Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
This patch adds a maximum filesize for uplaods to image module.
I found that my clients (normal people, thus lazy) always uplaod HUGE (talking about tens of megabytes sometimes) files.
Off course teh server could not handle that properly. GD would just crash PHP, and imagemagick got killed often. Also the timeouts would often make it that the original image was not deleted. With some url hackery that gives folks access to the large images.
This patch adds a check for a filesize.
Comment | File | Size | Author |
---|---|---|---|
#23 | image_max_size_0.patch | 1.81 KB | drewish |
#16 | image_max_size.patch | 1.89 KB | drewish |
image_size.patch | 1.83 KB | Bèr Kessels | |
Comments
Comment #1
qwerty1234 CreditAttribution: qwerty1234 commentedIt would also be nice if the module had a pixel size restriction like the upload module. The only diference would be that bigger images would be rejected. That way images wouldnt get copied to a size a couple of pixels smaller for the preview, so it would save up space.
Comment #2
coupet CreditAttribution: coupet commentedI tried to patch
// $Id: image.module,v 1.146.2.12 2005/12/16 18:19:50 walkah Exp $
following is error message:
-sh-2.05b$ patch -p0 -u < image_size.patch
patching file image.module
Hunk #1 succeeded at 92 (offset 13 lines).
patch unexpectedly ends in middle of line
Hunk #2 succeeded at 146 with fuzz 1.
-sh-2.05b$
Comment #3
Stefan Nagtegaal CreditAttribution: Stefan Nagtegaal commentedBer, isn't this already fixed in HEAD by limiting the max_upload_size for different roles? Maybe you should mark this "Fixed" if so?
Steef
Comment #4
Bèr Kessels CreditAttribution: Bèr Kessels commented@steef, not really.
This patch limits the size of an uploaded image.
Currently its potentially possible to upload a single image with a size of 20 megabytes.
imagemagick will crash. the originals will clog your diskspace etc.
I could *not* teach my users to resize their camera images to a "reasonable" size. I am stuck with over 200 images that are bigger then 3 Meg, and now and again they manage to get the server on its knees by uploading a HUGE image (often scanned, uploaded as bmp)
Comment #5
creatorsdream CreditAttribution: creatorsdream commentedIs there any way to update this patch to work with 4.7? It's really something that should be a part of the image.module.
Comment #6
hesiyu@drupalchina.org CreditAttribution: hesiyu@drupalchina.org commentedHow can i get this patch worked? it seems the latest image.module release didn't involve this script.
It's a in great need function, image upload should have limitation to image size or pixels, the same as upload.module.
Comment #7
Bèr Kessels CreditAttribution: Bèr Kessels commentedBased on the feedback, I think will take this on me. Marking as critical, because I think it *is* a critical feature.
without this check, we have a dead easy way to get about ANY drupal site to its knees. Just upload a few 8 meg image simultanously, lean back, and see any server collapse. (or, in the best case, get an error from PHP)
Comment #8
hesiyu@drupalchina.org CreditAttribution: hesiyu@drupalchina.org commentedhi kessels, according to your previous patch, i make the cvs image.module the same change, it works. But the still problem is, the uploaded file exceeds the server php upload file limitation, server obviously collaspsed.What is a better solution? as i know, upload.module has the same problem.
I am sorry I do not know how to contribute my change to drupal cvs, it's my first time to do this and i dont think the change has any progress as the problem i mentioned above is still there. NOW i am waiting ur better solution, sir.
:-)
Comment #9
creatorsdream CreditAttribution: creatorsdream commentedBèr,
I don't mean to be difficult, but I'm wondering if anything is happening with this critical feature request. I know the image module has been going through some updates and I would like to make a little sqweek so that maybe the wheel will get greased...
sqweek... sqweek... sqweek...
Comment #10
calebgilbert CreditAttribution: calebgilbert commented...when I applied patch to 4.7 and/or CVS versions:
Not sure why...
Comment #11
Egon Bianchet CreditAttribution: Egon Bianchet commentedComment #12
gsh2000 CreditAttribution: gsh2000 commentedIs this patch working on 4.7 ?? - need to restrict image upload size, by users.
Comment #13
dtabach CreditAttribution: dtabach commentedThis issue is more than one year old now.
And it is still very important, as it can lead to real trouble. Image is probably one of the most used contributed modules (actually I think it should be a default module).
It's not clear if the this patch works with 4.7.x. Please someone confirm.
It would be crucial to have this functionality.
Comment #14
v1nce CreditAttribution: v1nce commentedTried this on 4.7.4 with no luck. If I upload an image with the image.module that is larger than my php.ini settings (currently 2mb) I get the warning:
Within my /files/images/ folder this creates files, files_0, files_1, etc... with 0kb filesizes.
Comment #15
bloomaniac CreditAttribution: bloomaniac commentedcould anyone implement this in the 5.0 version.
I think this is an important feature.
Comment #16
drewish CreditAttribution: drewish commentedhere's a re-roll for 5.0. one addition, if the file is too big it deletes it.
Comment #17
v1nce CreditAttribution: v1nce commentedI manually used drewish's image_max_size.patch on my 4.7.5 install successfully. This is great!
----------------------
Petafoo.com - We Love Animals
Comment #18
seanbfuller CreditAttribution: seanbfuller commentedPatch seems to work for me in 4.7, as well. (Had to manually install it.) It also seems to correctly get checked in image_attach.
Comment #19
abqaria CreditAttribution: abqaria commentedany news if it works for the drupal 5
Comment #20
drewish CreditAttribution: drewish commentedahmedshoukry, the comment on my patch says it's for drupal 5... though since i've made a few other commits it probably won't apply cleanly.
Comment #21
walkah CreditAttribution: walkah commentedi like this patch, but downgrading from 'critical'.
Comment #22
forseti CreditAttribution: forseti commentedGetting a partial failure on image_max_size.patch
patching file image.module
Hunk #2 FAILED at 162.
1 out of 2 hunks FAILED -- saving rejects to file image.module.rej
This is on the latest dev release of image
5.x-1.x-dev 2007-03-07
Comment #23
drewish CreditAttribution: drewish commentedyeah I'd said as much in comment #20. here's an updated patch.
Comment #24
kevinweber CreditAttribution: kevinweber commentedI can't stress how important a feature this is. Image is a highly used module, and this is a critical missing piece. I've watched this feature languish for so long. However, now there's a patch, but it's still going nowhere. Please push this patch into the code.
Comment #25
drewish CreditAttribution: drewish commentedkevinweber, did the patch work for you? if you're going to advocate for the feature, i'd say the least you can do is test it.
Comment #26
kevinweber CreditAttribution: kevinweber commentedI downloaded today's development release, applied the patch manually, and tested a few images. It worked as advertised: large images were rejected on preview and submission.
Is there anything else I can do?
Comment #27
Telvin_3d CreditAttribution: Telvin_3d commentedI am having real issues aplying the patch. I keep getting and 'assertion failed' at line 339.
If anyone could upload a pre-patched version of image.modual, I would be eternaly greatful.
Comment #28
drewish CreditAttribution: drewish commentedtelvin_3d, you probably need to convert the line endings for your system. if you're on windows you need to use unix2dos or u2d to conver the patch file. on unix use dos2unix or d2u.
Comment #29
drewish CreditAttribution: drewish commentedokay thanks for the testing guys. i've committed this to HEAD and 5.
Comment #30
kevinweber CreditAttribution: kevinweber commentedThank you.
Comment #31
(not verified) CreditAttribution: commented