I have changed the php.ini file and added a set_time_limit(0) on the top of my page and i still cant upload big files with php. I am also using ajax and javascript to upload, and i can upload 400Mb files. i was trying to upload a 3.2GB file on WAMP.
My code:
<?php
set_time_limit(0);
session_start();
include('../Connect/Connect.php');
$User = $_SESSION['User'];
$Files = $_FILES['File'];
if(isset($User))
{
if(!empty($Files))
{
for($X = 0; $X < count($Files['name']); $X++)
{
$Name = $Files['name'][$X];
$TMP = $Files['tmp_name'][$X];
move_uploaded_file($TMP, '../Users/' . $User . '/' . $Name);
}
}
}
else
{
header("location:../");
}
header("location:index.php");
$Connect->close();
?>
check your browser, that it supports >2 GB files
set POST_MAX_SIZE higher than UPLOAD_MAX_FILESIZE (ofcourse set
normal values in settings, not like memory_limit 10 000GB....
max_input_time set for example to 30000
check x64 or x86 OS/Browser
had on debian with php 5.3.21 error, that it does not allow >2GB files cause of bug in PHP -> it just gives u a chance that u may get
php version with wrong atoi() and atol() converting.
Related
I am working on my school project which we use Winscp as a server.
So im new to php trying to work on image upload and I have read many articles saying I need to edit my php.ini file and set file_uploads directive to "on". But I just do not know where my php.ini file is at.
Here is my link to my phpinfo.php: http://cgi.sice.indiana.edu/~baehy/phpinfo.php
So it says my php.ini is at /etc/php.ini and I cannot find it on my computer(i know it may sound silly)
Every comment is appreciated! Thank you all in advance!
Here is my code
<?php
session_start();
include('database.php');
ini_set('max_exection_time', 60);
if(!isset($_SESSION['userid'])){
header('location: http://cgi.sice.indiana.edu/~baehy/team72index.php');
} else {
echo "Welcome " . $_SESSION['userid'] . "<br>";
if(isset($_POST['submit'])){
$title = $_POST['title'];
$category = $_POST['category'];
$description = $_POST['description'];
//get file from the form and get following information
$file = $_FILES['coverimage'];
$fileName = $_FILES['coverimage']['name'];
$fileTmpName = $_FILES['coverimage']['tmp_name'];
$fileSize = $_FILES['coverimage']['size'];
$fileError = $_FILES['coverimage']['error'];
$fileType = $_FILES['coverimage']['type'];
//retrieve file extention using explode()
$fileExt = explode('.', $fileName);
//because some file extentions might be in capital letters
$fileActualExt = strtolower(end($fileExt));
$allowed = array('jpg','jpeg','png');
if(in_array($fileActualExt, $allowed)){
if($fileError === 0){
//if the size of the file is lesser than 1M kb = 1000mb
if($fileSize < 1000000){
$fileNameNew = uniqid('',true).".".$fileActualExt;
chmod('uploads/',0777);
echo "permission granted to uploads directory!" . "<br>";
$fileDestination = 'uploads/'.$fileNameNew;
move_uploaded_file($fileTmpName, $fileDestination);
echo $fileNameNew . "<br>";
echo "Successfully uploaded your file" . "<br>";
} else {
echo "Your file is too big to upload" . "<br>";
}
} else {
echo "There was an error uploading your file" . "<br>";
}
} else {
echo "This file extention is not allowed to be uploaded" . "<br>";
}
$sql = "INSERT INTO `recipe` (title, category, description, coverimage, userid)
VALUES ('".$title."', '".$category."', '".$description."', '".$fileName."', '".$_SESSION['userid']."')";
$result = mysqli_query($conn, $sql);
if($result){
echo "successfully added to database";
} else {
echo "failed to add to database";
}
$showImage = mysqli_query($conn, "SELECT `coverimage` FROM `recipe`");
}
}
p.s. and also do I need to put the absolute path of the folder('uploads') to use it in the code? Thank you!
Php.ini is system file located at remote web server and it contains global configuration for PHP. Only privileged users can edit php.ini.
You can change local configuration for your script using function ini_set, for example:
ini_set('max_exection_time', 60);
According to phpinfo() you sent, you already have file_uploads set to On. So you don't need to edit anything. Just open link you sent, press CTRL+F and search for file_uploads.
By the way, WinSCP is only application used to transfer files to remote web server using FTP/SFTP or similar protocols. Actually your web server is running on RHEL Apache 2.4.6. Just see section SERVER_SOFTWARE in your phpinfo.
Using WinSCP, connect to remote server. Go to remote server's root directory and then go to /etc/php.ini.
It won't be on your computer, it's on the remote server. The server is running on Apache. You are using Winscp as a FTP software to access the files of remote server.
Learn how to use WinSCP - https://www.siteground.com/tutorials/ssh/winscp/
I keep recieving a PHP error, "Call to undefined function getallheaders() in /home/jbird11/public_html/grids/upload.php on line 8"
The upload script basically takes an image that is dragged into an area, and uploads it. When I drag the image, I get this message.
Here is the first 40 or so lines of the php file:
<?php
// Maximum file size
$maxsize = 1024; //Kb
// Supporting image file types
$types = Array('image/png','images/gif','image/jpeg');
$headers = getallheaders();
// LOG
$log = '=== '. #date('Y-m-d H:i:s') . ' ========================================'."\n"
.'HEADER:'.print_r($headers,1)."\n"
.'GET:'.print_r($_GET,1)."\n"
.'POST:'.print_r($_POST,1)."\n"
.'REQUEST:'.print_r($_REQUEST,1)."\n"
.'FILES:'.print_r($_FILES,1)."\n";
$fp = fopen('log.txt','a');
fwrite($fp, $log);
fclose($fp);
header('content-type: plain/text');
// File size control
if($headers['X-File-Size'] > ($maxsize *1024)) {
die("Max file size: $maxsize Kb");
}
// File type control
if(in_array($headers['X-File-Type'],$types)){
// Create an unique file name
$filename = sha1(#date('U').'-'.$headers['X-File-Name']).'.'.$_GET['type'];
// Uploaded file source
$source = file_get_contents('php://input');
// Image resize
imageresize($source, $filename, $_GET['width'], $_GET['height'], $_GET['crop'], $_GET['quality']);
} else die("Unsupported file type: ".$headers['X-File-Type']);
// File path
$path = str_replace('upload.php','',$_SERVER['SCRIPT_NAME']);
// Image tag
echo '<img src="'.$path.$filename.'" alt="image" />';
Any idea what is causing this error? Permissions perhaps? Permission are set to 755. You can see a working demo of this here: http://pixelcakecreative.com/grids/
Any idea how to fix this? Thanks in advance
From the docs:
This function is an alias for apache_request_headers(). Please read the apache_request_headers() documentation for more information on how this function works.
If you're not using apache (with php as a module), this function is not available.
It's an apache related function. Maybe You don't have needed extensions installed?
from the hosting company: It appears that that function is only supported when PHP is run as an Apache module. Our Shared and Reseller servers run PHP as CGI, and unfortunately this cannot be changed. We apologize for any inconvenience.
If that function is absolutely required for your site, you will need to consider upgrading to a VPS, in which case PHP can be installed however you like.
you can use this code to be sure you have such a function not depending on server software configuration:
if (!function_exists("getallheaders"))
{
function getallheaders()
{
$headers = "";
foreach ($_SERVER as $name => $value)
{
if (substr($name, 0, 5) == "HTTP_")
{
$headers[str_replace(" ", "-", ucwords(strtolower(str_replace("_", " ", substr($name, 5)))))] = $value;
}
}
return $headers;
}
}
I'm having issues uploading a pdf to my server. The upload_max_filesize is 2M and the file(s) are more then that, around 4M. I found a post with a similar issue to mine here
$_FILE upload large file gives error 1 even though upload_max_size is bigger than the file size
What I can gather from php.net for the correct usage of ini_set commands is this, which I am currently using.
ini_set('upload_max_filesize', 100000000);
ini_set('post_max_size', 110000000);
ini_set('memory_limit', 120000000);
ini_set('max_input_time', 20);
But in the link I posted it seems they are using a different method (if they aren't just summarizing the correct code that is). But It seems my code isn't working as is either. I have <?php phpinfo(); ?> at the bottom of my page and it says the upload_max_filesize is still 2M. Am I using the correct syntax for ini_set? or is my issue with upload my pdfs something else?
My code handling the upload is
//======================pdf upload=====================
if ($_POST['erasePDF'] == "Yes") //checking if erase box was checked and erasing if true
{
if (file_exists($pdf))
{
unlink( $pdf );
$pdf = "";
}
}
print_r($_FILES['pdf']);
if (!empty($_FILES['pdf']['name'])) //checking if file upload box contains a value
{
$saveDirectoryPDF = 'pdfs/'; //name of folder to upload to
$tempName = $_FILES['pdf']['tmp_name']; //getting the temp name on server
$pdf = $_FILES['pdf']['name']; //getting file name on users computer
$test = array();
$test = explode(".", $pdf);
if((count($test) > 2) || ($test[1] != "pdf" && $test[1] != "doc" && $test[1] != "docx")){
echo "invalid file";
}else{
$count = 1;
do{
$location = $saveDirectoryPDF . $count . $pdf;
$count++;
}while(is_file($location));
if (move_uploaded_file($tempName, $location)) //Moves the temp file on server
{ //to directory with real name
$pdf = $location;
}
else
{
echo "hi";
echo '<h1> There was an error while uploading the file.</h1>';
}
}
}else{
$pdf = "";
}
if(isset($_POST['link']) && $_POST['link'] != ""){
$pdf = $_POST['link'];
}
//======================end of pdf upload==============
The output of the line 'print_r($_FILES['pdf']);' is
Array ( [name] => takeoutmenu.pdf [type] => [tmp_name] => [error] => 1 [size] => 0 )
Some providers does not allow you change certain values in running time. Instead of this, try to either change it in the real php.ini file or use an .htaccess (For Apache web servers) where you can add your configuration. You can find more information in the PHP.net article about this subject: How to change configuration settings.
Based on your story, example .htaccess
<IfModule mod_php5.c>
php_value upload_max_filesize 100000000
php_value post_max_size 110000000
php_value memory_limit 120000000
php_value max_input_time 20
</IfModule>
hi guys i am uploading the images using the #PhP file upload Method # If i upload 10 Images at a time (Each Images is 2000 /3000 dimension). then the on click save function is not working. if i upload 5 images or less than five images then its working fine wats wrong with my coding i just include my php code with this post <input value="Save" type="submit" name="SubSave" id="SubSave" onClick="return changes();">
if($_POST['SubSave'] == "Save"){
$aid = $_GET['rid'];
$updcount = $_POST['theValue'];
if($_SESSION["almgtype"]==1 || (GetUserNoPhoto($_SESSION["almgid"]))>(GetTotalPhotoCount1($_SESSION["almgid"],$aid))) {
$uid = $_SESSION["almgid"];
for($k=1;$k<=$updcount;$k++) {
//echo $k;
echo $_FILES["uploadfile"]["type"];
if($_FILES["uploadfile".$k]["name"]!="") {
if(($_FILES["uploadfile".$k]["type"] == "image/gif") || ($_FILES["uploadfile".$k]["type"] == "image/jpeg")|| ($_FILES["uploadfile".$k]["type"] == "image/pjpeg") || ($_FILES["uploadfile".$k]["type"] == "image/png")) {
if ($_FILES["uploadfile".$k]["error"] > 0)
{
echo "Error: " . $_FILES["uploadfile".$k]["error"] . "<br />";
}
else
{
move_uploaded_file($_FILES["uploadfile".$k]["tmp_name"],
"photoalbum/" . $_FILES["uploadfile".$k]["name"]);
$uploadfile = "photoalbum/" . $_FILES["uploadfile".$k]["name"];
}
$path = $uploadfile;
$checklist = "select * from amt_photos1 where aid = '".trim($aid)."' and uid = '".trim($uid)."' and path = '".trim($path)."'";
$chkresult = mysql_query($checklist);
if(mysql_num_rows($chkresult) == 0) {
$i = 0;
$path =$uploadfile;
$result = "insert into amt_photos1 set uid = '".trim($uid)."',
aid = '".trim($aid)."',
path = '".trim($path)."',
status = '0',
createdby = '".$_SESSION["almgid"]."',
createddate = now()";
$rowlist = mysql_query($result) or die("Error:(".mysql_error().")".mysql_error());
}
/********************** if file already exist means ******************************************/
else {
$err= "The Uploaded file name ".$path." Is already exisit in the Album. Rename It or try to add Any other Photos";
}
/********************** if file already exist means ******************************************/
$path ="";
$uploadfile = "";
$i = "";
} // file extention
else {
$err= "Unable To Upload The File Please Check The File Extention.Try Again Later";
}
}
}
}
} // if save close
You probably need to change the maximum POST size in your php.ini configuration file (post_max_size setting).
You can use the command phpinfo() to dump your configuration. Likely, as others have stated you need to increase the upload size and execution time.
These can be modified through a .htaccess file.
php_value upload_max_filesize 20M
php_value post_max_size 20M
php_value max_execution_time 200
php_value max_input_time 200
Just as a warning: Your upload handling script will make it utterly trivial to completely subvert your server:
You blindly trust that the $_FILES[...]['type'] value is correctly set - this value is completely under the user's control, and they can stuff in "image/jpeg" and upload any type of file they want
You blindly trust that the $_FILES[...]['filename'] value is correctly set - again, this value is completely under the user's control, and they can stuff in "hackme.php" if they want to
You blindly write the file to your photoalbum directory, but don't check if the user-supplied filename contains pathing data
So, what happens if someone uploads the following file:
$_FILES['uploadfile0']['type'] = 'image/gif';
$_FILES['uploadfile0']['filename'] = '../pwn_me.php';
You've now happily put a user-provided PHP script ONTO YOUR WEBSERVER and they can now do anything they want.
On top of that, your database queries blindly insert the same data into the queries, leaving you wide open to SQL injection attacks. As well, you don't check for filename collisions until AFTER you've moved the file. So, someone could upload a malicious script, but only do it once for that particular filename. Congratulations, you've implemented versioned attacks on your server. You'll have "pwn_me.php", "pwn_me2.php", "pwn_me3.php", "my_little_pwnme.php", and so on.
I am using Cakephp as my framework. I have a problem in uploading my files through a form. I am using an Uploader plugin from THIS website.
My php ini file has this piece of code.
upload_max_filesize = 10M
post_max_size = 8M
this is from uploader.php --> plugin file has
var $maxFileSize = '5M'; //default max file size
In my controller.php file, i use this code to set max file size as 1 MB at runtime.
function beforeFilter() {
parent::beforeFilter();
$this->Uploader->maxFileSize = '1M';
}
In the uploader.php, we perform this ...
if (empty($this->maxFileSize)) {
$this->maxFileSize = ini_get('upload_max_filesize'); //landmark 1
}
$byte = preg_replace('/[^0-9]/i', '', $this->maxFileSize);
$last = $this->bytes($this->maxFileSize, 'byte');
if ($last == 'T' || $last == 'TB') {
$multiplier = 1;
$execTime = 20;
} else if ($last == 'G' || $last == 'GB') {
$multiplier = 3;
$execTime = 10;
} else if ($last == 'M' || $last == 'MB') {
$multiplier = 5;
$execTime = 5;
} else {
$multiplier = 10;
$execTime = 3;
}
ini_set('memore_limit', (($byte * $multiplier) * $multiplier) . $last);
ini_set('post_max_size', ($byte * $multiplier) . $last); //error suspected here
ini_set('upload_tmp_dir', $this->tempDir);
ini_set('upload_max_filesize', $this->maxFileSize); //landmark 2
EXPECTED RESULT:
When i try uploading a file that is 2MB of size, it shouldn't take place because maxFileSize is 1MB at run time. So upload should fail.
THE PROBLEM IS :
But it is getting uploaded.
Landmark 1 does not get executed. (in comments)... land mark 2 does not seem to work...
upload_max_filesize does not get the value from maxFileSize.
Please help me... thank you
Setting upload_max_filesize during the script execution is rather pointless, since by the time the script executes the file is already uploaded and accepted by the server. If you need to reject the file based on size in your script (as opposed to Apache or PHP rejecting it), you need to evaluate the size of the uploaded file and "manually" ignore it if it's too big.
pointless or not it's not even possible to change upload_max_filesize with ini_set.
upload_max_filesize has the changable flagPHP_INI_PERDIR wich means Entry can be set in php.ini, .htaccess, httpd.conf or .user.ini (since PHP 5.3)
as a additional comment remember that post_max_size should be equal or greater then upload_max_filesize