I used the following code, which I found on the internet to upload files.
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="upload2.php" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="8000000" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
and
?php
session_start();
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
$uniq = session_id();
$UNIQ= `echo $uniq |cut -c3-10`;
$UNIQ= rtrim($UNIQ);
$MAX_FILE_SIZE=rtrim($_POST['MAX_FILE_SIZE']);
//The files have a link on a page for downloading
//and filenames are also put in the progress bar so
//the file can be viewed in the browser (ie. PDF files)
//so replace a few characters. Since the file links are
//loaded onto another page via php and filenames
//are displayed, I wanted to use this method instead
//of url_encode() [just looks funny when displayed]
$SafeFile = $_FILES['userfile']['name'];
$SafeFile = str_replace("#", "No.", $SafeFile);
$SafeFile = str_replace("$", "Dollar", $SafeFile);
$SafeFile = str_replace("%", "Percent", $SafeFile);
$SafeFile = str_replace("^", "", $SafeFile);
$SafeFile = str_replace("&", "and", $SafeFile);
$SafeFile = str_replace("*", "", $SafeFile);
$SafeFile = str_replace("?", "", $SafeFile);
`echo $SafeFile >>/tmp/file.log`;
$uploaddir = "/u/payroll/uploads/";
$path = $uploaddir.$SafeFile;
`echo $path >>/tmp/file.log`;
if($userfile != none){ //AS LONG AS A FILE WAS SELECTED...
if(copy($_FILES['userfile']['tmp_name'], $path)){ //IF IT HAS BEEN COPIED...
//GET FILE NAME
$theFileName = $_FILES['userfile']['name'];
//GET FILE SIZE
$theFileSize = $_FILES['userfile']['size'];
if ($theFileSize>999999){ //IF GREATER THAN 999KB, DISPLAY AS MB
$theDiv = $theFileSize / 1000000;
$theFileSize = round($theDiv, 1)." MB"; //round($WhatToRound, $DecimalPlaces)
} else { //OTHERWISE DISPLAY AS KB
$theDiv = $theFileSize / 1000;
$theFileSize = round($theDiv, 1)." KB"; //round($WhatToRound, $DecimalPlaces)
}
echo <<<UPLS
<table cellpadding="5" width="300">
<tr>
<td align="Center" colspan="2"><font color="#009900"><b>Upload Successful</b ></font></td>
</tr>
<tr>
<td align="right"><b>File Name: </b></td>
<td align="left">$theFileName</td>
</tr>
<tr>
<td align="right"><b>File Size: </b></td>
<td align="left">$theFileSize</td>
</tr>
<tr>
<td align="right"><b>Directory: </b></td>
<td align="left">$uploaddir</td>
</tr>
</table>
UPLS;
} else {
//PRINT AN ERROR IF THE FILE COULD NOT BE COPIED
echo <<<UPLF
<table cellpadding="5" width="80%">
<tr>
<td align="Center" colspan="2"><font color=\"#C80000\"><b>File could not be uploaded</b></font></td>
</tr>
</table>
UPLF;
}
}
?>
#
Even though the max file size is set at 8mb, the script fails at files sizes over 1.5mb
Are their limitations within apache, or php that can override the value in the script?