Note that, when you want to upload VERY large files (or you want to set the limiters VERY high for test purposes), all of the upload file size limiters are stored in signed 32-bit ints. This means that setting a limit higher than about 2.1 GB will result in PHP seeing a large negative number. I have not found any way around this.Π Π°ΡΠΏΡΠΎΡΡΡΠ°Π½ΡΠ½Π½ΡΠ΅ ΠΏΠΎΠ΄Π²ΠΎΠ΄Π½ΡΠ΅ ΠΊΠ°ΠΌΠ½ΠΈ
ΠΠ»Π΅ΠΌΠ΅Π½ΡΡ MAX_FILE_SIZE Π½Π΅Π»ΡΠ·Ρ ΡΠΊΠ°Π·ΡΠ²Π°ΡΡ ΡΠ°Π·ΠΌΠ΅Ρ ΡΠ°ΠΉΠ»Π°,
ΠΊΠΎΡΠΎΡΡΠΉ ΠΏΡΠ΅Π²ΡΡΠ°Π΅Ρ ΠΏΡΠ΅Π΄Π΅Π», ΠΊΠΎΡΠΎΡΡΠΉ ΡΡΡΠ°Π½ΠΎΠ²ΠΈΠ»ΠΈ Π² Π΄ΠΈΡΠ΅ΠΊΡΠΈΠ²Π΅
upload_max_filesize ΡΠ°ΠΉΠ»Π° php.ini.
ΠΠ³ΡΠ°Π½ΠΈΡΠ΅Π½ΠΈΠ΅ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ ΡΠΎΡΡΠ°Π²Π»ΡΠ΅Ρ 2 ΠΌΠ΅Π³Π°Π±Π°ΠΉΡΠ°.
ΠΡΠ»ΠΈ ΡΡΡΠ°Π½ΠΎΠ²ΠΈΠ»ΠΈ ΠΎΠ³ΡΠ°Π½ΠΈΡΠ΅Π½ΠΈΡ ΠΏΠ°ΠΌΡΡΠΈ, ΠΌΠΎΠΆΠ΅Ρ ΠΏΠΎΡΡΠ΅Π±ΠΎΠ²Π°ΡΡΡΡ ΡΠ²Π΅Π»ΠΈΡΠ΅Π½ΠΈΠ΅ Π·Π½Π°ΡΠ΅Π½ΠΈΡ ΠΎΠΏΡΠΈΠΈ memory_limit. Π£Π±Π΅Π΄ΠΈΡΠ΅ΡΡ, ΡΡΠΎ Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅ Π΄ΠΈΡΠ΅ΠΊΡΠΈΠ²Ρ memory_limit Π΄ΠΎΡΡΠ°ΡΠΎΡΠ½ΠΎ.
ΠΡΠ΅ΠΌΡ, ΠΊΠΎΡΠΎΡΠΎΠ΅ ΠΏΠΎΡΡΠ΅Π±ΡΠ΅ΡΡΡ Π΄Π»Ρ ΡΠ°Π±ΠΎΡΡ ΡΠΊΡΠΈΠΏΡΠ°, ΠΌΠΎΠΆΠ΅Ρ ΠΏΡΠ΅Π²ΡΡΠΈΡΡ
Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅ ΠΎΠΏΡΠΈΠΈ max_execution_time,
Π΅ΡΠ»ΠΈ Π΄Π»Ρ Π΄ΠΈΡΠ΅ΠΊΡΠΈΠ²Ρ ΡΡΡΠ°Π½ΠΎΠ²ΠΈΠ»ΠΈ ΠΌΠ°Π»Π΅Π½ΡΠΊΠΎΠ΅ Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅.
Π£Π±Π΅Π΄ΠΈΡΠ΅ΡΡ, ΡΡΠΎ Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅ Π΄ΠΈΡΠ΅ΠΊΡΠΈΠ²Ρ max_execution_time Π΄ΠΎΡΡΠ°ΡΠΎΡΠ½ΠΎ.
ΠΠ°ΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: ΠΠΈΡΠ΅ΠΊΡΠΈΠ²Π° max_execution_time Π²Π»ΠΈΡΠ΅Ρ ΡΠΎΠ»ΡΠΊΠΎ Π½Π° Π²ΡΠ΅ΠΌΡ Π²ΡΠΏΠΎΠ»Π½Π΅Π½ΠΈΡ ΡΠ°ΠΌΠΎΠ³ΠΎ ΡΠΊΡΠΈΠΏΡΠ°. ΠΡΠ΅ΠΌΡ, ΠΊΠΎΡΠΎΡΠΎΠ΅ Π·Π°Π½ΡΠ»ΠΈ Π΄Π΅ΠΉΡΡΠ²ΠΈΡ Π·Π° ΠΏΡΠ΅Π΄Π΅Π»Π°ΠΌΠΈ ΡΠΊΡΠΈΠΏΡΠ°, β ΡΠΈΡΡΠ΅ΠΌΠ½ΡΠ΅ Π²ΡΠ·ΠΎΠ²Ρ ΡΡΠ½ΠΊΡΠΈΠΉ system() ΠΈΠ»ΠΈ sleep(), Π·Π°ΠΏΡΠΎΡΡ ΠΊ Π±Π°Π·Π΅ Π΄Π°Π½Π½ΡΡ , Π²ΡΠ΅ΠΌΡ, ΠΊΠΎΡΠΎΡΠΎΠ΅ Π·Π°Π½ΡΠ»Π° Π·Π°Π³ΡΡΠ·ΠΊΠ° ΡΠ°ΠΉΠ»Π° Π½Π° ΡΠ΅ΡΠ²Π΅Ρ, ΠΈ Ρ. Π΄. β Π½Π΅ ΡΡΠΈΡΡΠ²Π°Π΅ΡΡΡ ΠΏΡΠΈ ΠΎΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΠΈ ΠΌΠ°ΠΊΡΠΈΠΌΠ°Π»ΡΠ½ΠΎΠ³ΠΎ Π²ΡΠ΅ΠΌΠ΅Π½ΠΈ ΡΠ°Π±ΠΎΡΡ ΡΠΊΡΠΈΠΏΡΠ°.
ΠΠ½ΠΈΠΌΠ°Π½ΠΈΠ΅
ΠΠΈΡΠ΅ΠΊΡΠΈΠ²Π° max_input_time ΡΡΡΠ°Π½Π°Π²Π»ΠΈΠ²Π°Π΅Ρ
ΠΌΠ°ΠΊΡΠΈΠΌΠ°Π»ΡΠ½ΠΎΠ΅ Π²ΡΠ΅ΠΌΡ Π² ΡΠ΅ΠΊΡΠ½Π΄Π°Ρ
, Π² ΡΠ΅ΡΠ΅Π½ΠΈΠ΅ ΠΊΠΎΡΠΎΡΠΎΠ³ΠΎ ΡΠΊΡΠΈΠΏΡΡ ΡΠ°Π·ΡΠ΅ΡΠ°Π΅ΡΡΡ ΠΏΠΎΠ»ΡΡΠ°ΡΡ Π²Ρ
ΠΎΠ΄Π½ΡΠ΅ Π΄Π°Π½Π½ΡΠ΅;
Π²ΡΠ΅ΠΌΡ Π·Π°Π³ΡΡΠ·ΠΊΠΈ ΡΠ°ΠΉΠ»Π° ΡΠΎΠΆΠ΅ Π²ΠΊΠ»ΡΡΠ°Π΅ΡΡΡ. ΠΠ°Π³ΡΡΠ·ΠΊΠ° Π±ΠΎΠ»ΡΡΠΈΡ
ΡΠ°ΠΉΠ»ΠΎΠ², Π½Π°Π±ΠΎΡΠ° ΡΠ°ΠΉΠ»ΠΎΠ²
ΠΈΠ»ΠΈ ΠΎΠ±ΡΠ°Π±ΠΎΡΠΊΠ° Π·Π°ΠΏΡΠΎΡΠΎΠ² ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Π΅ΠΉ Ρ ΠΌΠ΅Π΄Π»Π΅Π½Π½ΡΠΌΠΈ ΡΠΎΠ΅Π΄ΠΈΠ½Π΅Π½ΠΈΡΠΌΠΈ ΠΌΠΎΠΆΠ΅Ρ ΠΏΡΠ΅Π²ΡΡΠΈΡΡ Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ
Π² 60 ΡΠ΅ΠΊΡΠ½Π΄.
Π‘Π΅ΡΠ²Π΅Ρ Π½Π΅ Π·Π°Π³ΡΡΠ·ΠΈΡ Π±ΠΎΠ»ΡΡΠΈΠ΅ ΡΠ°ΠΉΠ»Ρ, Π΅ΡΠ»ΠΈ
Π΄Π»Ρ Π΄ΠΈΡΠ΅ΠΊΡΠΈΠ²Ρ post_max_size
ΡΡΡΠ°Π½ΠΎΠ²ΠΈΠ»ΠΈ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΠΌΠ°Π»Π΅Π½ΡΠΊΠΎΠ΅ Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅.
ΠΡΠΎΠ²Π΅ΡΡΡΠ΅, ΡΡΠΎ Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅ Π΄ΠΈΡΠ΅ΠΊΡΠΈΠ²Ρ post_max_size Π΄ΠΎΡΡΠ°ΡΠΎΡΠ½ΠΎ.
ΠΠΏΡΠΈΡ
max_file_uploads
ΠΊΠΎΠ½ΡΡΠΎΠ»ΠΈΡΡΠ΅Ρ ΠΌΠ°ΠΊΡΠΈΠΌΠ°Π»ΡΠ½ΠΎΠ΅ ΠΊΠΎΠ»ΠΈΡΠ΅ΡΡΠ²ΠΎ ΡΠ°ΠΉΠ»ΠΎΠ², ΠΊΠΎΡΠΎΡΡΠ΅ Π·Π°Π³ΡΡΠΆΠ°ΡΡ Π½Π° ΡΠ΅ΡΠ²Π΅Ρ Π² ΡΠ΅ΡΠ΅Π½ΠΈΠ΅
ΠΎΠ΄Π½ΠΎΠ³ΠΎ Π·Π°ΠΏΡΠΎΡΠ°. Π‘ΡΠΏΠ΅ΡΠ³Π»ΠΎΠ±Π°Π»ΡΠ½ΡΠΉ ΠΌΠ°ΡΡΠΈΠ² $_FILES
ΠΏΡΠ΅ΠΊΡΠ°ΡΠΈΡ ΠΎΠ±ΡΠ°Π±ΠΎΡΠΊΡ ΡΠ°ΠΉΠ»ΠΎΠ², ΠΊΠ°ΠΊ ΡΠΎΠ»ΡΠΊΠΎ Π΄ΠΎΡΡΠΈΠ³Π½Π΅Ρ ΠΎΠ³ΡΠ°Π½ΠΈΡΠ΅Π½ΠΈΡ,
Π΅ΡΠ»ΠΈ Π·Π°Π³ΡΡΠΆΠ°Π΅ΡΡΡ Π±ΠΎΠ»ΡΡΠ΅ ΡΠ°ΠΉΠ»ΠΎΠ², ΡΠ΅ΠΌ Π² ΠΎΠ³ΡΠ°Π½ΠΈΡΠ΅Π½ΠΈΠΈ.
ΠΠ°ΠΏΡΠΈΠΌΠ΅Ρ, Π΅ΡΠ»ΠΈ Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅ Π΄ΠΈΡΠ΅ΠΊΡΠΈΠ²Ρ
max_file_uploads ΡΠ°Π²Π½ΡΠ΅ΡΡΡ
10, ΠΌΠ°ΡΡΠΈΠ² $_FILES Π½Π΅ Π±ΡΠ΄Π΅Ρ
ΡΠΎΠ΄Π΅ΡΠΆΠ°ΡΡ Π±ΠΎΠ»ΡΡΠ΅ 10 ΡΠ»Π΅ΠΌΠ΅Π½ΡΠΎΠ².
ΠΠ΅Π· ΠΏΡΠΎΠ²Π΅ΡΠΊΠΈ ΡΠΎΠ³ΠΎ, Ρ ΠΊΠ°ΠΊΠΈΠΌ ΡΠ°ΠΉΠ»ΠΎΠΌ Π²Π΅Π΄ΡΡΡΡ ΡΠ°Π±ΠΎΡΠ°, ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»ΠΈ ΡΠΌΠΎΠ³ΡΡ ΠΏΠΎΠ»ΡΡΠΈΡΡ Π΄ΠΎΡΡΡΠΏ ΠΊ ΠΊΠΎΠ½ΡΠΈΠ΄Π΅Π½ΡΠΈΠ°Π»ΡΠ½ΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ Π΄ΡΡΠ³ΠΈΡ ΠΊΠ°ΡΠ°Π»ΠΎΠ³ΠΎΠ².
ΠΠ·-Π·Π° ΠΌΠ½ΠΎΠ³ΠΎΠΎΠ±ΡΠ°Π·ΠΈΡ ΡΡΠΈΠ»Π΅ΠΉ, Π² ΠΊΠΎΡΠΎΡΡΡ ΡΠ°ΠΉΠ»ΠΎΠ²ΡΠ΅ ΡΠΈΡΡΠ΅ΠΌΡ Π²Π΅Π΄ΡΡ ΡΠΏΠΈΡΠΎΠΊ ΠΊΠ°ΡΠ°Π»ΠΎΠ³ΠΎΠ², PHP Π½Π΅ Π³Π°ΡΠ°Π½ΡΠΈΡΡΠ΅Ρ ΠΏΡΠ°Π²ΠΈΠ»ΡΠ½ΡΡ ΠΎΠ±ΡΠ°Π±ΠΎΡΠΊΡ ΡΠ°ΠΉΠ»ΠΎΠ² Ρ ΡΠΊΠ·ΠΎΡΠΈΡΠ΅ΡΠΊΠΈΠΌΠΈ ΠΈΠΌΠ΅Π½Π°ΠΌΠΈ, Π½Π°ΠΏΡΠΈΠΌΠ΅Ρ ΡΠ°ΠΉΠ»ΠΎΠ² Ρ ΠΏΡΠΎΠ±Π΅Π»Π°ΠΌΠΈ Π² ΠΈΠΌΠ΅Π½Π°Ρ .
Π Π°Π·ΡΠ°Π±ΠΎΡΡΠΈΠΊΠ°ΠΌ Π½Π΅Π»ΡΠ·Ρ ΡΠΌΠ΅ΡΠΈΠ²Π°ΡΡ ΠΎΠ±ΡΡΠ½ΡΠ΅ input-ΠΏΠΎΠ»Ρ ΠΈ ΠΏΠΎΠ»Ρ Π·Π°Π³ΡΡΠ·ΠΊΠΈ ΡΠ°ΠΉΠ»ΠΎΠ²
Π² ΠΎΠ΄Π½ΠΎΠΉ ΠΈ ΡΠΎΠΉ ΠΆΠ΅ ΠΏΠ΅ΡΠ΅ΠΌΠ΅Π½Π½ΠΎΠΉ ΡΠΎΡΠΌΡ (Π½Π°ΠΏΡΠΈΠΌΠ΅Ρ, Π½Π΅Π»ΡΠ·Ρ ΡΠΊΠ°Π·ΡΠ²Π°ΡΡ Π² ΠΈΠΌΠ΅Π½ΠΈ input-ΡΠ»Π΅ΠΌΠ΅Π½ΡΠ°
Π·Π½Π°ΡΠ΅Π½ΠΈΠ΅ foo[]).
ΠΠ°ΡΠ»ΠΈ ΠΎΡΠΈΠ±ΠΊΡ?
οΌΠΠΎΠ±Π°Π²ΠΈΡΡ
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Π΅ΠΉ 10 notes
amalcon _a_t_ eudoramail _d_o_t_ com ΒΆ
21 years ago
Nirmal Natarajan ΒΆ
16 years ago
If using IIS 7.0 or above, the Request Filtering is enabled by default and the max allowed content length is set to 30 MB.
One must change this value if they want to allow file uploads of more than 30 MB.
Sample web.config entry:
<configuration>
</system.webServer>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="314572800"/>
</requestFiltering>
</security>
</system.webServer>
</configuration>
The above setting will allow 300 MB of data to be sent as a request. Hope this helps someone.
adrien.nizon+phpnet at gmail dot com ΒΆ
9 years ago
[Editor's note: to be more precise, MAX_FILE_SIZE can't exceed PHP_INT_MAX before PHP 7.1.]
Please note that the field MAX_FILE_SIZE cannot exceed 2147483647. Any greater value will lead to an upload error that will be displayed at the end of the upload
This is explained by the related C code :
if (!strcasecmp(param, "MAX_FILE_SIZE")) {
max_file_size = atol(value);
}
The string is converted into a long int, which max value is... 2147483647
Seems to be corrected since php-7.1.0beta3 (https://github.com/php/php-src/commit/cb4c195f0b85ca5d91fee1ebe90105b8bb68356c)
dg at artegic dot de ΒΆ
16 years ago
In case of non-deterministic occurence of the UPLOAD_ERR_PARTIAL error: The HTTPD (e.g. Apache) should respond with a 'Accept-Ranges: none' header field.
admin at creationfarm dot com ΒΆ
23 years ago
The macintosh OS (not sure about OSx) uses a dual forked file system, unlike the rest of the world ;-). Every macintosh file has a data fork and a resource fork. When a dual forked file hits a single forked file system, something has to go, and it is the resource fork. This was recognized as a problem (bad idea to begin with) and apple started recomending that developers avoid sticking vital file info in the resource fork portion of a file, but some files are still very sensitive to this. The main ones to watch out for are macintosh font files and executables, once the resource fork is gone from a mac font or an executable it is useless. To protect the files they should be stuffed or zipped prior to upload to protect the resource fork.
Most mac ftp clients (like fetch) allow files to be uploaded in Macbinhex, which will also protect the resource fork when transfering files via ftp. I have not seen this equivilent in any mac browser (but I haven't done too much digging either).
FYI, apple does have an old utility called ResEdit that lets you manipulate the resource fork portion of a file.
bohwaz ΒΆ
3 years ago
Please be advised that setting a large post_max_size or upload_max_filesize for a complete server or a complete virtual host is not a good idea as it may lead to increased security risks.
The risk is that an attacker may send very large POST requests and overloading your server memory and CPU as it has to parse and process those requests before handling them to your PHP script.
So it's best to limit changing this setting to some files or directories. For example if I want to /admin/files/ and /admin/images/ I can use:
<If "%{REQUEST_URI} =~ m!^/admin/(files|images)/! && -n %{HTTP_COOKIE}">
php_value post_max_size 256M
php_value upload_max_filesize 256M
</If>
I also require the request to have a cookie to avoid basic attacks. This will not protect you against attacks coming from non-authenticated users, but may delay any attack.
This setting can be used in Apache server configuration files, and .htaccess files as well.
morganaj at coleggwent dot ac dot uk ΒΆ
22 years ago
Here is another that may make your upload fall over. If you are using Squid or similar proxy server make sure that this is not limiting the size of the HTTP headers. This took me weeks to figure out!
anders jenbo pc dk ΒΆ
18 years ago
A responce to admin at creationfarm dot com, Mac OS X and Windows running on a NTFS disk also uses a multi stream file system. Still only the data stream in transfared on http upload. It is preferable to pack Mac OS X files in .dmg files rathere then zip but the avarage user will find zip much easir and they are supported on more platforms.
tjaart at siam-data-services dot com ΒΆ
21 years ago
Took me a while to figure this one out...
I think this is actually a header problem, but it only
happens when doing a file upload.
If you attept a header("location:http://...) redirect after
processing a $_POST[''] from a form doing a file upload
(i.e. having enctype="multipart/form-data"), the redirect
doesn't work in IE if you don't have a space between
location: & http, i.e.
header("location:http://...) vs
header("location: http://...)
===================================
<?php
if ($_POST['submit']=='Upload') {
// Process File and the redirect...
header("location: http://"..."/somewhere.php");
exit;
}
?>
<html><head></head><body>
<form enctype="multipart/form-data" action="upload.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="20000">
Your file: <input name="filename" type="file">
<input name="submit" type="submit" value="Upload">
</form>
</body></html>
===================================
This only happens if all of the following are true:
header("location:http://...) with no space
Form being processed has enctype="multipart/form-data"
Browser=IE
To fix the problem, simply add the space.
Hope this helps someone else.
tomcashman at unitekgroup dot com ΒΆ
23 years ago
For apache, also check the LimitRequestBody directive.
If you're running a Red Hat install, this might be set in /etc/httpd/conf.d/php.conf.
By default, mine was set to 512 KB.-
0
pcntl_sigtimedwaitWaits for signals, with a timeout
-
0
similar_textCalculate the similarity between two strings
-
0
boolvalGet the boolean value of a variable
-
0
curl_multi_closeClose a set of cURL handles
-
0
imap_bodyRead the message body
-
0
mb_strposFind position of first occurrence of string in a string
-
0
pg_send_prepareSends a request to create a prepared statement with the given parameters, without waiting for completion
-
0
swoole_native_socket_bind
-
0
Arr::prependKeysWith
-
0
zend_versionGets the version of the current Zend engine