the HTTP request method is POST (not GET). This is the raw value of the Content-Length header, as specified in RFC 7230.
In the case of file uploads, if you want to get the total size of uploaded files, you should iterate over the $_FILE array to sum each $file['size']. The exact total size might not match the raw Content-Length value due to the encoding overhead of the POST data. (Also note you should check for upload errors using the $file['error'] code of each $_FILES element, such as UPLOAD_ERR_PARTIAL for partial uploads or UPLOAD_ERR_NO_FILE for empty uploads. See file upload errors documentation in the PHP manual.)
If you're trying to figure out whether or not a file upload failed, you should be using the PHP file error handling as shown at the link below. This is the most reliable way to detect file upload errors:
http://us3.php.net/manual/en/features.file-upload.errors.php
If you need the size of a POST request without any file uploads, you should be able to do so with something like this:
$request = http_build_query($_POST);
$size = strlen($request);
My guess is, it's in the $_SERVER['CONTENT_LENGTH'].
And if you need that for error detection, peek into $_FILES['filename']['error'].
This might work :
$bytesInPostRequestBody = strlen(file_get_contents('php://input'));
// This does not count the bytes of the request's headers on its body.
I guess you are looking for $HTTP_RAW_POST_DATA
I'm running getimagesize() to determine whether or not an uploaded file is a valid image and also it's MIME type. A user of my webapp reported that some of his images where getting an "invalid filetype" error after uploading them. So I asked him to send me some of them to check.
The error string itself is meaningless as it's just a generic text written by me when the functions fails (returns FALSE). I tried increasing PHP's memory limit with no success. Also, logs don't show anything unusual. Is there a problem with the files or is it something else? is there a better way to do this operation?
I'm accepting any file that getimagesize() accepts (meaning it has a width/height), I'm just checking that it doesn't return FALSE (although my real scope would be jpg|jpeg|png|gif|bmp|tif|tiff). The server is running PHP/5.2.6-1+lenny3. I repeat, this happens only with the image linked and some others from the same series, so I'm more inclined to think it's related to what Lizard is hinting.
$_FILES seems to be empty before getting to getimagesize($_FILES['Filedata']['tmp_name']) so the file is never really checked. I'll have to figure out why these files are not submitted like the rest (too big for PHP perhaps? any ideas?).
Until you give more information, I can't really help much. The following code:
$file = "http://img27.imageshack.us/img27/9159/dsc00799e.jpg";
$info = getimagesize($file);
echo "<pre>" . print_r($info,true) . "</pre>";
(Where $file is equal to the location of the image given in the question), outputs:
Array
(
[0] => 2736
[1] => 3648
[2] => 2
[3] => width="2736" height="3648"
[bits] => 8
[channels] => 3
[mime] => image/jpeg
)
This seems okay. I'm assuming an error somewhere else in your checks?
After looking around SO I've found this insightful answer regarding PHP's upload limits. I combined it with what I already knew and finally got it working using the following code in my .htaccess (limiting uploads to 5MB):
php_value upload_max_filesize 5M
php_value post_max_size 8M
php_value max_input_time 1800
LimitRequestBody 0
Bottom line is: the problem wasn't in PHP's getimagesize() function, it was that the images were never uploaded to the server due to file size limits in both Apache and PHP. Thanks everyone who answered and commented, It would have been a lot more painful to figure it out without your help!
I am not sure if this is the answer your looking for but I know that I have issues with php functions and images being over 3000px in any dimension.
Hope that helps!
You said
$_FILES seems to be empty
Did you check for an upload error? - When the upload fails PHP sets the error element of the file's array. See the PHP documentation's File Upload section for different error codes possible.
I faced the same problem, i used exactly the same file reference as used in the img tag:
$filename = "/images/logo.jpg";
$size = getimagesize($filename); // <== this fails
<img src="<?echo $filename ?>" /> // <== this works
When I removed the first slash in the file name and tried it again, it worked:
$size = getimagesize("/images/logo.jpg"); // <== this fails
$size = getimagesize("images/logo.jpg"); // <== this works!
I hope it works for others too.
I have a file (image) upload script in PHP that I use to upload and resize images... It uses a simple MIME type and size validation so only jpg images are allowed and 1MB max file size.
I recently discovered a problem. When I try tu upload a .avi file using the script, the script processes the file like its the correct MIME type and size and then just do nothing, just takes me back to the upload form without any error message. (Instead of showing a "file too big" message).
I mean, if I try to upload a .gif or .txt or something else I get an error, as expected.
If I try to upload any file bigger than 1MB I get an error, as expected.
Only when I try to upload a .avi file with more than 1MB I dont get any kind of error.....
Well, here the first par of the code:
// define a constant for the maximum upload size
define ('MAX_FILE_SIZE', 1024000);
if (array_key_exists('upload', $_POST)) {
// define constant for upload folder
define('UPLOAD_DIR', 'C:/Wamp/www/Version-1.4/posters_uploaded/');
// replace any spaces in original filename with underscores. At the same time, assign to a simpler variable
$file = str_replace(' ', '_', $_FILES['image']['name']);
// convert the maximum size to KB
$max = number_format(MAX_FILE_SIZE/1024, 1).'kb';
// create an array of permitted MIME types
$permitted = array('image/jpeg','image/pjpeg');
// begin by assuming the file is unacceptable
$sizeOK = false;
$typeOK = false;
// check that file is within the permitted size
if ($_FILES['image']['size'] > 0 && $_FILES['image']['size'] <= MAX_FILE_SIZE) {
$sizeOK = true;
}
// check that file is of a permitted MIME type
foreach ($permitted as $type) {
if ($type == $_FILES['image']['type']) {
$typeOK = true;
break;
}
}
if ($sizeOK && $typeOK) {
switch($_FILES['image']['error']) {
case 0: // ...................
I'm just modifying a build PHP code so Im no expert...
Any suggestions??
Thanks.
http://us3.php.net/manual/en/features.file-upload.common-pitfalls.php
It looks like your upload_max_filesize ini-setting is too low. This would cause no error to be displayed when you upload a very large file such as an AVI video.
The reason you're seeing the errors with text files and .jpg images is likely because the size of those files are greater than 1 MB, but below your upload_max_filesize setting in php.ini.
Try echoing the value of ini_get("max_upload_filesize") and see what the value is if you don't have access to the php.ini file directly.
As john Rasch mentioned above, any file above the php.ini max_upload_filesize will not process at all. so you'll have no chance to test the error for you. you have to assume it was not uploaded and validate it if it was.
now that I understand your scenario better I think this is what you can do:
// at the top of your script
$upload_success = FALSE;
// when successfully detected upload
$upload_success = TRUE;
// if successful upload code is never run
$display_error = "File not uploaded, may be too large a file, "
. "please upload less than 1MB"
;
print $display_error;
main point being:
You can't always detect upload files that are too big because they get cut off at a level deeper than where the scripts run.
I'd also suggest that you don't believe the mime type. Sometimes people have .png or .gif file that have been renamed to .jpg, or they could upload incorrect files intentionally. Use getimagesize to check if these are valid jpeg images.
Don't forget, when uploading files, that there are actually two directives you need to pay attention to in php.ini. One is upload_max_filesize, but the other is post_max_size. Generally, post_max_size should at least be equal to, and probably greater than, upload_max_filesize. You can't upload a file greater than post_max_size, regardless of what you set your upload_max_filesize.
An AVI file won't match the mime types you have listed in your permitted array. After doing your $sizeOK and $typeOK checks, check to see what values they hold, and how your script handles those values. That might hold the key to the behavior of your script.
Above this line:
if ($_FILES['image']['size'] > 0 && $_FILES['image']['size'] <= MAX_FILE_SIZE) {
$sizeOK = true;
}
Put this:
echo '<pre>' . printr($_FILES) . </pre>;
That will show you what is inside the FILES array, and should make this pretty simple to debug. Try uploading the AVI with the above line added to your script.
Using $_FILES['image']['type'] for checking MIME is not reliable, it's base on header of the client and can be spoofed. Take a look at fileinfo extension to check MIME base on the real contents.
Eight years later, the short answer for anyone, like me, stumbling around for the answer to checking the image MIME type with PHP before uploading:
if (exif_imagetype($file['tmp_name']) != IMAGETYPE_JPEG) {
$file['error'] = 'Your picture must be jpg.';
}
From the manual: http://php.net/manual/en/function.exif-imagetype.php