Source of: /manual/en/features.file-upload.common-pitfalls.php
<?php
include_once $_SERVER['DOCUMENT_ROOT'] . '/include/shared-manual.inc';
$TOC = array();
$PARENTS = array();
include_once dirname(__FILE__) ."/toc/features.file-upload.inc";
$setup = array (
'home' =>
array (
0 => 'index.php',
1 => 'PHP Manual',
),
'head' =>
array (
0 => 'UTF-8',
1 => 'en',
),
'this' =>
array (
0 => 'features.file-upload.common-pitfalls.php',
1 => 'Common Pitfalls',
),
'up' =>
array (
0 => 'features.file-upload.php',
1 => 'Handling file uploads',
),
'prev' =>
array (
0 => 'features.file-upload.errors.php',
1 => 'Error Messages Explained',
),
'next' =>
array (
0 => 'features.file-upload.multiple.php',
1 => 'Uploading multiple files',
),
);
$setup["toc"] = $TOC;
$setup["parents"] = $PARENTS;
manual_setup($setup);
manual_header();
?>
<div id="features.file-upload.common-pitfalls" class="sect1">
<h2 class="title">Common Pitfalls</h2>
<p class="simpara">
The <i>MAX_FILE_SIZE</i> item cannot specify a file size
greater than the file size that has been set in the <a href="ini.core.php#ini.upload-max-filesize" class="link">upload_max_filesize</a> in
the <var class="filename">php.ini</var> file. The default is 2 megabytes.
</p>
<p class="simpara">
If a memory limit is enabled, a larger <a href="ini.core.php#ini.memory-limit" class="link">memory_limit</a> may be needed. Make
sure you set <a href="ini.core.php#ini.memory-limit" class="link">memory_limit</a>
large enough.
</p>
<p class="simpara">
If <a href="info.configuration.php#ini.max-execution-time" class="link">max_execution_time</a>
is set too small, script execution may be exceeded by the value. Make
sure you set <i>max_execution_time</i> large enough.
</p>
<blockquote><p><b class="note">Note</b>:
<span class="simpara">
<a href="info.configuration.php#ini.max-execution-time" class="link">max_execution_time</a> only
affects the execution time of the script itself. Any time spent
on activity that happens outside the execution of the script
such as system calls using <a href="function.system.php" class="function">system()</a>, the
<a href="function.sleep.php" class="function">sleep()</a> function, database queries, time taken by
the file upload process, etc. is not included when determining the maximum
time that the script has been running.
</span>
</p></blockquote>
<div class="warning"><b class="warning">Warning</b>
<p class="simpara">
<a href="info.configuration.php#ini.max-input-time" class="link">max_input_time</a> sets the maximum
time, in seconds, the script is allowed to receive input; this includes
file uploads. For large or multiple files, or users on slower connections,
the default of <i>60 seconds</i> may be exceeded.
</p>
</div>
<p class="simpara">
If <a href="ini.core.php#ini.post-max-size" class="link">post_max_size</a> is set too
small, large files cannot be uploaded. Make sure you set
<i>post_max_size</i> large enough.
</p>
<p class="simpara">
Not validating which file you operate on may mean that users can access
sensitive information in other directories.
</p>
<p class="simpara">
Please note that the <span class="productname">CERN httpd</span> seems to strip off everything
starting at the first whitespace in the content-type mime header
it gets from the client. As long as this is the case, <span class="productname">CERN httpd</span>
will not support the file upload feature.
</p>
<p class="simpara">
Due to the large amount of directory listing styles we cannot guarantee
that files with exotic names (like containing spaces) are handled properly.
</p>
<p class="simpara">
A developer may not mix normal <i>input</i> fields and file upload fields in the same
form variable (by using an <i>input</i> name like <i>foo[]</i>).
</p>
</div><?php manual_footer(); ?>
