> From: "andy" <[EMAIL PROTECTED]> > > // original question: > <snip> > > I would like to be able to really PREVENT uploads, let's say >>> bigger than 10 MB?! >>> >> Add this to your HTML form: >> >> <input type="hidden" name="MAX_FILE_SIZE" value="10240000"> >> >> HTH > > </snip> > > I tryed this, too. But this does not work at all! I use IE 5.5 and it did > not make any difference. Is there something else we have to take care off? > What doesn't work for you? You're saying that you can upload a file size beyond the limit specified by this setting in your form?
The manual says: "The MAX_FILE_SIZE is advisory to the browser. It is easy to circumvent this maximum. So don't count on it that the browser obeys you (sic) wish! The PHP-settings for maximum-size, however, cannot be fooled." The main controls are the ini-settings for post_max_size and upload_max_filesize. If you haven't already, check out the manual: <http://www.php.net/manual/en/features.file-upload.php> I read the original question to be asking what can be done to prevent tying up the server with large uploads -- that the too-large files will be successfully rejected, but the person was asking if there was a way to avoid using system resources in these cases. From my limited experience, it seems that the script for checking the upload and copying the file somewhere doesn't run until the upload is completed -- that the real tie-up is on the client machine during upload. For example, I did a site where uploads of 24 Mb are possible, but the max_execution_time is only set to 50 (and I'm pretty sure it could be lower). HTH -- Lowell Allen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php