|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #35351 error_reporting(0); does not suppress E_WARNING during a file upload.
Submitted: 2005-11-23 17:32 UTC Modified: 2005-11-24 07:32 UTC
From: ragekab at yahoo dot com Assigned:
Status: Not a bug Package: HTTP related
PHP Version: 4.4.1 OS: Windows / Linux
Private report: No CVE-ID: None
 [2005-11-23 17:32 UTC] ragekab at yahoo dot com
error_reporting(0); does not suppress E_WARNING during a file upload if it exceeds upload_max_filesize (php.ini directive) or MAX_FILE_SIZE (hidden field).

Reproduce code:

<form method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="1000" />
<input type="submit" />

Expected result:
This should not throw an E_WARNING if you submit the form with a file that exceeds 1000 bytes since error_reporting(0); was set above any code.

Actual result:
PHP throws a warning message:

Warning: MAX_FILE_SIZE of 1000 bytes exceeded - file...

* This is also true if you submitted a file larger than upload_max_filesize. PHP will throw a warning message:

Warning: upload_max_filesize of 1048576 bytes exceeded - file... (where 1048576 bytes is the php.ini upload_max_filesize directive of 1M in this example)


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-11-23 19:39 UTC]
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at and the instructions on how to report
a bug at

File uploads are handled before your script runs, so setting error_reporting(0) in your script doesn\'t work as the warning is thrown before this code is reached.
 [2005-11-24 07:32 UTC] ragekab at yahoo dot com
Actually I realize that PHP had already uploaded the file even before PHP runs the script. But wouldn't it be nice if there was an option to turn this warning off inside user scripts as to not "break" the appearance or custom validation of the script because I think the error codes that were defined in $_FILES['userfile']['error'] will be of no "clean" use if PHP will throw an E_WARNING everytime the upload exceeds the limits. Or, was there alreasy a way to turn that E_WARNING off on a user script level? Thanks.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Jun 21 00:01:30 2024 UTC