Okay, I know how to make a php script upload files but how could I make it upload large files before it times out? I know that generaly the upload times out after like 30 seconds but I do not want this.
whenever you allow file uploading always include full security in the ongoing hacker wave among many sites these past days and weeks / months - see http://forums.digitalpoint.com/showthread.php?t=60563 the problem always started with uploading a set of apparently professional hacker tools/files it is of little importance who is allowed file uploading via php or cgi or other means/scripts the simple fact that uploading is enabled constitutes a severe security challenge to be solved by the coder
I know, I mean uploading like videos, there would be other security methods to prevent abuse. It's for entertainment based sites. Though I think I found it http://www.radinks.com/upload/config.php though I am not completely sure, can someone please still help me?
i safely assume that you thought of that however the hacker tools i found - and ALL other site owners i contacted found these "set" of files as well - allow for renaming of files hence you allow jpg or whatever thats what they upload and then rename it in what they need at the end wht they do and did in all known cases is far from entertaining hence if you allow such files for upload you may have to disable on top level any renaming and any moving of such files else you might be a hackers target site
You could put your upload script into a directory like "/upload" and set the php max_execution_time to a higher value for that directory (using php_admin_value in the apache-config). On the other hand the execution limit of 30 seconds should refer to cpu seconds and not seconds on a clock. As an upload doesn't use much cpu time you should be fine with 30 seconds (at least as long as you don't try to process the upload in some way while it's being uploaded).
Okay, well, I mean like a 12 MB file size limit. Anyways, lol, I found that I can set the php.ini values in tha .htaccess file but I do not know how to set these. One example is the post_max_size and I also do not have root access so please keep this in mind. How do I set these values in the .htaccess file?
I'm double-posting so people can see that I made a new post that this topic is over. I've figured it out after long hours of searching.
first increase the values in php.ini secondly use PEAR::HTTP_Upload library heres a sample script i use (all security checks are done by the class, files are uploaded outside the document tree) require_once "HTTP/Upload.php"; $upload = new HTTP_Upload("en"); $file = $upload->getFiles('f'); if ($file->isValid()) { $filename = $file->getProp('real'); $file->setName ('safe', 'upload_', ''); $file_name = $file->moveTo('../files/'); $properties = $file->getProp(); } PHP:
I edited the .htaccess file to over-write what the php.ini file was set to use. I used this syntax- Replace setting_name with the setting you wish to change and replace setting_value with the value you wish to change it to though php_value stays php_value