Re: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
Steven Altsman wrote: Got packet bigger than 'max_allowed_packet' ... Gotta love mysql_error(); If I find out what causes this, I'll bring it over to this list too.. since it's been pretty quiet, I guess I've gotten folks stumped. I think you can put the encrypted file to the database in chunks. Split the file up and append it to the column in a loop. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
On Fri, March 18, 2005 12:00 pm, Steven Altsman said: > Got packet bigger than 'max_allowed_packet' > > ... Gotta love mysql_error(); > > If I find out what causes this, I'll bring it over to this list too.. > since > it's been pretty quiet, I guess I've gotten folks stumped. If that's a MySQL error, you're gonna be WAY better off asking on the MySQL mailing lists... At a guess, you're either trying to send a query that's WY too long, or get back waaay too much data, or your database server and internet server aren't doing TCP/IP packets nicely, or... It could mean a whole lot of things, actually. Google for the error message, and 'max_allowed_packet' and see what turns up. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
Got packet bigger than 'max_allowed_packet' ... Gotta love mysql_error(); If I find out what causes this, I'll bring it over to this list too.. since it's been pretty quiet, I guess I've gotten folks stumped. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
Updated : It ain't MCRYPT. [code] http://www.w3.org/TR/html4/loose.dtd";> Untitled Document [/code] -Original Message- From: Marek Kilimajer [mailto:[EMAIL PROTECTED] Sent: Friday, March 18, 2005 4:26 AM To: [EMAIL PROTECTED] Cc: php-general@lists.php.net Subject: Re: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL) Steven Altsman wrote: > Yes, the link is http://www.radinks.com/upload/config.php > > file_uploads = On > upload_max_filesize = 40M > max_input_time = 9000 (seconds) > memory_limit (not limited, per handload config, from source) > max_execution_time = 9000 (seconds) > post_max_size = 40M > > also, hidden INPUT tag MAX_FILE_SIZE with value="4", which I'm guessing > needs it in kilobytes. It's in bytes. Check apache's config, namely LimitRequestBody directive. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL)
[code] http://www.w3.org/TR/html4/loose.dtd";> Untitled Document [/code] Here is a proof of concept.. I loaded up the nVidia drivers to my default tmp directory, then echoed out the strlen of the file when opened in file_get_contents function. It gave out the correct size. >From here, I'm just going to see if it encrypts and spits out a different (or no) number. -Original Message- From: Marek Kilimajer [mailto:[EMAIL PROTECTED] Sent: Friday, March 18, 2005 4:26 AM To: [EMAIL PROTECTED] Cc: php-general@lists.php.net Subject: Re: [PHP] Files upload - Encrypt into a variable - Do not injectinto db (PHP/Apache/MySQL) Steven Altsman wrote: > Yes, the link is http://www.radinks.com/upload/config.php > > file_uploads = On > upload_max_filesize = 40M > max_input_time = 9000 (seconds) > memory_limit (not limited, per handload config, from source) > max_execution_time = 9000 (seconds) > post_max_size = 40M > > also, hidden INPUT tag MAX_FILE_SIZE with value="4", which I'm guessing > needs it in kilobytes. It's in bytes. Check apache's config, namely LimitRequestBody directive. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files upload - Encrypt into a variable - Do not inject into db (PHP/Apache/MySQL)
Steven Altsman wrote: Yes, the link is http://www.radinks.com/upload/config.php file_uploads = On upload_max_filesize = 40M max_input_time = 9000 (seconds) memory_limit (not limited, per handload config, from source) max_execution_time = 9000 (seconds) post_max_size = 40M also, hidden INPUT tag MAX_FILE_SIZE with value="4", which I'm guessing needs it in kilobytes. It's in bytes. Check apache's config, namely LimitRequestBody directive. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Files upload - Encrypt into a variable - Do not inject into db (PHP/Apache/MySQL)
Yes, the link is http://www.radinks.com/upload/config.php file_uploads = On upload_max_filesize = 40M max_input_time = 9000 (seconds) memory_limit (not limited, per handload config, from source) max_execution_time = 9000 (seconds) post_max_size = 40M also, hidden INPUT tag MAX_FILE_SIZE with value="4", which I'm guessing needs it in kilobytes. Radditha has a pretty sweet upload script going on there.. however, not sure if it contains the same security requirements I've got. Per GLBA requirements, my data has to be stored no more than 48 hours and must be encrypted with 128-bit or higher algorithms. I'm starting to suspect that I have more lists I've got to sign up with, as it may be MCRYPT or MySQL that is barfing because of it. If that is all I can tweak in PHP, then I'm definitely hitting a dead-end on this list. Thank you for your time. -Original Message- From: Jason Barnett [mailto:[EMAIL PROTECTED] Sent: Thursday, March 17, 2005 10:35 AM To: php-general@lists.php.net Subject: Re: [PHP] Encrypted 2.5+M files do upload, but don't create a recordwhen stored as LongBlobs (PHP/Apache/MySQL) Steven Altsman wrote: > This may be a stupid question. If it is, could somebody do a one line reply > of "it is." That way I will know to turn my attention elsewhere. > ... It's not a stupid question, it's just that the people that have read it so far (including me) don't really know the answer. I seem to recall that Raditha Dissanayake had an upload script that let you do larger uploads... just look in the archives for his messages and look for the link in his signature. HTH -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Files upload
I beleive move_uploaded_file is prefered since copy won't work in Safe Mode. Andrew - Original Message - From: "Max 'AMiGo' Gashkov" <[EMAIL PROTECTED]> To: "PHP General list" <[EMAIL PROTECTED]> Sent: Sunday, February 09, 2003 6:09 PM Subject: [PHP] Files upload > Is there any difference between using > >move_uploaded_file(... > > or > > if(is_uploaded_file... > ... > copy( > > (security hazards etc.)? > > > WBR, Max 'AMiGo' Gashkov > [EMAIL PROTECTED] ]=[ http://diary.otaku.ru/amigo > Distributed.net participant [408228][RC5-72] > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Files upload
Is there any difference between using move_uploaded_file(... or if(is_uploaded_file... ... copy( (security hazards etc.)? WBR, Max 'AMiGo' Gashkov [EMAIL PROTECTED] ]=[ http://diary.otaku.ru/amigo Distributed.net participant [408228][RC5-72] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] files upload
I need to upload more than one file throught an html form. I cannot create an archive first and then post it. I need to aperate directly with the files the users want to upload. how can I do this? ther's any php trick or procedure to help me many thanks in advance Jena -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php