From a6fc02345e129755ea984873f4103992a39bd19b Mon Sep 17 00:00:00 2001 From: Lorenzo Milesi Date: Tue, 12 May 2015 13:26:14 +0200 Subject: [PATCH] FileValidator->getSizeLimit: check also php's post_max_size - return the lowerest of `post_max_size` or `upload_max_filesize` - Raised warning for misconfigured PHP close #8373 --- framework/CHANGELOG.md | 1 + framework/validators/FileValidator.php | 9 ++++++++- tests/framework/validators/FileValidatorTest.php | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/framework/CHANGELOG.md b/framework/CHANGELOG.md index 38805eb1ff..82e580d3cd 100644 --- a/framework/CHANGELOG.md +++ b/framework/CHANGELOG.md @@ -46,6 +46,7 @@ Yii Framework 2 Change Log - Enh #7259: Added `errorAttributes` parameter to ActiveForm `afterValidate` event. Made scrolling to first error optional (nkovacs) - Enh #8070: `yii\console\controllers\MessageController` now sorts created messages, even if there is no new one, while saving to PHP file (klimov-paul) - Enh #8286: `yii\console\controllers\MessageController` improved allowing extraction of nested translator calls (klimov-paul) +- Ehn #8373: Check also `post_max_size` parameter in `yii\validators\FileValidator::getSizeLimit()` (maxxer) - Enh #8415: `yii\helpers\Html` allows correct rendering of conditional comments containing `!IE` (salaros, klimov-paul) - Enh #8444: Added `yii\widgets\LinkPager::$linkOptions` to allow configuring HTML attributes of the `a` tags (zinzinday) - Enh #8486: Added support to automatically set the `maxlength` attribute for `Html::activeTextArea()` and `Html::activePassword()` (klimov-paul) diff --git a/framework/validators/FileValidator.php b/framework/validators/FileValidator.php index 0a6960ada6..60e03091dd 100644 --- a/framework/validators/FileValidator.php +++ b/framework/validators/FileValidator.php @@ -248,9 +248,10 @@ class FileValidator extends Validator /** * Returns the maximum size allowed for uploaded files. - * This is determined based on three factors: + * This is determined based on four factors: * * - 'upload_max_filesize' in php.ini + * - 'post_max_size' in php.ini * - 'MAX_FILE_SIZE' hidden field * - [[maxSize]] * @@ -258,7 +259,13 @@ class FileValidator extends Validator */ public function getSizeLimit() { + // Get the lowest between post_max_size and upload_max_filesize, log a warning if the first is < than the latter $limit = $this->sizeToBytes(ini_get('upload_max_filesize')); + $postLimit = $this->sizeToBytes(ini_get('post_max_size')); + if ($postLimit > 0 && $postLimit < $limit) { + Yii::warning('PHP.ini\'s \'post_max_size\' is less than \'upload_max_filesize\'.', __METHOD__); + $limit = $postLimit; + } if ($this->maxSize !== null && $limit > 0 && $this->maxSize < $limit) { $limit = $this->maxSize; } diff --git a/tests/framework/validators/FileValidatorTest.php b/tests/framework/validators/FileValidatorTest.php index d2d035846b..a33a7cf658 100644 --- a/tests/framework/validators/FileValidatorTest.php +++ b/tests/framework/validators/FileValidatorTest.php @@ -70,7 +70,7 @@ class FileValidatorTest extends TestCase public function testGetSizeLimit() { - $size = $this->sizeToBytes(ini_get('upload_max_filesize')); + $size = min($this->sizeToBytes(ini_get('upload_max_filesize')),$this->sizeToBytes(ini_get('post_max_size'))); $val = new FileValidator(); $this->assertEquals($size, $val->getSizeLimit()); $val->maxSize = $size + 1; // set and test if value is overridden