[id://Andre_br] let me just chime in with an observation, as I was deeply immersed in the internals of CGI.pm recently, and specifically the file upload portions of the code. Previous comment about using $CGI::POST_MAX is pretty correct, but the next reply about using $ENV{CONTENT_LENGTH} is far better in my opinion. What you need to know is that merely instanstiating a CGI object will cause the CGI module to read all of <STDIN> (which is what apache passes the post data to your script via) - what this means is: before you continue execution beyond that line you utter new CGI, the entire upload is written to a temp file on your disk. Therefore, preventing file uploads of a too-large-size is kind of useless after that happens, if you're trying to save on bandwidth. Saving on diskspace for storing that file, yes, but you'll still read and write the whole thing to disk before you even begin asking questions about it if the first thing you do is 
my $q = new CGI;

[download]
so to save processing time and bandwidth and temp disk space, don't instantiate that until you're sure you want to. Also note, setting $CGI::POST_MAX will force CGI to stop reading from STDIN when it reaches that max, so any post variables that are in the stream AFTER the file upload (and HTTP defines no contraints as to what order variables ought be POSTed in, though in my experience most browsers POST in html form order) will not be exposed to you.

also note that 
my $filehandle = $q->upload("file");

[download]
is a trivial function call, it's just handing back a file handle to the already existant file. I think this goes against most peoples expectations

my final words: use $ENV{CONTENT_LENGTH}, s'what it's there for. and CGI isn't as perfect as you think i thought it is was.

It's not what you look like, when you're doin' what you’re doin'.
It's what you’re doin' when you’re doin' what you look like you’re doin'!
     - Charles Wright & the Watts 103rd Street Rhythm Band

In reply to Re: Limiting size of uploads by qbxk
in thread Limiting size of uploads by Andre_br

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.