ID: 33730 User updated by: stephen dot ball at gmail dot com Reported By: stephen dot ball at gmail dot com -Status: Feedback +Status: Open Bug Type: Apache2 related Operating System: Windows XP Professional SP2 PHP Version: 4.4.0 New Comment:
Same result Previous Comments: ------------------------------------------------------------------------ [2005-07-16 22:24:13] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip ------------------------------------------------------------------------ [2005-07-16 22:11:02] stephen dot ball at gmail dot com Files up to 8.2MB work as intended, a file of 8.5MB causes the error. I don't have any files between those sizes to narrow it down ------------------------------------------------------------------------ [2005-07-16 21:56:21] stephen dot ball at gmail dot com Correcting PHP version ------------------------------------------------------------------------ [2005-07-16 21:53:04] stephen dot ball at gmail dot com Description: ------------ When selecting a file to upload files which are massively larger than the upload limit cause the super global arrays $_POST, $_GET, $_REQUEST and $_FILES to be empty. Reproduce code: --------------- form.html <form enctype="multipart/form-data" action="upload.php" method="POST"> <input type="hidden" name="test" value="value" /> Send this file: <input name="userfile" type="file" /> <input type="submit" value="Send File" /> </form> upload.php <?php print_r($_POST); print_r($_REQUEST); $uploaddir = '/var/www/uploads/'; $uploadfile = $uploaddir . basename($_FILES['userfile']['name']); echo '<pre>'; if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) { echo "File is valid, and was successfully uploaded.\n"; } else { echo "Possible file upload attack!\n"; } print "</pre>"; ?> Expected result: ---------------- array("test" => "value") array("test" => "value") Possible file upload attack! (due to the fact that the file is too large) Actual result: -------------- array() array() Possible file upload attack! ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=33730&edit=1
