On Saturday 22 September 2007 7:39:01 pm Dan Parry wrote: > > -----Original Message----- > > From: Ray [mailto:ray@xxxxxxxxxxxxx] > > Sent: 23 September 2007 02:25 > > To: php-general@xxxxxxxxxxxxx > > Subject: Re: MAX_FILE_SIZE not working with file uploads > > > > On Saturday 22 September 2007 7:44:55 pm Jeff Cohan wrote: > > > Dan Parry wrote: > > > > I might be wrong but this would be classed as > > > > 'exploitable'... Webservers should not be allowed > > > > to read from or write to clients... Of course there > > > > is ActiveX... > > > > > > I think we're off the point. > > > > > > My script is simply interrogating the value of the > > > $_FILES[userfile][size] array element. It's coming up as ZERO if it > > > exceeds the MAX_FILE_SIZE. > > > > Exactly, no valid file was uploaded. The size of the valid file is > > therefore > > zero. > > > > > That seems odd to me. > > > But maybe that's > > > the way it's SUPPOSED to work. That's why I started this thread out > > > with "What am I missing?". > > > > > > Said another way: > > > > > > It seems that the server had to know the size of the file in order > > > to know it exceeded MAX_FILE_SIZE. So how can my script find out the > > > size? > > > > Can you use Javascript to check file size client side, send data via > > AJAX then > > issue warnings > > This would be the exploitable 'feature' I mentioned... Client-side files > should never be readable > > Dan If the contents of a file were readable, I would definitely agree with you. I'm not convinced that the ability to detect the filesize of a file that the user selected would be exploitable, but it's a moot point as it doesn't work in javascript. (as someone else pointed out, maybe activeX?) I'm not a javaScript expert, but I am learning, so I dug out the book, and put together the following script. (Ugly, insecure, and doesn't really do anything, but quick and It works, at least on my machine/browser combo) Select a file, and the page will tell you everything It can about the file. My machine reports size as zero. Ray (Script guaranteed to occupy 0 or more bites of diskspace.) <html> <head><TITLE>test</TITLE> <script type="text/javascript"> function uptest() { alert (document.test.fileTest.defaultValue); alert (document.test.fileTest.form); alert (document.test.fileTest.name); alert (document.test.fileTest.readOnly); alert ('size follows'); alert (document.test.fileTest.size); alert (document.test.fileTest.type); alert (document.test.fileTest.value); } </script> </head> <body> <form name="test" method="post"> File: <input type="file" onchange="uptest()" name="fileTest"/> </form> </body> </html> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
