Uploading photos... pre-upload verification?

[LordLanky]

Hi Guys,

 

basically - on my site i let users upload photos. One thing i've noticed though is that evaluating the file is done after the file is uploaded. Does anyone know, for example, how to evaluate the file size and extension of a file BEFORE the user has sent it? i'm assuming ajax (i hate ajax).

 

For example, a common approach to Denial of Service is to upload a 10 gig file to a site and kill its bandwidth (as sites tend to be limited to upload, but not download).

 

Any help, tips, advice, corrections to my feable understanding of all things technical, are most welcome!

 

 

[ignace]

Read this:

http://us2.php.net/manual/en/features.file-upload.post-method.php

 

"i hate ajax": Do you even know what ajax is? And no, Ajax wouldn't be able to help you in determing the filesize as it would just like your form upload it to the server and then the server would evaluate it and return that size in JSON or some other format.

[MadTechie]

As PHP is server side, the file will need to be uploaded before PHP can touch it,

 

You can tell the server to stop accepting files over X size by reducing the upload_max_filesize and post_max_size directives in the PHP.INI file,

for example if they are set to 2Mb then after 2Mb's are sent the upload is aborted.

 

If you want a client side validation, you maybe want to look at something like SWFuploader,

 

EDIT: Note: AJAX is JavaScript, and can't touch client files for security reasons