php post 请求字节,php – 很好地处理“POST内容 – 字节长度超过”警告限制

美好的一天)我正在构建一个WordPress插件LMS,允许用户通过AJAX将他们完成的家庭作业文件附加到他们的答案.一切正常,但用户文件超过允许的最大大小的情况除外.在这种情况下,我的AJAX调用返回HTML,并带有以下警告：

Warning: POST Content-Length of XXXXX bytes exceeds the limit of XXXXX bytes in Unknown on line 0

由于在我的脚本的字符串0上生成了这种警告,它会死掉并忽略任何其他指令,因为我的调用留下了这个丑陋的字符串.

你基本上可以忍受它,因为最终用户不会看到它(只是AJAX调用没有期望的结果),但我仍然想知道是否有机会跳过它并很好地处理它？

好的,我已经做过什么样的研究：

>我找到了Andrew Curioso的this教程,并尝试从中做出类似的东西：

if (isset($_SERVER['CONTENT_LENGTH'])) {

if ($_SERVER['CONTENT_LENGTH'] > (substr(ini_get('post_max_size'), -1) * 1024 * 1024)) {

echo 'php errors is so much fun';

}

}

它没有产生预期的效果,因为我的脚本仍然只有从IF语句回显附加字符串的积极效果而死(此外,如果你尝试做类似wp_send_json(errorsArray)的事情,它将不会被执行).

>使用display_errors,error_reporting关闭显示错误.好吧,这不是我需要的,因为它仍然不允许我继续使用脚本并创建自定义错误处理程序.

>我的WP_DEBUG设置为FALSE

我不想要的是什么样的建议是手动编辑max_upload_size,max_post_size等.因为手动编辑服务器文件不符合插件的原则.无论如何,即使您将最大上传大小设置为10GB,一旦最终用户尝试上传11GB.

总而言之,众所周知,这种机制是在数千个网站和应用程序上实现的,我想知道如何最大限度地提高我的脚本质量,处理这个问题而不会出现过度杀伤和糟糕的用户体验.

感谢分享您的想法:)

UPD1

如果它有帮助,这是我的AJAX调用：

$('#post-assignment-answer').on('click', function (event) {

event.preventDefault();

tinymce.triggerSave();

var answerContent = tinymce.get('assignment_user_input_textarea').getContent();

var answerFile = $('#assignment-file-upload')[0].files[0];

var formData = new FormData();

formData.append('action', 'post_assignment_answer');

formData.append('security', lucid_single_assignment_params.post_assignment_answer_nonce);

formData.append('post_id', lucid_single_assignment_params.post_id);

formData.append('answer_content', answerContent);

formData.append('answer_file', answerFile);

$.ajax({

url: lucid_single_assignment_params.ajax_url,

type: 'post',

data: formData,

contentType: false,

processData: false,

success: function (result) {

console.log(result);

}

});

});

UPD2：

添加了AJAX处理php

/**

* Post Assignment Answer

*

* @version 1.0.0

*/

if ( ! defined( 'ABSPATH' ) ) {

exit;

} // Exit if accessed directly

// Create AJAX call $result

$result = array(

'fileTypeError' => false,

'fileSizeError' => false,

'uploadError' => false

);

// Retrieving current post ID

$post_id = $_POST['post_id'];

// Retrieving WYSIWYG content

$answer_content = '';

if (! (trim($_POST['answer_content']) == '') ) {

$answer_content = wp_kses_post($_POST['answer_content']);

}

// Updating WYSIWYG meta field

update_post_meta($post_id, '_answer_content', $answer_content);

// Check if user intends to upload a file

if (!empty($_FILES['answer_file'])) {

// Adding timestamp to file name

$_FILES['answer_file']['name'] = round(microtime(true)) . '_' . $_FILES['answer_file']['name'];

$answer_file = $_FILES['answer_file'];

// Setting up uploaded file type validation

$supported_types = array(

'text/plain' // .txt

);

$arr_file_type = wp_check_filetype(basename($answer_file['name']));

$uploaded_type = $arr_file_type['type'];

// Setting up uploaded file size validation // TODO: This should be optimized

$allowed_size = 8388608;

$uploaded_size = $answer_file['size'];

// Validating, and in a case of success completing upload

if (!in_array($uploaded_type, $supported_types)) {

$result['fileTypeError'] = __('The type of file you\'ve provided is not allowed', 'lucidlms');

} elseif ($uploaded_size > $allowed_size) {

$result['fileSizeError'] = __('The size of file you\'ve provided is exceeding the maximum upload size', 'lucidlms');

} else {

/**

* Override the default upload path.

*

* @param array $dir

* @return array

*/

function lucidlms_assignment_upload_dir( $dir ) {

global $user_ID;

return array(

'path' => $dir['basedir'] . '/lucidlms/assignment/user' . $user_ID,

'url' => $dir['baseurl'] . '/lucidlms/assignment/user' . $user_ID,

'subdir' => ''

) + $dir;

}

// Register path override

add_filter( 'upload_dir', 'lucidlms_assignment_upload_dir' );

$upload = wp_handle_upload($answer_file, array( 'test_form' => false ));

// Set everything back to normal

remove_filter( 'upload_dir', 'lucidlms_user_upload_dir' );

if (isset($upload['error']) && $upload['error'] != 0) {

$result['uploadError'] = sprintf(__('There was an error uploading your file. The error is: %s', 'lucidlms'), $upload['error']);

} else {

// Check if there is an old version of file on the server and delete it

$existing_answer_file = get_post_meta($post_id, '_answer_file', true);

if (! empty($existing_answer_file)) {

global $user_ID;

$upload_dir = wp_upload_dir();

$existing_answer_file_name = pathinfo($existing_answer_file['file'], PATHINFO_BASENAME);

$unlink_path = $upload_dir['basedir'] . '/lucidlms/assignment/user' . $user_ID . '/' . $existing_answer_file_name;

unlink($unlink_path);

}

// Updating post meta

update_post_meta($post_id, '_answer_file', $upload);

}

}

}

wp_send_json($result);

解决方法:

请阅读并理解错误消息告诉您的内容：

exceeds the limit of XXXXX bytes in Unknown on line 0

错误报告在第0行,因为它是在PHP代码执行之前抛出的.因此,您无法更改接收PHP脚本中的行为.

正确的方法是检查数据的大小BEFORE you upload it(即在Javascript中).但要注意：

> Javascript在编码之前报告单个文件的大小 – Base64编码增加了大约三分之一的开销,加上其他POST属性值和名称的空间.

>为post_max_size配置的值是PHP接受的最大值.网络服务器(例如apache)将接受的最大值可能更低.对于插件,最合适的解决方案可能是允许管理员配置上限.

>试图破坏您的安全性的人可以轻松绕过Javascript中的任何检查

标签：wordpress,php,ajax

来源： https://codeday.me/bug/20190608/1201215.html