Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:107356
Return-Path: <benjamin.morel@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 34431 invoked from network); 1 Oct 2019 15:52:14 -0000
Received: from unknown (HELO php-smtp3.php.net) (208.43.231.12)
  by pb1.pair.com with SMTP; 1 Oct 2019 15:52:14 -0000
Received: from php-smtp3.php.net (localhost [127.0.0.1])
	by php-smtp3.php.net (Postfix) with ESMTP id 3CC962D0A50
	for <internals@lists.php.net>; Tue,  1 Oct 2019 06:32:53 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp3.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,
	SPF_HELO_NONE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS3215 2.6.0.0/16
X-Spam-Virus: No
Received: from mail-io1-xd29.google.com (mail-io1-xd29.google.com [IPv6:2607:f8b0:4864:20::d29])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by php-smtp3.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Tue,  1 Oct 2019 06:32:52 -0700 (PDT)
Received: by mail-io1-xd29.google.com with SMTP id v2so47820752iob.10
        for <internals@lists.php.net>; Tue, 01 Oct 2019 06:32:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=iE7k3PyH85qg7r4HJDbEjGAEpR9MXx+ERSB8rbLbXWE=;
        b=Mtwvfa8DzpJcWKgDu+i35pFgbYBMnBAMU5QfOixKSqNVaet9DfKeinYfaPjWSJE9zK
         W+vuYvo4cM9Hbdty+OlNpc53D4YWDOb9YjIGc32cZvB5b2YvS1ZFXtBqAVMeAcQouhn6
         0bwjLUPqObObFZXewQAbNnYSb8dfCnnBF9r9hZW9Whwiihit5CPY0VptFB8xTh5qY4J6
         /zIgnfjA+e9jq+ApEBWU56vvKXD7x12jwMjYTTJV7Avtr9tyIdJPaB2q2QOfEqHhlcv+
         5+i7c7ux5C6W436xn0BzFTF1qVvnMgtwasPLjtzb06AEe3KEaFBYbR9qDath/BP/3GdE
         GGhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=iE7k3PyH85qg7r4HJDbEjGAEpR9MXx+ERSB8rbLbXWE=;
        b=Ov3E9jR1r76qikTAdZpYtGpgfxardX+pvacfCwcsuKGeW+W/P3C18iC4rzqt4kYkcB
         IoHDxGu9wLyvGu5stRXnABmxB8m5JrdGo8Z4NkKwVKMaM2YLr5FDrHKKwHa+YdKQ7lk/
         y9iJf2///fT6I4YezDuHaUyL2wzw5UvDm72PDShnkQYymwXSCo6JWl7lntIKSU1qxQSi
         lR0FY13O4whs3Mz5bKLAFTL3D+7iQfLqU+dUtB1czXuq0o6v6jnZ3fbaEDdC21cUkTkZ
         nHoTgcjv0sgcUvJRuFcar5X9G31uxLMrTxmZF0NMGEZL0BWBaQUZWnbK4loyIeS2SbSt
         lzog==
X-Gm-Message-State: APjAAAVLrHd5ZDo+Sho9AkCjc6OBgU8kj+5wJz1E/a3v6S7EO541F3nb
	yR3zljVR0+zsiBrLec/XyBe+uk0AVw4eErDLLH2mxsSIkNs=
X-Google-Smtp-Source: APXvYqx+W3wsNjthljHgMh60DAqYt1g1kY1s48gPJbPi9N6vSl/zK2m/av7D8CVg5qjKgedZBwuV/Jn07CrnLXb3J80=
X-Received: by 2002:a92:9cca:: with SMTP id x71mr25374647ill.245.1569936771905;
 Tue, 01 Oct 2019 06:32:51 -0700 (PDT)
MIME-Version: 1.0
References: <CAG9XoMQp5wzs6msh_q33z1JEcMs2cNwWH+HmW4C9vYf+xLYeiA@mail.gmail.com>
 <CACXBjuimGBre6NwFmZ8cajscK=a0QB2LqpHy6arm6nEHd45RGw@mail.gmail.com>
In-Reply-To: <CACXBjuimGBre6NwFmZ8cajscK=a0QB2LqpHy6arm6nEHd45RGw@mail.gmail.com>
Date: Tue, 1 Oct 2019 15:32:39 +0200
Message-ID: <CAG9XoMSbx1cRnka7zZyvkPmLYTocAEPP4+G_quz-Cxa-EsO4xA@mail.gmail.com>
To: Rasmus Lerdorf <rasmus@lerdorf.com>
Cc: PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="0000000000009bfd6b0593d96320"
X-Envelope-From: <benjamin.morel@gmail.com>
Subject: Re: [PHP-DEV] Error when POST / upload limits are exceeded
From: benjamin.morel@gmail.com (Benjamin Morel)

--0000000000009bfd6b0593d96320
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

> We have https://www.php.net/manual/en/features.file-upload.errors.php but
in general this is not so easy to make more convenient because this runs
before your PHP code starts to run, so it is not like you can stick it in a
try/catch.

Hi Rasmus,

These errors are only relevant when you have something in $_FILES, which is
not always the case I'm afraid:

- when exceeding post_max_size, $_FILES is empty
- when exceeding max_file_uploads, you don't get entries in $_FILES past
the nth allowed file

I understand that because all of this happens before userland code is run,
indeed it's not possible to catch it.
I also understand that throwing a fatal error in this case would not be
welcome, as it does not give userland code a chance to inform the user
about the problem.

What about setting a $_SERVER value in this case? For example:

$_SERVER['CONFIG_LIMIT_EXCEEDED'] =3D 'post_max_size'

This, together with empty $_POST and $_FILES if any limit is exceeded
(including max_file_uploads), should be relatively sane behaviour IMO.

=E2=80=94 Benjamin

--0000000000009bfd6b0593d96320--