Don't accept files that are bigger than the upload limit when uploading plugins (#16849)

* Don't accept files that are bigger than the upload limit when uploading plugins

* improve / simplify code

* adds some tests

2 files changed, 3 insertions, 1 deletions

diff --git a/plugins/Marketplace/Controller.php b/plugins/Marketplace/Controller.php
index c2d9d6e6d8..aae329640c 100644
--- a/plugins/Marketplace/Controller.php
+++ b/plugins/Marketplace/Controller.php
@@ -26,6 +26,7 @@ use Piwik\Plugins\Marketplace\Input\PurchaseType;
 use Piwik\Plugins\Marketplace\Input\Sort;
 use Piwik\ProxyHttp;
 use Piwik\SettingsPiwik;
+use Piwik\SettingsServer;
 use Piwik\Url;
 use Piwik\View;
 use Exception;
@@ -287,6 +288,7 @@ class Controller extends \Piwik\Plugin\ControllerAdmin
         $view->isAutoUpdatePossible = SettingsPiwik::isAutoUpdatePossible();
         $view->isAutoUpdateEnabled = SettingsPiwik::isAutoUpdateEnabled();
         $view->isPluginUploadEnabled = CorePluginsAdmin::isPluginUploadEnabled();
+        $view->uploadLimit = SettingsServer::getPostMaxUploadSize();
         $view->inReportingMenu = (bool) Common::getRequestVar('embed', 0, 'int');
 
         return $view->render();
diff --git a/plugins/Marketplace/templates/uploadPluginDialog.twig b/plugins/Marketplace/templates/uploadPluginDialog.twig
index 7da4efddc5..ec9a9e1acf 100644
--- a/plugins/Marketplace/templates/uploadPluginDialog.twig
+++ b/plugins/Marketplace/templates/uploadPluginDialog.twig
@@ -6,7 +6,7 @@
 
         <form enctype="multipart/form-data" method="post" id="uploadPluginForm"
               action="{{ linkTo({'module':'CorePluginsAdmin', 'action':'uploadPlugin', 'nonce': installNonce}) }}">
-            <input type="file" name="pluginZip">
+            <input type="file" name="pluginZip" data-max-size="{{ uploadLimit }}">
             <br />
             <div piwik-field uicontrol="password" name="confirmPassword" autocomplete="off"
                  data-title="{{ 'Login_ConfirmPasswordToContinue'|translate|e('html_attr') }}"