3

We have a file upload script that displays progress using the XMLHttpRequest send() to a php script for handling. It's been working for about 2 years now without issue.

Yesterday, it stopped working for any file over about 10 KB (for all users regardless of browser/OS). We haven't modified ANY code.

The php.ini file was modified yesterday, but to my knowledge the only change was to add this line: 

"zend_extension = /usr/local/lib/php/extensions/no-debug-non-zts-20090626/xdebug.so"

We've since removed that line, thinking that may have caused it - but the upload problem remains.

Is there something in the php.ini that could cause this behavior?

ADDITIONAL INFO: Checking the apache logs, the upload seems to be succeeding - somehow the callback isn't working and is receiving 404 errors instead.

Sahil Mittal
  • 20,697
  • 12
  • 65
  • 90
Joshua King
  • 53
  • 5
  • 2
    check `post_max_size` and `upload_max_filesize` in your php file! – undone Sep 06 '13 at 02:08
  • How did you check the `readyState`. If your condition says `if(request.readyState == 4 && request.status == 200){/*then you run your code here*/}` that would not happen. Of course `var request = new XMLHttpRequest;`. – StackSlave Sep 06 '13 at 02:09
  • While debugging this I set up an onreadystatechange handler to log the readyState value to the console. – Joshua King Sep 06 '13 at 02:11
  • post_max_size and upload_max_filesize are both 128 MB (the files i'm testing are about 1 MB). – Joshua King Sep 06 '13 at 02:12
  • `oreadystatechange` fires every time the `readyState` changes, so I don't think your test worked. – StackSlave Sep 06 '13 at 02:17
  • Maybe I'm mis-wording what I did. For the files that upload correctly, it goes readyState 1, readyState 2, readyState 3, readyState 4 with a 200 status. For those that fail, it goes readyState 1, readyState 2, readyState 3... (repeats an arbitrary number of times), readyState 4 with a 404 status. – Joshua King Sep 06 '13 at 02:22
  • Did something happen to ``, or whatever? I'd see `if($_FILES['yourHTMLFileName']['size'] < 30001)` instead. – StackSlave Sep 06 '13 at 02:26
  • Be careful you don't have a semicolon before php.ini lines you want active. – StackSlave Sep 06 '13 at 02:29
  • It's not even getting to the php code for those files, the post is failing to find the destination. It's as if during the time the browser uploads the file, the server serves up the 404 error. I can even see the response is the html of the custom 404 we have configured. – Joshua King Sep 06 '13 at 02:44
  • Do you any kind of URL rewriting ? – undone Sep 06 '13 at 03:37
  • I've tried completely removing my htaccess file to make sure that wasn't the problem. The oddest part about this is that it works with small files. I tried the solution from this one with a similar issue and it didn't help: http://stackoverflow.com/questions/16141222/xmlhttprequest-send-only-130-kb-max-size-file – Joshua King Sep 06 '13 at 12:48
  • `"zend_extension = /usr...` should be `zend_extension = "/usr...` ? – Rudie Sep 09 '13 at 19:09

1 Answers1

1

After checking the logs during the failed attempts, we determined it was triggering Mod Security. We had to increase the file size that was allowed to be uploaded in the Mod Security config.

Joshua King
  • 53
  • 5