From 690f206a63967805c1d61806683947ac6f2a2175 Mon Sep 17 00:00:00 2001
From: Savetheinternet <savetheinternet@n0v4.com>
Date: Wed, 3 Nov 2010 19:44:24 +1100
Subject: [PATCH] Added a maximum filesize for image uploads

---
 inc/config.php | 4 ++++
 post.php       | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/inc/config.php b/inc/config.php
index f0414cda..b2bfa3fe 100644
--- a/inc/config.php
+++ b/inc/config.php
@@ -40,11 +40,15 @@
 	define('ERROR_NOMOVE',	'The server failed to handle your upload.');
 	define('ERROR_FILEEXT',	'Unsupported image format.');
 	define('ERR_INVALIDIMG','Invalid image.');
+	define('ERR_FILSIZE','The file was too large.');
 	
 	// For resizing, max values
 	define('THUMB_WIDTH',	200);
 	define('THUMB_HEIGHT',	200);
 	
+	// Maximum image upload size in bytes
+	define('MAX_FILESIZE',	1048576); // 10MB
+	
 	define('DIR_IMG',		'src/');
 	define('DIR_THUMB',		'thumb/');
 	define('DIR_RES',		'res/');
diff --git a/post.php b/post.php
index a4588d63..23eb0453 100644
--- a/post.php
+++ b/post.php
@@ -74,6 +74,9 @@
 		$post['filename'] = $_FILES['file']['name'];
 		$post['has_file'] = $OP || !empty($_FILES['file']['tmp_name']);
 		
+		if($post['has_file'] && $_FILES['file']['size'] > MAX_FILESIZE)
+			error(ERR_FILSIZE);
+		
 		$trip = generate_tripcode($post['name']);
 		$post['name'] = utf8tohtml($trip[0]);
 		$post['trip'] = (isset($trip[1])?$trip[1]:'');