Re: [PHP-DB] File Upload in PHP
Hi- Thanks for the reply. I'm near to the solution but was struct at teh end. I have configured post_max_size, memory_limit, max_upload_filesize to '-1' and max_execution_time to ' 0'. and restarted the server. But then, Apache and Browser problems were in place. In IE6 and IE7, The connection Reset error occured. In MFF 9 Error 413 occured whre $_Request and $_Server variables were populated. In Google Chrome, The complete request is processed, and The File is uploaded to the server and its MD5 sum was intact. But The FILE SIZE in $_FILES array turned to NEGATIVE bites. The testing was done on WINXP 32 Bit system, with XAMP - Latest and with a 2.23 GiB file upload. I suspect chrome to be doing some kind of magic compared to IE or FF. Need to try on 64 bit Ubuntu system with respect to this Browser and apache behavior testing. [1] Can any one confirm me on what might be the impact if post_max_size, memory_limit, max_upload_filesize is configured to '-1' and max_execution_time to ' 0' ? [2] Is this type of solution prone to any kind of vulnerabilities? 2012/2/1 Ege Sertçetin sertce...@itu.edu.tr Hi Trinath, You can use ini_set() function to change ini settings only for your upload script. http://php.net/manual/en/**function.ini-set.phphttp://php.net/manual/en/function.ini-set.php However, you cannot change any parameter you want. There is a list about php.ini parameters. As I remember, you just can set PHP_INI_ALL and PHP_INI_PERDIR parameters in your script. I do not remember if it is enough for file upload limits. php.ini parameters list: http://www.php.net/manual/en/**ini.list.phphttp://www.php.net/manual/en/ini.list.php Hope it helps :-) Ege Sertçetin Alinti Karl DeSaulniers k...@designdrumm.com Sry, not better help... better luck. :) Best, Karl On Feb 1, 2012, at 7:01 AM, Karl DeSaulniers wrote: I would set post_max_size in your htaccess for the directory where your upload.php file is. Or base64 your file and upload 8Mb chunks, then reassemble and store. but I am sure someone has a better solution than I. also, I may be wrong on this too, but this is a PHP General question, not database related. you may find better help on the PHP general list. Best, Karl On Feb 1, 2012, at 3:38 AM, Trinath Somanchi wrote: Hi All- I have doubt regarding file upload in PHP. With out updating the INI file settings, Can PHP process File upload just like Apache handling Multipart post. Like, Irrespective of post_max_size being 8M, PHP must process a 15MB Post data (15MB Uploaded file.) How to work this out with PHP. Kindly help me in this regard. -- Regards, --** Trinath Somanchi, Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Regards, -- Trinath Somanchi, +91 9866 235 130
Re: [PHP-DB] File Upload in PHP
I would set post_max_size in your htaccess for the directory where your upload.php file is. Or base64 your file and upload 8Mb chunks, then reassemble and store. but I am sure someone has a better solution than I. also, I may be wrong on this too, but this is a PHP General question, not database related. you may find better help on the PHP general list. Best, Karl On Feb 1, 2012, at 3:38 AM, Trinath Somanchi wrote: Hi All- I have doubt regarding file upload in PHP. With out updating the INI file settings, Can PHP process File upload just like Apache handling Multipart post. Like, Irrespective of post_max_size being 8M, PHP must process a 15MB Post data (15MB Uploaded file.) How to work this out with PHP. Kindly help me in this regard. -- Regards, -- Trinath Somanchi, Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] File Upload in PHP
Sry, not better help... better luck. :) Best, Karl On Feb 1, 2012, at 7:01 AM, Karl DeSaulniers wrote: I would set post_max_size in your htaccess for the directory where your upload.php file is. Or base64 your file and upload 8Mb chunks, then reassemble and store. but I am sure someone has a better solution than I. also, I may be wrong on this too, but this is a PHP General question, not database related. you may find better help on the PHP general list. Best, Karl On Feb 1, 2012, at 3:38 AM, Trinath Somanchi wrote: Hi All- I have doubt regarding file upload in PHP. With out updating the INI file settings, Can PHP process File upload just like Apache handling Multipart post. Like, Irrespective of post_max_size being 8M, PHP must process a 15MB Post data (15MB Uploaded file.) How to work this out with PHP. Kindly help me in this regard. -- Regards, -- Trinath Somanchi, Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] File Upload in PHP
Hi Trinath, You can use ini_set() function to change ini settings only for your upload script. http://php.net/manual/en/function.ini-set.php However, you cannot change any parameter you want. There is a list about php.ini parameters. As I remember, you just can set PHP_INI_ALL and PHP_INI_PERDIR parameters in your script. I do not remember if it is enough for file upload limits. php.ini parameters list: http://www.php.net/manual/en/ini.list.php Hope it helps :-) Ege Sertçetin Alinti Karl DeSaulniers k...@designdrumm.com Sry, not better help... better luck. :) Best, Karl On Feb 1, 2012, at 7:01 AM, Karl DeSaulniers wrote: I would set post_max_size in your htaccess for the directory where your upload.php file is. Or base64 your file and upload 8Mb chunks, then reassemble and store. but I am sure someone has a better solution than I. also, I may be wrong on this too, but this is a PHP General question, not database related. you may find better help on the PHP general list. Best, Karl On Feb 1, 2012, at 3:38 AM, Trinath Somanchi wrote: Hi All- I have doubt regarding file upload in PHP. With out updating the INI file settings, Can PHP process File upload just like Apache handling Multipart post. Like, Irrespective of post_max_size being 8M, PHP must process a 15MB Post data (15MB Uploaded file.) How to work this out with PHP. Kindly help me in this regard. -- Regards, -- Trinath Somanchi, Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] File upload bug
Hello Daniel, you said you change all the max_limit stuff in PHP/Apache, but did you change it on mysql ? by default the mysql_allowed_package is set to 1M, you have to add a line in your my.ini file (in my case this is in the windows directory, if you are using linux search google :)) In the section [mysqld] add set-variable = max_allowed_packet=10M or the value you want. I had a similar problem in a desktop application that inserted images into the database it gave the erro mySQL has gone away and this was the solution. Hope this Hepls. - Original Message - From: Daniel Crespo [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, March 24, 2004 7:19 PM Subject: [PHP-DB] File upload bug Hi all you there... I realized that when I try to upload a file of about 1MB or more, it doesn't upload... Even changing all the max_limit stuff at the config files of Apache and PHP... So, I don't now how to solve this. In the form, there are: form enctype=multipart/form-data name=frmUploadFile action=upload.php method=post input type=text name=strDesc size=20 maxlength=50 input type=file name=fileUpload size=20 /form In upload.php there are: ? global $strDesc; global $fileUpload; global $fileUpload_name; global $fileUpload_size; global $fileUpload_type; $fileHandle = fopen($fileUpload, rb); $fileContent = fread($fileHandle, $fileUpload_size); $fileContent = addslashes($fileContent); $dbQuery = INSERT INTO myBlobs VALUES ; $dbQuery .= (0, '$strDesc', '$fileContent', '$fileUpload_type'); db_query($dbQuery) or die(Couldn't add file to database); ? With short files (up to 1MB aprox.), it works just perfect... But, more than this, the variable $fileUpload_size, for example, is 0 (Zero)... So, anyone know how to fix this? Thanks. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] file upload security issue
I try to learn file uploading in PHP. I've successfully uploaded a file onto my server. I use move_uploaded_file(tmp_dir/tmp_filename, destination_dir/filename) to move the temp file. The thing is that I have to do a chmod 777 destination_dir in order to move the file. Is this bad for security? Yes, it is. chown the directory to the user or group that mysql runs under, then it only needs to be owner or group writable -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] File upload...
Hi, Go to the Hotscripts.com and search for the File upload. You will get so many scripts.. You can use any of those. Hardik --- [EMAIL PROTECTED] wrote: Just been asked for a 'quick' job... A mate needs a system that can upload a file, and place it in a specific directory... Via FTP he says, but I know there's other ways Has anyone directions to a tutorial, or script, that can get this out of my inbox on this hot, stuffy Friday afternoon? Cheers guys, happy weekend! * The information contained in this e-mail message is intended only for the personal and confidential use of the recipient(s) named above. If the reader of this message is not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message. *** __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] file upload array problem
On Saturday 21 December 2002 05:25, Seabird wrote:
Hi everyone,
every time I try to upload a picture I get the same problem in return.
First of all, it's not being uploaded (but this is for later concern I'm
afraid). Trying to display the info of the (not)uploaded file should be
done with:
$_FILES['picture']['name']
but every time I run this the return is a error like this:
Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or
`T_NUM_STRING' in c:\apache\htdocs\seabird.jmtech.ca\otf.com\submit.php on
line 69
Which is line 69?
If I leave out the qoutes it runs fine but my output (echo) is
Array['name']
Running a FILES list gives correct names and everything. Where did this go
wrong??
Here's my code aswell please help me, don't point me to another website
or manual (have read a dozen, and I'm still stuck).
if ($_POST[submit]) {
If you have error reporting set high enough you would have seen a warning
about Use of undefined constant submit You should use:
if ($_POST['submit']) {
$link = mysql_pconnect(localhost,myuser,mypass);
$db = test;
mysql_select_db($db,$link);
$query = INSERT INTO inventory
(registration,type,total_time,price,description,picture_name)
VALUES
('$_POST[registration]','$_POST[type]','$_POST[total_time]','$_POST[price]'
, '$_POST[description]','$_FILES[picture]');
If you're referring to array variables inside a double-quoted string you
should enclose it within {}. Thus:
$query = INSERT INTO inventory
(registration,type,total_time,price,description,picture_name)
VALUES
('{$_POST['registration']}','{$_POST['type']}',...);
--
Jason Wong - Gremlins Associates - www.gremlins.biz
Open Source Software Systems Integrators
* Web Design Hosting * Internet Intranet Applications Development *
/*
The keyboard isn't plugged in
*/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] file upload and php (Not a begginer question!)
Have you considered some kind of solution using FTP? I don't know exactly how you would integrate that with PHP, but it's an option that is more suited to transferring large files. You might be able to set up a link from one of your pages and use PHP and/or a database solution to authenticate the user prior to accessing the link to the FTP server/folder. I'm really just throwing ideas out here without knowing their viability in your or any solution, but I thought it might give you another option. -Original Message- From: Baroiller Pierre-Emmanuel [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 15, 2002 4:42 AM To: [EMAIL PROTECTED] Subject: [PHP-DB] file upload and php (Not a begginer question!) Hi, everyone know how to upload files from the browser to your web server using multipart-form method with move_downloaded_file() php function. But... It's a slow method for multiple files huge files transfert. I'm currently working on a big photo album tool, and I want to provide user the ability to upload a lot of jpeg files in one time... The big problem with form is it's too slow... Does anyone know how to by-pass this ( with java or other tools )? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] file upload, again
The web server user needs to have access to that directory. On NT, there are 2 of these users. On *nix, there is one. Giving these users access to write to that directory is not a huge risk. koelwebdesign wrote: hi there, I've searched the lists and forums for a couple of days now but nope... when I upload a file all is well, it get stored in the tmp directory, the filename and path get stored in the mysql database, however, it won't copy to the desired directory unless I give everyone write permissions to that directory. offcourse I don't like this. How do I tell php to use my username and password when copying the file from the tmp dir to the desired dir? Do I really have to make an ftp connection first? or is there a more simple way? How do you upload all those pictures to the webserver? thanks Leo Kuiper www.koelwebdesign.nl -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] file upload, again
thanks, I think that's where I can find the solution, it's a unix and maybe php is not the correct user? So maybe php is: user nobody and user nobody does not have the right to write to my directory. I think I can't change the php.ini file (it gets used for a lot of sites) so I probably have to make an ftp connection and upload the file from there. am I right? Leo Kuiper www.koelwebdesign.nl - Original Message - From: Grant Johnson [EMAIL PROTECTED] To: koelwebdesign [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, November 13, 2001 9:43 PM Subject: Re: [PHP-DB] file upload, again The web server user needs to have access to that directory. On NT, there are 2 of these users. On *nix, there is one. Giving these users access to write to that directory is not a huge risk. koelwebdesign wrote: hi there, I've searched the lists and forums for a couple of days now but nope... when I upload a file all is well, it get stored in the tmp directory, the filename and path get stored in the mysql database, however, it won't copy to the desired directory unless I give everyone write permissions to that directory. offcourse I don't like this. How do I tell php to use my username and password when copying the file from the tmp dir to the desired dir? Do I really have to make an ftp connection first? or is there a more simple way? How do you upload all those pictures to the webserver? thanks Leo Kuiper www.koelwebdesign.nl -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] file upload, again
or can I copy a file doing something like: copy file to http://user:[EMAIL PROTECTED]/blah? well, I think you need a path instead of a webadress Leo Kuiper www.koelwebdesign.nl - Original Message - From: Grant Johnson [EMAIL PROTECTED] To: koelwebdesign [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, November 13, 2001 9:43 PM Subject: Re: [PHP-DB] file upload, again The web server user needs to have access to that directory. On NT, there are 2 of these users. On *nix, there is one. Giving these users access to write to that directory is not a huge risk. koelwebdesign wrote: hi there, I've searched the lists and forums for a couple of days now but nope... when I upload a file all is well, it get stored in the tmp directory, the filename and path get stored in the mysql database, however, it won't copy to the desired directory unless I give everyone write permissions to that directory. offcourse I don't like this. How do I tell php to use my username and password when copying the file from the tmp dir to the desired dir? Do I really have to make an ftp connection first? or is there a more simple way? How do you upload all those pictures to the webserver? thanks Leo Kuiper www.koelwebdesign.nl -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
