You write on your page there is no limit, but your script times out after around 10 seconds. For uploading files you may increase that time limit - 10 seconds with a 1mbps upload rate are around 1MB, which is easily exceeded even with smartphone cameras. Increase the max_execution_time in your php preferences.
Additionally, I'd would set a file size limit nevertheless, people could upload illegal software, just with renaming the ending to jpg...
Which gets me to another point: Error Handling
#1:
If you upload a simple binary file it gets uploaded, and checked afterwards. A simple check like:
Code: Select all
$allowed_filext = array(".gif", ".jpg", ".png", "jpeg");
$filext = substr($path, -4 );
If (in_array($filext, $allowed_filext)) {
{
//do your file uploading
}
else
{
//here comes your error, like "Your image has no .gif, .jpg, .png or .jpeg ending"
}
assuming $path as the to-be-uploaded-filepath; would check if the extension matches the predefined ones.
#2:
If you upload a file which isn't a picture (but has a gif/jpg/png/jpeg ending), you get loads of error messages.
If the upload is done, check if the uploaded file is a valid image. If not, print an error message, and delete the file.
php.net is always an interesting read:
http://us2.php.net/manual/en/features.f ... method.php
http://us2.php.net/manual/en/features.f ... tfalls.php