summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2009-11-06 17:21:08 -0800
committerZach Copley <zach@status.net>2009-11-06 17:21:08 -0800
commitb522c401e66e5b5d7e000c1bf25fd4b4a4d0558f (patch)
tree1140fcb28c1e7bd3dca8c088565b68125a0c26fd
parentf7b0017f219d649a3acb3d650cb6d4fbb79b9956 (diff)
Better workaround for PHP returning empty $_POST and $_FILES when
POST length > post_max_size in php.ini. I also added this check to avatar upload, which was failing with huge files.
-rw-r--r--actions/apiaccountupdateprofileimage.php20
-rw-r--r--actions/apistatusesupdate.php21
-rw-r--r--actions/avatarsettings.php16
-rw-r--r--lib/designsettings.php13
4 files changed, 50 insertions, 20 deletions
diff --git a/actions/apiaccountupdateprofileimage.php b/actions/apiaccountupdateprofileimage.php
index 416fee45a..72fb361bf 100644
--- a/actions/apiaccountupdateprofileimage.php
+++ b/actions/apiaccountupdateprofileimage.php
@@ -87,16 +87,22 @@ class ApiAccountUpdateProfileImageAction extends ApiAuthAction
return;
}
- if (empty($this->user)) {
- $this->clientError(_('No such user!'), 404, $this->format);
+ // Workaround for PHP returning empty $_POST and $_FILES when POST
+ // length > post_max_size in php.ini
+
+ if (empty($_FILES)
+ && empty($_POST)
+ && ($_SERVER['CONTENT_LENGTH'] > 0)
+ ) {
+ $msg = _('The server was unable to handle that much POST ' .
+ 'data (%s bytes) due to its current configuration.');
+
+ $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
return;
}
- // Workaround for PHP returning empty $_FILES when POST length > PHP settings
-
- if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
- common_debug('content-length = ' . $_SERVER['CONTENT_LENGTH']);
- $this->clientError(_('Unable to handle that much POST data!'));
+ if (empty($this->user)) {
+ $this->clientError(_('No such user!'), 404, $this->format);
return;
}
diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php
index 82fe5a537..e369fa71e 100644
--- a/actions/apistatusesupdate.php
+++ b/actions/apistatusesupdate.php
@@ -112,6 +112,20 @@ class ApiStatusesUpdateAction extends ApiAuthAction
return;
}
+ // Workaround for PHP returning empty $_POST and $_FILES when POST
+ // length > post_max_size in php.ini
+
+ if (empty($_FILES)
+ && empty($_POST)
+ && ($_SERVER['CONTENT_LENGTH'] > 0)
+ ) {
+ $msg = _('The server was unable to handle that much POST ' .
+ 'data (%s bytes) due to its current configuration.');
+
+ $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
+ return;
+ }
+
if (empty($this->status)) {
$this->clientError(
'Client must provide a \'status\' parameter with a value.',
@@ -126,13 +140,6 @@ class ApiStatusesUpdateAction extends ApiAuthAction
return;
}
- // Workaround for PHP returning empty $_FILES when POST length > PHP settings
-
- if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
- $this->clientError(_('Unable to handle that much POST data!'));
- return;
- }
-
$status_shortened = common_shorten_links($this->status);
if (Notice::contentTooLong($status_shortened)) {
diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php
index ded419dd7..879e44842 100644
--- a/actions/avatarsettings.php
+++ b/actions/avatarsettings.php
@@ -244,11 +244,25 @@ class AvatarsettingsAction extends AccountSettingsAction
function handlePost()
{
+ // Workaround for PHP returning empty $_POST and $_FILES when POST
+ // length > post_max_size in php.ini
+
+ if (empty($_FILES)
+ && empty($_POST)
+ && ($_SERVER['CONTENT_LENGTH'] > 0)
+ ) {
+ $msg = _('The server was unable to handle that much POST ' .
+ 'data (%s bytes) due to its current configuration.');
+
+ $this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
+ return;
+ }
+
// CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
- $this->show_form(_('There was a problem with your session token. '.
+ $this->showForm(_('There was a problem with your session token. '.
'Try again, please.'));
return;
}
diff --git a/lib/designsettings.php b/lib/designsettings.php
index 820d534f2..5ce9ddeda 100644
--- a/lib/designsettings.php
+++ b/lib/designsettings.php
@@ -271,17 +271,20 @@ class DesignSettingsAction extends AccountSettingsAction
function handlePost()
{
- // XXX: Robin's workaround for a bug in PHP where $_POST
- // and $_FILE are empty in the case that the uploaded
- // file is bigger than PHP is configured to handle.
-
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- if (empty($_POST) && $_SERVER['CONTENT_LENGTH']) {
+ // Workaround for PHP returning empty $_POST and $_FILES when POST
+ // length > post_max_size in php.ini
+
+ if (empty($_FILES)
+ && empty($_POST)
+ && ($_SERVER['CONTENT_LENGTH'] > 0)
+ ) {
$msg = _('The server was unable to handle that much POST ' .
'data (%s bytes) due to its current configuration.');
$this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
+ return;
}
}