I've got a sign in place via php to find out when the file would be to large, the issue is, user needs to upload the file towards the server first, before i'm able to result in the check.

Therefore if someone desired to waste my bandwidth, all they woudl need to do is relabel an enormous file to .digital for instance and upload it. And there's nothing i'm able to do in order to stop them

There has to be a way to avoid this. Some type of a legitimate check or jquery or something like that.

I want an answer that will let me inform the consumer the file he's attempting to upload is simply too large.


This can be used hidden feature : MAX_FILE_SIZE

The MAX_FILE_SIZE hidden area (measured in bytes) must precede the file input area, and it is value may be the maximum filesize recognized by PHP. This type element ought to always be used because it saves customers the problem of awaiting a large file being moved only to discover it was too big and also the transfer unsuccessful. Bear in mind: kidding this setting around the browser side isn't very difficult, so never depend on files having a greater size being blocked with this feature. It's basically convenient feature for customers around the client side from the application. The PHP configurations (around the server side) for optimum-size, however, can't be misled.

particulars : http://php.net/manual/en/features.file-upload.post-method.php

If you are worried about wasting bandwidth, then you definitely must handle this in a greater level inside your server stack. When PHP is handling the file it's past too far, the upload has happened and also the bandwidth consumed.

Apache has some configuration directives that might be helpful:


But I am unsure if even that really reduces the request once the body surpasses the limit. Otherwise, you'd need to progress another level and take care of it in the TCP level.

Should you choose wish to go lower a non-PHP route to try and block large uploads, you need to request on ServerFault rather than StackOverflow.

You are able to limit the max upload size like a PHP setting. The consumer will still have the ability to upload as much as that size though before the server cancels, and that he won't always be aware of file is simply too large in advance.

It is best to to consider HTML features. See MDN https://developer.mozilla.org/en/using_files_from_web_applications

By using it you should check size etc with JavaScript.