tags:

views:

80

answers:

2
+2  Q: 

File Upload Large Files PHP/AJAX

Hi There,

Im trying to find some software to help me upload really large files (>200mb). I only want to upload a single file, no multi-options. Also i would like a simple progress bar if possible.

I have come across http://pixeline.be/experiments/jqUploader/ which is literally what i need but it has a limit of 100mb per file, because it uses flash.

Does anyone know of something else thats similar to this, but can handle larger files?

thx

A: 

Perhaps http://www.uploadify.com

jakenoble  2010-08-25 01:45:50
Thx for that :). Since it (and other similar tools out there) simply uses the html 'file' input type to render and upload files.. do you think having to change the php upload limits would create security holes?
ParampalP  2010-08-25 02:35:20
Of course. Someone could eat up your bandwidth easily. But your considering security holes now before developing which is good. You can therefore do you best to fill those holes early rather than later.
jakenoble  2010-08-25 02:41:25
A: 

Another popular solution is http://www.swfupload.org/, but I guess it may suffer from the 100MB limit.

Regarding the whole issue of large file sizes, from my research it seems that in order to upload large files there is no other option than to increase the values for upload_max_filesize, post_max_size and max_execution time. I just wonder what the security implications are of having post_max_size set to, say, 500M? Its not the issue of bandwidth that concerns me - it is the possible DoS attacks that might arise from allowing attackers to send random 500M POST requests to the server. The best workaround I can think for this issue is to send uploads to a different server.

There is a good discussion of the whole issue here:

http://aaronwinborn.com/blogs/aaron/how-handle-large-file-uploads

If any Apache hackers out there can shed any light on the security implications of having a really large value for post_max_size that would be great.

JamesG  2010-08-25 03:12:00
Apache itself doesn't really care how big the files are, modulo things like 31/32bit limits (2.1/4.2gig). But if you have a very large post limit, it is possible to tie up all available children in the connection pool with long-lived uploads and DOS the machine (as well as exhaust disk space). This is harder to do with smaller limits as the uploads will complete quicker and recycle connections faster. Of course, you can just totally slam the server with connection attempts anyways.
Marc B  2010-08-25 03:57:10

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases