Define reasonable amount of memory_limit and max_upload_size
airbone42 opened this issue · 1 comments
airbone42 commented
Right now it's only checked if these values are set, but not if it's a reasonable amount. Imho is a memory_limit in a php.ini of 1GB or something like that, too much and dangerous, but that also strongly depends on the application.
I would suggest we check for values greater than the PHP default settings (i.e. 128M for memory_limit), and then show a warning, because someone should really think twice of increasing these.
What are your ideas on that?
enygma commented
Yeah, I agree...it's a slipper slope I've seen lots of projects fall on. "Oh, let's just bump the limit up really high and...." hehe