From 107774c160ad748e825df39dadbf021c48d392f7 Mon Sep 17 00:00:00 2001 From: Jakub Vrana Date: Fri, 23 Mar 2007 17:37:48 +0000 Subject: [PATCH] MAX_FILE_SIZE is not checked by browsers (bug #40387) git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@232469 c90b9560-bf6c-de11-be94-00142212c4b1 --- features/file-upload.xml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/features/file-upload.xml b/features/file-upload.xml index 3348703ed9..c0edb4a941 100644 --- a/features/file-upload.xml +++ b/features/file-upload.xml @@ -1,5 +1,5 @@ - + Handling file uploads @@ -65,8 +65,7 @@ The MAX_FILE_SIZE hidden field (measured in bytes) must - precede the file input field, and its value is the maximum filesize accepted. - This is an advisory to the browser, PHP also checks it. + precede the file input field, and its value is the maximum filesize accepted by PHP. Fooling this setting on the browser side is quite easy, so never rely on files with a greater size being blocked by this feature. The PHP settings for maximum-size, however, cannot be fooled.