Re: [PHP] Re: File upload in map drive with PHP

[Jim Lucas]

On 01/26/2012 07:13 AM, Jim Giner wrote:

You're using a GET in your script when your form is a POST.


and if you look at the method value you will see that he is passing 
upload=1 in the URL.  Which would be seen as a GET value.


--
Jim Lucas

http://www.cmsws.com/
http://www.cmsws.com/examples/
http://www.bendsource.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File upload in map drive with PHP

[Stuart Dallas]

On 26 Jan 2012, at 15:10, Mehmet YAYLA wrote:

> 
> I'm using code this bellow.
> 
> 
>  if (!empty($_GET["upload"])) {
>$uploaddir ="x:\\file/";
> 
>$uploadfile = $_FILES['userfile']['name'];
> 
>print "";
> 
>if (move_uploaded_file($_FILES['userfile']['tmp_name'], 
> "$uploaddir"."$uploadfile")) {
>
>   echo "Dosya basari ile yüklendi. "; 
>   
>  
>}  else {
>   print "Dosya yüklenemedi. Tekrar deneyiniz";
>  
>   }
>print "";
> }
> 
> ?>
> 
>  method="post"> 
>Select image: 
>

The drive needs to be mapped for the internet user (usually IUSR_machinename I 
think), otherwise that drive won't exist.

-Stuart

-- 
Stuart Dallas
3ft9 Ltd
http://3ft9.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: File upload in map drive with PHP

[Mehmet YAYLA]

I'm using code this bellow.


";
   
if (move_uploaded_file($_FILES['userfile']['tmp_name'], 
"$uploaddir"."$uploadfile")) {  
 
   echo "Dosya basari ile yüklendi. ";  

  
}  else {
   print "Dosya yüklenemedi. Tekrar deneyiniz"; 

   }
print "";
}
 
?>
 
 
Select image: 





> To: php-general@lists.php.net
> From: jim.gi...@albanyhandball.com
> Date: Thu, 26 Jan 2012 10:00:29 -0500
> Subject: [PHP] Re: File upload in map drive with PHP
> 
> Do you mean you are trying to do an upload of a file on a mapped drive, such 
> as a network drive?  Is this upload using an html form with an  type="file"> tag? 
> 
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
  

[PHP] Re: File upload in map drive with PHP

[Jim Giner]

Do you mean you are trying to do an upload of a file on a mapped drive, such 
as a network drive?  Is this upload using an html form with an  tag? 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload Problem [SOLVED]

[tedd]

At 10:07 AM -0400 4/11/11, tedd wrote:

At 7:37 AM +0100 4/11/11, Ashley Sheridan wrote:

"tedd"  wrote:

 >So, knowing this  -- does anyone have any idea as to what is wrong?

What happens if you diff the various config files involved 
directly, php.ini, https.conf, any other site-specific *.conf files 
used by apache. Sometimes its a "security feature" in a .conf file 
that means I can override a setting myself in code or in an 
.htaccess file. Takes ages to find and annoying to debug around!


Ash


Ash:

I think that's the problem. I just wanted to bounce this experience 
off the group before making a fool of myself by asking for help at 
the local college where I'm trying to get the script to run. I think 
they have some security protocol in place to prevent this.


Thanks,

tedd


To all:

That was the problem.

The school had banned the practice of uploading any files to their 
server. I got permission for my class, but it is under a strict "need 
to know" basis.


Thanks for listening.

Cheers,

tedd

--
---
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload Problem

[tedd]

At 7:37 AM +0100 4/11/11, Ashley Sheridan wrote:

"tedd"  wrote:

 >So, knowing this  -- does anyone have any idea as to what is wrong?

What happens if you diff the various config files involved directly, 
php.ini, https.conf, any other site-specific *.conf files used by 
apache. Sometimes its a "security feature" in a .conf file that 
means I can override a setting myself in code or in an .htaccess 
file. Takes ages to find and annoying to debug around!


Ash


Ash:

I think that's the problem. I just wanted to bounce this experience 
off the group before making a fool of myself by asking for help at 
the local college where I'm trying to get the script to run. I think 
they have some security protocol in place to prevent this.


Thanks,

tedd

--
---
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload Problem

[Hans Åhlin]

I had some similar problem with Windows 7,
it had to do with UAC and folder rights. Apache/PHP could read but not
write to any dir except the ones that all users could write to.
I solved it by allowing every one to read, write and change content in
the directory where I needed PHP to handle/control the content.


2011/4/10 tedd :
> At 7:15 AM +0200 4/7/11, Wojciech Kupiec wrote:
>>
>> On 06/04/11 19:10, tedd wrote:
>>>
>>> -snip-
>>> What could be wrong? What should I be looking for?
>>
>> If you really want to get help, publish your code.
>
> I don't think that's true. I should be able to ask a technical question with
> observations and inquire as to "What's wrong?" After all, what's the point
> of showing code that works on two servers, but fails on a third? Really,
> what is that going to tell you?
>
> As for the uploaded file exceeding "max file size" and "file_uploads"
> enabled, those are obvious and I did that investigation before I posted the
> question. They are NOT the problem.
>
> I also checked all the servers involved for "safe_mode" and "open_basedir"
> settings and they are set the same. Additionally, the "upload_max_filesize"
> and "upload_tmp_dir" are also set exactly the same. As such, I don't know
> what else to look for -- hence my question.
>
> As I said, the script works on two servers, but fails on a third.
>
> This is what I've learned in addition to the above:
>
> The script does successfully upload the file to the server in question. For
> example, I receive "truth" from:
>
> if(is_uploaded_file($_FILES['userfile']['tmp_name']))
>   {
>   echo('true');
>   }
>
> I can even get the contents of the uploaded file by:
>
> $contents = file_get_contents($_FILES['userfile']['tmp_name']);
> echo($contents);
>
> -- and the contents are displayed.
>
> So, the file is indeed uploaded!
>
> What I cannot do is move the file to another location using:
>
> $result = move_uploaded_file($_FILES['userfile']['tmp_name'], $path . '/' .
> $_FILES['userfile']['name']);
>
> (Yes, all possible file paths have been investigated)
>
> Nor, can I copy the file by:
>
> $result = copy($_FILES['userfile']['tmp_name'], $path . '/' .
> $_FILES['userfile']['name']);
>
> The only difference I see is the server causing problems is Windows NT
> whereas the others are Linux.
>
> So, knowing this  -- does anyone have any idea as to what is wrong?
>
> Cheers,
>
> tedd
>
> --
> ---
> http://sperling.com/
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>



-- 


**
 Hans Åhlin
   Tel: +46761488019
   icq: 275232967
   http://www.kronan-net.com/
   irc://irc.freenode.net:6667 - TheCoin
**

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload Problem

[Louis Huppenbauer]

Is there already a file with the same name?
Apparently copy won't overwrite a file on windows if it already exists.

Maybe you have the same problem ffproberen2 at dodgeit dot com had on
the php.net/move_uploaded_file manpage?

2011/4/10 tedd :
> At 7:15 AM +0200 4/7/11, Wojciech Kupiec wrote:
>>
>> On 06/04/11 19:10, tedd wrote:
>>>
>>> -snip-
>>> What could be wrong? What should I be looking for?
>>
>> If you really want to get help, publish your code.
>
> I don't think that's true. I should be able to ask a technical question with
> observations and inquire as to "What's wrong?" After all, what's the point
> of showing code that works on two servers, but fails on a third? Really,
> what is that going to tell you?
>
> As for the uploaded file exceeding "max file size" and "file_uploads"
> enabled, those are obvious and I did that investigation before I posted the
> question. They are NOT the problem.
>
> I also checked all the servers involved for "safe_mode" and "open_basedir"
> settings and they are set the same. Additionally, the "upload_max_filesize"
> and "upload_tmp_dir" are also set exactly the same. As such, I don't know
> what else to look for -- hence my question.
>
> As I said, the script works on two servers, but fails on a third.
>
> This is what I've learned in addition to the above:
>
> The script does successfully upload the file to the server in question. For
> example, I receive "truth" from:
>
> if(is_uploaded_file($_FILES['userfile']['tmp_name']))
>   {
>   echo('true');
>   }
>
> I can even get the contents of the uploaded file by:
>
> $contents = file_get_contents($_FILES['userfile']['tmp_name']);
> echo($contents);
>
> -- and the contents are displayed.
>
> So, the file is indeed uploaded!
>
> What I cannot do is move the file to another location using:
>
> $result = move_uploaded_file($_FILES['userfile']['tmp_name'], $path . '/' .
> $_FILES['userfile']['name']);
>
> (Yes, all possible file paths have been investigated)
>
> Nor, can I copy the file by:
>
> $result = copy($_FILES['userfile']['tmp_name'], $path . '/' .
> $_FILES['userfile']['name']);
>
> The only difference I see is the server causing problems is Windows NT
> whereas the others are Linux.
>
> So, knowing this  -- does anyone have any idea as to what is wrong?
>
> Cheers,
>
> tedd
>
> --
> ---
> http://sperling.com/
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Problem

[tedd]

At 7:15 AM +0200 4/7/11, Wojciech Kupiec wrote:

On 06/04/11 19:10, tedd wrote:

-snip-
What could be wrong? What should I be looking for?


If you really want to get help, publish your code.


I don't think that's true. I should be able to ask a technical 
question with observations and inquire as to "What's wrong?" After 
all, what's the point of showing code that works on two servers, but 
fails on a third? Really, what is that going to tell you?


As for the uploaded file exceeding "max file size" and "file_uploads" 
enabled, those are obvious and I did that investigation before I 
posted the question. They are NOT the problem.


I also checked all the servers involved for "safe_mode" and 
"open_basedir" settings and they are set the same. Additionally, the 
"upload_max_filesize" and "upload_tmp_dir" are also set exactly the 
same. As such, I don't know what else to look for -- hence my 
question.


As I said, the script works on two servers, but fails on a third.

This is what I've learned in addition to the above:

The script does successfully upload the file to the server in 
question. For example, I receive "truth" from:


if(is_uploaded_file($_FILES['userfile']['tmp_name']))
   {
   echo('true');
   }

I can even get the contents of the uploaded file by:

$contents = file_get_contents($_FILES['userfile']['tmp_name']);
echo($contents);

-- and the contents are displayed.

So, the file is indeed uploaded!

What I cannot do is move the file to another location using:

$result = move_uploaded_file($_FILES['userfile']['tmp_name'], $path . 
'/' . $_FILES['userfile']['name']);


(Yes, all possible file paths have been investigated)

Nor, can I copy the file by:

$result = copy($_FILES['userfile']['tmp_name'], $path . '/' . 
$_FILES['userfile']['name']);


The only difference I see is the server causing problems is Windows 
NT whereas the others are Linux.


So, knowing this  -- does anyone have any idea as to what is wrong?

Cheers,

tedd

--
---
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Problem

[Wojciech Kupiec]

On 06/04/11 19:10, tedd wrote:

Hi gang:

I wrote a simple script to upload image files from my desktop to a
server -- the exact same code works on two servers, but fails on a third.

I suspect there is something set different between the servers, but I
can't find it.

Oddly enough, I can upload image files directly to the database, but not
to the file system.

What could be wrong? What should I be looking for?



The simplest explanation is that you don't have write permissions to the 
location where you upload the file or to the temp directory.


If you really want to get help, publish your code.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File-Upload per Drag-N-Drop?

[Bastien Koert]

On Wed, Dec 29, 2010 at 3:03 PM, Robert Cummings  wrote:
> On 10-12-29 03:02 PM, Robert Cummings wrote:
>>
>> On 10-12-29 02:54 PM, Michelle Konzack wrote:
>>>
>>> Hello Tommy Pham,
>>>
>>> Am 2010-12-29 10:33:30, hacktest Du folgendes herunter:

 This sounds like RIA = Rich Internet Application.  Try google'ing for
 it.
>>>
>>> This was the missing keyword.  Thanks.
>>>
>>> Found DHTML and posibility  for  a  flash/gnash app  which  support  the
>>> Drag-N-Drop.  If has only to create a normal fileupload where  the  rest
>>> is handled as usual by PHP. Now have to check, whether gnash support it.
>>>
 YMMV depends on platform&   technology supported.
>>>
>>> Hmmm, if I see   and it woks on Linux the same
>>> as on MacOS X as on Windows or BeOS.
>>>
 Regards,
 Tommy
>>>
>>> Thanks, Greetings and nice Day/Evening
>>>      Michelle Konzack
>>
>> You can get a nice multi upload in flash, but you cannot get drag and
>> drop.
>
> I should add that I don't know about Silverlight or whatever is the flavour
> of the week, but I believe you can do drag and drop with Java applets, but
> they'll require popup acceptance of the security privileges necessary to
> allow drag and drop.
>
> Cheers,
> Rob.
> --
> E-Mail Disclaimer: Information contained in this message and any
> attached documents is considered confidential and legally protected.
> This message is intended solely for the addressee(s). Disclosure,
> copying, and distribution are prohibited unless authorized.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Flex has some as well

http://www.flex888.com/296/9-flex-file-upload-examples-visited.html

-- 

Bastien

Cat, the other other white meat

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File-Upload per Drag-N-Drop?

[Robert Cummings]

On 10-12-29 03:02 PM, Robert Cummings wrote:

On 10-12-29 02:54 PM, Michelle Konzack wrote:

Hello Tommy Pham,

Am 2010-12-29 10:33:30, hacktest Du folgendes herunter:

This sounds like RIA = Rich Internet Application.  Try google'ing for it.


This was the missing keyword.  Thanks.

Found DHTML and posibility  for  a  flash/gnash app  which  support  the
Drag-N-Drop.  If has only to create a normal fileupload where  the  rest
is handled as usual by PHP. Now have to check, whether gnash support it.


YMMV depends on platform&   technology supported.


Hmmm, if I see   and it woks on Linux the same
as on MacOS X as on Windows or BeOS.


Regards,
Tommy


Thanks, Greetings and nice Day/Evening
  Michelle Konzack


You can get a nice multi upload in flash, but you cannot get drag and drop.


I should add that I don't know about Silverlight or whatever is the 
flavour of the week, but I believe you can do drag and drop with Java 
applets, but they'll require popup acceptance of the security privileges 
necessary to allow drag and drop.


Cheers,
Rob.
--
E-Mail Disclaimer: Information contained in this message and any
attached documents is considered confidential and legally protected.
This message is intended solely for the addressee(s). Disclosure,
copying, and distribution are prohibited unless authorized.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File-Upload per Drag-N-Drop?

[Robert Cummings]

On 10-12-29 02:54 PM, Michelle Konzack wrote:

Hello Tommy Pham,

Am 2010-12-29 10:33:30, hacktest Du folgendes herunter:

This sounds like RIA = Rich Internet Application.  Try google'ing for it.


This was the missing keyword.  Thanks.

Found DHTML and posibility  for  a  flash/gnash app  which  support  the
Drag-N-Drop.  If has only to create a normal fileupload where  the  rest
is handled as usual by PHP. Now have to check, whether gnash support it.


YMMV depends on platform&  technology supported.


Hmmm, if I see  and it woks on Linux the same
as on MacOS X as on Windows or BeOS.


Regards,
Tommy


Thanks, Greetings and nice Day/Evening
 Michelle Konzack


You can get a nice multi upload in flash, but you cannot get drag and drop.

Cheers,
Rob.
--
E-Mail Disclaimer: Information contained in this message and any
attached documents is considered confidential and legally protected.
This message is intended solely for the addressee(s). Disclosure,
copying, and distribution are prohibited unless authorized.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File-Upload per Drag-N-Drop?

[Michelle Konzack]

Hello Tommy Pham,

Am 2010-12-29 10:33:30, hacktest Du folgendes herunter:
> This sounds like RIA = Rich Internet Application.  Try google'ing for it.

This was the missing keyword.  Thanks.

Found DHTML and posibility  for  a  flash/gnash app  which  support  the
Drag-N-Drop.  If has only to create a normal fileupload where  the  rest
is handled as usual by PHP. Now have to check, whether gnash support it.

> YMMV depends on platform & technology supported.

Hmmm, if I see  and it woks on Linux the same
as on MacOS X as on Windows or BeOS.

> Regards,
> Tommy

Thanks, Greetings and nice Day/Evening
Michelle Konzack

-- 
# Debian GNU/Linux Consultant ##
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsyst...@tdnet France EURL   itsyst...@tdnet UG (limited liability)
Owner Michelle KonzackOwner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France   77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

  
 

Jabber linux4miche...@jabber.ccc.de
ICQ#328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/


signature.pgp
Description: Digital signature

Re: [PHP] Re: file upload question

[Daniel Echalar]

i add me to the question.

2009/8/3 Peter Ford 

> seb wrote:
> > Hey all,
> >
> > i am using move_upload function to upload files to the server, but i
> > want to add a feature that will allow files to be archived that have
> > been uploaded already.
> >
> > so, the problem is:
> >
> > i upload a file that i want to "upgrade" and move the old file to an
> > archive directory but I want to verify the NEW file is upload BEFORE
> > moving the old file (the file being uploaded might not have the same
> > filename as the old file currently on the server)..
> >
> > i want to move the old file only when the new file was successfully
> > uploaded. something like:
> >
> > if(move_uploaded_file())
> > {
> >rename(...);
> > }
> >
> > only one problem.. then if both files have the same name it will be
> > overwritten before it moves the old one i want to save. if i move the
> > old one first, there still the possibility of the new upload failing so
> > i am back to square one..
> >
> > i guess i can move_upload to a different directory, verify it's been
> > uploaded, move the old to the archive file, then move the new file back
> > to where it should be (where the archive file was)..
> >
> > is that my only option? any suggestions?
>
> I'd suggest you *copy* the old file (if it exists) to archive anyway, and
> then
> *move* it back if the new version doesn't verify. That seems pretty safe to
> me...
>
> --
> Peter Ford  phone: 01580 89
> Developer   fax:   01580 893399
> Justcroft International Ltd., Staplehurst, Kent
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

[PHP] Re: file upload question

[Peter Ford]

seb wrote:
> Hey all,
> 
> i am using move_upload function to upload files to the server, but i
> want to add a feature that will allow files to be archived that have
> been uploaded already.
> 
> so, the problem is:
> 
> i upload a file that i want to "upgrade" and move the old file to an
> archive directory but I want to verify the NEW file is upload BEFORE
> moving the old file (the file being uploaded might not have the same
> filename as the old file currently on the server)..
> 
> i want to move the old file only when the new file was successfully
> uploaded. something like:
> 
> if(move_uploaded_file())
> {
>rename(...);
> }
> 
> only one problem.. then if both files have the same name it will be
> overwritten before it moves the old one i want to save. if i move the
> old one first, there still the possibility of the new upload failing so
> i am back to square one..
> 
> i guess i can move_upload to a different directory, verify it's been
> uploaded, move the old to the archive file, then move the new file back
> to where it should be (where the archive file was)..
> 
> is that my only option? any suggestions?

I'd suggest you *copy* the old file (if it exists) to archive anyway, and then
*move* it back if the new version doesn't verify. That seems pretty safe to 
me...

-- 
Peter Ford  phone: 01580 89
Developer   fax:   01580 893399
Justcroft International Ltd., Staplehurst, Kent

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Security

[Al]

I don't pay any attention to MIME sent by the client.

I check the MIME returned from getimagesize() and I'm not too certain of it. i need to do further 
research.


I do check the images have width and height and I extract the embedded text 
stuff.

I'm going to look into your suggestion. Thanks.

Peter Ford wrote:

Al wrote:

Thanks guys.

I had written a newer version restricted to images which checks MIME 
and image width and height.


I have one application which needs a text file.  I think I'll have my 
users hide a password in it and scan the whole file for and other signs of scripts, etc.


Al wrote:
One of my sites has been hacked and I'm trying to find the hole.  The 
hack code creates dirs with "nobody" ownership, so it's obvious stuff 
is not via ftp [ownership would be foo]


Site is virtual host, Linux/Apache

I'm concerned about a file uploader my users use to upload photos.

Can anyone see a hole in this scrip? Can my code upload an executable 
masquerading as an image file?


You probably need a deeper inspection than checking the extension - 
that's Microsoft thinking...
You can't trust what the client is telling you - even the MIME type sent 
by the browser is no guarantee.
Since you're on Linux, why not look at using the 'file' shell command to 
get a more detailed inspection of the upload.
I made a basic function like this a few years ago - probably needs a bit 
of tweaking:


$mimecmd = "/usr/bin/file -b -m ".escapeshellargs($magicFile)." 
".escapeshellargs($file)." 2> /dev/null";

$ret = exec($mimecmd);
if (!$ret)
{
$ret = "unknown";
}
return $ret;
}
?>

The global $magicFile is the tricky bit - you need to find a nice Unix 
magic numbers file that returns mime types (they're easier to parse than 
regular magic number responses). Probably something like 
/usr/share/misc/magic.mime, but that depends on the system.





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Security

[Peter Ford]

Al wrote:

Thanks guys.

I had written a newer version restricted to images which checks MIME and 
image width and height.


I have one application which needs a text file.  I think I'll have my 
users hide a password in it and scan the whole file for other signs of scripts, etc.


Al wrote:
One of my sites has been hacked and I'm trying to find the hole.  The 
hack code creates dirs with "nobody" ownership, so it's obvious stuff 
is not via ftp [ownership would be foo]


Site is virtual host, Linux/Apache

I'm concerned about a file uploader my users use to upload photos.

Can anyone see a hole in this scrip? Can my code upload an executable 
masquerading as an image file?


You probably need a deeper inspection than checking the extension - that's 
Microsoft thinking...
You can't trust what the client is telling you - even the MIME type sent by the 
browser is no guarantee.
Since you're on Linux, why not look at using the 'file' shell command to get a 
more detailed inspection of the upload.
I made a basic function like this a few years ago - probably needs a bit of 
tweaking:


$mimecmd = "/usr/bin/file -b -m ".escapeshellargs($magicFile)." 
".escapeshellargs($file)." 2> /dev/null";

$ret = exec($mimecmd);
if (!$ret)
{
$ret = "unknown";
}
return $ret;
}
?>

The global $magicFile is the tricky bit - you need to find a nice Unix magic 
numbers file that returns mime types (they're easier to parse than regular magic 
number responses). Probably something like /usr/share/misc/magic.mime, but that 
depends on the system.



--
Peter Ford  phone: 01580 89
Developer   fax:   01580 893399
Justcroft International Ltd., Staplehurst, Kent

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Security

[Al]

Thanks guys.

I had written a newer version restricted to images which checks MIME and image 
width and height.

I have one application which needs a text file.  I think I'll have my users hide a password in it 
and scan the whole file for 

Al wrote:
One of my sites has been hacked and I'm trying to find the hole.  The 
hack code creates dirs with "nobody" ownership, so it's obvious stuff is 
not via ftp [ownership would be foo]


Site is virtual host, Linux/Apache

I'm concerned about a file uploader my users use to upload photos.

Can anyone see a hole in this scrip? Can my code upload an executable 
masquerading as an image file?


$filetype = array("gif", "jpg", "jpeg", "png", "txt", css")

function csvt_file_upload($filetype, $max_size)
{
$prohibits = array("exe", "php", "inc", "php3", "pl", "bat", "cgi"); 
//common executables.

$absolute_max_size = 200;

end($_FILES); //get the "name" used by the html $name = key($_FILES); //could use the register variables, but this 
is safer.

if(isset($_FILES[$name]['name'])) $input_name = $_FILES[$name]['name'];

$error = "no"; //reset for error checks

if (!isset($filetype)) {
echo " File type assignment missing 
 ";

$error = "yes";
};

if (!isset($max_size)) {
echo " Max file size assignment 
missing.";

$error = "yes";
};

$filename = $_FILES[$name]['name'];
$tmp_name = $_FILES[$name]['tmp_name'];
$size = $_FILES[$name]['size'];

$absolute_path_file = getcwd(). DATA_DIR . $filename;


if (($size >= $max_size) OR ($size > $absolute_max_size)) {
echo " File size is too large. ";
$error = "yes";
}

$ext = substr(strrchr($filename, "."), 1); //get the extension, 
remove the "."

if (in_array($ext, $prohibits)) {
echo "Illegal file type, 
executable.\r\n";

$error = "yes";
}
if (is_executable($filename)) {
echo "Illegal file type, executable 
file.\r\n";

$error = "yes";
} //This is a double check in case $prohibits is incomplete.
if (is_array($filetype) AND !in_array($ext, $filetype)) {
echo "Illegal file type.\r\n";
$error = "yes";
}
if(!is_array($filetype) AND ($filetype != $ext)){
echo "Illegal file type.\r\n";
$error = "yes";
}
if ($error == "yes") {
echo "There was an error(s) with your 
file selection \"$input_name\" as the note(s) indicates. Please 
reselect, or remove your file selection and email for help. \r\n";

}
else {
if(!move_uploaded_file($tmp_name, $absolute_path_file))
die("There was an error saving your file. 
Check permissions of " . DATA_DIR . " Must be 777 \r\n");
   
chmod($absolute_path_file, 0644);

}

return;
}


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Sukhwinder Singh]

I think the problem occurred as I specified size in php.ini using 4096M or 
4G. Then just now I specified as 4294967294 around 4(GB) and I am getting 
the POSTed values. *Locally, on windows xp* this is working but when I set 
these values as as 4294967294 on Mandriva with php 5.1.6 and Apache/2.2.3. I 
get nothing in post as post_max_size turns negative and it won't allow any 
content greater than negative value.


I am still trying. I Installed Apache 2.2.4 on windows. Now file is being 
uploaded properly but file was still not moved. I had added a check


if ($file_details['size'] > 0) // do moving, update databases


and it was being returned negative. The logged it and $_FILES showed this 
for a 3.28 gb file


Array
(
   [File0] => Array
   (
   [name] => FC-6-i386-DVD.iso
   [type] => application/octet-stream
   [tmp_name] => C:\DOCUME~1\ADMINI~1.COM\LOCALS~1\Temp\php77.tmp
   [error] => 0
   [size] => -769771520
   )

)

I have removed this file size check and file *Uploaded Successfully*.

I haven't changed memory limit at all. Script time out I had to specify in 
php.ini file as one hour. Even though time of around 6 minutes should be 
enough to do the move_uploaded_file and update database but set_time_limit 
had no effect.


Any guess upgrading to php 5.2.1 on mandriva will solve problem as it 
already has apache 2.2.3?


Sukhwinder Singh



- Original Message - 
From: "Jim Lucas" <[EMAIL PROTECTED]>

To: <[EMAIL PROTECTED]>
Cc: "Sukhwinder Singh" <[EMAIL PROTECTED]>; "Jim Moseby" 
<[EMAIL PROTECTED]>; ; "Stut" 
<[EMAIL PROTECTED]>

Sent: Saturday, June 09, 2007 3:55 AM
Subject: Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize 
in GBs




Richard Lynch wrote:

On Fri, June 8, 2007 4:03 pm, Jim Lucas wrote:

afaik, you are using the stock php.ini setting while you are
uploading.


This should not be taken to mean that if one changes php.ini, that the
change does not affect file upload -- it definitely does matter...

Not sure Jim meant that Sukhwinder was using stock php.ini, or
everybody, but it's definitely not the case that everybody is, like it
or not -- If that were true, upload_max_filesize would be meaningless.

You CANNOT change the file upload time out with set_time_limit,
however, because the file upload happens BEFORE your PHP script begins
execution.

The time limits affecting file upload can only be set:
  a. in http.conf, for various Apache settings, if any (off-topic)
  b. in php.ini or .htaccess
 b1. you'll need to crank up max_input_time, I think
 b2. max_execution_time for sure
 b3. memory_limit while you are at it, probably

You of course have to crank up upload_max_filesise to way beyond what
you expect for an uploaded file.


Don't forget about other php.ini limiters.

These are all that I think one would have to adjust to make things work.

max_execution_time
max_input_time
memory_limit
post_max_size
file_uploads
upload_max_filesize

Granted, you need to take into account limitations outside of php. ie...

available hard drive space
any possible hard disk quota limit
single file size limit of the OS
file size limit of Apache ( mentioned by another replier )
Apache < 2.x is less than 2g
Apache 2.x is greater than 2g

And there might be more that I am not aware of...



--
Jim Lucas

   "Some men are born to greatness, some achieve greatness,
   and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
by William Shakespeare

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Tijnema]

On 6/9/07, Jim Lucas <[EMAIL PROTECTED]> wrote:

Richard Lynch wrote:
available hard drive space
any possible hard disk quota limit
single file size limit of the OS
file size limit of Apache ( mentioned by another replier )
   Apache < 2.x is less than 2g
   Apache 2.x is greater than 2g


Stut pointed out that it is in > 2.2.x , not 2.x
"If you want to upload files larger than 2 gigabytes, then you can't use
Apache 1.3.x or 2.0.x.  You need to use Apache 2.2.x, as explained on
the "New Features in Apache 2.2" page:

Large File Support
   httpd is now built with support for files larger than 2GB on modern
32-bit Unix systems.  Support for handling >2GB request bodies has also
been added."



Tijnema

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Jim Lucas]

Richard Lynch wrote:

On Fri, June 8, 2007 4:03 pm, Jim Lucas wrote:

afaik, you are using the stock php.ini setting while you are
uploading.


This should not be taken to mean that if one changes php.ini, that the
change does not affect file upload -- it definitely does matter...

Not sure Jim meant that Sukhwinder was using stock php.ini, or
everybody, but it's definitely not the case that everybody is, like it
or not -- If that were true, upload_max_filesize would be meaningless.

You CANNOT change the file upload time out with set_time_limit,
however, because the file upload happens BEFORE your PHP script begins
execution.

The time limits affecting file upload can only be set:
  a. in http.conf, for various Apache settings, if any (off-topic)
  b. in php.ini or .htaccess
 b1. you'll need to crank up max_input_time, I think
 b2. max_execution_time for sure
 b3. memory_limit while you are at it, probably

You of course have to crank up upload_max_filesise to way beyond what
you expect for an uploaded file.


Don't forget about other php.ini limiters.

These are all that I think one would have to adjust to make things work.

max_execution_time
max_input_time
memory_limit
post_max_size
file_uploads
upload_max_filesize

Granted, you need to take into account limitations outside of php. ie...

available hard drive space
any possible hard disk quota limit
single file size limit of the OS
file size limit of Apache ( mentioned by another replier )
Apache < 2.x is less than 2g
Apache 2.x is greater than 2g

And there might be more that I am not aware of...

--
Jim Lucas

   "Some men are born to greatness, some achieve greatness,
   and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
by William Shakespeare

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Richard Lynch]

On Fri, June 8, 2007 4:03 pm, Jim Lucas wrote:
> afaik, you are using the stock php.ini setting while you are
> uploading.

This should not be taken to mean that if one changes php.ini, that the
change does not affect file upload -- it definitely does matter...

Not sure Jim meant that Sukhwinder was using stock php.ini, or
everybody, but it's definitely not the case that everybody is, like it
or not -- If that were true, upload_max_filesize would be meaningless.

You CANNOT change the file upload time out with set_time_limit,
however, because the file upload happens BEFORE your PHP script begins
execution.

The time limits affecting file upload can only be set:
  a. in http.conf, for various Apache settings, if any (off-topic)
  b. in php.ini or .htaccess
 b1. you'll need to crank up max_input_time, I think
 b2. max_execution_time for sure
 b3. memory_limit while you are at it, probably

You of course have to crank up upload_max_filesise to way beyond what
you expect for an uploaded file.

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Jim Lucas]

Sukhwinder Singh wrote:
I will again suggest http://radinks.com/upload/ .  It does not use 
POST to

transfer huge files.


Thanks everyone for replying.

I had a look at that. My problem is that along with uploading file I 
also have to post some other information as well. File names are 
randomly generated. Jupload seems to do the work other than that POST 
problem. Client is asking for web based solution. I cannot ask him to do 
ftp.


PHP's handling of uploaded files is confusing. I have added logging to 
the script to which jupload posts. Logging suggests that php file is 
only accessed after file is completely uploaded by jupload. I also 
checked apache access logs. Entry in apache log appears only after file 
is completely uploaded.


Another thing that came up with this jupload is that as soon as I hit 
upload button, a file named phpxx.tmp (xx is any number) is created in 
temporary directory and its size starts growing as upload happens.


If applet doesn't post to php even at start then how come the temporary 
file is named phpxx.tmp.


I tried to upload file on internet using jupload and it seems to me 
script is timing out even when I have specified 1 hour as timeout.

set_time_limit(216000);


The php script that you are posting to does not get parsed until PHP has 
control of the upload.

There for, you cannot override the timeout with uploads.

afaik, you are using the stock php.ini setting while you are uploading.

look here

http://us.php.net/set_time_limit#33462
and this
http://us.php.net/set_time_limit#54765

I think you are running into an Apache time limit, not php



137 MB upload seemed to time out. and the set_time_limit doesn't seem to 
have any affect.


Now the even if I accept php's 1.99 GB limit. What to do about this 
timeout? Do I have to set it in php.ini? Why woudn't it work through the 
above function?


Stut is suggesting it has to be custom made as this kind of solution 
doesn't seem to already exit. A solution where some applet etc. only 
passes that information to php which is needed to move the file and 
update the database.


Thanks,
Sukhwinder Singh

- Original Message - From: "Jim Moseby" <[EMAIL PROTECTED]>
To: "'Sukhwinder Singh'" <[EMAIL PROTECTED]>; "Abdullah Ramazanoglu" 
<[EMAIL PROTECTED]>

Cc: 
Sent: Friday, June 08, 2007 5:40 PM
Subject: RE: [PHP] Re: File Upload - post_max_size and 
upload_max_filesize in GBs





Any suggestion to use some other applet. Any freeware etc. Or
one not so
expensive and which overcomes this php's 1.99 gb limit.

I will again suggest http://radinks.com/upload/ .  It does not use 
POST to

transfer huge files.

JM

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php







--
Jim Lucas

   "Some men are born to greatness, some achieve greatness,
   and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
by William Shakespeare

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Stut]

Richard Lynch wrote:

On Fri, June 8, 2007 10:17 am, Sukhwinder Singh wrote:

Stut, thank you very much for explaining things and trying to help.


The applet *does* POST to PHP. However, it has the option to upload
to an
FTP server "the choice of using HTTP, HTTPS or FTP connections
for
your transfer" (from the website).

So it seems applet posts complete data to that php file handling
script
(rather php engine),*as soon as upload button is clicked*, rather than
uploading first and then posting to php. That is the reason for name
phpxx.tmp of temporary file.


If it tried to upload and then do a separate POST, then you'd have no
way to connect the two events, as HTTP is stateless.


The name of the uploaded file is all it would need to connect the two 
events.



Or, rather, you'd need to overlay some kind of protocol on top of HTTP
that would maintain the state to tie the upload to the POST.


If by protocol you mean pass an identifier in the POST to tell it what 
file it relates to, then yes. And that identifier would be the filename.


-Stut

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Sukhwinder Singh]

- Original Message - 
From: "Richard Lynch" <[EMAIL PROTECTED]>

To: "Sukhwinder Singh" <[EMAIL PROTECTED]>
Cc: "Jim Moseby" <[EMAIL PROTECTED]>; ; 
"Stut" <[EMAIL PROTECTED]>

Sent: Friday, June 08, 2007 11:32 PM
Subject: Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize 
in GBs




On Fri, June 8, 2007 8:58 am, Sukhwinder Singh wrote:

I had a look at that. My problem is that along with uploading file I
also
have to post some other information as well. File names are randomly
generated. Jupload seems to do the work other than that POST problem.
Client
is asking for web based solution. I cannot ask him to do ftp.


You are never going to be happy with such large uploads over HTTP, imho.

Nor are your users, for several reasons:
 No way to continue aborted/failed upload, unlike FTP
 Browser timeout completely outside your control
 Too many users will think they have to sit and wait to finish



Actually only admin will upload files and that to locally. That is why I am 
not worried about wasting 15 minutes to upload it through browser.





PHP's handling of uploaded files is confusing. I have added logging to
the
script to which jupload posts. Logging suggests that php file is only
accessed after file is completely uploaded by jupload. I also checked
apache
access logs. Entry in apache log appears only after file is completely
uploaded.


Sort of...

You'd have to read Apache and PHP sources to see how it all works for
sure, but...



Only if I was a C programmer :-). Not even java programmer anymore.





Another thing that came up with this jupload is that as soon as I hit
upload
button, a file named phpxx.tmp (xx is any number) is created in
temporary
directory and its size starts growing as upload happens.


It's entirely possible that Apache and PHP conspire to handle the
upload, and do things about the upload, but you won't have any access
in php script to it, most likely, until it's all finished.



Yes, that is what is happening.




That said, check out Rasmus' recent patch to PHP which allows for an
upload progress meter -- It's entirely possible you could glean
something useful from that...


I have my own ajax script. which uses php 5.2 to monitor progress. The 
problem is php's limit of around 1.99 GB. You have missed few posts.

http://www.nabble.com/RE:-File-Upload---post_max_size-and-upload_max_filesize-in--GBs-t3884697.html

In my first email I had specified that when I set php limit to 4G it starts 
complaining about maximum post  length (as it becomes negative). It seems to 
store values in integer or something.


Also even apache 2.0 complains about invalid content length when I try to 
post 4 gb file. I have checked logs. May be apache 2.2 solves this problem.






If applet doesn't post to php even at start then how come the
temporary file
is named phpxx.tmp.


It's posting to Apache which is talking to PHP to handle the upload,
but it's a "team" process, and your PHP script has zero access until
it's done.


I tried to upload file on internet using jupload and it seems to me
script
is timing out even when I have specified 1 hour as timeout.
set_time_limit(216000);


You have to define "timing out" more clearly...

Often-times, a browser will give up, even if the upload is proceeding
normally.  We cannot fix broken web browsers.  No matter how much we'd
like to. :-)


137 MB upload seemed to time out. and the set_time_limit doesn't seem
to
have any affect.


Then the timeout isn't coming from PHP, but from another source.

Apache may be timing out, a buggy browser may be timing out, the
Internet connection may simply not be stable enough for a sustained
transfer...


Now the even if I accept php's 1.99 GB limit. What to do about this
timeout?


A 1.99 G limit is probably file-system based...



Not file system. I have tried on linux, windows (NTFS). As I explain above 
about negative numbers of post_max_size.






Do I have to set it in php.ini? Why woudn't it work through the above
function?


You cannot affect file upload in a PHP script, because the upload
occurs (or fails to occur) long before your PHP script begins to run
-- You can only do it in php.ini or in .htaccess


Stut is suggesting it has to be custom made as this kind of solution
doesn't
seem to already exit. A solution where some applet etc. only passes
that
information to php which is needed to move the file and update the
database.


Perhaps you should look at Flikr's application that they implemented
for this purpose, or read "Building Scalable Web Sites" by Cal
Henderson (of Flikr)


Right.





--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Sukhwinder Singh]

Tested on two servers. Both cases it seems to fail if it takes more
than 30
seconds.
I get an error:
[08-Jun-2007 20:15:06] PHP Fatal error:  Maximum execution time of 30
seconds exceeded in \handle_upload.php on line 2


That's php timeout message. You have NOT set the tmeout as you think.


Yes it is.
I had tried setting it using ini_set and also set_time_limit didn't take 
into consideration any.

ini_set('max_execution_time ', 216000);
set_time_limit(216000);

I had to change in php.ini and it seems to work.

Sukhwinder Singh

- Original Message - 
From: "Richard Lynch" <[EMAIL PROTECTED]>

To: "Sukhwinder Singh" <[EMAIL PROTECTED]>
Cc: "Stut" <[EMAIL PROTECTED]>; "Jim Moseby" <[EMAIL PROTECTED]>; 


Sent: Friday, June 08, 2007 11:39 PM
Subject: Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize 
in GBs




On Fri, June 8, 2007 10:17 am, Sukhwinder Singh wrote:

Stut, thank you very much for explaining things and trying to help.


The applet *does* POST to PHP. However, it has the option to upload
to an
FTP server "the choice of using HTTP, HTTPS or FTP connections
for
your transfer" (from the website).


So it seems applet posts complete data to that php file handling
script
(rather php engine),*as soon as upload button is clicked*, rather than
uploading first and then posting to php. That is the reason for name
phpxx.tmp of temporary file.


If it tried to upload and then do a separate POST, then you'd have no
way to connect the two events, as HTTP is stateless.

Or, rather, you'd need to overlay some kind of protocol on top of HTTP
that would maintain the state to tie the upload to the POST.

It's not "impossible" but nobody has bothered to do it because HTTP
file upload works "okay" for normal uses, and if you have ginormous
files, you'll be better off using FTP anyway.

But do feel free to write and release an Open Source solution to this
problem.


Tested on two servers. Both cases it seems to fail if it takes more
than 30
seconds.
I get an error:
[08-Jun-2007 20:15:06] PHP Fatal error:  Maximum execution time of 30
seconds exceeded in \handle_upload.php on line 2


That's php timeout message. You have NOT set the tmeout as you think.






--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Richard Lynch]

On Fri, June 8, 2007 10:17 am, Sukhwinder Singh wrote:
> Stut, thank you very much for explaining things and trying to help.
>
>> The applet *does* POST to PHP. However, it has the option to upload
>> to an
>> FTP server "the choice of using HTTP, HTTPS or FTP connections
>> for
>> your transfer" (from the website).
>
> So it seems applet posts complete data to that php file handling
> script
> (rather php engine),*as soon as upload button is clicked*, rather than
> uploading first and then posting to php. That is the reason for name
> phpxx.tmp of temporary file.

If it tried to upload and then do a separate POST, then you'd have no
way to connect the two events, as HTTP is stateless.

Or, rather, you'd need to overlay some kind of protocol on top of HTTP
that would maintain the state to tie the upload to the POST.

It's not "impossible" but nobody has bothered to do it because HTTP
file upload works "okay" for normal uses, and if you have ginormous
files, you'll be better off using FTP anyway.

But do feel free to write and release an Open Source solution to this
problem.

> Tested on two servers. Both cases it seems to fail if it takes more
> than 30
> seconds.
> I get an error:
> [08-Jun-2007 20:15:06] PHP Fatal error:  Maximum execution time of 30
> seconds exceeded in \handle_upload.php on line 2

That's php timeout message. You have NOT set the tmeout as you think.

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Richard Lynch]

On Fri, June 8, 2007 8:58 am, Sukhwinder Singh wrote:
> I had a look at that. My problem is that along with uploading file I
> also
> have to post some other information as well. File names are randomly
> generated. Jupload seems to do the work other than that POST problem.
> Client
> is asking for web based solution. I cannot ask him to do ftp.

You are never going to be happy with such large uploads over HTTP, imho.

Nor are your users, for several reasons:
  No way to continue aborted/failed upload, unlike FTP
  Browser timeout completely outside your control
  Too many users will think they have to sit and wait to finish

> PHP's handling of uploaded files is confusing. I have added logging to
> the
> script to which jupload posts. Logging suggests that php file is only
> accessed after file is completely uploaded by jupload. I also checked
> apache
> access logs. Entry in apache log appears only after file is completely
> uploaded.

Sort of...

You'd have to read Apache and PHP sources to see how it all works for
sure, but...

> Another thing that came up with this jupload is that as soon as I hit
> upload
> button, a file named phpxx.tmp (xx is any number) is created in
> temporary
> directory and its size starts growing as upload happens.

It's entirely possible that Apache and PHP conspire to handle the
upload, and do things about the upload, but you won't have any access
in php script to it, most likely, until it's all finished.

That said, check out Rasmus' recent patch to PHP which allows for an
upload progress meter -- It's entirely possible you could glean
something useful from that...

> If applet doesn't post to php even at start then how come the
> temporary file
> is named phpxx.tmp.

It's posting to Apache which is talking to PHP to handle the upload,
but it's a "team" process, and your PHP script has zero access until
it's done.

> I tried to upload file on internet using jupload and it seems to me
> script
> is timing out even when I have specified 1 hour as timeout.
> set_time_limit(216000);

You have to define "timing out" more clearly...

Often-times, a browser will give up, even if the upload is proceeding
normally.  We cannot fix broken web browsers.  No matter how much we'd
like to. :-)

> 137 MB upload seemed to time out. and the set_time_limit doesn't seem
> to
> have any affect.

Then the timeout isn't coming from PHP, but from another source.

Apache may be timing out, a buggy browser may be timing out, the
Internet connection may simply not be stable enough for a sustained
transfer...

> Now the even if I accept php's 1.99 GB limit. What to do about this
> timeout?

A 1.99 G limit is probably file-system based...

> Do I have to set it in php.ini? Why woudn't it work through the above
> function?

You cannot affect file upload in a PHP script, because the upload
occurs (or fails to occur) long before your PHP script begins to run
-- You can only do it in php.ini or in .htaccess

> Stut is suggesting it has to be custom made as this kind of solution
> doesn't
> seem to already exit. A solution where some applet etc. only passes
> that
> information to php which is needed to move the file and update the
> database.

Perhaps you should look at Flikr's application that they implemented
for this purpose, or read "Building Scalable Web Sites" by Cal
Henderson (of Flikr)

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Sukhwinder Singh]

I think you need to read up on how an HTTP POST request works when it's 
handled by PHP because some of what you've written there indicates that 
you don't quite have it. When you hit the upload button the browser makes 
a connection to the server and the PHP engine gets invoked to handle the 
request.
The engine then reads the entire HTTP request, including the file data 
that is being uploaded. That temporary file is created by the PHP engine 
to temporarily store the incoming data. Only when the entire request has 
been read does the PHP engine start running your PHP script.


Yes I didn't know. But I learned by actully experimenting with it and 
discussing on this mailing list.

It is not everyday that you have to deal with such issues.

Sites like these calim that you can use your web browser to upload 10 gb 
files. http://www.sendyourfiles.com/features/?web-mail

But clients forget that they are using some kind of plugins.

That's the PHP timeout kicking in. There is another setting in php.ini (I 
forget what it's called) that tells it how long it is allowed to wait for 
the request to be read, but looking at that error I'm not convinced that's 
what's causing that timeout.


I think what you wanted to write was max_input_time.


It's very difficult to tell without seeing your script.


My script does nothing more than get the file information, move it and 
update the database.


Looks like I have to post that php's upload limit of 1.99 gb to php 
internal mailing list.


Definitely worth doing, but don't be surprised if you get the same 
reaction.


Yes I expect the same response :-). "Don't upload 4 gb files over http"

Thank you very much Stut!

- Original Message - 
From: "Stut" <[EMAIL PROTECTED]>

To: "Sukhwinder Singh" <[EMAIL PROTECTED]>
Cc: "Jim Moseby" <[EMAIL PROTECTED]>; 
Sent: Friday, June 08, 2007 8:01 PM
Subject: Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize 
in GBs




Sukhwinder Singh wrote:

Stut, thank you very much for explaining things and trying to help.


That's no problem, it's what I'm here for (I knew there was a reason).

The applet *does* POST to PHP. However, it has the option to upload to 
an FTP server "the choice of using HTTP, HTTPS or FTP connections 
for your transfer" (from the website).


So it seems applet posts complete data to that php file handling script 
(rather php engine),*as soon as upload button is clicked*, rather than 
uploading first and then posting to php. That is the reason for name 
phpxx.tmp of temporary file.


As that seems to be the case; there is no real benefit in using applet 
(in case of http) other than that progress bar which is already supported 
by php 5.2


It also seems that php engine only hands over control to php file after 
the file is completely uploaded that is why my custom logging doesn't 
start as soon as upload starts. It only starts when file is already 
uploaded.


I think you need to read up on how an HTTP POST request works when it's 
handled by PHP because some of what you've written there indicates that 
you don't quite have it. When you hit the upload button the browser makes 
a connection to the server and the PHP engine gets invoked to handle the 
request.


The engine then reads the entire HTTP request, including the file data 
that is being uploaded. That temporary file is created by the PHP engine 
to temporarily store the incoming data. Only when the entire request has 
been read does the PHP engine start running your PHP script.


The timeout is likely coming from Apache. It has a limits similar to 
PHP.


Tested on two servers. Both cases it seems to fail if it takes more than 
30 seconds.

I get an error:
[08-Jun-2007 20:15:06] PHP Fatal error:  Maximum execution time of 30 
seconds exceeded in \handle_upload.php on line 2


That's the PHP timeout kicking in. There is another setting in php.ini (I 
forget what it's called) that tells it how long it is allowed to wait for 
the request to be read, but looking at that error I'm not convinced that's 
what's causing that timeout. It's very difficult to tell without seeing 
your script.


If you don't mind me asking, what are people uploading? 4gig is a lot 
for a single file of any type except maybe DVD images. Is there no way 
the user can upload several (read lots) smaller files instead of one big 
one?


It is not people that are uploading things. It is admin, and admin is 
local to server. I won't want to try uploading 4 GB over internet. And 
yes these are dvd files. They are going to be uploaded for streaming. But 
along with uploading of files som other fields also have to be uploaded. 
Client is showing examples like 
http://www.attachmore.com/Whysubscribe.aspx which claim unlimited upload 
size. I assume they are 

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Stut]

Brad Fuller wrote:

Have a look at "Filechucker" http://encodable.com/filechucker/

My company purchased this program for a small project; It's quite
inexpensive ($39 USD) and works well.  It's written in perl and does not
post to PHP, and we've used it to upload large files and it seems to handle
them just fine.


The OP might want to take note of this comment on that page...

If you want to upload files larger than 2 gigabytes, then you can't use 
Apache 1.3.x or 2.0.x.  You need to use Apache 2.2.x, as explained on 
the "New Features in Apache 2.2" page:


Large File Support
httpd is now built with support for files larger than 2GB on modern 
32-bit Unix systems.  Support for handling >2GB request bodies has also 
been added.


-Stut

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Stut]

Sukhwinder Singh wrote:

Stut, thank you very much for explaining things and trying to help.


That's no problem, it's what I'm here for (I knew there was a reason).

The applet *does* POST to PHP. However, it has the option to upload to 
an FTP server "the choice of using HTTP, HTTPS or FTP connections 
for your transfer" (from the website).


So it seems applet posts complete data to that php file handling script 
(rather php engine),*as soon as upload button is clicked*, rather than 
uploading first and then posting to php. That is the reason for name 
phpxx.tmp of temporary file.


As that seems to be the case; there is no real benefit in using applet 
(in case of http) other than that progress bar which is already 
supported by php 5.2


It also seems that php engine only hands over control to php file after 
the file is completely uploaded that is why my custom logging doesn't 
start as soon as upload starts. It only starts when file is already 
uploaded.


I think you need to read up on how an HTTP POST request works when it's 
handled by PHP because some of what you've written there indicates that 
you don't quite have it. When you hit the upload button the browser 
makes a connection to the server and the PHP engine gets invoked to 
handle the request.


The engine then reads the entire HTTP request, including the file data 
that is being uploaded. That temporary file is created by the PHP engine 
to temporarily store the incoming data. Only when the entire request has 
been read does the PHP engine start running your PHP script.



The timeout is likely coming from Apache. It has a limits similar to PHP.


Tested on two servers. Both cases it seems to fail if it takes more than 
30 seconds.

I get an error:
[08-Jun-2007 20:15:06] PHP Fatal error:  Maximum execution time of 30 
seconds exceeded in \handle_upload.php on line 2


That's the PHP timeout kicking in. There is another setting in php.ini 
(I forget what it's called) that tells it how long it is allowed to wait 
for the request to be read, but looking at that error I'm not convinced 
that's what's causing that timeout. It's very difficult to tell without 
seeing your script.


If you don't mind me asking, what are people uploading? 4gig is a lot 
for a single file of any type except maybe DVD images. Is there no way 
the user can upload several (read lots) smaller files instead of one 
big one?


It is not people that are uploading things. It is admin, and admin is 
local to server. I won't want to try uploading 4 GB over internet. And 
yes these are dvd files. They are going to be uploaded for streaming. 
But along with uploading of files som other fields also have to be 
uploaded. Client is showing examples like 
http://www.attachmore.com/Whysubscribe.aspx which claim unlimited upload 
size. I assume they are using custom activex controls.


If you look at the screenshots on that site you will see that they 
install something on your machine that provides the upload capability. 
Look specifically at the screenshot that shows the user right-clicking 
on a file in Windows and selecting to upload it. That's not a 
"web-based" solution, and if your client is pointing to it as such then 
they don't really know what they've talking about (like most clients in 
my experience).


Looks like I have to post that php's upload limit of 1.99 gb to php 
internal mailing list.


Definitely worth doing, but don't be surprised if you get the same reaction.

-Stut

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Brad Fuller]

Sukhwinder Singh wrote:
> Stut, thank you very much for explaining things and trying to help.
> 
>> The applet *does* POST to PHP. However, it has the option to upload
>> to an FTP server "the choice of using HTTP, HTTPS or FTP
>> connections for your transfer" (from the website).
> 
> So it seems applet posts complete data to that php file
> handling script (rather php engine),*as soon as upload button
> is clicked*, rather than uploading first and then posting to
> php. That is the reason for name phpxx.tmp of temporary file.
> 
> As that seems to be the case; there is no real benefit in
> using applet (in case of http) other than that progress bar
> which is already supported by php
> 5.2
> 
> It also seems that php engine only hands over control to php
> file after the file is completely uploaded that is why my
> custom logging doesn't start as soon as upload starts. It
> only starts when file is already uploaded.
> 
>> The timeout is likely coming from Apache. It has a limits similar to
>> PHP. 
> 
> Tested on two servers. Both cases it seems to fail if it
> takes more than 30 seconds.
> I get an error:
> [08-Jun-2007 20:15:06] PHP Fatal error:  Maximum execution
> time of 30 seconds exceeded in \handle_upload.php on line 2
> 
> 
>> If you don't mind me asking, what are people uploading? 4gig is a lot
>> for a single file of any type except maybe DVD images. Is there no
>> way the user can upload several (read lots) smaller files instead of
>> one big one? 
> 
> It is not people that are uploading things. It is admin, and
> admin is local to server. I won't want to try uploading 4 GB
> over internet. And yes these are dvd files. They are going to
> be uploaded for streaming. But along with uploading of files
> som other fields also have to be uploaded. Client is showing
> examples like http://www.attachmore.com/Whysubscribe.aspx
> which claim unlimited upload size. I assume they are using
> custom activex controls.
> 
> Looks like I have to post that php's upload limit of 1.99 gb
> to php internal mailing list.
> 
> Thanks again,
> Sukhwinder Singh
> 
> 
> 
> 
>  . - Original Message -
> From: "Stut" <[EMAIL PROTECTED]>
> To: "Sukhwinder Singh" <[EMAIL PROTECTED]>
> Cc: "Jim Moseby" <[EMAIL PROTECTED]>;
> 
> Sent: Friday, June 08, 2007 6:42 PM
> Subject: Re: [PHP] Re: File Upload - post_max_size and
> upload_max_filesize in GBs 
> 
> 
>> Sukhwinder Singh wrote:
>>> PHP's handling of uploaded files is confusing. I have added logging
>>> to the script to which jupload posts. Logging suggests that php file
>>> is only accessed after file is completely uploaded by jupload. I
>>> also checked apache access logs. Entry in apache log appears only
>>> after file is completely uploaded.
>> 
>> Absolutely correct - the data sent with an HTTP POST will be
>> completely uploaded before the PHP script is started. Likewise, the
>> entry in the apache log will only be done once the request is
>> completed otherwise it doesn't know all the information it needs.
>> 
>>> Another thing that came up with this jupload is that as soon as I
>>> hit upload button, a file named phpxx.tmp (xx is any number) is
>>> created in temporary directory and its size starts growing as
>>> upload happens. 
>>> 
>>> If applet doesn't post to php even at start then how come the
>>> temporary file is named phpxx.tmp.
>> 
>> The applet *does* POST to PHP. However, it has the option to upload
>> to an FTP server "the choice of using HTTP, HTTPS or FTP
>> connections for your transfer" (from the website).
>> 
>>> I tried to upload file on internet using jupload and it seems to me
>>> script is timing out even when I have specified 1 hour as timeout.
>>> set_time_limit(216000); 
>>> 
>>> 137 MB upload seemed to time out. and the set_time_limit doesn't
>>> seem to have any affect. 
>>> 
>>> Now the even if I accept php's 1.99 GB limit. What to do about this
>>> timeout? Do I have to set it in php.ini? Why woudn't it work through
>>> the above function?
>> 
>> The timeout is likely coming from Apache. It has a limits similar to
>> PHP. 
>> 
>>> Stut is suggesting it has to be custom made as this kind of solution
>>> doesn't seem to already exit. A solution where some applet etc. only
>>> passes that information to php which is needed to move the file and
>>> update 

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Zoltán Németh]

2007. 06. 8, péntek keltezéssel 20.17-kor Sukhwinder Singh ezt írta:
> Stut, thank you very much for explaining things and trying to help.
> 
> > The applet *does* POST to PHP. However, it has the option to upload to an 
> > FTP server "the choice of using HTTP, HTTPS or FTP connections for 
> > your transfer" (from the website).
> 
> So it seems applet posts complete data to that php file handling script 
> (rather php engine),*as soon as upload button is clicked*, rather than 
> uploading first and then posting to php. That is the reason for name 
> phpxx.tmp of temporary file.

The applet you use currently might be doing that, yes. So you should
write another applet, which transfers the file by ftp and posts other
data and file location to php after the file transfer is complete.

I think that's what Stut and others are telling you for a while now...

greets
Zoltán Németh

> 
> As that seems to be the case; there is no real benefit in using applet (in 
> case of http) other than that progress bar which is already supported by php 
> 5.2
> 
> It also seems that php engine only hands over control to php file after the 
> file is completely uploaded that is why my custom logging doesn't start as 
> soon as upload starts. It only starts when file is already uploaded.
> 
> > The timeout is likely coming from Apache. It has a limits similar to PHP.
> 
> Tested on two servers. Both cases it seems to fail if it takes more than 30 
> seconds.
> I get an error:
> [08-Jun-2007 20:15:06] PHP Fatal error:  Maximum execution time of 30 
> seconds exceeded in \handle_upload.php on line 2
> 
> 
> > If you don't mind me asking, what are people uploading? 4gig is a lot for 
> > a single file of any type except maybe DVD images. Is there no way the 
> > user can upload several (read lots) smaller files instead of one big one?
> 
> It is not people that are uploading things. It is admin, and admin is local 
> to server. I won't want to try uploading 4 GB over internet. And yes these 
> are dvd files. They are going to be uploaded for streaming. But along with 
> uploading of files som other fields also have to be uploaded. Client is 
> showing examples like http://www.attachmore.com/Whysubscribe.aspx which 
> claim unlimited upload size. I assume they are using custom activex 
> controls.
> 
> Looks like I have to post that php's upload limit of 1.99 gb to php internal 
> mailing list.
> 
> Thanks again,
> Sukhwinder Singh
> 
> 
> 
> 
>  . ----- Original Message - 
> From: "Stut" <[EMAIL PROTECTED]>
> To: "Sukhwinder Singh" <[EMAIL PROTECTED]>
> Cc: "Jim Moseby" <[EMAIL PROTECTED]>; 
> Sent: Friday, June 08, 2007 6:42 PM
> Subject: Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize 
> in GBs
> 
> 
> > Sukhwinder Singh wrote:
> >> PHP's handling of uploaded files is confusing. I have added logging to 
> >> the script to which jupload posts. Logging suggests that php file is only 
> >> accessed after file is completely uploaded by jupload. I also checked 
> >> apache access logs. Entry in apache log appears only after file is 
> >> completely uploaded.
> >
> > Absolutely correct - the data sent with an HTTP POST will be completely 
> > uploaded before the PHP script is started. Likewise, the entry in the 
> > apache log will only be done once the request is completed otherwise it 
> > doesn't know all the information it needs.
> >
> >> Another thing that came up with this jupload is that as soon as I hit 
> >> upload button, a file named phpxx.tmp (xx is any number) is created in 
> >> temporary directory and its size starts growing as upload happens.
> >>
> >> If applet doesn't post to php even at start then how come the temporary 
> >> file is named phpxx.tmp.
> >
> > The applet *does* POST to PHP. However, it has the option to upload to an 
> > FTP server "the choice of using HTTP, HTTPS or FTP connections for 
> > your transfer" (from the website).
> >
> >> I tried to upload file on internet using jupload and it seems to me 
> >> script is timing out even when I have specified 1 hour as timeout.
> >> set_time_limit(216000);
> >>
> >> 137 MB upload seemed to time out. and the set_time_limit doesn't seem to 
> >> have any affect.
> >>
> >> Now the even if I accept php's 1.99 GB limit. What to do about this 
> >> timeout? Do I have to set it in php.ini? Why woudn't it work through the 
> >> above function?
> >
>

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Sukhwinder Singh]

Stut, thank you very much for explaining things and trying to help.

The applet *does* POST to PHP. However, it has the option to upload to an 
FTP server "the choice of using HTTP, HTTPS or FTP connections for 
your transfer" (from the website).


So it seems applet posts complete data to that php file handling script 
(rather php engine),*as soon as upload button is clicked*, rather than 
uploading first and then posting to php. That is the reason for name 
phpxx.tmp of temporary file.


As that seems to be the case; there is no real benefit in using applet (in 
case of http) other than that progress bar which is already supported by php 
5.2


It also seems that php engine only hands over control to php file after the 
file is completely uploaded that is why my custom logging doesn't start as 
soon as upload starts. It only starts when file is already uploaded.



The timeout is likely coming from Apache. It has a limits similar to PHP.


Tested on two servers. Both cases it seems to fail if it takes more than 30 
seconds.

I get an error:
[08-Jun-2007 20:15:06] PHP Fatal error:  Maximum execution time of 30 
seconds exceeded in \handle_upload.php on line 2



If you don't mind me asking, what are people uploading? 4gig is a lot for 
a single file of any type except maybe DVD images. Is there no way the 
user can upload several (read lots) smaller files instead of one big one?


It is not people that are uploading things. It is admin, and admin is local 
to server. I won't want to try uploading 4 GB over internet. And yes these 
are dvd files. They are going to be uploaded for streaming. But along with 
uploading of files som other fields also have to be uploaded. Client is 
showing examples like http://www.attachmore.com/Whysubscribe.aspx which 
claim unlimited upload size. I assume they are using custom activex 
controls.


Looks like I have to post that php's upload limit of 1.99 gb to php internal 
mailing list.


Thanks again,
Sukhwinder Singh




. - Original Message - 
From: "Stut" <[EMAIL PROTECTED]>

To: "Sukhwinder Singh" <[EMAIL PROTECTED]>
Cc: "Jim Moseby" <[EMAIL PROTECTED]>; 
Sent: Friday, June 08, 2007 6:42 PM
Subject: Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize 
in GBs




Sukhwinder Singh wrote:
PHP's handling of uploaded files is confusing. I have added logging to 
the script to which jupload posts. Logging suggests that php file is only 
accessed after file is completely uploaded by jupload. I also checked 
apache access logs. Entry in apache log appears only after file is 
completely uploaded.


Absolutely correct - the data sent with an HTTP POST will be completely 
uploaded before the PHP script is started. Likewise, the entry in the 
apache log will only be done once the request is completed otherwise it 
doesn't know all the information it needs.


Another thing that came up with this jupload is that as soon as I hit 
upload button, a file named phpxx.tmp (xx is any number) is created in 
temporary directory and its size starts growing as upload happens.


If applet doesn't post to php even at start then how come the temporary 
file is named phpxx.tmp.


The applet *does* POST to PHP. However, it has the option to upload to an 
FTP server "the choice of using HTTP, HTTPS or FTP connections for 
your transfer" (from the website).


I tried to upload file on internet using jupload and it seems to me 
script is timing out even when I have specified 1 hour as timeout.

set_time_limit(216000);

137 MB upload seemed to time out. and the set_time_limit doesn't seem to 
have any affect.


Now the even if I accept php's 1.99 GB limit. What to do about this 
timeout? Do I have to set it in php.ini? Why woudn't it work through the 
above function?


The timeout is likely coming from Apache. It has a limits similar to PHP.

Stut is suggesting it has to be custom made as this kind of solution 
doesn't seem to already exit. A solution where some applet etc. only 
passes that information to php which is needed to move the file and 
update the database.


Indeed, that is what I'm suggesting. However, I *do* think the solution 
exists, but I've only ever seen it on specific websites. I've never seen a 
product that can do this sort of thing.


If you don't mind me asking, what are people uploading? 4gig is a lot for 
a single file of any type except maybe DVD images. Is there no way the 
user can upload several (read lots) smaller files instead of one big one?


-Stut



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Stut]

Sukhwinder Singh wrote:
PHP's handling of uploaded files is confusing. I have added logging to 
the script to which jupload posts. Logging suggests that php file is 
only accessed after file is completely uploaded by jupload. I also 
checked apache access logs. Entry in apache log appears only after file 
is completely uploaded.


Absolutely correct - the data sent with an HTTP POST will be completely 
uploaded before the PHP script is started. Likewise, the entry in the 
apache log will only be done once the request is completed otherwise it 
doesn't know all the information it needs.


Another thing that came up with this jupload is that as soon as I hit 
upload button, a file named phpxx.tmp (xx is any number) is created in 
temporary directory and its size starts growing as upload happens.


If applet doesn't post to php even at start then how come the temporary 
file is named phpxx.tmp.


The applet *does* POST to PHP. However, it has the option to upload to 
an FTP server "the choice of using HTTP, HTTPS or FTP connections 
for your transfer" (from the website).


I tried to upload file on internet using jupload and it seems to me 
script is timing out even when I have specified 1 hour as timeout.

set_time_limit(216000);

137 MB upload seemed to time out. and the set_time_limit doesn't seem to 
have any affect.


Now the even if I accept php's 1.99 GB limit. What to do about this 
timeout? Do I have to set it in php.ini? Why woudn't it work through the 
above function?


The timeout is likely coming from Apache. It has a limits similar to PHP.

Stut is suggesting it has to be custom made as this kind of solution 
doesn't seem to already exit. A solution where some applet etc. only 
passes that information to php which is needed to move the file and 
update the database.


Indeed, that is what I'm suggesting. However, I *do* think the solution 
exists, but I've only ever seen it on specific websites. I've never seen 
a product that can do this sort of thing.


If you don't mind me asking, what are people uploading? 4gig is a lot 
for a single file of any type except maybe DVD images. Is there no way 
the user can upload several (read lots) smaller files instead of one big 
one?


-Stut

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Sukhwinder Singh]

I will again suggest http://radinks.com/upload/ .  It does not use POST to
transfer huge files.


Thanks everyone for replying.

I had a look at that. My problem is that along with uploading file I also 
have to post some other information as well. File names are randomly 
generated. Jupload seems to do the work other than that POST problem. Client 
is asking for web based solution. I cannot ask him to do ftp.


PHP's handling of uploaded files is confusing. I have added logging to the 
script to which jupload posts. Logging suggests that php file is only 
accessed after file is completely uploaded by jupload. I also checked apache 
access logs. Entry in apache log appears only after file is completely 
uploaded.


Another thing that came up with this jupload is that as soon as I hit upload 
button, a file named phpxx.tmp (xx is any number) is created in temporary 
directory and its size starts growing as upload happens.


If applet doesn't post to php even at start then how come the temporary file 
is named phpxx.tmp.


I tried to upload file on internet using jupload and it seems to me script 
is timing out even when I have specified 1 hour as timeout.

set_time_limit(216000);

137 MB upload seemed to time out. and the set_time_limit doesn't seem to 
have any affect.


Now the even if I accept php's 1.99 GB limit. What to do about this timeout? 
Do I have to set it in php.ini? Why woudn't it work through the above 
function?


Stut is suggesting it has to be custom made as this kind of solution doesn't 
seem to already exit. A solution where some applet etc. only passes that 
information to php which is needed to move the file and update the database.


Thanks,
Sukhwinder Singh

- Original Message - 
From: "Jim Moseby" <[EMAIL PROTECTED]>
To: "'Sukhwinder Singh'" <[EMAIL PROTECTED]>; "Abdullah Ramazanoglu" 
<[EMAIL PROTECTED]>

Cc: 
Sent: Friday, June 08, 2007 5:40 PM
Subject: RE: [PHP] Re: File Upload - post_max_size and upload_max_filesize 
in GBs





Any suggestion to use some other applet. Any freeware etc. Or
one not so
expensive and which overcomes this php's 1.99 gb limit.


I will again suggest http://radinks.com/upload/ .  It does not use POST to
transfer huge files.

JM

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: File Upload - post_max_size and upload_max_filesiz e in GBs

[Jim Moseby]

> 
> Any suggestion to use some other applet. Any freeware etc. Or 
> one not so 
> expensive and which overcomes this php's 1.99 gb limit.
> 
I will again suggest http://radinks.com/upload/ .  It does not use POST to
transfer huge files.

JM

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Sukhwinder Singh]

Sorry but I couldn't follow. If I understood correctly, there's 50M (or 
4G,

for that matter) data, and there's say 5K metadata. First, java applet
uploads the bulk data over ftp to a temp directory on the server
(employing the ftp service running on the server - not apache/php).
If/when the bulk data transfer completes successfully, then the java
applet needs to POST the 5K metadata over http to php. Up to this point I
can follow. But in your example, the java applet transfers the bulk data
itself -not metadata- a second time, POSTing it to php?


Yes you are right. I seems to post complete data.
Actually I want 4GB uploads as uploads will be local so it is not going to 
take so much time.
The example of 50 MB I provided was to prove that applet was actually 
POSTing to php and php's post and upload limits came into effect.

I am using JUpload. http://jupload.sourceforge.net/

And it POSTs the data to a php script after it uploads. PHP doesn't seem to 
allow more than 1.9... GB




If so, then the applet you use (or the parameters it's been passed) should
be broken, I guess.


Any suggestion to use some other applet. Any freeware etc. Or one not so 
expensive and which overcomes this php's 1.99 gb limit.


Sukwhinder Singh

- Original Message - 
From: "Abdullah Ramazanoglu" <[EMAIL PROTECTED]>

To: 
Sent: Friday, June 08, 2007 3:37 AM
Subject: [PHP] Re: File Upload - post_max_size and upload_max_filesize in 
GBs




Sukhwinder Singh dedi ki:
 --8<--


I have read. I have been trying to find out way for last two days.
I can say about jupload and how it seems to work.
It uploads file to server in a temporary directory.
It has postURL parameter. Then it POSTS the data to php file.
Because it POSTS, the php configuration values comes into question.

Here is an example:

Settings in php.ini are 50M for upload_max_fisesize and 50M for
post_max_size.
I used japplet  and  uploaded a 51.89 MB file.

This is what is in error log.

[08-Jun-2007 03:06:29] PHP Warning:  POST Content-Length of 54414946
[bytes
exceeds the limit of 52428800 bytes in Unknown on line 0


Sorry but I couldn't follow. If I understood correctly, there's 50M (or 
4G,

for that matter) data, and there's say 5K metadata. First, java applet
uploads the bulk data over ftp to a temp directory on the server
(employing the ftp service running on the server - not apache/php).
If/when the bulk data transfer completes successfully, then the java
applet needs to POST the 5K metadata over http to php. Up to this point I
can follow. But in your example, the java applet transfers the bulk data
itself -not metadata- a second time, POSTing it to php?

If so, then the applet you use (or the parameters it's been passed) should
be broken, I guess.

Kind regards,
--
Abdullah Ramazanoglu
aramazan ÄT myrealbox D0T cöm

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload - post_max_size and upload_max_filesize in GBs

[Abdullah Ramazanoglu]

Sukhwinder Singh dedi ki:
  --8<--

> I have read. I have been trying to find out way for last two days.
> I can say about jupload and how it seems to work.
> It uploads file to server in a temporary directory.
> It has postURL parameter. Then it POSTS the data to php file.
> Because it POSTS, the php configuration values comes into question.
> 
> Here is an example:
> 
> Settings in php.ini are 50M for upload_max_fisesize and 50M for
> post_max_size.
> I used japplet  and  uploaded a 51.89 MB file.
> 
> This is what is in error log.
> 
> [08-Jun-2007 03:06:29] PHP Warning:  POST Content-Length of 54414946
> [bytes
> exceeds the limit of 52428800 bytes in Unknown on line 0

Sorry but I couldn't follow. If I understood correctly, there's 50M (or 4G,
for that matter) data, and there's say 5K metadata. First, java applet
uploads the bulk data over ftp to a temp directory on the server
(employing the ftp service running on the server - not apache/php).
If/when the bulk data transfer completes successfully, then the java
applet needs to POST the 5K metadata over http to php. Up to this point I
can follow. But in your example, the java applet transfers the bulk data
itself -not metadata- a second time, POSTing it to php?

If so, then the applet you use (or the parameters it's been passed) should
be broken, I guess.

Kind regards,
-- 
Abdullah Ramazanoglu
aramazan ÄT myrealbox D0T cöm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Security and chmod

[Jo�o C�ndido de Souza Neto]

I always use the ftp functions of php to upload files. I think it´s more 
safe than move_uploaded_file function.


""Andy Hultgren"" <[EMAIL PROTECTED]> escreveu na mensagem 
news:[EMAIL PROTECTED]
> Hi,
> I am relatively new to php and am trying to set up a file upload
> process for my website.  I have read through the php security
> documentation and a number of the security-related questions on these
> lists and am attempting to implement as many of the measures as
> possible.
> One of the suggestions I have read is to have the uploaded files saved
> somewhere outside of your root directory.  Unfortunately I cannot do
> that as my root directory is simply www.myDomain.com and not
> ".public_html/" and I am on a shared server where my root cannot be
> changed (I have already asked).  So, I am trying to keep the
> permissions on my "saved_files" folder as tight as possible except
> when the actual upload occurs.  I this as follows:
>
> 1) The actual file upload comes through Flash8, and when the user
> uploads a file it is sent to
> www.domain.com/flash8directory/upload.php, which is in the same
> directory as the Flash8 upload application.
> 2) upload.php first chmod 0740 the "saved_files" folder (which is
> located at www.domain.com/flash8directory/saved_files/).  Then it does
> security checks to make sure an appropriate image has been uploaded,
> and if everything looks good it moves the uploaded file to
> "saved_files".
> 3) The Flash8 upload application is notified of the completion of the
> upload and downloads the new image it its viewer.
> 4) Once the download is complete and Flash8 no longer needs to work
> with the file, the Flash8 application notifies a separate php script
> by sending the variable "complete=1" to lockdown.php (located at
> www.domain.com/flash8directory/lockdown.php), which runs the following
> simple script:
>
> 
> $success = 0;
> $complete = $_POST['complete'];
>
> if ($complete==1) {
> if(chmod("./saved_files", 0100)) {
> success = yes;
> echo "success=yes";
> }
> }
> ?>
>
> This script works and "saved_files" is set to chmod 0100, but here is
> the problem.  If I then navigate directly to the url of the uploaded
> file by entering its path in my
> browser(www.domain.com/flash8directory/saved_files/uploadedFile.jpg),
> the uploaded file appears in my browser!  However, if I then refresh
> the browser I get the desired error message saying I do not have
> permission to access that file.  Also, other browser windows never
> have access to view the uploaded file, only the browser from which the
> file was uploaded.
>
> Any thoughts on why I can view the uploaded file even though it has
> been set to chmod 0100?  I'd really rather not have those files
> accessible to anyone, as an extra security layer.
>
> Thank you for your help!
>
> Andy 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Max Size

[Anas Mughal]

I don't think you are doing FTP. I think you mean uploading using an
upload form.
Just increase the threshold in the php.ini file or set it in the script.

Hope this helps.


On 9/30/05, Matt Palermo <[EMAIL PROTECTED]> wrote:
> Hello everyone.  I'm basically building a PHP FTP client app.  This app
> connects to an FTP server and allows the user to edit/delete
> files/permissions, etc.  I've gotten to the point where I have started to
> create a file upload feature.  The problem I have is that PHP only allows a
>
> 2mb maximum file upload, while normal FTP allows a much larger file to be
> uploaded.  This app will be for a server where the user does not have access
>
> to change any php.ini settings.  I'm basically looking for a way to upload
> large files (if needed) through my PHP FTP client app.  This 2mb file limit
>
> is killing me here.  Is there any way to get around this?  I'm using the PHP
>
> built in FTP functions to do all the backend work for the app.  I don't
> imagine there is an FTP function to use that will allow larger uploads is
> there?  Please let me know if you have any suggestions.  I really need to
> upload larger files, and since it's going to an FTP site, there shouldn't be
>
> too many size restrictions.
>
> Thanks,
>
> Matt
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


--
Anas Mughal

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload Max Size

[Carlos Olmos]

if you don't have access to php.ini then use 
ini_set("upload_max_filesize","10M").





At 06:29 p.m. 30/09/2005 +0100, zzapper wrote:

On Fri, 30 Sep 2005 08:42:28 -0400,  wrote:

>Well, I would like to at least be able to upload a 10mb - 15mb file.  I
>don't need it to upload files that are HUGE, just a reasonable size.
>
>
>"zzapper" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]
>> On Fri, 30 Sep 2005 01:19:01 -0400,  wrote:
>>
>>>Hello everyone.  I'm basically building a PHP FTP client app.  This app
>>>connects to an FTP server and allows the user to edit/delete
>>>files/permissions, etc.  I've gotten to the point where I have started to
>>>create a file upload feature.  The problem I have is that PHP only allows
>>>a
>>>2mb maximum file upload, while normal FTP allows a much larger file to be
>>>uploaded.
>>
In php,ini

; Maximum allowed size for uploaded files.
upload_max_filesize = 2M

--
zzapper
Success for Techies and Vim,Zsh tips
http://SuccessTheory.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Max Size

[zzapper]

On Fri, 30 Sep 2005 08:42:28 -0400,  wrote:

>Well, I would like to at least be able to upload a 10mb - 15mb file.  I 
>don't need it to upload files that are HUGE, just a reasonable size.
>
>
>"zzapper" <[EMAIL PROTECTED]> wrote in message 
>news:[EMAIL PROTECTED]
>> On Fri, 30 Sep 2005 01:19:01 -0400,  wrote:
>>
>>>Hello everyone.  I'm basically building a PHP FTP client app.  This app
>>>connects to an FTP server and allows the user to edit/delete
>>>files/permissions, etc.  I've gotten to the point where I have started to
>>>create a file upload feature.  The problem I have is that PHP only allows 
>>>a
>>>2mb maximum file upload, while normal FTP allows a much larger file to be
>>>uploaded.
>>
In php,ini

; Maximum allowed size for uploaded files.
upload_max_filesize = 2M

-- 
zzapper
Success for Techies and Vim,Zsh tips
http://SuccessTheory.com/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Max Size

[Matt Palermo]

Well, I would like to at least be able to upload a 10mb - 15mb file.  I 
don't need it to upload files that are HUGE, just a reasonable size.


"zzapper" <[EMAIL PROTECTED]> wrote in message 
news:[EMAIL PROTECTED]
> On Fri, 30 Sep 2005 01:19:01 -0400,  wrote:
>
>>Hello everyone.  I'm basically building a PHP FTP client app.  This app
>>connects to an FTP server and allows the user to edit/delete
>>files/permissions, etc.  I've gotten to the point where I have started to
>>create a file upload feature.  The problem I have is that PHP only allows 
>>a
>>2mb maximum file upload, while normal FTP allows a much larger file to be
>>uploaded.
>
> Don't want to depress you but I've had experience of other problems eg 
> browser timeout
>
>
>
> -- 
> zzapper
> Success for Techies and Vim,Zsh tips
> http://SuccessTheory.com/ 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Max Size

[zzapper]

On Fri, 30 Sep 2005 01:19:01 -0400,  wrote:

>Hello everyone.  I'm basically building a PHP FTP client app.  This app 
>connects to an FTP server and allows the user to edit/delete 
>files/permissions, etc.  I've gotten to the point where I have started to 
>create a file upload feature.  The problem I have is that PHP only allows a 
>2mb maximum file upload, while normal FTP allows a much larger file to be 
>uploaded.  

Don't want to depress you but I've had experience of other problems eg browser 
timeout



-- 
zzapper
Success for Techies and Vim,Zsh tips
http://SuccessTheory.com/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload

[Sergey]

use $HTTP_POST_FILES for older php versions

""Han"" <[EMAIL PROTECTED]> ÓÏÏÂÝÉÌ/ÓÏÏÂÝÉÌÁ × ÎÏ×ÏÓÔÑÈ 
ÓÌÅÄÕÀÝÅÅ: 
news:[EMAIL PROTECTED]
> Hello,
>
> I'm having a problem with a file upload. The following works on one server 
> I use : -
>
> ---
> function add_me(){
> global $filename;
> global $maxFileSize;
> global $yourdirectory;
>
> // put this in a file that is called by your webpage with a form
> // use the form file input type and call it 'file'
>
>   $maxFileSize =  204800;
>   $filename = $_FILES['file']['tmp_name'];
> echo "f is ".$filename;
>
>   if (file_exists($filename))
>   {
>// open the file
>   $handle = fopen($filename, "r");
>
>// 1. read the file in line by line
>   while (!feof($handle))
>{
>  $buffer = fgets($handle, 4096);
>
> // if you were reading a text file you can
> // do any operations on each line as you go here
>   }
>
>
>// 2. otherwise just read the whole file
>// in one go, e.g. for an image.
> $buffer = fgets($handle, 4096);
>
>// then you can write to the database or
>// do whatever with it here
>
>// close the file
>   fclose($handle);
>   }
>
>
> $uploaddir = '/home/folder1/htdocs/folder2/'.myfolder.'/';
> echo "YYY ".$uploaddir;
>
> $uploadfile2 = $_FILES['file']['tmp_name'];
> $uploadfile2 = preg_replace("/\/tmp\//", "", $uploadfile2);
>
> $uploadfile = $uploaddir . $uploadfile2 .".gif";
>
>
> //$$uploadfile2 =~ s/\/[a-zA-Z]\///g;
>
> //print "";
> if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) {
>   print "File is valid, and was successfully uploaded. ";
> } else {
>   print "Possible file upload attack!  Here's some debugging info:\n";
> }
> //print "$uploadfile";
>
> chmod($uploadfile,0777);
>
> --
>
> But when I use this same code on a different server, it doesn't work as 
> there seem to be no $_FILES['file']['tmp_name'].
> Is $_FILES['file']['tmp_name'] something configured by the server (I'm 
> using Apache on a Linux system), or something default within PHP itself?
>
>
> Han. 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload

[Jason Barnett]

Search the list archives for "(noob) file"

--
Teach a man to fish...

NEW? | http://www.catb.org/~esr/faqs/smart-questions.html
STFA | http://marc.theaimsgroup.com/?l=php-general&w=2
STFM | http://php.net/manual/en/index.php
STFW | http://www.google.com/search?q=php
LAZY |
http://mycroft.mozdev.org/download.html?name=PHP&submitform=Find+search+plugins


signature.asc
Description: OpenPGP digital signature

[PHP] Re: File Upload Question

[Arnout Boks]

As far as I know, this is not possible.
You can however generate more file-upload boxes dynamicly.
In this way, users can click an 'Upload another file'-button to display an
extra upload form-element.
Check the 'variable variables'-part in the PHP reference (user notes) for an
example of this construction.
Hope this is good solution for your application.

greetz,
Arnout Boks

"Warren Vail" <[EMAIL PROTECTED]> schreef in bericht
news:[EMAIL PROTECTED]
> Perhaps this is more about HTML than PHP, but the PHP $_FILES var seems to
> be set up to allow a list of files to be uploaded.  How does one get the
> pop-up window to allow a user to select (ctrl-click or whatever) multiple
> files in the same pop-up window?  Everything I have tried has left the
user
> restricted to selecting one file only.
>
> thanks in advance.
>
> Warren Vail
>
>
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload within form

[Torsten Roehr]

"Tom Chubb" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I am trying to design a custom form script and I've stumbled across a
small
> problem.
> I want to implement a file upload into the form, but rather than posting
to
> another file I want to refresh the form and then show that there has been
a
> file uploaded.
>
> I know about changing the form action to:
>  id="form">
>
> But, what do I need to change to update the script?
> I'm a newbie, but trying hard to learn!
>
> Thanks in advance for any help.
>
> Tom
>
>
> 
> 
> 
> 
> 
> 
>
>
>  file://FILE UPLOAD SCRIPT
> $file = $_POST[file];
> $path = "/relative/directory/to/file"; file://SET THIS TO THE RELATIVE
PATH FROM
> WHERE THE SCRIPT IS TO WHERE THE FILE SHOULD BE UPLOADED TO,
>
> if($file){
> print("File name: $file_name/n");
> print("File size: $file_size bytes/n");

This should be:

if (isset($_FILES) && isset($_FILES['spec'])) {

echo 'File name: ' . $_FILES['spec']['name'] . '';
echo 'File size: ' . $_FILES['spec']['size'] . ' bytes';

}

>
> if(copy($file, "$path/$filename")){

This should be:

if (copy($_FILES['file']['tmp_name'], "$path/$filename")) {


Regards,

Torsten Roehr

> print("Your File was uploaded successfully");
> } else{
> print("ERROR, your file was not successfully uploaded");
> }
> unlink($file);
> }
> ?>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: FIle Upload problems

[Brian V Bonini]

> Do yourself a favour, study the example in the manual, get it working, 
> understand how it works, 

Lighten up Francis, it was 10pm at night after a 14 hour day and 62 hour
week. 

I appreciate the help but can do without the cynicism.


-- 
Brian V Bonini <[EMAIL PROTECTED]>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: FIle Upload problems

[Jason Wong]

On Saturday 06 March 2004 10:42, Brian V Bonini wrote:
> On Fri, 2004-03-05 at 21:33, Andre Cerqueira wrote:
> > try echo'ing $_FILES['image_upload']['tmp_name'], and check if the path
> > exists
>
> Gives me nothing, hmmm...

If you had enable error reporting and checked what errors were reported you 
would probably have solved your problem already.

> In the form if I trim off the local /PATH/to/file/ it returns successful
> and created a 0 byte file where it should. Obviously not what ultimately
> needs to happen but Am I supposed have to translate the local path
> first of something?

I don't see anywhere in your form where you have "/PATH/to/file/", what are 
you referring to?

Also the following is obviously incorrect ...

  switch($_FILES['HTTP_POST_FILES']['userfile']['error']){

... it should be ...

  switch($_FILES['userfile']['error']){

... and you should have substituted 'userfile' with 'image_upload' as that is 
what you're using in your form.

Do yourself a favour, study the example in the manual, get it working, 
understand how it works, THEN modify it in small incremental steps until it 
does what you want.

-- 
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
Live from New York ... It's Saturday Night!
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: FIle Upload problems

[Brian V Bonini]

On Fri, 2004-03-05 at 21:33, Andre Cerqueira wrote:
> try echo'ing $_FILES['image_upload']['tmp_name'], and check if the path 
> exists

Gives me nothing, hmmm...

> 
> maybe some wrong configuration on php.ini
> upload_tmp_dir ?

%more php.ini && ls -l / | grep tmp
register_globals = On
upload_tmp_dir = /tmp
file_uploads = 1 
 
drwxrwxrwt  29 root  wheel1536 Mar  5 21:39 tmp

In the form if I trim off the local /PATH/to/file/ it returns successful
and created a 0 byte file where it should. Obviously not what ultimately
needs to happen but Am I supposed have to translate the local path
first of something?

-- 
Brian V Bonini <[EMAIL PROTECTED]>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: FIle Upload problems

[Andre Cerqueira]

try echo'ing $_FILES['image_upload']['tmp_name'], and check if the path 
exists

maybe some wrong configuration on php.ini
upload_tmp_dir ?
it is usually a good idea trying to isolate the smallest piece of code 
that gives the unwanted result
makes it easier for other ppl to help, and sometimes you find out the 
bug, by yourself, on the way



Brian V Bonini wrote:
The form:




Add Rider
Name:

Lic. Cat.:

Comments:

Upload Image:




The code:

if (is_uploaded_file($_FILES['image_upload']['tmp_name'])) {
move_uploaded_file($_FILES['image_upload']['tmp_name'],
$upload_file_path);
echo "success";
} else {
echo "Possible file upload attack. Filename: " .
$_FILES['image_upload']['name'] . "\n";
switch($_FILES['HTTP_POST_FILES']['userfile']['error']){
case 0: //no error; possible file attack!
echo "There was a problem with your upload.\n";
break;
case 1: //uploaded file exceeds the upload_max_filesize
directive in php.ini
echo "The file you are trying to upload is too
big.\n";
break;
case 2: //uploaded file exceeds the MAX_FILE_SIZE
directive that was specified in the html form
echo "The file you are trying to upload is too
big.\n";
break;
case 3: //uploaded file was only partially uploaded
echo "The file you are trying upload was only
partially uploaded.\n";
break;
case 4: //no file was uploaded
echo "You must select an image for upload.\n";
break;
default: //a default error, just in case!  :)
echo "There was a problem with your upload.\n";
break;
}
}
}
No matter what I try this keeps falling through to the default switch.


--
André Cerqueira


signature.asc
Description: OpenPGP digital signature

[PHP] RE: File Upload on a MAC-Browser didn't work

[Volker Dähn]

Hi Chris,

I already posted it as an SAFARI-ERROR to Apple.
Maybe you could do the same.
I think, it's more possible apple fixes the problem, the more error-messages
they get.

Actually i try to identify the situation in which the skript is echoing the
TMP-Directory.

This is the form for the upload:







The following site checks the uplad and copies the file to a specific
folder:

// if the Picture was uploaded
if ($BildDatei!="" AND
is_uploaded_file($_FILES['BildDatei']['tmp_name'])) {
// Check for JPG
if ($_FILES['BildDatei']['type']=='image/pjpeg') {
// Move File
$TestFile=$UserCoverDir.$ISBNFeld.".jpg";
move_uploaded_file($_FILES['BildDatei']['tmp_name'], "$TestFile");
}
} else {
echo "Save unsuccesfull";
}

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload on a MAC-Browser didn't work

[Volker Dähn]

Hi Chris,

I already posted it as an SAFARI-ERROR to Apple.
Maybe you could do the same.
I think, it's more possible apple fixes the problem, the more error-messages
they get.

Actually i try to identify the situation in which the skript is echoing the
TMP-Directory.

This is the form for the upload:







The following site checks the uplad and copies the file to a specific
folder:

// if the Picture was uploaded
if ($BildDatei!="" AND
is_uploaded_file($_FILES['BildDatei']['tmp_name'])) {
// Check for JPG
if ($_FILES['BildDatei']['type']=='image/pjpeg') {
// Move File
$TestFile=$UserCoverDir.$ISBNFeld.".jpg";
move_uploaded_file($_FILES['BildDatei']['tmp_name'], "$TestFile");
}
} else {
echo "Save unsuccesfull";
}

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload on a MAC-Browser didn't work

[Chris]

I had a similar problem, but never found an answer. In my situation, the
browser hung when I uploaded a file greater than 800 records. I found a post
that said I should echo something to the browser on a regular basis during
the upload, but that didn't work.

This is still of interest to me to solve. Perhaps we can together find a
solution

Chris

"Volker DåHn" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Hi,

The following script works on any browser on windows xp. But not on a mac
(osx)
It simply shows the temp-directoryname.
Is anybody out there who could help me to fix this problem?
How will the upload work with Safari?

Thanks for your help.

This is the form for the upload:







The following site checks the uplad and copies the file to a specific
folder:

// if the Picture was uploaded
if ($BildDatei!="" AND
is_uploaded_file($_FILES['BildDatei']['tmp_name'])) {
// Check for JPG
if ($_FILES['BildDatei']['type']=='image/pjpeg') {
// Move File
$TestFile=$UserCoverDir.$ISBNFeld.".jpg";
move_uploaded_file($_FILES['BildDatei']['tmp_name'], "$TestFile");
}
} else {
echo "Save unsuccesfull";
}

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload problem

[Grant Rutherford]

No, I'm afraid that the results are nearly instantaneous.  If it timed 
out, there should be a corresponding delay before I got the error message.

Thanks,
Grant
pete M wrote:

It might be the script timing out - defaults to 20 seconds

check
set_time_limit()
regards
pete


--
Grant Rutherford
Iders Incorporated
600A Clifton Street
Winnipeg, MB
R3G 2X6
http://www.iders.ca
tel: 204-779-5400 ext 36
fax: 204-779-5444

Iders Incorporated: Confidential

Note: This message is intended solely for the use of the designated
recipient(s) and their appointed delegates, and may contain
confidential information.  Any unauthorized disclosure, copying or
distribution of its contents is strictly prohibited.  If you have
received this message in error, please destroy it and advise the sender
immediately by phone, Email or facsimile.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload problem

[pete M]

It might be the script timing out - defaults to 20 seconds

check
set_time_limit()
regards
pete


Grant Rutherford wrote:

Hi there,

I'm trying to get a file upload to work with PHP.

The file I'm attempting to upload is a 742kB pdf file, but this will 
have to work for files up to 50Mb of all types eventually.

The following test pages work fine if the receiving page (testdone) is 
saved with an html extension, but they return a "Document Contains no 
Data" error if it has a php extension.  The inclusion or exclusion of a 
"MAX_FILE_SIZE" hidden field does not seem to effect the situation.

In addition, the upload appears to work fine for smaller files. (239kB 
works fine on both .php and .html)

I'm using PHP with apache viewed on Mozilla, and the following simple HTML:

teststart.html:
Test Page

Test Page






testdone.***:
Test Page

Test Page
File Upload Successful


The parts of my php.ini file that I think may be relevant are:

memory_limit = 80M
post_max_size = 1M
file_uploads = On
upload_max_filesize = 1M
Any help would be appreciated

Thanks,
Grant



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload problem

[Catalin Trifu]

Hi,

> echo " = 'multipart/form-data'>\n";
I think that the methos should be POST not GET
Second, you may want to save the file first with,
move_uploaded_file (see
http://de.php.net/manual/en/function.move-uploaded-file.php),
then you will be able to see it.
Of course you will first check it's in order to save it.
Third: it might be a good idea to check your php.ini and
see if you allow file uploads and also the httpd.conf

cheers,
Catalin

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload

[Peda]

> did you look what comes from your form? try:
> var_export($_FILES);


It comes the empty array:
array( )



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload

[sven]

Peda wrote:
> I want to upload some file to my web site.
>
> The upload_single.php script is just this:>  $ime = $_FILES["thefile"]["name"];
>  print ($ime);
>
> I just want for begining to print the name of file.
> But It doesn't work.

did you look what comes from your form? try:
var_export($_FILES);



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload HELP!!!

[Dustin Pate]

I believe your problem has something to do with the fact that the filename
has spaces in it.

"Ian Young" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Tearing our hair out here. Have been trying for ever to get files to
upload.
> The good news. We are connecting to database and obtaining information on
> filename, size, type etc but no file!.
>
> Have made a tempdir d-ol/temp and have configured php.ini to reflect
> this.Maximum file size is the same a s maximum for server.
>
> Using the fileman script to test everything.
>
> Following error message found.
>
> Warning:  stat failed for terms & conditions.doc (errno=2 - No such file
or
> directory) in /www./d-ol/fileman.php on line 109
> Warning:  fopen("terms & conditions.doc", "r") - No such file or directory
> in /www.d-ol/fileman.php on line 110
> Warning:  Supplied argument is not a valid File-Handle resource in
> /www.*/d-ol/fileman.php on line 111
> Warning:  Supplied argument is not a valid File-Handle resource in
> /www.iysearch.net/d-ol/fileman.php on line 112
>
> Lines 108 to 112 read as follows:
> $file_name = $write_dir.$input_file_name;
> $file_size = filesize ($file_name);
> $fp = fopen ($file_name, 'r');
> $data = addslashes (fread ($fp, $file_size));
> fclose ($fp);
> Hope you can help
>
> Ian J Young
> Principal
> Ian Young Executive Search
> 39 Palmerston Place
> Edinburgh
> EH12 5AU
>
>
**IMPORTANT*
> ***
>
> This e-mail contains information which is confidential and may also be
> privileged. It is for the exclusive use of the intended recipient(s). If
you
> are not the intended recipient(s) please note that any form of,
> distribution, copying or use of this e-mail or the information in it is
> strictly prohibited and may be unlawful. If you have received this in
error
> please inform us at the above address then delete the e-mail and destroy
any
> copies of it. Thank you.
>
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload problem

[Sami Kollanus]

Thanks for the idea. I didn't think that solution before, bacause in the 
 previous PHP-version it was impossible to upload empty files. Now 
server makes empty file even, if there is no file to upload.

I still would like to know, where is the reason for the change of 
function in the server. Is there somebody, who knows?

If you don't want users to write empty files to your server, why don't you
just stop them ? You can write something like this:
if ($HTTP_POST_FILES['file1']['size']!=0){
  move_uploaded_file($HTTP_POST_FILES['file1']['tmp_name'],
$upload_dir.$HTTP_POST_FILES['file1']['name']);
}
else {
  echo "WARNING: File is zero size !!!";
}
Mi5ha

--
Please enter your access password: penis
ERROR: Sorry your password is not long enough...


"Sami Kollanus" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
I'm using:
- Apache 2.0.40 server (linux)
- PHP 4.2.2
I use file uploads in my code, but there occured small problems with the
server update(from Apache 1.3.??, PHP 4.1.2). is_uploaded_file()- and
move_uploaded_file()-functions don't work correctly any more. Or
actually the file upload system doesn't work correctly.
The problem is to recognice, when the user try to upload a file, which
doesn't exist. It's possible to even write nonsense like "sdafasdf" into
the file type input-field (Mozzilla and IE). In that case the current
server writes an empty file named according to the text "sdafasdf".
When there is a legal empty file "uploaded" to the server,
is_uploaded_file() doesn't fail. So, there is no way to recognice, when
the user try upload a "nonsense-file".
Can anybody help? I don't know, if it's PHP or Apache causing the
problem. Is there any settings, which could cause this?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload problem

[Mi5ha]

If you don't want users to write empty files to your server, why don't you
just stop them ? You can write something like this:

if ($HTTP_POST_FILES['file1']['size']!=0){
  move_uploaded_file($HTTP_POST_FILES['file1']['tmp_name'],
$upload_dir.$HTTP_POST_FILES['file1']['name']);
}
else {
  echo "WARNING: File is zero size !!!";
}

Mi5ha

--
Please enter your access password: penis
ERROR: Sorry your password is not long enough...



"Sami Kollanus" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I'm using:
> - Apache 2.0.40 server (linux)
> - PHP 4.2.2
>
> I use file uploads in my code, but there occured small problems with the
> server update(from Apache 1.3.??, PHP 4.1.2). is_uploaded_file()- and
> move_uploaded_file()-functions don't work correctly any more. Or
> actually the file upload system doesn't work correctly.
>
> The problem is to recognice, when the user try to upload a file, which
> doesn't exist. It's possible to even write nonsense like "sdafasdf" into
> the file type input-field (Mozzilla and IE). In that case the current
> server writes an empty file named according to the text "sdafasdf".
>
> When there is a legal empty file "uploaded" to the server,
> is_uploaded_file() doesn't fail. So, there is no way to recognice, when
> the user try upload a "nonsense-file".
>
> Can anybody help? I don't know, if it's PHP or Apache causing the
> problem. Is there any settings, which could cause this?
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload

[Alexander Weber]

Seems correct to me, try to upload the file with different browsers. Opera,
Netscape, M$. e.g. Rich Text could be: application/MSword, text/richtext,
and some other "nice" applications ;-)

Cheers,

Alex

"Anders Thoresson" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:[EMAIL PROTECTED]
> Am I making any obvious mistakes here, in my upload script? I want to
> upload text-files only, they should end up in the directory from which the
> script is executed and be names __traningsmatcher.txt.
>
> HTML-form:
>
> 
> 
> 
> 
> Fil: 
> 
> 
> 
> 
> 
> 
> 
> 
>
>
> And php, on the recieving end:
> 
> // check and validate uploaded file
>
> if($_FILES['userfile'] == "none") {
> die("Problem: Ingen fil uppladdad.");
> }
>
>
> if($_FILES['userfile']['size'] == 0) {
> die("Problem: Filen är tom.");
> }
>
> if($_FILES['userfile']['type'] != "text/plain") {
> die("Problem: Filen är inte en textfil.");
> }
>
>
> if(!is_uploaded_file($_FILES['userfile']['tmp_name'])) {
> die("Problem: Filen är inte uppladdad");
> }
>
> $upfile = "__traningsmatcher.txt";
>
> if(!copy($_FILES['userfile']['tmp_name'], $upfile)) {
> die("Kunde inte spara filen");
> }
>
> echo("Filen är sparad!");
>
>
> ?>
>
> --
> anders thoresson



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload and permissions

[KK]

yeah, unfortunately 777 is the way to go.

"Charles Kline" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I have a form which uploads a file to my server. The files that are
> uploaded will be .doc files and will need to be able to be downloaded
> from a web page.
>
> My script works locally - I have tested it well files upload etc., but
> I am moving it to a commercial web server and am not sure what
> permissions should be set like for this directory. I have tried my
> script and gotten the files to upload but when the script tries to move
> them to the directory where I want to keep them I get a permission
> denied error. I have played with it - changing permissions and the only
> one that works is chmod 777 - not sure if this is good or not - pretty
> new to unix administration stuff.
>
> What do you all suggest?
>
> Thanks,
> Charles
>
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload problem

[Neil M]

John M wrote:

Hello,

I have the code below. It's a simple file upload. But it doesn't work.
Before the line if(isset( $Submit )) is an echo which can I read. But after
choosing a file and press a submit nothing happens. Why is if(isset(
$Submit )) always false? Maybe my apache or php config is wrong?

I use WinXp Prof, Apache 2.0.43, PHP 4.2.3, safe_mode is on , upload_tmp_dir
is "c:\tmp\" and upload_max_filesize is 2M in PHP config file.



try a double \\ in windows paths



Thanks!




Untitled Document







you will need to put a form action url in above line , like 
action="http://www.domain-name.com/script.php";




\n";
if(isset( $Submit ))
{
echo "After submit \n";

if ($_FILES['imagefile']['type'] == "image/gif"){
copy ($_FILES['imagefile']['tmp_name'],
"files/".$_FILES['imagefile']['name'])
or die ("Could not copy");
echo "Name: ".$_FILES['imagefile']['name']."";
   }
 else {
echo "";
echo "Could Not Copy, Wrong Filetype
(".$_FILES['imagefile']['name'].")";
}
}
?>








Thanks

Neil


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload problem

[Bobby Patel]

Since you have 'safe-mode' on, Register globals will be turned off, so you
should test $HTTP_POST_VARS['Submit'], instead.
"John M" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
>
> I have the code below. It's a simple file upload. But it doesn't work.
> Before the line if(isset( $Submit )) is an echo which can I read. But
after
> choosing a file and press a submit nothing happens. Why is if(isset(
> $Submit )) always false? Maybe my apache or php config is wrong?
>
> I use WinXp Prof, Apache 2.0.43, PHP 4.2.3, safe_mode is on ,
upload_tmp_dir
> is "c:\tmp\" and upload_max_filesize is 2M in PHP config file.
>
> Thanks!
>
>
> 
> 
> Untitled Document
> 
> 
> 
>
> 
> 
> 
>
>  echo "Before submit \n";
> if(isset( $Submit ))
> {
> echo "After submit \n";
>
> if ($_FILES['imagefile']['type'] == "image/gif"){
> copy ($_FILES['imagefile']['tmp_name'],
> "files/".$_FILES['imagefile']['name'])
> or die ("Could not copy");
> echo "Name: ".$_FILES['imagefile']['name']."";
>}
>  else {
> echo "";
> echo "Could Not Copy, Wrong Filetype
> (".$_FILES['imagefile']['name'].")";
> }
> }
> ?>
> 
>
> 
> 
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: File Upload

[Bogdan Stancescu]

Ok, have you tried
");
  print_r($_FILES);
  echo("");
?>

at the beginning of the 2nd script? What does it say?

Bogdan

Miro Kralovic wrote:

Hi Bodgan..

yes, I have globals On, Uploads On and SafeMode=off.. no luck... 

I did it exactly by the book, damn it..:-(


-Original Message-
From: Bogdan Stancescu [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 13, 2002 22:09
To: [EMAIL PROTECTED]
Subject: [PHP] Re: File Upload


Globals on? File uploads allowed? Safe mode off?




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: File Upload

[Miro Kralovic]

Hi Bodgan..

yes, I have globals On, Uploads On and SafeMode=off.. no luck... 

I did it exactly by the book, damn it..:-(


-Original Message-
From: Bogdan Stancescu [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 13, 2002 22:09
To: [EMAIL PROTECTED]
Subject: [PHP] Re: File Upload


Globals on? File uploads allowed? Safe mode off?



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload

[Bogdan Stancescu]

Globals on? File uploads allowed? Safe mode off?

Miro Kralovic wrote:

Hi everybody,

I'm trying to upload a file using the following scripts, but it doesn't
work, it actually doesn't get through the first line of PHP script at all
and displays "a problem has occured" message. I'm running the script on RH
Linux/PHP4. Is there anything I'm missing here???

Many thanks in advance,
Miro.

-
[upload_file.html]


File Upload




Choose a file: 








[input_file.php]

\n";
	echo "userfile_name: $testfile_name\n";
	echo "userfile_size: $testfile_size\n";
	}
	else
	{
	echo "no file updated";
	}
}
else
{
	echo "a problem has occured";
}
?>





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: File Upload Problem

[Richard Archer]

I've had 2 thoughts on this one. They're fairly uneducated an just
meandering speculation, but it's my tuppence-worth so...

My initial thought was this: I believe the Content-Type: MIME header is
added by your browser. HTTP standards say that anything sending a file
over HTTP is supposed to tell the recipient what type of file it's
sending. It does this by adding the Content-Type: header at the start of
the stream. Normally, PHP will read this header and put it in the
$_FILES['userfile']['type'] variable. Perhaps your Linux browser adds
the header in such a way that PHP cannot extract it properly, and simply
thinks it's part of the file? You could try checking the
$_FILES['userfile']['type'] variable to see if it contains the correct
MIME type.

It then dawned on me that I know either Apache or PHP (can't remember
which, possibly both, but most likely Apache) can so some clever stuff
where it fills in missing MIME type headers by analysing the file being
transferred. It's possible that your Linux browser is not sending a
Content-Type: header and so Apache tries to fill one in and it's APACHE
that is adding the iffy header that PHP doesn't recognise.
Alternatively, it's possible that your browser IS adding the header, but
Apache doesn't recognise it, so adds another one. PHP happily extracts
the first one, but doesn't spot the second one so it creeps through.

Of course, all that could be wrong as I'm not an expert on file uploads,
but it might be a place to start looking.

Regards,
Rich


-Original Message-
From: David Freeman [mailto:dfreeman@;outbackqld.net.au] 
Sent: 30 October 2002 9:23 pm
To: [EMAIL PROTECTED]
Subject: RE: [PHP] Re: File Upload Problem



G'day David

 > > My problem is that files uploaded through a form are 
 > > increasing in size.

 > Doesn't that look like the EOL characters are being 
 > translated after the fashion of ftp ascii transfers?

 > Maybe have a look at the two versions in a 
 > hex viewer and see if that is the case? 

Yes, I'd considered that.  That was what I'd gone looking for in config
files etc.  I'd hoped to find a switch for ftp transfer mode.  Didn't
find one though.

However, partly because of your email and partly because I noted that
the file size increase was the same every time (27 bytes) I decided to
load it into a hex editor.

What I found was that at the top of the file, the following had been
added:

-8<-
Content-Type: image/gif

-8<-

I also found that if I remove these two lines the image will display
perfectly.

So, my next question is, why does my linux box add this to an uploaded
image and my windows box not do so?  Can someone make a suggestion on
where I should be looking?  Is the addition of this information a server
(Apache) thing?  Or is it a php thing?

CYA, Dave





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: File Upload Problem

[David Robley]

In article <01c2805a$8a2a11a0$4b0a0a0a@skink>, 
[EMAIL PROTECTED] says...
> 
> G'day David
> 
>  > > My problem is that files uploaded through a form are 
>  > > increasing in size.
> 
>  > Doesn't that look like the EOL characters are being 
>  > translated after the fashion of ftp ascii transfers?
> 
>  > Maybe have a look at the two versions in a 
>  > hex viewer and see if that is the case? 
> 
> Yes, I'd considered that.  That was what I'd gone looking for in config
> files etc.  I'd hoped to find a switch for ftp transfer mode.  Didn't
> find one though.
> 
> However, partly because of your email and partly because I noted that
> the file size increase was the same every time (27 bytes) I decided to
> load it into a hex editor.
> 
> What I found was that at the top of the file, the following had been
> added:
> 
> -8<-
> Content-Type: image/gif
> 
> -8<-
> 
> I also found that if I remove these two lines the image will display
> perfectly.
> 
> So, my next question is, why does my linux box add this to an uploaded
> image and my windows box not do so?  Can someone make a suggestion on
> where I should be looking?  Is the addition of this information a server
> (Apache) thing?  Or is it a php thing?
> 
> CYA, Dave

That's, er, odd?? Dunno whether you might find anything useful from 

http://www.google.com/search?q=upload+file+content+type+form+multipart+ima
ge+php&sourceid=opera&num=0&ie=utf-8&oe=utf-8

(unwrap that). As I understand it, upload by form has nothing to do with 
ftp - it's part of http - and I assume that it is intended to do an 
'exact' copy? Perhaps a code snippet, just in case anyone can pick 
something odd about it.

Cheers
-- 
David Robley
Temporary Kiwi!

Quod subigo farinam

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Re: File Upload Problem

[David Freeman]

G'day David

 > > My problem is that files uploaded through a form are 
 > > increasing in size.

 > Doesn't that look like the EOL characters are being 
 > translated after the fashion of ftp ascii transfers?

 > Maybe have a look at the two versions in a 
 > hex viewer and see if that is the case? 

Yes, I'd considered that.  That was what I'd gone looking for in config
files etc.  I'd hoped to find a switch for ftp transfer mode.  Didn't
find one though.

However, partly because of your email and partly because I noted that
the file size increase was the same every time (27 bytes) I decided to
load it into a hex editor.

What I found was that at the top of the file, the following had been
added:

-8<-
Content-Type: image/gif

-8<-

I also found that if I remove these two lines the image will display
perfectly.

So, my next question is, why does my linux box add this to an uploaded
image and my windows box not do so?  Can someone make a suggestion on
where I should be looking?  Is the addition of this information a server
(Apache) thing?  Or is it a php thing?

CYA, Dave




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload Problem

[David Robley]

In article <002e01c27f99$20e35b50$030a0a0a@skink>, 
[EMAIL PROTECTED] says...
> Hi All
> 
> I'll start by saying that I've checked the online manual (and comments)
> as well as having done a Google search on this with no success.
> 
> My problem is that files uploaded through a form are increasing in size.
> For example, I upload an image that is 7658 bytes and the uploaded
> version is 7685 bytes, or upload 11106 bytes and it's 11133 bytes when
> uploaded.  Images uploaded through my form are broken in the process and
> no longer display.
> 
> This is only happening on my production server (RH Linux-based).  My
> development environment is Win XP with Apache and PHP and the exact same
> code works perfectly.
> 
> I've checked through /etc/php.ini for anything related without success.
> I use move_uploaded_file() to handle the uploaded file once it's on the
> server.
> 
> Can anyone suggest where else I should be looking to resolve this?
> 
> Thanks,
> Dave

Doesn't that look like the EOL characters are being translated after the 
fashion of ftp ascii transfers? Maybe have a look at the two versions in a 
hex viewer and see if that is the case? 

Not a solution, but maybe a further step in the debugging process?

Cheers
-- 
David Robley
Temporary Kiwi!

Quod subigo farinam

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload > 2 MB

[Erwin]

Andy wrote:
> Hi there,
>
> I am trying to configure php inside the httpd.conf to allow file
> uploads inside a special directory with more than 2 MB.
>
> Somehow the syntax is wrong, since I do get the errormsg that there
> are 2 arguments required. Here is the code:
>
> # special settings for webmailer
> 
>php_flag upload_max_filesize = 50M
> 

Remove the = and use php_value

php_value upload_max_filesize 2M

HTH
Erwin



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] RE: File upload security and virus considerations

[YC Nyon]

I am doing an application where users can upload a *.zip file into the
server. Virus and hackers threats are my main concern.
Anyone mind sharing their experiences on how to deal with it. If u suggest
any antivirus, please specifiy the name. the server is on windows platform.
Also, if it's virus, how do i tell php to return a webpage to the user
saying it was unsuccessful.

TIA
Nyon








-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload problem

[nicos]

Take a look at
http://www.php.net/manual/sv/printwn/features.file-upload.php, your pages
should be named .php and not .php3 if you support PHP4.

--

Nicos - CHAILLAN Nicolas
[EMAIL PROTECTED]
www.WorldAKT.com - Hébergement de sites Internet

"Ram K" <[EMAIL PROTECTED]> a écrit dans le message de news:
[EMAIL PROTECTED]
> Hey
>
> I have a prob with my php file upload. i am using windows
>
> my html file looks like
> 
> 
> 
> 
>  ENCTYPE="multipart/form-data">
> Upload the datafile here
> 
> 
> 
> 
> 
> 
> 
> my php file looks like
> 
>  $endresult = "File Was Uploaded";
>
> $newfile = "C:\\upload\\".$file_name;
>
> echo $newfile."";
> echo $file."";
>
> @copy($file, $newfile) or $endresult = "Couldn't Copy File To
> Server";
>
> echo $endresult;
> ?>
>
> 
> when i run i get an error
> \\php2
> c:\upload\a.gif
> cannot upload file
>
> any ideas why?? also i am not clear as to where the \\php2 comes
>  from
>
> thanks in advance
>
> regards
> ram
>
> __
> Give your Company an email address like
> ravi @ ravi-exports.com.  Sign up for Rediffmail Pro today!
> Know more. http://www.rediffmailpro.com/signup/
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload memory usage.

[Reid Sutherland]

> 
> I don't think HTTP POST upload is going to be reliable for *that* size
> files, no matter *what* you do...

Well from the tests I have done it has worked fine.  There is no reason 
why it shouldn't either.

> 
> Give them an FTP account or something.
> 

No an option for hundreds of people with massive multi-tier permissions. 
  And considering these people barely understand how to enter their 
username let alone use an FTP client.

> At least FTP can be "continued" (assuming the server/client are configured
> properly and current) when they lose their connection after 95MB...
> 
> HTTP POST can't be "continued", last I checked...  At least not on most
> systems.

They can't, but that's fine.


-reid



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File upload memory usage.

[Richard Lynch]

>I'm currently locked in a battle with PHP and file uploads.  I've
>searched the list to no avail.  I actually found a guy with the same
>problem who ended up using perl to make this work.  I'm trying to avoid
>that.
>
>The problem is, I'm dealing with huge POST uploads (100+ mb).  And

Ye Gods!

I don't think HTTP POST upload is going to be reliable for *that* size
files, no matter *what* you do...

Give them an FTP account or something.

At least FTP can be "continued" (assuming the server/client are configured
properly and current) when they lose their connection after 95MB...

HTTP POST can't be "continued", last I checked...  At least not on most
systems.


-- 
Like Music?  http://l-i-e.com/artists.htm
I'm looking for a PRO QUALITY two-input sound card supported by Linux (any
major distro).  Need to record live events (mixed already) to stereo
CD-quality.  Soundcard Recommendations?
Software to handle the recording? Don't need fancy mixer stuff.  Zero (0)
post-production time.  Just raw PCM/WAV/AIFF 16+ bit, 44.1KHz, Stereo
audio-to-disk.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload

[Richard Lynch]

In article <[EMAIL PROTECTED]> ,
[EMAIL PROTECTED] (Fgôk ŞôündÉö) wrote:

>In php.ini, upload_max_filesize = 8MB.
>When I try to upload  file over 5MB, my php file didn't work correctly.
>I mean post variable in the php file are lost, session variables also are
>lost ...

Are you 100% sure that you are looking at the correct php.ini?...

What does  say is the upload_max_filesize?

And did you over-ride that with your HTML?  There's a tag that can be used
to decrease (but not increase) the MAX FILE SIZE.

Uploading 5 MB files via HTTP is just a Bad Idea (tm)...

Is there any way to move to FTP?

I suspect there are several other possible sources of error:

Your HTTP server, and any intervening router *IS* allowed to limit the size
of a POST to any value they choose, so long as that value is AT LEAST 1 MB.
(I think.)  While they are all encouraged *NOT* to impose such a limit, they
may.

The user under which PHP is running *MAY* have some kind of shell limit
imposed on their individual temp files or somesuch, I guess...  I mean, I
know there are things like 'ulimit' and 'usage' and so on (see 'man ulimit')
and I reckon somebody somewhere may be bright enough to have come up with a
limitation scheme for the 'nobody' user in the '/tmp' directories...  I
dunno exactly how they might have done that, but it's in the realm of
"possible".

Client configuration -- There may be a buffer and/or Ethernet communication
error that only manifests when you start getting over your 5 MB threshold...
 On both your desktop and on the web-server, do:

ifconfig -a

(I think that's ifconfig /a under Winblows...  Or, no, ipconfig /a  No,
that's not right... Hell, I don't know.  Go ask Bill!)

Anyway, if you do this right before/during/after your upload, and the
"Collision Rate" or "errors" or "overruns" or anything that looks like some
kind of an "error" increases significantly, your Ethernet settings are
probably "wrong" -- They could be "wrong" in a very subtle way involving
TTL, MTU, and other TLA's that I don't really understand, and few people do,
since everybody who tries to 'splain it to me just confuses me.  (So, by
definition, they must not understand it very well, eh? :-)

You may need to do:
whereis ifconfig
just to find out where the heck the program lives...  If it lives in /sbin,
you may need to do:
/sbin/ifconfig -a
to get an answer.
If your ISP is smart, you may not be allowed to even *DO* ifconfig on your
web-server...  If they are that smart, you can maybe assume they have set it
up correctly...  Maybe.

--
Like Music?  http://l-i-e.com/artists.htm


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: file upload / no tmp name or size?

[Nick Wilson]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


* and then Philip Hallstrom declared
> Just a guess, but is the file you are uploading larger than 3000 bytes?
> If so, then what you are seeing is normal since PHP is rejecting it
> because it's too large.

You know, sometimes I amaze myself with my own stupidity. I guess I'm no
good at maths, I tend to think in MB's and 3000 seemed way enough for a
photo! Guess not :-)

and I'm as mercilless as anyone when I spot this type of thing so go
ahead and laugh, I would.

many thanks guys..
- -- 
Nick Wilson //  www.explodingnet.com



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)

iD8DBQE80Eo3HpvrrTa6L5oRAm9XAJ9XJqwNkDF4KBy2mKYtyBBqa1XCRQCcC2Qe
Kmcjr1C86aXLsk1e9hceMbk=
=Xs66
-END PGP SIGNATURE-

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload / no tmp name or size?

[Philip Hallstrom]

Just a guess, but is the file you are uploading larger than 3000 bytes?
If so, then what you are seeing is normal since PHP is rejecting it
because it's too large.

-philip

On Wed, 1 May 2002, Nick Wilson wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> * and then 1LT John W. Holmes declared
> > Say it with me... "Show me the code!"  No, louder! Yeah...that's good...
>
> Sorry, i figured it would be something someone would spot immediately.
> here is the form
>
> /* add_teacher_form() */
> function add_teacher_form() {
>
> global $teach;
>
> $output=<< Please enter the teachers details
> method="post" >
>
> 
>
> Name:
> 
>
> Address:
> 
>
> Tel:
> 
>
> Fax:
> 
>
> Email:
> 
>
> Bio:
> $teach->bio
>
> Upload photo:
> 
>
> 
> 
> EOF;
> return $output;
> }
>
>
> and this is what I'm testing with:
>
> if($HTTP_POST_FILES) {
> foreach($HTTP_POST_FILES['userfile'] as $key => $val) {
> print(" ".$key."".$val."");
> }
> print("and here is the userfile -- $userfile");
>
>
> it displays:
>
> - name  somepic.jpg
> - type  image/jpg
> - temp_name  none
> - size  0
>
> and the userfile is --- none
>
>
> Hope that is a little clearer!
> - --
> Nick Wilson //  www.explodingnet.com
>
>
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.0.6 (GNU/Linux)
>
> iD8DBQE80EbIHpvrrTa6L5oRAvBEAJ9RC4IzMDO9DreWLXs5WdsGezErxACgkMg3
> YvnyL0EViA7KQJGSkTAAk3U=
> =D8oD
> -END PGP SIGNATURE-
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload problem (files > 7.5mb)

[Peter Clarke]

"Stefan" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED].;
> i wrote a php uploadscript and it works fine till the file is not larger
> then 7.5mb.
> is set the max upload file size in the upladfrom as well as in php.ini to
> 100mb. but it still doesn't work!
> system is linux red hat and php 4.0.6 (with mysql)
> is there anyone who had the samestefa problem and knows a solution?
>
> stefan
>

I suspect the killer is 'post_max_size'
Adjust settings for:

max_execution_time
memory_limit
post_max_size

Also you really should upgrade to php 4.1.2 since this fixes a security hole
in file uploads.

Peter


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: file upload problem (files > 7.5mb)

[Joe Van Meer]

Hi there:) Are you using the hidden form field with the max file limit set?

Cheers, Joe :)


Stefan <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED].;
> i wrote a php uploadscript and it works fine till the file is not larger
> then 7.5mb.
> is set the max upload file size in the upladfrom as well as in php.ini to
> 100mb. but it still doesn't work!
> system is linux red hat and php 4.0.6 (with mysql)
> is there anyone who had the samestefa problem and knows a solution?
>
> stefan
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Re: File Upload -- File Trailer Partial

[Michael Kimsal]

Richard Lynch wrote:
> Please Cc: me -- I can't keep up with anything like the full volume of 
> PHP-General any more and have only lurked for quite some time :-(





> I guess I'm seeking reassurance that:
> 
> A) File upload not known to be broken
> B) move_uploaded_file completely finishes and CLOSES a file before 
> returning
> 

> Here is the top bit of phpinfo():
> PHP Version 4.2.0-dev
> 

Perhaps it's because it's a 'dev' version?  Did you see this in 4.1?  Or 
below?


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] RE: file upload with story

[Tim Ward]

I found everything I needed to upload images here:
http://www.php.net/manual/en/features.file-upload.php
 

Tim
www.chessish.com  

--
From:  will hives [SMTP:[EMAIL PROTECTED]]
Sent:  21 January 2002 23:01
To:  [EMAIL PROTECTED]
Subject:  file upload with story

Please can someone help, I can't find any answers anywhere

I have this code:



it's really just an online contacts book, what I want to do as have
the
ability to upload an image with the record.

Then when the contact details are viewed it shows the also uploaded
image.

How do I add that code into this...any help would be fantastic.

Cheers
Will


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Re: File Upload Question...

[Jesus Maria Bianco T.]

Hi,

Remember 2nd Q: The file is Upload to a temporaly direcory, later you copy from 
temporaly (temporaly name) to a final (rename the file) destination.


Under *NIX, I don't if Windows's PHP when upload tthe file, the file is copied to a 
temporaly directory.


Bye,

I've still My Question about PHP_AUTH_USER and Browsers :-)

Marry Chistmas...



At 12:33 PM -0500 27/12/01, Jeremy Reed wrote:
>Your first question.  To see that the file uploaded successfully using the
>web browser, one would have to have access to your computer's file system.
>In her book, she used this merely as an example to show that the file had,
>indeed, been uploaded.  This should not be used as something that you allow
>your web users to do to confirm the receipt of the file.  Instead, send them
>an email, show them a directory listing, etc.
>
>Your second question, the name given to the image should be whatever the
>*value* of the variable used to copy() it.  You should, however, come up
>with a naming scheme that allows you to ensure that you do not overwrite any
>uploaded files--especially if you expect a lot of traffic and/or users using
>this feature.
>
>Your third question, the mime-type pjpg is functionally the same as the
>mime-type jpeg.  There's nothing you need to worry about there.
>
>
>"Anthony Ritter" <[EMAIL PROTECTED]> wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>> Merry Christmas everybody.
>>
>> I am using MS Windows 98 with Apache and following an example in Julie
>> Meloni's "PHP - Fast and Easy" (Chapter 10) in which she describes file
>> uploading using PHP on page 168-174.
>>
>> She has two files:
>> 1) an html form to receive the input from the user for the file to be
>> uploaded
>> 2) a .php script to accept the variable and use the copy() function.
>> .
>>
>> The scripts are as follows:
>> (html form)
>>
>> 
>> 
>> Upload a File
>> 
>> 
>>
>> Upload a File
>>
>> 
>>
>> File to Upload:
>> 
>>
>> 
>>
>> 
>>
>> 
>> 
>> 
>> (.php script)
>>
>> > if ($img1_name != "") {
>>
>> @copy("$img1", "c:/Program Files/Apache Group/Apache/htdocs/$img1_name")
>> or die("Couldn't copy the file.");
>>
>> } else {
>>
>> die("No input file specified");
>>
>>  }
>>
>> ?>
>>
>> 
>> 
>> Successful File Upload
>> 
>> 
>>
>> Success!
>>
>> You sent: , a 
>> byte file with a mime type of .
>>
>> 
>> 
>> ..
>>
>> My questions:
>> I am able to upload a file from My Documents  to the Apache server however
>> in her book, she describes that the user can verify that the file was
>> uploaded to the server by going to:
>>
>> File/ Open Page / in ones web browser to navigate through their filesystem
>> to
>> find the file that was uploaded.  There is a screenshot in the book that
>> shows the .jpeg file on the screen with the browser at:
>> file:///C/Apache/htdocs/blahblah.jpg
>>
>> I can't seem to verify that the file exists using this method.
>>
>> The only way I can verify that the file was indeed uploaded is to go into
>> the folder within Apache that was specified in the path and check there.
>>
>> *How can I check by going through the browser window?*
>>
>> Next question:
>>
>> When I check that the file was uploaded, the file is saved in:
>> C:/Program Files/Apache Group/Apache/htdocs/$img1_name
>>
>> as the *regular *.jpeg name I originally gave it - not the variable -
>$img1.
>>
>> Is this correct? Or, should the file be saved as:
>> img1?
>>
>> And the last question:
>> This is the line I received upon sending the file:
> >
>> You sent: KewpieSmall.jpeg, a 3127 byte file with a mime type of
>> image/pjpeg.
>>
>> In her book, it says:
>> image/jpeg.
>>
>> What is:
>> image/pjpeg.?
>>
>> Many thanks and best wishes to all for a happy and healthy new year.
>> Tony Ritter
>>
>>
>>
>>
>>
>
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]

-- 

__
Jesus Maria Bianco Troconis (yisu)

E-MAIL mailto:[EMAIL PROTECTED]
ICQ4792036 / nickname yisu
WEBhttp://yisu.net

 Telefono/Phone  +58 (414) 3042346
 (Ciudad/City) Caracas, Venezuela

  Mac, PHP & MySQL Rulez.
They Kick some ass!
__


_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Re: File Upload Question...

[Jeremy Reed]

Your first question.  To see that the file uploaded successfully using the
web browser, one would have to have access to your computer's file system.
In her book, she used this merely as an example to show that the file had,
indeed, been uploaded.  This should not be used as something that you allow
your web users to do to confirm the receipt of the file.  Instead, send them
an email, show them a directory listing, etc.

Your second question, the name given to the image should be whatever the
*value* of the variable used to copy() it.  You should, however, come up
with a naming scheme that allows you to ensure that you do not overwrite any
uploaded files--especially if you expect a lot of traffic and/or users using
this feature.

Your third question, the mime-type pjpg is functionally the same as the
mime-type jpeg.  There's nothing you need to worry about there.


"Anthony Ritter" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Merry Christmas everybody.
>
> I am using MS Windows 98 with Apache and following an example in Julie
> Meloni's "PHP - Fast and Easy" (Chapter 10) in which she describes file
> uploading using PHP on page 168-174.
>
> She has two files:
> 1) an html form to receive the input from the user for the file to be
> uploaded
> 2) a .php script to accept the variable and use the copy() function.
> .
>
> The scripts are as follows:
> (html form)
>
> 
> 
> Upload a File
> 
> 
>
> Upload a File
>
> 
>
> File to Upload:
> 
>
> 
>
> 
>
> 
> 
> 
> (.php script)
>
>  if ($img1_name != "") {
>
> @copy("$img1", "c:/Program Files/Apache Group/Apache/htdocs/$img1_name")
> or die("Couldn't copy the file.");
>
> } else {
>
> die("No input file specified");
>
>  }
>
> ?>
>
> 
> 
> Successful File Upload
> 
> 
>
> Success!
>
> You sent: , a 
> byte file with a mime type of .
>
> 
> 
> ..
>
> My questions:
> I am able to upload a file from My Documents  to the Apache server however
> in her book, she describes that the user can verify that the file was
> uploaded to the server by going to:
>
> File/ Open Page / in ones web browser to navigate through their filesystem
> to
> find the file that was uploaded.  There is a screenshot in the book that
> shows the .jpeg file on the screen with the browser at:
> file:///C/Apache/htdocs/blahblah.jpg
>
> I can't seem to verify that the file exists using this method.
>
> The only way I can verify that the file was indeed uploaded is to go into
> the folder within Apache that was specified in the path and check there.
>
> *How can I check by going through the browser window?*
>
> Next question:
>
> When I check that the file was uploaded, the file is saved in:
> C:/Program Files/Apache Group/Apache/htdocs/$img1_name
>
> as the *regular *.jpeg name I originally gave it - not the variable -
$img1.
>
> Is this correct? Or, should the file be saved as:
> img1?
>
> And the last question:
> This is the line I received upon sending the file:
>
> You sent: KewpieSmall.jpeg, a 3127 byte file with a mime type of
> image/pjpeg.
>
> In her book, it says:
> image/jpeg.
>
> What is:
> image/pjpeg.?
>
> Many thanks and best wishes to all for a happy and healthy new year.
> Tony Ritter
>
>
>
>
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Re: file upload problem - Warning: Max file size of 8 bytes exceeded

[David Serrano]

I'm not sure if you've read this or not but it may help:
http://www.php.net/manual/en/features.file-upload.php

-David Serrano ([EMAIL PROTECTED])

"Lee Philip Reilly" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> I have an HTML form containing a file upload form object called 'file'.
> When I submit the form (either holiding a path to a 1kb file or a 7MB
> file) I get the following error:
>
> -
> Warning: Max file size of 8 bytes exceeded - file [file] not saved in
> Unknown on line 0
> -
>
> I had hoped that by changing the upload_max_filesize value in the
> php.ini this problem would be resolved, but it hasn't. I expect some
> people have had similar problems in the past; can anyone suggest what
> the problem is? Some additional info at the foot of this message.
>
> Thanks in advance!
>
> - Best regards,
>
> Lee
>
> Windows 2000; PHP4; Apache V1.3
>
> PHP.INI reads:
> -=-=-==-=-=-=-=
> ; Maximum allowed size for uploaded files.
> upload_max_filesize = 8M
> -=-=-==-=-=-=-=
>
> Simplified PHP script reads:
> -=-=-==-=-=-=-=
> if ($file!=""){
>  @copy("$file", "c:\Program Files\Apache Group\Apache\htdocs\sasdap\v4"
> or die ("Could not copy the file.");
> }
> else {
>  die("No input file specified");
> }
> -=-=-==-=-=-=-=
>
> .HTML's file upload name = "file"
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Re: File upload

[Liz Fulghum]

Your files are being uploaded to the pre-defined temporary directory.
$userfile contains the name of the temporary file the file was uploaded as.
After you run all the checks on the file to make sure its valid, you should
use copy() to move the file to its permament home in your file system, then
use unlink() to remove the temporary file.

http://www.php.net/manual/en/features.file-upload.php contains a whole bunch
of information on the topic that may be useful

--
Liz Fulghum
--
http://www.lipstickalley.com/ - Be Popular!
Want to learn PHP?
http://webdeveloper.earthweb.com/scripting/article/0,,12014_900521,00.html
--

"Andrzej Roszkowski" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> Hi!
>
> Where is file upload function? ;) From begining: some time I've found
somewhere
> this handler:
> clearing_report_file is the input that is user sends to me.
>
> if(!isset($clearing_report_file))
> {
> pp_xfer_trans();
> }
> else
> {
> if (!@copy($clearing_report_file, $CFG["local_uri"]."/cfd-" . $batch
> .".txt")) {
> echo("\nSomething barfed, check the path to and the
permissions
> for the upload directory");
> }else
> {
> // do domething
> exit();
> }
>
> }
>
>
> but now, in php 4.0.5 this function don't want to work ;( i have allways
> something barfed message, even if i try to wrote to /tmp directory
>
> now i have this in phpinfo:
>
> HTTP_POST_FILES["userfile"]
>
> Array
> (
> [name] => helyjon
> [type] =>
> [tmp_name] => none
> [size] => 0
> )
>
> where is my file? $variables shows the same values, where are my contents?
>
> 
> Code reviews are like sex, just anyone can do it, but skill and training
> can make you a lot better at it." - LJ
> Thomas
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Re: File Upload and NT...

[Adrian D'Costa]

Hi,

I had this problem.  If you say that even without the getimagesize() it is
not being uploaded.  Then try this.  If you declared $the_image in the
 try using $the_image_name.  From the
manual this is what I figured out and it works (on linux)

 In PHP, the following variables will be defined within the destination
   script upon a successful upload, assuming that register_globals is
   turned on in php.ini. If track_vars is turned on, they will also be
   available in PHP within the global array $HTTP_POST_VARS. Note that
   the following variable names assume the use of the file upload name
   'userfile', as used in the example above:

 * $userfile - The temporary filename in which the uploaded file was
   stored on the server machine.
 * $userfile_name - The original name or path of the file on the
   sender's system.

Adrian


On Fri, 24 Aug 2001, Joseph Koenig wrote:

> Sorry, I know file uploads are asked about all the time...
> 
> I'm having an odd problem on a WinNT system.
> 
> When I try to do my upload, I test the file to see the type of it:
> $image_info = GetImageSize($the_image);
> 
> However, that line gives me:
> Warning: getimagesize: Unable to open
> '/Joe1/Desktop%20Folder/device_eval.gif' for reading. in
> D:\public\HJ\www.h-jenterprises.com\test\admin\item_functions.php on
> line 22
> 
> At first I had thought this would be a permissions issue, but the file
> it can't open is the one being uploaded. If I echo the file being
> uploaded, i get:
> Image Name: /Joe1/Desktop%20Folder/device_eval.gif
> 
> I swear I looked at the archive and I've done this plenty of times
> before (but on Unix). This project is being done on NT, which I'm fairly
> unfamiliar with though. Any help would be much appreciated.
> 
> Thanks,
> 
> Joe
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

RE: [PHP] Re: File Upload Size Limits

[Michael Conley]

I increased apache to 60 seconds, but it still fails.  it doesn't actually
go for 60 seconds.  It's more like 10 seconds before it fails.  Any idea
where I would allow Apache to deal with a larger POST?  

-Original Message-
From: bill [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 27, 2001 7:27 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Re: File Upload Size Limits


I think you need to check your Apache time limits too.

Michael Conley wrote:

> I am running PHP 4.0pl1 with Apache 1.3.14 on RedHat Linux 7.1.  I am
trying
> to do a file upload from the users PC to my web server.  If I do a small
> file, the transfer goes fine.  If I do a large file (> 50 MB), the
transfer
> fails saying either the file was not available for reading or my script
just
> bombs out.  I need to be able to have people upload large files.  I have
> changed the setting in php.ini to upload_max_filesize = 100M.
>
> Do I also need to change the following entries in php.ini?
> max_execution_time = 60
> memory_limit = 8M
>
> Is this an apache limit?  I'm not sure what to do with this as I really
need
> to be able to transfer large files.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Re: File Upload Size Limits

[bill]

I think you need to check your Apache time limits too.

Michael Conley wrote:

> I am running PHP 4.0pl1 with Apache 1.3.14 on RedHat Linux 7.1.  I am trying
> to do a file upload from the users PC to my web server.  If I do a small
> file, the transfer goes fine.  If I do a large file (> 50 MB), the transfer
> fails saying either the file was not available for reading or my script just
> bombs out.  I need to be able to have people upload large files.  I have
> changed the setting in php.ini to upload_max_filesize = 100M.
>
> Do I also need to change the following entries in php.ini?
> max_execution_time = 60
> memory_limit = 8M
>
> Is this an apache limit?  I'm not sure what to do with this as I really need
> to be able to transfer large files.


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]