HTML上传MAX_FILE_SIZE似乎不起作用 [英] HTML Upload MAX_FILE_SIZE does not appear to work

问题描述

 <$> 
 
 c $ c>< form action =method =postenctype =multipart / form-data> 
 <！ -  byes必须在文件字段之前 - > 
< input type =hiddenname =MAX_FILE_SIZEvalue =2097152/> 
< input type =filename =upload/> 
 
< input type =submitname =submitvalue =Submit/> 
< / form> 
  

我上传了一个4MB的文件，但是我没有从客户端发出警告（我不是在谈论服务器端）。是什么 MAX_FILE_SIZE 应该做的？

更新

好吧，对于PHP来说，强加一个软的限制。但是使用它和检查像 $ _ FILES ['upload'] ['size']< 2000 in code？

解决方案

MAX_FILE_SIZE 在 KB中不是字节。你是对的，它是以字节为单位的。因此，限制为4MB 将字节转换为4MB {1024 *（1024 * 4）} 尝试：

 < input type =hiddenname =MAX_FILE_SIZEvalue =4194304/> 
  

更新1

正如其他人所解释的，您永远不会得到这个警告。它只是在服务器端强加一个软限制。

更新2

回答你的子问题。是的，有一个区别，你永远不要相信用户的输入。如果你想总是施加一个限制，你总是要检查它的大小。不要相信 MAX_FILE_SIZE 所做的事情，因为用户可以更改它。所以，是的，你应该检查，以确保它总是达到或超过你想要的大小。

不同的是，如果你强加一个 MAX_FILE_SIZE 为2MB，用户尝试上传一个4MB文件，一旦达到大约上传的第一个2MB，传输将终止，PHP将停止接受该文件的更多数据。它会报告文件数组上的错误。

I am wondering how is the hidden field named MAX_UPLOAD_SIZE supposed to work?

<form action="" method="post" enctype="multipart/form-data">
    <!-- in byes must preceed file field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="2097152" /> 
    <input type="file" name="upload" />

    <input type="submit" name="submit" value="Submit" />
</form>

I uploaded a 4MB+ file but I got no warning from client side (I am not talking about server side). What is it MAX_FILE_SIZE supposed to do?

UPDATE

OK so its for PHP to impose a "soft" limit. But is there any difference between using it and checking something like $_FILES['upload']['size'] < 2000 in code?

解决方案

MAX_FILE_SIZE is in KB not bytes. You were right, it is in bytes. So, for a limit of 4MB convert 4MB in bytes {1024 * (1024 * 4)} try:

<input type="hidden" name="MAX_FILE_SIZE" value="4194304" /> 

Update 1

As explained by others, you will never get a warning for this. It's there just to impose a soft limit on server side.

Update 2

To answer your sub-question. Yes, there is a difference, you NEVER trust the user input. If you want to always impose a limit, you always must check its size. Don't trust what MAX_FILE_SIZE does, because it can be changed by a user. So, yes, you should check to make sure it's always up to or above the size you want it to be.

The difference is that if you have imposed a MAX_FILE_SIZE of 2MB and the user tries to upload a 4MB file, once they reach roughly the first 2MB of upload, the transfer will terminate and the PHP will stop accepting more data for that file. It will report the error on the files array.

这篇关于HTML上传MAX_FILE_SIZE似乎不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！