New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
File manager wrong way to determine max upload size #498
Comments
I don't think |
Not to the upload itself of course but the handling afterwards. TBH I haven't looked into this so I'm not sure if the core does anything other than just copying the file to it's new destination. |
We are using the Symfony file size check in combination with the localconfig setting: contao/core-bundle/src/Resources/contao/classes/FileUpload.php Lines 278 to 281 in 6742d9e
And the Symfony check is based on So if you think that |
I'm assuming this issue should be reopened then until the Symfony issue is fixed? Who'll create the Symfony PR? |
Looking into it... |
Why? There is nothing to do on our side. |
I thought this is? And have a reference about this issue in Contao until it's fixed in Symfony? |
This PR was squashed before being merged into the 3.4 branch (closes #32790). Discussion ---------- [HttpFoundation] Fix `getMaxFilesize` When checking for the maximum size of an uploaded file you can't just rely on `upload_max_filesize` since the request might also exceed `post_max_size`. Also discussed in contao/contao#498 | Q | A | ------------- | --- | Branch? | 3.4 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Commits ------- 54107ba [HttpFoundation] Fix `getMaxFilesize`
symfony/symfony#32790 has been merged. Thank you @bennyborn. |
Affected version(s)
At least from 4.4.39 upwards
Description
When trying to upload a file the file manager determines the maximum allowed file size mainly by looking at the the value set in the localconfig. In fact there are 4 values that need to be checked to determine the real limit:
memory_limit
post_max_size
upload_max_filesize
If we don't check the php.ini we`ll get some nice side effects.
I was trying to upload a file (>10 MB) in an installation that has a 20MB limit set in the localconfig as well as
upload_max_filesize
. While thememory_limit
was plenty enough no one has thought of settingpost_max_size
accordingly.When I now try to upload a file thats larger than
post_max_size
the DropZone uploader will add a copy of the file manger to itself. Needless to say that the upload fails without any notification.See the screenshot attached
How to reproduce
The text was updated successfully, but these errors were encountered: