diff options
author | Zach Copley <zach@status.net> | 2009-11-06 17:21:08 -0800 |
---|---|---|
committer | Zach Copley <zach@status.net> | 2009-11-06 17:21:08 -0800 |
commit | b522c401e66e5b5d7e000c1bf25fd4b4a4d0558f (patch) | |
tree | 1140fcb28c1e7bd3dca8c088565b68125a0c26fd | |
parent | f7b0017f219d649a3acb3d650cb6d4fbb79b9956 (diff) |
Better workaround for PHP returning empty $_POST and $_FILES when
POST length > post_max_size in php.ini. I also added this check to
avatar upload, which was failing with huge files.
-rw-r--r-- | actions/apiaccountupdateprofileimage.php | 20 | ||||
-rw-r--r-- | actions/apistatusesupdate.php | 21 | ||||
-rw-r--r-- | actions/avatarsettings.php | 16 | ||||
-rw-r--r-- | lib/designsettings.php | 13 |
4 files changed, 50 insertions, 20 deletions
diff --git a/actions/apiaccountupdateprofileimage.php b/actions/apiaccountupdateprofileimage.php index 416fee45a..72fb361bf 100644 --- a/actions/apiaccountupdateprofileimage.php +++ b/actions/apiaccountupdateprofileimage.php @@ -87,16 +87,22 @@ class ApiAccountUpdateProfileImageAction extends ApiAuthAction return; } - if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->format); + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); return; } - // Workaround for PHP returning empty $_FILES when POST length > PHP settings - - if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) { - common_debug('content-length = ' . $_SERVER['CONTENT_LENGTH']); - $this->clientError(_('Unable to handle that much POST data!')); + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); return; } diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php index 82fe5a537..e369fa71e 100644 --- a/actions/apistatusesupdate.php +++ b/actions/apistatusesupdate.php @@ -112,6 +112,20 @@ class ApiStatusesUpdateAction extends ApiAuthAction return; } + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; + } + if (empty($this->status)) { $this->clientError( 'Client must provide a \'status\' parameter with a value.', @@ -126,13 +140,6 @@ class ApiStatusesUpdateAction extends ApiAuthAction return; } - // Workaround for PHP returning empty $_FILES when POST length > PHP settings - - if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) { - $this->clientError(_('Unable to handle that much POST data!')); - return; - } - $status_shortened = common_shorten_links($this->status); if (Notice::contentTooLong($status_shortened)) { diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php index ded419dd7..879e44842 100644 --- a/actions/avatarsettings.php +++ b/actions/avatarsettings.php @@ -244,11 +244,25 @@ class AvatarsettingsAction extends AccountSettingsAction function handlePost() { + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; + } + // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. '. + $this->showForm(_('There was a problem with your session token. '. 'Try again, please.')); return; } diff --git a/lib/designsettings.php b/lib/designsettings.php index 820d534f2..5ce9ddeda 100644 --- a/lib/designsettings.php +++ b/lib/designsettings.php @@ -271,17 +271,20 @@ class DesignSettingsAction extends AccountSettingsAction function handlePost() { - // XXX: Robin's workaround for a bug in PHP where $_POST - // and $_FILE are empty in the case that the uploaded - // file is bigger than PHP is configured to handle. - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - if (empty($_POST) && $_SERVER['CONTENT_LENGTH']) { + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { $msg = _('The server was unable to handle that much POST ' . 'data (%s bytes) due to its current configuration.'); $this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; } } |