lukejee:
我好像记得php的server端可以限制file大小的,upload_max_filesize in php.ini, browser的限制技术很容易被绕过去的
[阅读: 1126] 2007-04-24 14:36:34
the MAX_FILE_SIZE hidden field (measured in bytes) must precede the file input field, and its value is the maximum filesize accepted by PHP. Fooling this setting on the browser side is quite easy, so never rely on files with a greater size being blocked by this feature. The PHP settings for maximum-size, however, cannot be fooled. This form element should always be used as it saves users the trouble of waiting for a big file being transferred only to find that it was too big and the transfer failed.
不主动、不拒绝、不负责任!
One Small Step for BSD.
One Giant Step for PCs