Page 1 of 1
Possible file upload attack! ??
Posted: Thu Mar 25, 2004 9:45 am
by jiehuang001
I am trying to build a webpage for file uploading. I copied the code from PHP documententation
http://www.php.net/manual/en/features.file-upload.php, but I always get this error message. My machine is Mac OS X and all my other php programs run well.
Possible file upload attack! Here's some debugging info:
Array
(
[userfile] => Array
(
[name] => sop5.pdf
[type] =>
[tmp_name] =>
[error] => 2
[size] => 0
)
)
Posted: Thu Mar 25, 2004 9:48 am
by JayBird
the error 2 mean
The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.
Mark
can't open uploaded file
Posted: Thu Mar 25, 2004 10:04 am
by jiehuang001
Ok, thanks. I removed the code line
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
and I can upload a file now.
however, after I upload a pdf file and try to open it, I got the error:
There was an error openning this document. There was a Macintosh system error (-5000)
I guess the file was changed when being uploaded.
Also, when the uploading file has a blank in its name, it won't work.
Thanks.
jie
Posted: Thu Mar 25, 2004 10:09 am
by m3mn0n
Is there enough max memory to handle the size of the file?
And try replacing all spaces with underscores.
Posted: Thu Mar 25, 2004 10:39 am
by jiehuang001
what do you mean "Is there enough max memory to handle the size of the file?", I removed the line of
<input type="hidden" name="MAX_FILE_SIZE" value="300000" />
then there should be no limitation. Or the limitation should be 2M that is defined in the php.ini file.
Also, is there no way to upload file whose name has blank?
Thanks.
Jie