fix: POST_MAX

lib/WebGUI/Session.pm

@@ -368,8 +368,6 @@ sub open {
 	my $config = WebGUI::Config->new($webguiRoot,$configFile);
 	my $self = {_config=>$config, _server=>$server};
 	bless $self , $class;
-	#$self->{_request} = Apache2::Request->new($request, POST_MAX => 1024 * $self->setting->get("maxAttachmentSize")) if (defined $request);
-	# something screwed about POST_MAX, must look at this later
 	$self->{_request} = Apache2::Request->new($request) if (defined $request);
 	my $sessionId = shift || $self->http->getCookies->{"wgSession"} || $self->id->generate;
 	my $noFuss = shift;

lib/WebGUI/Storage.pm

@@ -205,6 +205,7 @@ sub addFileFromFormPost {
 		my $tempFilename = $upload->filename();
 		next unless $tempFilename;
 		next unless $upload->size > 0;
+		next if ($upload->size > 1024 * $self->session->setting->get("maxAttachmentSize"));
 		if ($tempFilename =~ /([^\/\\]+)$/) { $tempFilename = $1; }
 		my $type = $self->getFileExtension($tempFilename);
 		if (isIn($type, qw(pl perl sh cgi php asp))) { # make us safe from malicious uploads