Bypassing php.ini directives

@HellgYNov 03.2006

I am seeking a way to allow my users to upload files as large as 1 GB,
What’s stopping me is the ini directives of the company i rent hosting from(200 GB on a shared server).

post_max_size is 8M
upload_max_filesize is 2M
memory_limit is 2M

I was trying to overwrite those settings using ini_set, and by editing the php.ini
file in my directory, but i didn’t succeed.

One of the users at php.net posted an FTP upload script, would tat sort my situation?.

Does these directives apply to the files in temporary files too, or just to those I’m trying to move to a permanent location?

Are there any cheap hosting providers that will allow me to upload up to 1 GB
using HTTP upload?(1 GB is not mandatory, i could settle for less)

Can i split the files users send to 2 MB packets in some manner and then reunite those packets to the entire file back on the server?

Please help me, guys

EDIT:
I did some research, and it turns out that uploading file through FTP with PHP, or into a database first requires an HTTP upload(duh), as far as i seen splitting the file into small packets is not possible, at least not with PHP, because the lack of access to the POST_RAW_DATA.

So my only option is find out how to access the .htaccess at Godaddy, or find other cheap hosting provider that allows that kind of access.

to post a comment

PHP

24 Comments(s) _↴

@HellgYauthorNov 03.2006 — #Does anyone know of any hosting porviders that give access to the .htaccess file?...

I'm renting hosting from Goddady.com, and they don't seem to have that option

@netbuddyNov 03.2006 — #FTP as previously stated.

@bokehNov 03.2006 — #You can't override those from inside a script. If you don't have access to php.ini you could override them from .htaccess.

@chazzyNov 04.2006 — #You can override most of then using ini set

http://www.php.net/ini_set

@bokehNov 04.2006 — #You can override most of then using ini set

http://www.php.net/ini_set[/QUOTE]Not those ones!

http://www.php.net/manual/en/ini.php

@HellgYauthorNov 04.2006 — #Yeah, i stated that accessing my own PHP.ini file in my directory didn't help,

and ini_set didn't work.

As for .htaccess: it doesn't appear at the root folder of my ftp user

Can anyone refer me to a good, cheap hosting provider that gives access to .htaccess?

Here is how the php.ini file in my folder looks like:

nfgaming.net/public/php.ini

Thanks to all helpers!

@bokehNov 04.2006 — #As for .htaccess: it doesn't appear at the root folder of my ftp user[/QUOTE]Just create one. Also it appears invisible to a lot of crap FTP clients.

@HellgYauthorNov 04.2006 — #What should i put inside?

@bokehNov 04.2006 — #[CODE]php_value [I]attribute value[/I][/CODE]

@HellgYauthorNov 04.2006 — #[CODE]php_value [I]attribute value[/I][/CODE][/QUOTE]
Would that do?

<IfModule mod_php4.c>

php_value upload_max_filesize 50M

php_value post_max_filesize 60M

php_value memory_limit 60M

</IfModule>
[/QUOTE]

@HellgYauthorNov 04.2006 — #FTP as previously stated.[/QUOTE]
Can you specify?

@HellgYauthorNov 04.2006 — #OK, so i succeed to change upload_max_filesize to 50M, but post_max_size is still 8 MB, what should i do?, would it work?

Also, bokeh, you gave me once this <ifModule> code that was suppose to prevent opening files from there current location, and to force download, i searched the forums for it and i can't find it, can you repeat it please?

Bad news are I'm using my local php.ini file, and that .htaccess doesn't work

@bokehNov 04.2006 — #post_max_size is still 8 MB, what should i do?[/QUOTE]Make sure what you entered in .htaccess is in fact post_max_size. And get rid of the ifmodule. I'm sure you already know your server has PHP loaded.

@HellgYauthorNov 04.2006 — #Make sure what you entered in .htaccess is in fact post_max_size. And get rid of the ifmodule. I'm sure you already know your server has PHP loaded.[/QUOTE]
lol, i entered upload_max_filesize in both php.ini and .htaccess

@HellgYauthorNov 04.2006 — #If i remove the ,ifModule tags the server returns 500 HTTP error on any request

@bokehNov 04.2006 — #Post the contents of the file that is raising that status.

@HellgYauthorNov 04.2006 — #
php_value post_max_size 100M

php_value upload_max_filesize 70M

php_value memory_limit 100M
[/QUOTE]

file name: ".htaccess"

@netbuddyNov 04.2006 — #Just create one. Also it appears invisible to a lot of crap FTP clients.[/QUOTE]

not the case, it is dependent on the server operating system and how it is configured as well as the configuration of the operating system that the ftp service sits on..

The FTP client is told what the content of a folder is, if the server has permissions or settings to inhibit '.' files or files that do not meet the "file" status for directory listings, it will result in no file being listed as will files that are marked as hidden/invisible.

@bokehNov 04.2006 — #it is dependent on the server operating system [/QUOTE]I could list a number of FTP clients that won't display these. I just did a test to be certain this information is correct. SmartFTP on the other hand is one of the few that does display these files. As for server config I've never comes accross a server that hides these files from SmartFTP. Apache is usually configured to hide them but that is a webserver and has nothing to do with the platform config, nor the FTP server config. In fact there is no such thing as a hidden file in the file system, only one flagged as hidden. Files may be read protected based on permissions but not invissible.

@HellgYauthorNov 04.2006 — #I could list a number of FTP clients that won't display these. I just did a test to be certain this information is correct. SmartFTP on the other hand is one of the few that does display these files. As for server config I've never comes accross a server that hides these files from SmartFTP. Apache is usually configured to hide them but that is a webserver and has nothing to do with the platform config, nor the FTP server config. In fact there is no such thing as a hidden file in the file system, only one flagged as hidden. Files may be read protected based on permissions but not invissible.[/QUOTE]
I just happen to be using SmartFTP...

@netbuddyNov 04.2006 — #I could list a number of FTP clients that won't display these. I just did a test to be certain this information is correct. SmartFTP on the other hand is one of the few that does display these files. As for server config I've never comes accross a server that hides these files from SmartFTP. Apache is usually configured to hide them but that is a webserver and has nothing to do with the platform config, nor the FTP server config. In fact there is no such thing as a hidden file in the file system, only one flagged as hidden. Files may be read protected based on permissions but not invissible.[/QUOTE]

**Net Adminis Hat on

You cannot list any hidden file on a remote server IF the permissions are set in the operating system, having set up servers and networks, what you are suggesting contraviens the security policy of the operating system and that makes for a serious issue if you operate an FTP server, most hosting accounts have more files in the folder (your account folder) than you can actually see, these files are marked as system or hidden files and not for shares or directory listing.

SmartFTP may well list the files that oter FTP clients wont list, it simply means that the FTP server or client saw the files as invalid file types because the filename starts with a period and has no extention to it. That is the possible reason why and not because SmartFTP has any "Special" powers. It is just as likely that the remote FTP server had further settings to list certain file types or not as the case may be.

I have an FTP server that has a simple check box to "Ignor invalid file types"

You need to understand where the permission heirarchy starts and programms that can change permissions will also have permission to do so, it simply wouldnt be allowed if it hadnt had permissions set for the program and the file structure it sit on.

**Net Adminis Hat off

@bokehNov 04.2006 — #I just happen to be [...] Smart [...][/QUOTE] ?

@bokehNov 04.2006 — #**Net Adminis Hat on [...] You need to understand where the permission heirarchy[/QUOTE]I don't see the relevance. We are not talking about some bespoke system file, we are talking about a file of which you are the outright owner. Are you really saying that an operating system can be configured to hide files from their owners?

@netbuddyNov 04.2006 — #Are you really saying that an operating system can be configured to hide files from their owners?[/QUOTE]

Yes.

Subvirts (when used against a user) uses that method, like viruses as well, a good stealth virus will not be detected for a long time because it hides itself from the system owner.

Also in #PHP _↴

Date question Can Drupal do everything an MVC framework like Laravel can?T T

Success!

Help @HellgY spread the word by sharing this article on Twitter...

Tweet This

Bypassing php.ini directives

24 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

Bypassing php.ini directives

24 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

24 Comments(s) _↴

Also in #PHP _↴