Better workaround for PHP returning empty $_POST and $_FILES when
POST length > post_max_size in php.ini. I also added this check to avatar upload, which was failing with huge files.
This commit is contained in:
Zach Copley
parent
f7b0017f21
commit
b522c401e6
|
|
@ -87,16 +87,22 @@ class ApiAccountUpdateProfileImageAction extends ApiAuthAction
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (empty($this->user)) {
|
// Workaround for PHP returning empty $_POST and $_FILES when POST
|
||||||
$this->clientError(_('No such user!'), 404, $this->format);
|
// length > post_max_size in php.ini
|
||||||
|
|
||||||
|
if (empty($_FILES)
|
||||||
|
&& empty($_POST)
|
||||||
|
&& ($_SERVER['CONTENT_LENGTH'] > 0)
|
||||||
|
) {
|
||||||
|
$msg = _('The server was unable to handle that much POST ' .
|
||||||
|
'data (%s bytes) due to its current configuration.');
|
||||||
|
|
||||||
|
$this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Workaround for PHP returning empty $_FILES when POST length > PHP settings
|
if (empty($this->user)) {
|
||||||
|
$this->clientError(_('No such user!'), 404, $this->format);
|
||||||
if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
|
|
||||||
common_debug('content-length = ' . $_SERVER['CONTENT_LENGTH']);
|
|
||||||
$this->clientError(_('Unable to handle that much POST data!'));
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -112,6 +112,20 @@ class ApiStatusesUpdateAction extends ApiAuthAction
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Workaround for PHP returning empty $_POST and $_FILES when POST
|
||||||
|
// length > post_max_size in php.ini
|
||||||
|
|
||||||
|
if (empty($_FILES)
|
||||||
|
&& empty($_POST)
|
||||||
|
&& ($_SERVER['CONTENT_LENGTH'] > 0)
|
||||||
|
) {
|
||||||
|
$msg = _('The server was unable to handle that much POST ' .
|
||||||
|
'data (%s bytes) due to its current configuration.');
|
||||||
|
|
||||||
|
$this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (empty($this->status)) {
|
if (empty($this->status)) {
|
||||||
$this->clientError(
|
$this->clientError(
|
||||||
'Client must provide a \'status\' parameter with a value.',
|
'Client must provide a \'status\' parameter with a value.',
|
||||||
|
|
@ -126,13 +140,6 @@ class ApiStatusesUpdateAction extends ApiAuthAction
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Workaround for PHP returning empty $_FILES when POST length > PHP settings
|
|
||||||
|
|
||||||
if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
|
|
||||||
$this->clientError(_('Unable to handle that much POST data!'));
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$status_shortened = common_shorten_links($this->status);
|
$status_shortened = common_shorten_links($this->status);
|
||||||
|
|
||||||
if (Notice::contentTooLong($status_shortened)) {
|
if (Notice::contentTooLong($status_shortened)) {
|
||||||
|
|
|
||||||
|
|
@ -244,11 +244,25 @@ class AvatarsettingsAction extends AccountSettingsAction
|
||||||
|
|
||||||
function handlePost()
|
function handlePost()
|
||||||
{
|
{
|
||||||
|
// Workaround for PHP returning empty $_POST and $_FILES when POST
|
||||||
|
// length > post_max_size in php.ini
|
||||||
|
|
||||||
|
if (empty($_FILES)
|
||||||
|
&& empty($_POST)
|
||||||
|
&& ($_SERVER['CONTENT_LENGTH'] > 0)
|
||||||
|
) {
|
||||||
|
$msg = _('The server was unable to handle that much POST ' .
|
||||||
|
'data (%s bytes) due to its current configuration.');
|
||||||
|
|
||||||
|
$this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
// CSRF protection
|
// CSRF protection
|
||||||
|
|
||||||
$token = $this->trimmed('token');
|
$token = $this->trimmed('token');
|
||||||
if (!$token || $token != common_session_token()) {
|
if (!$token || $token != common_session_token()) {
|
||||||
$this->show_form(_('There was a problem with your session token. '.
|
$this->showForm(_('There was a problem with your session token. '.
|
||||||
'Try again, please.'));
|
'Try again, please.'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -271,17 +271,20 @@ class DesignSettingsAction extends AccountSettingsAction
|
||||||
|
|
||||||
function handlePost()
|
function handlePost()
|
||||||
{
|
{
|
||||||
// XXX: Robin's workaround for a bug in PHP where $_POST
|
|
||||||
// and $_FILE are empty in the case that the uploaded
|
|
||||||
// file is bigger than PHP is configured to handle.
|
|
||||||
|
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
if (empty($_POST) && $_SERVER['CONTENT_LENGTH']) {
|
|
||||||
|
|
||||||
|
// Workaround for PHP returning empty $_POST and $_FILES when POST
|
||||||
|
// length > post_max_size in php.ini
|
||||||
|
|
||||||
|
if (empty($_FILES)
|
||||||
|
&& empty($_POST)
|
||||||
|
&& ($_SERVER['CONTENT_LENGTH'] > 0)
|
||||||
|
) {
|
||||||
$msg = _('The server was unable to handle that much POST ' .
|
$msg = _('The server was unable to handle that much POST ' .
|
||||||
'data (%s bytes) due to its current configuration.');
|
'data (%s bytes) due to its current configuration.');
|
||||||
|
|
||||||
$this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
|
$this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user