Curtis Poe wrote:
: That will only give the approximate filesize. $ENV{CONTENT_LENGTH} is the total
:size of the
: entity body. With 'multipart/form-data' (the enctype used with file uploading), the
:entity bodies
: size is even larger than normal. The more data sent (besides the file), the larger
: $ENV{CONTENT_LENGTH} will be.
:
: Unless I am mistaken, CGI.pm does not track filesize data directly. If the POST
:size (not file
: size) is larger than what CGI.pm is allowed, then $query->cgi_error will contain the
:text "413
: Request entity too large".
That's right. Here's an extract from CGI.pm:
$content_length = defined($ENV{'CONTENT_LENGTH'}) ? $ENV{'CONTENT_LENGTH'} : 0;
...
METHOD: {
# avoid unreasonably large postings
if (($POST_MAX > 0) && ($content_length > $POST_MAX)) {
$self->cgi_error("413 Request entity too large");
last METHOD;
}
So it's checking the CONTENT_LENGTH. There is, I believe, no other way
to get the file size without actally measuring the uploaded file; but
of course, the point of checking the size is to not let huge files get
this far. So I think CONTENT_LENGTH, imperfect though it may be, is the
only way to *prevent* a large file from getting on your system in the
first place.
-- tdk
