httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steven Altsman" <web...@efastfunding.com>
Subject [users@httpd] Encrypted 2.5+M files do upload, but don't create a record when stored as LongBlobs (PHP/Apache/MySQL)
Date Wed, 16 Mar 2005 18:15:05 GMT
Files under 2.5 megs will go into the database just fine, any thing over
that will return the page without errors, but will not be injected into the
database.  Not even a record is created.

Edited PHP.INI to allow up to 40M of data to be uploaded.  Set the script
timeout to be 9000 seconds.  Set the script operational memory to 80M.  I
did a print_r of $_FILES and the results show that there is a file in the
tmp directory, but I'm not sure after that if there is a problem with mcrypt
or MySQL.  I did read something about a limitation of MySQL and max packet
size between server and client, but only 4.1 or less is mentioned with that.
I also switched from the fopen/fread combo and did file_get_contents
instead, as it was recommended to be more efficient.

http://us4.php.net/fopen
http://us4.php.net/fread
http://us4.php.net/file_get_contents
http://us3.php.net/mcrypt
http://us3.php.net/features.file-upload
http://us3.php.net/print_r

http://www.ispirer.com/doc/sqlways38/Output/SQLWays-1-195.html
http://www.totalchoicehosting.com/forums/lofiversion/index.php/t10276.html
http://www.chipmunk-scripts.com/board/index.php?forumID=27&ID=1674
http://scripts.franciscocharrua.com/database-file-upload-download.php
http://www.hotscripts.com/Detailed/33694.html

http://www.google.com

If there is any other links to M's that I haven't R'ed, please let me know.
Otherwise I'm clueless.  Google gives me a metric tonne of information, but
it is mostly people asking the same question I am with recommendations on
editing the PHP.INI.  Obviously this is a useful script that many people
have written in their own way for their own needs, and I'm sure they've run
into the same problem I'm encountering now.

Using MySQL 5.0.2, PHP 5, newest mcrypt, mhash, Apache 2, FC 3, it is on
port 443 with a valid SSL cert, and if you need to know any other version or
variable info I will gladly provide it.


-=-=-=-=-=-=- /docs/phpinfo.php -=-=-=-=-=-

allow_call_time_pass_reference On On 
allow_url_fopen On On 
always_populate_raw_post_data Off Off 
arg_separator.input & & 
arg_separator.output & & 
asp_tags Off Off 
auto_append_file no value no value 
auto_globals_jit On On 
auto_prepend_file no value no value 
browscap no value no value 
default_charset no value no value 
default_mimetype text/html text/html 
define_syslog_variables Off Off 
disable_classes no value no value 
disable_functions no value no value 
display_errors On On 
display_startup_errors Off Off 
doc_root no value no value 
docref_ext no value no value 
docref_root no value no value 
enable_dl On On 
error_append_string no value no value 
error_log no value no value 
error_prepend_string no value no value 
error_reporting 2039 2039 
expose_php On On 
extension_dir ./ ./ 
file_uploads On On 
>8 ----- >8 ----- >8
html_errors On On 
ignore_repeated_errors Off Off 
ignore_repeated_source Off Off 
ignore_user_abort Off Off 
implicit_flush Off Off 
include_path .:/usr/local/php//lib/php .:/usr/local/php//lib/php 
log_errors On On 
log_errors_max_len 1024 1024 
magic_quotes_gpc On On 
magic_quotes_runtime Off Off 
magic_quotes_sybase Off Off 
mail.force_extra_parameters no value no value 
max_execution_time 9000 9000 
max_input_time 9000 9000 
open_basedir no value no value 
output_buffering no value no value 
output_handler no value no value 
post_max_size 40M 40M 
precision 12 12 
register_argc_argv On On 
register_globals Off Off 
register_long_arrays On On 
report_memleaks On On 
report_zend_debug On On 
safe_mode Off Off 
safe_mode_exec_dir no value no value 
safe_mode_gid Off Off 
safe_mode_include_dir no value no value 
>8 ----- >8 ----- >8
serialize_precision 100 100 
short_open_tag On On 
SMTP localhost localhost 
smtp_port 25 25 
sql.safe_mode Off Off 
track_errors Off Off 
unserialize_callback_func no value no value 
upload_max_filesize 40M 40M 
upload_tmp_dir no value no value 
user_dir no value no value 
variables_order EGPCS EGPCS

-=-=-=-=-=-=-=- My Script -=-=-=-=-=-=-=-=-

foreach($_FILES['binFile']['name'] as $k => $v)

{
	// Variable-ize all of the attributes of the file object
		$binFile[$k] = $_FILES['binFile'][$k];
		$binFile_name[$k] = $_FILES['binFile']['name'][$k];
		$binFile_size[$k] = $_FILES['binFile']['size'][$k];
		$binFile_type[$k] = $_FILES['binFile']['type'][$k];
		$binFile_tmp[$k] = $_FILES['binFile']['tmp_name'][$k];
	// Get sender information
		$author = $_SESSION['tehNam'];
		$recipient = strtolower($_POST['email']);
	// Tracking information on the file
		$date_submitted[$k] = date('Y-m-d H:i:s');
		$txtDescription[$k] = $_POST['txtDescription'][$k];
		$binFile_unique[$k] =
md5($author.$txtDescription[$k].$binFile_name[$k]);
}

foreach($_FILES['binFile']['name'] as $k => $v)
	{
		// Generate hash for user-logn
		$access_name = md5(strtolower($_POST['email']));

		// Generate pssword for account
		$teh_key = strtolower(genpassword());
	
		// ok, let's get the uploaded data and insert it into the db
now
		$data = file_get_contents($binFile_tmp[$k]);

		$key = $teh_key;
		$input = $data;

		$td = mcrypt_module_open('twofish', '', 'ecb', '');
		$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td),
MCRYPT_RAND);

		mcrypt_generic_init($td, $key, $iv);

		$encrypted_data = mcrypt_generic($td, $input);

		mcrypt_generic_deinit($td);
		mcrypt_module_close($td);

	    $strDescription = addslashes(nl2br($txtDescription)); 

		$email_id = date('dmYsiH');

		$sql = "INSERT INTO file_table ";
		$sql .= "(category, description, ingredients, recipient,
filesize, author, file_name, date_submitted, unique_id, email_id)";
	    $sql .= "VALUES ('".$binFile_type[$k]."',
'".$txtDescription[$k]."', '".addslashes($encrypted_data)."',
'".md5($recipient);
		$sql .= "', '".$binFile_size[$k]."', '".$author."',
'".$binFile_name[$k]."', '".$date_submitted[$k]."',
'".$binFile_unique[$k]."', '".$email_id."')";
	    $result = mysql_query($sql, $db);

-=-=-=-=-=-=-=-=- MySQL variables -=-=-=-=-=-=-=-=-

Variable_name Value 
auto_increment_increment 1 
auto_increment_offset 1 
back_log 50 
basedir / 
binlog_cache_size 32768 
bulk_insert_buffer_size 8388608 
character_set_client utf8 
character_set_connection utf8 
character_set_database latin1 
character_set_results utf8 
character_set_server latin1 
character_set_system utf8 
character_sets_dir /usr/share/mysql/charsets/ 
collation_connection utf8_general_ci 
collation_database latin1_swedish_ci 
collation_server latin1_swedish_ci 
concurrent_insert ON 
connect_timeout 5 
datadir /var/lib/mysql/ 
date_format %Y-%m-%d 
datetime_format %Y-%m-%d %H:%i:%s 
default_week_format 0 
delay_key_write ON 
delayed_insert_limit 100 
delayed_insert_timeout 300 
delayed_queue_size 1000 
expire_logs_days 0 
flush OFF 
flush_time 0 
ft_boolean_syntax + -><()~*:""&| 
ft_max_word_len 84 
ft_min_word_len 4 
ft_query_expansion_limit 20 
ft_stopword_file (built-in) 
group_concat_max_len 1024 
have_archive NO 
have_bdb NO 
have_compress YES 
have_crypt YES 
have_csv NO 
have_example_engine NO 
have_geometry YES 
have_innodb YES 
have_isam NO 
have_ndbcluster NO 
have_openssl NO 
have_query_cache YES 
have_raid NO 
have_rtree_keys YES 
have_symlink YES 
init_connect (null) 
init_file (null) 
init_slave (null) 
innodb_additional_mem_pool_size 1048576 
innodb_autoextend_increment 8 
innodb_buffer_pool_awe_mem_mb 0 
innodb_buffer_pool_size 8388608 
innodb_data_file_path ibdata1:10M:autoextend 
innodb_data_home_dir (null) 
innodb_fast_shutdown ON 
innodb_file_io_threads 4 
innodb_file_per_table OFF 
innodb_locks_unsafe_for_binlog OFF 
innodb_flush_log_at_trx_commit 1 
innodb_flush_method (null) 
innodb_force_recovery 0 
innodb_lock_wait_timeout 50 
innodb_log_arch_dir (null) 
innodb_log_archive OFF 
innodb_log_buffer_size 1048576 
innodb_log_file_size 5242880 
innodb_log_files_in_group 2 
innodb_log_group_home_dir ./ 
innodb_max_dirty_pages_pct 90 
innodb_max_purge_lag 0 
innodb_table_locks ON 
innodb_max_purge_lag 0 
innodb_mirrored_log_groups 1 
innodb_open_files 300 
innodb_thread_concurrency 8 
interactive_timeout 1000000 
join_buffer_size 131072 
key_buffer_size 8388600 
key_cache_age_threshold 300 
key_cache_block_size 1024 
key_cache_division_limit 100 
language /usr/share/mysql/english/ 
large_files_support ON 
license GPL 
local_infile ON 
locked_in_memory OFF 
log OFF 
log_bin OFF 
log_error (null) 
log_slave_updates OFF 
log_slow_queries OFF 
log_update OFF 
log_warnings 1 
long_query_time 10 
low_priority_updates OFF 
lower_case_file_system OFF 
lower_case_table_names 0 
max_allowed_packet 1048576 
max_binlog_cache_size 4294967295 
max_binlog_size 1073741824 
max_connect_errors 10 
max_connections 100 
max_delayed_threads 20 
max_error_count 64 
max_heap_table_size 16777216 
max_insert_delayed_threads 20 
max_join_size 4294967295 
max_length_for_sort_data 1024 
max_relay_log_size 0 
max_seeks_for_key 4294967295 
max_sort_length 1024 
max_tmp_tables 32 
max_user_connections 0 
max_write_lock_count 4294967295 
myisam_data_pointer_size 4 
myisam_max_extra_sort_file_size 2147483648 
myisam_max_sort_file_size 2147483647 
myisam_recover_options OFF 
myisam_repair_threads 1 
myisam_sort_buffer_size 8388608 
net_buffer_length 16384 
net_read_timeout 30 
net_retry_count 10 
net_write_timeout 60 
new OFF 
old_passwords OFF 
open_files_limit 1024 
optimizer_prune_level 1 
optimizer_search_depth 62 
pid_file /var/lib/mysql/dom.pid 
port 3306 
preload_buffer_size 32768 
protocol_version 10 
query_alloc_block_size 8192 
query_cache_limit 1048576 
query_cache_min_res_unit 4096 
query_cache_size 0 
query_cache_type ON 
query_cache_wlock_invalidate OFF 
query_prealloc_size 8192 
range_alloc_block_size 2048 
read_buffer_size 131072 
read_only OFF 
read_rnd_buffer_size 262144 
relay_log_purge ON 
rpl_recovery_rank 0 
secure_auth OFF 
server_id 0 
skip_external_locking ON 
skip_networking OFF 
skip_show_database OFF 
slave_net_timeout 3600 
slow_launch_time 2 
socket /var/lib/mysql/mysql.sock 
sort_buffer_size 2097144 
sql_mode (null) 
storage_engine MyISAM 
sync_binlog 0 
sync_frm ON 
system_time_zone CST 
table_cache 64 
table_type MyISAM 
thread_cache_size 0 
thread_stack 126976 
time_format %H:%i:%s 
time_zone SYSTEM 
tmp_table_size 33554432 
tmpdir (null) 
transaction_alloc_block_size 8192 
transaction_prealloc_size 4096 
tx_isolation REPEATABLE-READ 
updatable_views_with_limit YES 
version 5.0.2-alpha-standard 
version_comment Official MySQL RPM 
version_compile_machine i686 
version_compile_os pc-linux 
wait_timeout 28800



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message