Max size issue in multiple uploads PHP form

Question

This is driving me crazy. Maybe someone can see something I can't and make me happy.

I have a form with two upload buttons. It needs to be this way (client requirement).

 <fieldset>
  <legend>SUBIR DOCUMENTOS </legend>
  <span class="help-block">Aquí solo tienes que subir los documentos NO relacionados con un contrato. </span>                  
  <div class="form-group">
      <label for="inputFile1"> Documento A </label>
      <input type="file" id="inputFile1" name="inputFile1"> 
      <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo EGAR_MAXFILESIZE; ?>" />                   
  </div>
  <div class="form-group">
      <label for="inputFile2"> Documento B </label>
      <input type="file" id="inputFile2" name="inputFile2"> 
      <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo EGAR_MAXFILESIZE; ?>" />                   
    </div>
 </fieldset>

Every thing works well except for the error message when the second file (inputFile2) exceeds the max size. In that case, the file is not uploaded (what is correct) but it displays the success message.

Here is the code:

include_once ('includes/functions.php');  

if(!empty($_FILES)) {               

     $message_error = array();
     $message_success = array();


    foreach($_FILES as $file){  
    $file_name = $file['name'];
    $file_temp_name = $file['tmp_name'];
    $file_type = $file['type'];
    $file_size = $file['size'];
    $server_file= EGAR_UPLOADPATH . basename($file_name); 
    $ext = pathinfo($server_file,PATHINFO_EXTENSION);
    $path_parts = pathinfo($file_name); 
      $allowedExtensions = array("pdf","doc","docx","rtf","txt", "gif", "png", "jpg", "jpeg");

 if (!empty($file['name'])){  
     //move the file to the server 
        if ((in_array( $ext,$allowedExtensions)) && ($file_size <= EGAR_MAXFILESIZE)){
            $server_file= EGAR_UPLOADPATH . $file_name; ///public_html/test-site-6/uploads
            move_uploaded_file($file_temp_name,$server_file);
            $success_upload= "$file_name subido correctamente";
            array_push($message_success,$success_upload);           
      }else{   
                if($file_size > EGAR_MAXFILESIZE) {//1mb
                    $filesize= "es demasiado grande (máximo 1MB)  ";
                $error_upload ="$file_name $filesize <br/>";    
                array_push($message_error,$error_upload); 
          }

          if(!in_array( $ext,$allowedExtensions)) {    
                      $filetype=" es un tipo de archivo no válido";
                        $error_upload ="$file_name $filetype <br/>";        
                        array_push($message_error,$error_upload);
                    }
      }

    }//if empty

    }//end foreach  

    foreach($message_error as $msg)  {
     echo '<h3 class="error">'. $msg . '</h3>';
  } 
  foreach($message_success as $msg)  {
     echo '<h3 class="success">'. $msg . '</h3>';
  }  

}

Any help will be much appreciated.

score 1 · Answer 1 · edited May 23 '17 at 10:26

1

The max_upload_size and max_post_size directives are in php.ini. Change those to the desired values and restart apache. See this post: Stackoverflow Question

Your success message is occuring even on fail because the success condition is simply if the file has a name and is of the appropriate extention. The test condition should be:

if( move_uploaded_file($file_temp_name,$server_file) ){
  $success_upload = 'blah';
}

edited May 23 '17 at 10:26

Community

1
1

answered Dec 31 '14 at 00:47

Hobbes

781
10
29

1

This is a good remark in that the return value of move_uploaded_file should be checked (so that if the file can't be actually saved, it will notify the user appropriately). However, to me it looks like this doesn't really answer the question. The success condition includes ($file_size <= EGAR_MAXFILESIZE) which should return false if the file size is larger than the defined maximum, provided the variables are correctly set. – user1704650 Dec 31 '14 at 00:59
1

Agreed, also checking for !$file['error'] would be a good idea. When php.ini settings cause the error (with upload_max_filesize being the restrictor) the $file_size will be 0 (at least that's the behavior on my setup). – Hobbes Dec 31 '14 at 03:48

score 1 · Answer 2 · answered Dec 31 '14 at 14:22

Thanks to you all, but your advise didn't work. Everything you said made sense, but it didn't fix the issue. Finally, I realized that the problem was not in the PHP but in the HTLM.

I was using one hidden "MAX_FILE_SIZE" input for each file, and it only should be one for the whole form.

With the following new code, it works like charm.

  <div class="col-lg-12">
        <div class="well ">
         <fieldset>
            <legend>SUBIR DOCUMENTOS </legend>
            <span class="help-block">Aquí solo tienes que subir los documentos NO relacionados con un contrato. </span>                  
            <div class="form-group">
                <label for="inputFile1"> Documento A </label>
                <input type="file" id="inputFile1" name="inputFile1">                             
            </div>
            <div class="form-group">
                <label for="inputFile2"> Documento B </label>
                <input type="file" id="inputFile2" name="inputFile2">                                    
            </div>
            <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo EGAR_MAXFILESIZE; ?>" />          
           </fieldset>
        </div>
      </div>
     </div><!--outer-->

I must comment that it is a bad idea to put these settings in HTML. Any novice developer can override this very easily. I DEFINITELY would put these restrictions server side. Glad you figured it out =] — Hobbes, Dec 31 '14 at 16:46

Max size issue in multiple uploads PHP form

2 Answers2