Re: file upload, max_post, and cgi-error

From the docs (see Avoiding Denial of Service Attacks):

  $uploaded_file = param('upload');
   if (!$uploaded_file && cgi_error()) {
      print header(-status=>cgi_error());  # <== change this line
      exit 0;
   }
[download]

Comment on Re: file upload, max_post, and cgi-error Download Code

Replies are listed 'Best First'.
Re^2: file upload, max_post, and cgi-error by nponte (Initiate) on Oct 04, 2004 at 15:00 UTC
Thanks for responding... After a bit more testing I have found that my script is getting control, but with an empty parameter set as expected. I am able to retrieve the cgi_error "413 Request entity too large" from cgi_error but am finding that I cannot post an html msg to the user. I seem to be falling right through the code that puts out that error msg, produce the "page cannot be displayed" error, but am able to subsequently send myself an email with the 413 error. I believe the code that puts out the html error msg is good - am using it for other errors.	[reply]
Re^3: file upload, max_post, and cgi-error by Your Mother (Archbishop) on Oct 04, 2004 at 15:27 UTC
You should probably try to reduce it to the minimum case, like fglock's sample from CGI.pm, that works and then expand it back to the code you're currently trying to use. Make sure you're doing the printing of the server headers yourself with header() and that you're including your own status which you might need to do as "200 OK" to appease Apache and print your own HTML instead of the default ErrorDocument for 413.	[reply]