How to prevent Warning: POST Content-Length and memory size

Question 1

So after searching instead of working today I finally got an idea how to solve this, it worked, and even didnt cause much damage. But please first understand what you are doing, before doing it. :) As I suggested in one of my comments it is really possible to turn off PHP errors in .htacess - just turn off the PHP startup warnings.

Before you apply the solution:

Note that: after you insert this code to your .htaccess you won't be able to see any startup error

Also note that: there are more start up errors on line "0" than this one.

Do before: Before you do this you should prepare your script in the way that it should check the uploaded content size and give user a proper information message. The fact that the warning doesnt show DOES NOT mean that you should do nothing about it. It means the EXACT oposite - you should do all that you can to make something at least near-equal to the warning raise - check, double check if you can, handle error and raise your own error message.

Add this to your .htaccess:

php_flag display_startup_errors off

It is not that evil as it seems to be:

Please note that this turns off startup errors only.
So all the regular PHP errors/warnings/notices stays ON :)

Even XAMPP's PHP "itself" recommends it for production:

The php.ini file literaly says:

; display_startup_errors
;   Default Value: Off
;   Development Value: On
;   Production Value: Off

PS: "startup error" seems to be those errors before PHP script is executed itself - these errors are usually trying to "persuade" you that they are on the line 0.

Thanks to my idea and this answer: How to disable notice and warning in PHP within .htaccess file?

EDIT: As this is a php_flag setting, you can of course also set it by default in your php.ini if you have custom instalation of PHP :)

Question 2

The question is

How to prevent Warning: POST Content-Length

the answer is, without edit any config value, put this code at the very start of the file that will receive the form to be processed:

 <?php // here start your php file
 ob_get_contents();
 ob_end_clean();

That is. No more warning, as well anything else you do not want as output on your page. After, as suggested elsewhere you can decide what to do with:

if($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0){ echo"WoW your file is too big!"; }

Maybe also chunk the file, if in another way you pass correct values about file to be processed by Php.

as explained here Warning: POST Content-Lenght ...

Question 3

I've got a similar problem to you, and wondered if you'd found a satisfactory solution. Currently, my 'PHP Warning: POST Content-Length of 21010354 bytes exceeds the limit of 8388608' is in the log, and I don't think there is much I can do about it.

I've working within a Zend framework, and when a user uploads a file as above, it basically kills all the usual POST data parsing, so the response to getParams() contains none of the usual POST parameters. This means the users is getting a validation error, saying one of the fields is missing, which is misleading.

In researching this, I've found a few interesting php_ini settings you might want to look at, notably enable_post_data_reading and always_populate_raw_post_data. In my case, I'm uploading a 20M file, with a 8M post max and a 10M uploaded file max, and the result from php://input seems to be a full on 20M file, even though the post data is now empty.

So I'm going to manually check if the raw data exceeds the limit, and assume everything failed if it did (and bail). I suggest you could write your own code to parse the raw data, to populate the $_POST data. Then you can startup your code, as you wish, and only when you're ready, check if the user has uploaded more data than the limit. It's down to you, to then return an error before parsing it, or if it's ok, to parse it. As long as you set the PHP post and upload limits, to above your user limit, it should allow the user to break the rules, allowing your code to detect the breech and complain about it.

Question 4

Here is the REAL solution to prevent this error properly.

Set this parameters in your php.ini :

enable_post_data_reading = On
upload_max_size=0
post_max_size=0

Warning : be sure to have this line in your form

<input type="hidden" name="MAX_FILE_SIZE" value="2048576" />

AND the MOST IMPORTANT :

be sure to check the code errors of $_FILES['file']['error']
be sure to check size of your upload in PHP too

Question 5

As you have already found out for yourself, it is impossible to do it in PHP, since PHP can only catch errors from line 1 onwards.

The only way around would be to dig in the PHP source code, find where that error is thrown and remove that part from PHP sources before compiling your costume php version.

But be warned that the error message is thrown for a reason.

Question 6

To Prevent this error to happen you have to check the size of the uploaded files before and in case they're to big you have to cancel the upload!

To just not show them i think it should be enough if you write in your php script

error_reporting(0);

Question 7

1.You can check the file size before uploading in JavaScript but this can be tampered !

2.Check the file size after uploaded and before saving the file.

<?php

$size = filesize($uploaded_file);
if($size > $your_size_limit)
{
    echo "Throw bunch of errors";
}
else
{
    //save it
}
?>

3.Don't try to hide the errors to solve the problem.