From f36879c55c26cf6705f39b6361afbcd3188be49a Mon Sep 17 00:00:00 2001
From: JT Smith <jt@plainblack.com>
Date: Wed, 7 Jun 2006 16:10:43 +0000
Subject: [PATCH] fix: POST_MAX

---
 docs/changelog/6.x.x.txt | 2 ++
 lib/WebGUI/Session.pm    | 2 --
 lib/WebGUI/Storage.pm    | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/docs/changelog/6.x.x.txt b/docs/changelog/6.x.x.txt
index bb007860d..c33330f7a 100644
--- a/docs/changelog/6.x.x.txt
+++ b/docs/changelog/6.x.x.txt
@@ -7,6 +7,7 @@
  - fix: Make Package not in Admin Bar
  - fix: Survey Asset Copy Problems
  - fix: EMS Add Subevent
+ - fix: POST_MAX
  - fix: HTTPproxy
  - fix: i18n reserved section name in Surveys
  - fix: typo in Asset_ProjectManager i18n
@@ -14,6 +15,7 @@
  - fix: Pagination of search results does not work (Martin Kamerbeek / Procolix)
  - fix: Workflow Commit with approval Error (Martin Kamerbeek / Procolix)
 
+
 6.99.3
  - Someone removed the status from the submission templates. That has been
    fixed.
diff --git a/lib/WebGUI/Session.pm b/lib/WebGUI/Session.pm
index 3b6cecbd2..66c9d1dec 100644
--- a/lib/WebGUI/Session.pm
+++ b/lib/WebGUI/Session.pm
@@ -368,8 +368,6 @@ sub open {
 	my $config = WebGUI::Config->new($webguiRoot,$configFile);
 	my $self = {_config=>$config, _server=>$server};
 	bless $self , $class;
-	#$self->{_request} = Apache2::Request->new($request, POST_MAX => 1024 * $self->setting->get("maxAttachmentSize")) if (defined $request);
-	# something screwed about POST_MAX, must look at this later
 	$self->{_request} = Apache2::Request->new($request) if (defined $request);
 	my $sessionId = shift || $self->http->getCookies->{"wgSession"} || $self->id->generate;
 	my $noFuss = shift;
diff --git a/lib/WebGUI/Storage.pm b/lib/WebGUI/Storage.pm
index b7c7693b1..ffc71da72 100644
--- a/lib/WebGUI/Storage.pm
+++ b/lib/WebGUI/Storage.pm
@@ -205,6 +205,7 @@ sub addFileFromFormPost {
 		my $tempFilename = $upload->filename();
 		next unless $tempFilename;
 		next unless $upload->size > 0;
+		next if ($upload->size > 1024 * $self->session->setting->get("maxAttachmentSize"));
 		if ($tempFilename =~ /([^\/\\]+)$/) { $tempFilename = $1; }
 		my $type = $self->getFileExtension($tempFilename);
 		if (isIn($type, qw(pl perl sh cgi php asp))) { # make us safe from malicious uploads