Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Alerting the user about exceeding the server limits

From: Uploading Files Securely with PHP

Video: Alerting the user about exceeding the server limits

PHP runs on the web server. Then if we copy that line, and paste it twice, And also change the session variable, and we can move then at the bottom of the page, we need to attach a JavaScript file.

Alerting the user about exceeding the server limits

PHP runs on the web server. So it can't do very much to prevent users from submitting a form that attempts to upload files in excess of the server limits. Its sole protection within the browser is the Max_File_Size hidden field, which you can see here on line 52 of form.php. It sets the size limit for individual files. But there are no checks on the number of files nor on their combined size until the data is received by the server.

However, by combining PHP with JavaScript, there is something you can do to alert the user to potential problems. We've already stored the server limits in session variables. Let's go up to the top of the page to see that, we've got Session maxfiles, Session postmax and Session displaymax. These kept the maximum number of simultaneous uploads, the maximum combined size, both in bytes and in a user friendly version.

So what we're going to do, is to create some custom attributes inside the file input field to store these values. So let's go back down to the form, and the file input field is here on line 54. Let's just add a couple of lines before the closing angle bracket, and then we're going to put in data-maxfiles. These data attributes, they're new to HTML5. You can create custom attributes if they're prefixed by data hyphen.

We need to use PHP to insert the value of Session maxfiles. Then if we copy that line, and paste it twice, we can adapt it so it'd be data-postmax. With the same session variable, and then data-displaymax. And also change the session variable, and we can move the closing angle bracket back up on to that line, then at the bottom of the page, we need to attach a JavaScript file.

So just before the closing body tag, script src, and we're going to use a file that you can find in the exercise files for this video. It's called check multiple.js. And I've put it in my js folder. So js / checkmultiple.js. So we can now save the form. And then if I just open my file system, there in the js folder is checkmultiple.js.

Let's just open that. This is a JavaScript file. This isn't a JavaScript course, so I'm not going to go through the entire contents of this file in detail. But it is designed to work in all browsers that support the multiple attribute in a form input field. In other words, all modern browsers except Internet Explorer 9 and earlier. The first two lines get a reference to the file input field using its Id, filename.

And then the next line binds a function called countFiles to the fields change event. And countFiles is defined down here. The code on line eight gets the number of files that have been selected. Then the code on line nine, gets the value of Max_File_Size. And then lines ten, 11 and 12, get the files of data-maxfiles, data-postmax and data-displaymax. The for loop on lines 18 through to 23, get the Submit button, and then a second for loop down here, goes through the files that have been selected.

If a file is too big, it's added to an array. And the loop also calculates the combined total of all the file sizes, and then down at the bottom there is a series of conditional statements, these build a message if there's any problem. And they also disable the Submit button. As long as you use the same data attributes as I have, this count files function can be applied to any form input field, all you need to do is change the Id in line one at the top.

So let's run our form in a browser and test it. So I'm going to select all of the files in this folder. I know that there are 25, and I also know there's a very big one, which will make it exceed postmax size. So let's see what happens when we select them. There is an alert message, it says that the following files are too big. There are four of them. It also tells me the combined total exceeds eight megabytes. And I've selected more than 20 files. And the Upload button, the Submit button is disabled.

Even when I click OK, it remains disabled. So I won't be able to submit the form, until I've removed problem files. So if we open it again, and select all of them. Except that very large problem file I still get an error message I'm told that three files are to big and that I've selected more than 20 files. Click OK, I'm still disabled but if I open this and select a number of files that are within the limits.

The Submit button is re-enabled. I click it, it uploads the files correctly. So this combination of PHP and JavaScript prevents users from uploading files that the server will reject. Of course, it won't work if JavaScript is disabled, nor will it work for single uploads in older versions of Internet Explorer. But in either case, the PHP script will report the cause of the problem.

Show transcript

This video is part of

Image for Uploading Files Securely with PHP
Uploading Files Securely with PHP

33 video lessons · 2291 viewers

David Powers
Author

 
Expand all | Collapse all
  1. 4m 49s
    1. Welcome
      57s
    2. What you should know before watching this course
      2m 0s
    3. Using the exercise files
      1m 52s
  2. 33m 2s
    1. How PHP handles file uploads
      6m 16s
    2. Examining the $_FILES array
      5m 8s
    3. Setting the maximum file size
      5m 36s
    4. Preparing the upload folder
      3m 18s
    5. Moving the file to its destination
      6m 51s
    6. Limitations on file uploads
      5m 53s
  3. 47m 3s
    1. Planning the class's features
      3m 15s
    2. Creating and using a namespaced class
      5m 25s
    3. Creating the class constructor
      7m 26s
    4. Getting a reference to the uploaded file
      5m 9s
    5. Checking the error level
      5m 7s
    6. Displaying errors and other messages
      4m 51s
    7. Setting and checking the maximum file size
      7m 19s
    8. Strengthening the setMaxSize() method
      8m 31s
  4. 35m 30s
    1. Restricting acceptable MIME types
      5m 27s
    2. Removing spaces from file names
      5m 21s
    3. Restricting acceptable file-name extensions
      6m 10s
    4. Neutralizing potentially dangerous uploads
      5m 54s
    5. Renaming files with duplicate names
      7m 58s
    6. Moving the file to its destination
      4m 40s
  5. 10m 25s
    1. Understanding how the $_FILES array handles multiple files
      4m 42s
    2. Adapting the class to handle both single and multiple uploads
      5m 43s
  6. 38m 15s
    1. Overview of the UploadFile class
      5m 9s
    2. Setting up to use the class
      4m 11s
    3. Using the class
      8m 12s
    4. Reporting errors with multiple uploads
      4m 0s
    5. Displaying the server limits
      4m 51s
    6. Alerting the user about exceeding the server limits
      6m 14s
    7. Changing the class's defaults
      5m 38s
  7. 1m 38s
    1. Goodbye
      1m 38s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ .

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed Uploading Files Securely with PHP.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member ?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferences from the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Are you sure you want to delete this note?

No

Your file was successfully uploaded.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.