NYCPHP Meetup

[nycphp-talk] Best way to handle LimitRequestBody $_REQUEST limitation

Phillip Powell phillip.powell at adnet-sys.com
Mon Jun 21 17:55:08 EDT 2004


Background: I'm building a totally portable/scalable/secure file 
cataloging system in PHP version 4.3.2; this application will be 
portable for all systems that have PHP, whether Windows or Unix or 
whatever as its goal as it is a web-based portable application.

This application allows you to upload a file of a certain file size that 
I have set up.  For example, if you set $maxImageFileSize to 100K then 
no image larger than 100K can be uploaded to the system, it won't let 
you.  This works just fine.

However, if I try to upload an image or something that is larger than 
LimitRequestBody size of, for example, 524K, the results are a bit more 
problematic than an error message, all sorts of bad crap occur depending 
on your browser that blows up the entire application.

I want to know the best-practice method to handle this.  Readjusting 
LimitRequestBody in /etc/httpd/conf.d/php.conf is not an option 
according to my company because this application is, again, designed to 
be portable, so that it can be mounted on Client A's server or Client 
B's server or Client Z's server and work exactly the same on all three 
even if all three have completely different configurations to 
LimitRequestBody.

So, what do I do?  Files < 100K are fine; files 100K+ - 524K are fine; 
files > 524K bomb the entire application and I can't figure out what to 
do about that.

I tried displaying a message that stated that the maximum image file 
size that this installation of PHP on this server can handle is 524K but 
using ini_get('LimitRequestBody') and get_cfg_var('LimitRequestBody') 
both failed.

Ok, I'm out of ideas, great brains of NYPHP, lend me some brain cells!

Thanx
Phil

-- 
---------------------------------------------------------------------------------
Phil Powell
Multimedia Programmer
BPX Technologies, Inc.
#: (703) 709-7218 x107 
Fax: (703) 709-7219

	


>From hans not junk at nyphp.com  Mon Jun 21 18:38:35 2004
Return-Path: <hans not junk at nyphp.com>
Received: from smtp11.intermedia.net (smtp11.intermedia.net [64.78.21.10])
	by virtu.nyphp.org (Postfix) with ESMTP id 813DFA862F
	for <talk at lists.nyphp.org>; Mon, 21 Jun 2004 18:38:35 -0400 (EDT)
Received: from ehost011-1.intermedia.net ([64.78.21.3]) by
	smtp11.intermedia.net with Microsoft SMTPSVC(6.0.3790.0); 
	Mon, 21 Jun 2004 15:30:43 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [nycphp-talk] Best way to handle LimitRequestBody
	$_REQUESTlimitation
Date: Mon, 21 Jun 2004 15:38:27 -0700
Message-ID: <41EE526EC2D3C74286415780D3BA9F8702AEA290 at ehost011-1.exch011.intermedia.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [nycphp-talk] Best way to handle LimitRequestBody
	$_REQUESTlimitation
Thread-Index: AcRX2cZhyWLkuepzTjqhf6p7u7w7HAABiNnQ
From: "Hans Zaunere" <hans not junk at nyphp.com>
To: "NYPHP Talk" <talk at lists.nyphp.org>
X-OriginalArrivalTime: 21 Jun 2004 22:30:43.0950 (UTC)
	FILETIME=[63F460E0:01C457DF]
X-BeenThere: talk at lists.nyphp.org
X-Mailman-Version: 2.1.4
Precedence: list
Reply-To: NYPHP Talk <talk at lists.nyphp.org>
List-Id: NYPHP Talk <talk.lists.nyphp.org>
List-Unsubscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=unsubscribe>
List-Archive: <http://lists.nyphp.org/pipermail/talk>
List-Post: <mailto:talk at lists.nyphp.org>
List-Help: <mailto:talk-request at lists.nyphp.org?subject=help>
List-Subscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Jun 2004 22:38:36 -0000


> Background: I'm building a totally portable/scalable/secure file=20
> cataloging system in PHP version 4.3.2; this application will be=20
> portable for all systems that have PHP, whether Windows or Unix or=20
> whatever as its goal as it is a web-based portable application.
>=20
> This application allows you to upload a file of a certain file size
that=20
> I have set up.  For example, if you set $maxImageFileSize to 100K then

> no image larger than 100K can be uploaded to the system, it won't let=20
> you.  This works just fine.
>=20
> However, if I try to upload an image or something that is larger than=20
> LimitRequestBody size of, for example, 524K, the results are a bit
more=20
> problematic than an error message, all sorts of bad crap occur
depending=20
> on your browser that blows up the entire application.

Aye... because Apache doesn't like it.

> I want to know the best-practice method to handle this.  Readjusting=20
> LimitRequestBody in /etc/httpd/conf.d/php.conf is not an option=20
> according to my company because this application is, again, designed
to=20
> be portable, so that it can be mounted on Client A's server or Client=20
> B's server or Client Z's server and work exactly the same on all three

> even if all three have completely different configurations to=20
> LimitRequestBody.
>=20
> So, what do I do?  Files < 100K are fine; files 100K+ - 524K are fine;

> files > 524K bomb the entire application and I can't figure out what
to=20
> do about that.
>=20
> I tried displaying a message that stated that the maximum image file=20
> size that this installation of PHP on this server can handle is 524K
but=20
> using ini_get('LimitRequestBody') and get_cfg_var('LimitRequestBody')=20
> both failed.

LimitRequestBody isn't a PHP configuration directive... it's from Apache
itself.

http://httpd.apache.org/docs/mod/core.html#limitrequestbody

AFAIK there's no way to set it in PHP.  That said, it's not set by
default.  Otherwise, you could include a .htaccess file that sets it to
0 explicitly and thus make it unlimited.  Then again, if the deployed-to
Apache environment doesn't allow .htaccess directives, it wouldn't work.

H




More information about the talk mailing list