|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2010-10-27 16:07 UTC] cataphract@php.net
-Assigned To:
+Assigned To: cataphract
[2010-10-27 16:56 UTC] cataphract@php.net
[2010-10-27 16:57 UTC] cataphract@php.net
-Status: Assigned
+Status: Closed
[2010-10-27 16:57 UTC] cataphract@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Oct 28 07:00:01 2025 UTC |
Description: ------------ Setting php.ini option post_max_size=0 (for unlimited POSTs since 5.3.2) isn't honoured in some cases. Doing a POST-form upload via curl or browser with a 5GB file works as expected (by setting upload_max_filesize=0 too) but using a login form (see below) results in this error: PHP Warning: Unknown: POST Content-Length of 38 bytes exceeds the limit of 0 bytes in Unknown on line 0 It seems that main/SAPI.c lacks checks in SAPI_POST_READER_FUNC() for ignoring size checking in case post_max_size==0. This check was implemented in main/rfc1867.c only. from: if (SG(request_info).content_length > S (post_max_size)) to: if (SG(post_max_size) > 0 && SG(request_info).content_length > S (post_max_size)) and from: if (SG(read_post_bytes) > SG(post_max_size)) to: if (SG(post_max_size) > 0 && SG(read_post_bytes) > SG(post_max_size)) Sorry for not attaching a diff yet. Gregor Test script: --------------- Loginform: <html><body> <form enctype="application/x-www-form-urlencoded" accept-charset="UTF-8" action="/login.php" method="post"> <input type="text" name="email" value="foo" /> <input type="password" name="password" value="bar" /> <input type="submit" name="submit" value="Log on" /> </form> </body></html> pointing to this login.php: <?php echo "Loginname: ".$_POST['email'] .'<br>'; echo "Password: ".$_POST['password']; ?> Expected result: ---------------- Loginname: foo Password: bar Actual result: -------------- Loginname: Password: